last executing test programs:

2.825686055s ago: executing program 0 (id=1766):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1600000000000000040000000500000000000000", @ANYBLOB='\x00'/16, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000cc21bd0cb7eded9ba7e742192645e20010000000000000000000000000000000000000b1273b186af174d79299789df1de7ce94e98e886514f6ac08afd0791b5591b6c6849f9b7b0b9cd28c0de2c26db9edbe715dfca38b4db68b94402289e0408cd66146122604734d7cabc88ba1e23a8c9df75531d646e197cf1810158f98c92cf0145a0b10b19a89613778f72d381cbb23f147bdfd3b3e04e93d67c8a87d1986c83f090d1a3f7b77ab1b3d04955802efd4a1f68f403fdad3f502c001a57565a7603e7bd81b28427569a98da06111fb58291ab7f04446d6670d9cd4201fdcde4d9a730503eb03d06697b766cd6fe70cf14d40eb139574e6e6eb1459e7b20b0bffecf906effffffff00000000e8ddc0975c42d2db03d4700869a3c5d26727fab10cb468e9aef89c0a68a04137891c8577f15f597abbf1b1557d65a53be396f41303f8053dbc5e"], 0x50)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000bc0)={{0x14}, [@NFT_MSG_NEWSET={0x5c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_SET_DATA_LEN={0x8, 0x7, 0x1, 0x0, 0x31}, @NFTA_SET_DATA_TYPE={0x8}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x6}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x84}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r1 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0xfe, 0x0, 0x0, 0xfffffffffffffffc, 0x60020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2, @perf_bp={&(0x7f0000000080)}, 0x0, 0x3, 0x0, 0x0, 0x2, 0xfffffffc}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x40, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080)}, 0x10010, 0xffffffffffffdffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r1)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001300)={0x0, r3}, 0x18)
mq_unlink(0x0)
unshare(0x400)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000080)=0x1)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r5)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xb, 0x7, 0x8, 0x8, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

1.666267413s ago: executing program 0 (id=1796):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="7c0000000001010400000000000000000200000024000180140001800800010064514c5cb0b3a739ac0314bb0c00028005000100000000002400028014000180080001000000000008000200ac1414000c0002800500014dc300000008000740000000002c000d800c000380060002004e22000061000100e00000028680ced041df252be08c212336268473e558cb511c02f22fc3e139ac96ae789e243ff6177bf4e301174d87d58ade05d737e9458c3f83de3cc8837d59218e276eea533405186f1774908491db77f8c786c14ea03885623889b3062cd2e696f5fe5ecf3cbb7b40ce17ca"], 0x7c}}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r2}, &(0x7f0000000800), &(0x7f0000000840)=r3}, 0x20)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x50}, 0x9c)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34c8, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r4}, 0x38)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5, 0x0, 0x2}, 0x18)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000002c0)=ANY=[@ANYBLOB="48000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32], 0x48}}, 0x0)
r7 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r7, 0x65, 0x2, &(0x7f0000000280)=0xfffffff3, 0x4)

771.651467ms ago: executing program 0 (id=1818):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e85000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r1}, 0x10)
poll(&(0x7f00000000c0)=[{0xffffffffffffffff, 0x8744}], 0x1, 0x0)

713.446498ms ago: executing program 0 (id=1821):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2bb, &(0x7f0000000440)="$eJzs3UFrE1sYxvGnTW+TprTJhcuFe0E96EY3oY0fQIO0IAaU2hR1IUztREPGpMyESkRsNuLWD+Gq6M6doC7ddCNu3LsrguCmC3HETNImbVrTNklj+/9BmTd5z8OcttPyptDJ2o1n9/NZL5G1ShqMGA1KFa1L8V9VzUDtOFith9WoonOj3z6duH7z1pVUOj01Y8x0avZ80hgzfurNg0cvTr8rjc69Gn8d1mr89trX5OfVf1f/W/sxey/nmZxnCsWSscx8sViy5h3bLOS8fMKYa45tebbJFTzbbepnneLiYtlYhYWx6KJre56xCmWTt8umVDQlt2ysu1auYBKJhBmL6ngbamNNZmVmxkrt2PZDHd0Rum6k1ZOum6q0bmZWerAnAADQZ3af/4NZf+f5Pz0XHNua/18+l9qb/6VOzv8DPf2C9rlK06PfzP84Elw3ZUVrP7/NmP8BAAAAAAAAAAAAAAAAAAAAAPgTrPt+zPf9WP1Y/whLikiqPz7sfaI79vn9v3BI20WHNfzjXkRyni5lljLBMeinssrJka0JxfS9ej3UBPX05fTUhKmK662zXMsvL2VCCtfzdfFW+ZN/TwZ505z/S9HG8ycV0z+tz59smR/W2TMN+YRi+nBHRTlaqF7Xm/nHk8Zcuprekh+prgMAAAAA4ChImA3bXr9X+9UFEW3vB/k9/H1gy+vrIf3fzi0qAQAAAADAgXnlh3nLcWx3H0VY0gHieyj8ga6fonNFSH2xjS3FRUl9sI1eFRFJwTNmP/EvG/G2Un4ba4YkHfTzivTw0jrs30wAAAAAOm1z6N9D6OOTLu4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDjp937gdXXb2vVG7vEG04X0vuNtwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjp2fAQAA//91iCZA")
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)

605.03453ms ago: executing program 0 (id=1826):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e85000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r1}, 0x10)
poll(&(0x7f00000000c0)=[{0xffffffffffffffff, 0x8744}], 0x1, 0x0)

526.206041ms ago: executing program 3 (id=1829):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000080)={0x0, 0x700, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="0209000002"], 0x10}, 0x1, 0xfdffffff}, 0x0)

507.977611ms ago: executing program 0 (id=1831):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
io_setup(0x5, &(0x7f0000000000))
r1 = socket(0x40000000015, 0x5, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r2 = fcntl$dupfd(r1, 0x0, r0)
open_by_handle_at(r2, &(0x7f0000000180)=@OVL_FILEID_V1={0x3a, 0xf8, {'\x00', {0x0, 0xfb, 0x37, 0x4, 0x8, "9d42204d53e828eca1701b02d8d29826", "0b55803c10f05af86c0eff7674130f39c0dff4509a80d153099099ae4701a9030f92"}}}, 0x241502)
socket$inet_mptcp(0x2, 0x1, 0x106)
getsockname$packet(r1, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
perf_event_open(&(0x7f0000000540)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x1, @perf_bp={0x0, 0xc}, 0x115428, 0x0, 0x0, 0x0, 0x5f4b, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={0x50, 0x12, 0x301, 0x70bd06, 0x0, {0x1, 0x40, 0x0, 0x0, {0x4e21, 0x4e24, [], [0x0, 0x1], 0x0, [0x1]}, 0xf0ffff80}, [@INET_DIAG_REQ_BYTECODE={0x4, 0x3}]}, 0x50}, 0x1, 0x0, 0x0, 0x40086}, 0x20000000)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5, 0x0, 0x8}, 0x18)
r6 = gettid()
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r7, &(0x7f0000001340)=[{&(0x7f0000000580)=""/148, 0x94}], 0x1)
readv(r7, &(0x7f0000001240)=[{&(0x7f0000000040)=""/73, 0x49}], 0x1)

507.675871ms ago: executing program 3 (id=1832):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e85000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r1}, 0x10)
poll(&(0x7f00000000c0)=[{0xffffffffffffffff, 0x8744}], 0x1, 0x0)

457.032982ms ago: executing program 3 (id=1834):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
socket$packet(0x11, 0x2, 0x300)
set_mempolicy(0x3, &(0x7f00000000c0)=0x5, 0xa)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd88500000004000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x2, 0x0, 0x40000000000000, 0x80400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000340), 0x4}, 0xc0db, 0xfffffffffffffffd, 0x5, 0x8, 0xd, 0x100, 0x0, 0x0, 0x6, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f0000000000)='cpu<=0||!')
bind$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @remote}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x10, '\x00', r2, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
socket$kcm(0x10, 0x3, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x200, {0x0, 0x0, 0x0, r6, {0xfff2}, {}, {0x9}}}, 0x24}}, 0x0)

403.428543ms ago: executing program 3 (id=1837):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, 0x0, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
r1 = socket$l2tp6(0xa, 0x2, 0x73)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d65746100000000140002800800014000000012080002400000", @ANYRES16=r2], 0xc4}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r5)
getsockname$packet(r5, &(0x7f00000002c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r6, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)=@delchain={0x44, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0xa, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x10, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1}]}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x4000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000180)='f2fs_unlink_enter\x00'}, 0x2f)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r7, &(0x7f0000000040)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0xfffffffc}, 0x1c)
sendmsg$inet6(r1, &(0x7f0000000000)={&(0x7f00000002c0)={0xa, 0x4e04, 0x1009, @loopback, 0x4}, 0x1c, 0x0, 0x0, &(0x7f0000002c00)=ANY=[@ANYBLOB="1400000000000000290000003e0000000100000000000000680000000000000029000000370000001d09000000000000000100010100c2040000000ac2047fffffff00010004012bc20400000000010400000000072000000002067f0100e9070000000000000900000000000000010000000000000004017f000000000000001400000000000000290000000b000000000000010000000014000000000000002900000008"], 0xb0}, 0x8810)

393.406563ms ago: executing program 4 (id=1838):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000040000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r0}, 0x10)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f00000002c0)={0x18, 0x0, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, 'ip6tnl0\x00'}}, 0x1e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='kfree\x00'}, 0x10)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x4000000000000, 0x40, &(0x7f0000001200)=@raw={'raw\x00', 0x4001, 0x3, 0x3a8, 0x0, 0x700001b, 0x148, 0x250, 0x148, 0x310, 0x206, 0x240, 0x310, 0x240, 0x7fffffe, 0x0, {[{{@ip={@local, @rand_addr, 0x0, 0x0, 'tunl0\x00', 'bond_slave_1\x00', {0xff}}, 0x1ea, 0x1e8, 0x250, 0x0, {0x390, 0x8f00}, [@common=@inet=@hashlimit2={{0x150}, {'pim6reg1\x00', {0x5, 0x1ff, 0x1, 0x1, 0x1, 0x100, 0x1, 0x8, 0x20}, {0x8}}}, @common=@inet=@socket2={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x98, 0xc0, 0x0, {}, [@common=@ttl={{0x28}, {0x1, 0x2}}]}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x408)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/resume', 0x169a82, 0x109)
sendfile(r3, r3, 0x0, 0xb)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a00000001000000e27f0000010000", @ANYRES32=0x0], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c0000000400000001"], 0x48)
r6 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f00000002c0)=@req3={0x8001, 0xfc, 0x1, 0x3, 0x6, 0xcb, 0x4}, 0x1c)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYRES16=r5], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r8}, 0x10)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r9, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000780)={0x38, 0x2, 0x3, 0x1, 0x0, 0x0, {0x5, 0x0, 0x4}, [@NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x22}, @NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x11}}, @NFQA_CFG_FLAGS={0x8}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x530}}]}, 0x38}}, 0x4)
dup3(r6, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00'}, 0x10)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r10}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

339.858314ms ago: executing program 2 (id=1839):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2bb, &(0x7f0000000440)="$eJzs3UFrE1sYxvGnTW+TprTJhcuFe0E96EY3oY0fQIO0IAaU2hR1IUztREPGpMyESkRsNuLWD+Gq6M6doC7ddCNu3LsrguCmC3HETNImbVrTNklj+/9BmTd5z8OcttPyptDJ2o1n9/NZL5G1ShqMGA1KFa1L8V9VzUDtOFith9WoonOj3z6duH7z1pVUOj01Y8x0avZ80hgzfurNg0cvTr8rjc69Gn8d1mr89trX5OfVf1f/W/sxey/nmZxnCsWSscx8sViy5h3bLOS8fMKYa45tebbJFTzbbepnneLiYtlYhYWx6KJre56xCmWTt8umVDQlt2ysu1auYBKJhBmL6ngbamNNZmVmxkrt2PZDHd0Rum6k1ZOum6q0bmZWerAnAADQZ3af/4NZf+f5Pz0XHNua/18+l9qb/6VOzv8DPf2C9rlK06PfzP84Elw3ZUVrP7/NmP8BAAAAAAAAAAAAAAAAAAAAAPgTrPt+zPf9WP1Y/whLikiqPz7sfaI79vn9v3BI20WHNfzjXkRyni5lljLBMeinssrJka0JxfS9ej3UBPX05fTUhKmK662zXMsvL2VCCtfzdfFW+ZN/TwZ505z/S9HG8ycV0z+tz59smR/W2TMN+YRi+nBHRTlaqF7Xm/nHk8Zcuprekh+prgMAAAAA4ChImA3bXr9X+9UFEW3vB/k9/H1gy+vrIf3fzi0qAQAAAADAgXnlh3nLcWx3H0VY0gHieyj8ga6fonNFSH2xjS3FRUl9sI1eFRFJwTNmP/EvG/G2Un4ba4YkHfTzivTw0jrs30wAAAAAOm1z6N9D6OOTLu4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDjp937gdXXb2vVG7vEG04X0vuNtwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjp2fAQAA//91iCZA")
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)

323.349014ms ago: executing program 3 (id=1841):
r0 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000280)={'syz_tun\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, r1, 0x1, 0x0, 0x6, @random="518440db9de1"}, 0x14)
r2 = socket(0x200000000000011, 0x2, 0x0)
bind$packet(r2, &(0x7f0000000080)={0x11, 0x800, r1, 0x1, 0x0, 0x6, @random="933c547ecfa7"}, 0x14)
syz_emit_ethernet(0x36, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff"], 0x0)

269.663325ms ago: executing program 3 (id=1842):
bpf$MAP_CREATE(0x0, &(0x7f0000002080)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48)
ioctl$sock_inet_SIOCRTMSG(0xffffffffffffffff, 0x890d, &(0x7f0000000180)={0x0, {0x2, 0x4e24, @private=0xa010101}, {0x2, 0x4e20, @multicast2}, {0x2, 0x4e20, @remote}, 0x4, 0x0, 0x0, 0x0, 0x4, 0x0, 0x8c, 0x1, 0x100})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x18)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0xe)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TCP_QUEUE_SEQ(r1, 0x6, 0x15, &(0x7f0000000080)=0x3884, 0x4)
syz_clone3(&(0x7f00000006c0)={0x102102180, 0x0, 0x0, 0x0, {0x40}, 0x0, 0x0, 0x0, &(0x7f0000000680)=[0x0], 0x1}, 0x58)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f00000002c0)={'veth0_to_batadv\x00', &(0x7f0000000000)=@ethtool_channels={0x3c, 0x5, 0x1000001, 0x0, 0xfffffffd, 0x9, 0x2, 0x0, 0x1}})
prctl$PR_SET_SECUREBITS(0x1c, 0x0)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="0600000004000000be7000005c00000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000b000000d9ae502f3287d0ea5fb92ce530e6000000000fabd454f5dde5fed77a84001d7cb52a33b46212c94823a91dcd235ab9352805b10348bf9d3528b064cd0d4ed239233c94da3a1ae423ca02a7a04f2fd22eb193673c2df261b43a749331a244a5e2e92c62a362855f194867fc893a77265ac87c1f4aa0ca", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000200"/28], 0x48)

227.330916ms ago: executing program 4 (id=1844):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000cf00000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x14, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00', r1}, 0x10)
poll(&(0x7f00000000c0)=[{0xffffffffffffffff, 0x8744}], 0x1, 0x0)

225.308155ms ago: executing program 2 (id=1845):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x25}]}, @NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x28, 0x3, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x18, 0xb, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x4}}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xcc}}, 0x0)

206.103966ms ago: executing program 2 (id=1846):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x5, 0x66, 0x5, 0xdf}]})
pread64(r0, &(0x7f0000000080)=""/148, 0x94, 0x6ea)
r1 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000000540)=@o_path={&(0x7f0000000500)='./file0\x00', 0x0, 0x4000, r0}, 0x18)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000680)={r1, &(0x7f0000000580)="e3a8fcde07e90cb21ce418f86667e505348e662b5ac1d874817a2e7abf2b13664f99de8a20573364d975c852f024ad25c9a69c5afc9f7f2ea50ee81dd22f494865a7f481e4a77494b568441893e689ef94b7b732ccaa4b85986b78179d0bc290d85fd566a2f98b687c11947a6503961a34ce73ffec76b48f343c83def6053090cd2f528cdfb2e348e9b17612288950ee757dacc25bdf34729ca69d35d47b0f1ba4ff1de51a11bf5415421ca76e756e5ac6035c54fbe6bcb788e36f3ac427f7342d"}, 0x20)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
recvmsg$can_bcm(r2, &(0x7f0000003d40)={&(0x7f00000006c0)=@ll={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @remote}, 0x80, &(0x7f0000002c80)=[{&(0x7f0000000740)=""/119, 0x77}, {&(0x7f00000007c0)=""/4096, 0x1000}, {&(0x7f00000017c0)=""/188, 0xbc}, {&(0x7f0000001880)=""/219, 0xdb}, {&(0x7f0000001980)=""/1, 0x1}, {&(0x7f00000019c0)=""/4096, 0x1000}, {&(0x7f00000029c0)=""/106, 0x6a}, {&(0x7f0000002a40)=""/250, 0xfa}, {&(0x7f0000002b40)=""/1, 0x1}, {&(0x7f0000002b80)=""/235, 0xeb}], 0xa, &(0x7f0000002d40)=""/4096, 0x1000}, 0x40012061)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1, &(0x7f0000003d80)=0x401, 0x4)
newfstatat(0xffffffffffffff9c, &(0x7f0000003dc0)='./file0\x00', &(0x7f0000003e00), 0x100)
r4 = open(&(0x7f0000003e80)='./file0/file0\x00', 0x0, 0x100)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_INGRESS_PRIORITY_CMD(r4, 0x8982, &(0x7f0000003ec0))
sendmsg$inet(r4, &(0x7f00000046c0)={&(0x7f0000003f00)={0x2, 0x4e24, @empty}, 0x10, &(0x7f0000004600)=[{&(0x7f0000003f40)="f8a0737a6f4f00e778507c70a37c796e06662daabd611a6bcf090d3cdf9e4c4c7109addd95bec39c2485ca5d83cd04fb66670a2c3cf5d48a764d7f3e5f036451278b22f14904eef31cdf1b1c490cbd9667d55784dd96090bdb19b867c5e9e8dd077413fe64f5e2478784431a7c7cb5ecc784d4cf338bf0ddb230a72cb58b9019465d5c7da1b25de4a2df342161a22cc36cf4792f4e8676c5f2d5b06be9507f10a3461c2b993e87ccc6500bf1", 0xac}, {&(0x7f0000004000)="13feeb1947c3fce51d75289b96be5af25e74d82e036ea554fc7f030246c850e0d6e6aa58bd97f24d2dfb1ea7372cdcadab9800625fa766107add00bd2fcf4ae54f0e2d8b9012f3dddfd6981ac6b4eabed7d3056ec3a0ea06c6f718b4fe1a4da2e846d62a93d2a3b3da5c41a36c9550a14214a3c0294a3c90bf7ab826df6b28e7b1f3668b92840a527804689d5e440cbd98b21d99d7d7887a6cf6ee651d4922943cb0fdf1c4ebd56c6a04b05a801fdf26f165dbd543fb92253e475ff8af6df67ab60d5900f2b0483eccf8fd976ba3cd6b2a6974472fae67fe8d844f667ca8c4a735196443768f61077326bf86a396cffcf3c7c84975150a3e", 0xf8}, {&(0x7f0000004100)="0f7493e085acf5f9cba5b42f3e9561fbd1d73c3927d6767ccac376b93b5c733adc4c637b33fe3a41113068053b6eeae9d8ec40d3bde25840953899329cb3bd44b165be5ac6633b20207b9cea7ac6a412636c3bc3d238cfe15fbaa2af3093c2b18c", 0x61}, {&(0x7f0000004180)="686542e38099c9409a4c3f91b648276a836811f0579345a40f8180c8ba12f0798961516b6b0a378a2f33c053b8ca03d78e185e7c8f72bc48fdd39a64b5a216e7515cdc1cfdab6a1c0564a635dd9f59e2ce8cdd24786013ecbce5bb8121fefc994d2d58928692a515fdf447549bd74dba42ebbfbb3696b174e56251c35b1a39a7c8d19274a1842582f274db048ec5800c15cfc03b558d7a7d55235342dcd0af53", 0xa0}, {&(0x7f0000004240)="1e4d260b1f151a1861c9d55e7bbe8c2008f8309a9777c619a4154d53f125ef5b4a4bfd4f6797ed8d1b6791d8f4947a5c96beb3e2c6e9de4d1e0b3a8e6d972ad6d26fe4bf0ff78f896db09ab63d6b69aa574bbaba24b74116af03d10633d7d124e92823b688cda6bc5e484b971effdd3d71e7ef3f1d3c195042d77e9908416a1269adee8593d10ba027ffe6ee9e252161b4cb137047040c347d828815e9279d45ea0ca1669927d36bb42b698cd4bf24624ae09e9671e3fc7c5b33f7edfbca156308b74a04c7c61927", 0xc8}, {&(0x7f0000004340)="4f9edc62d018bcd0ce35d578ad6e340700356c36514a4dbaa104ece9cbef219f26f6407bef2b4c780ca0efe8634121d8e71549c6ccb1ff4062e7e85ad3aec2fcafd645ca409e6248b8305d5c79111036cbd932cbe621faa978d9636fc4b110b91bbe1c8e64a27af9644df41b3df4980f557f29addea00d4d14e939109ed4c1a10a8b605ef2204784eefd0e9ff098e2437b3bea606375fdffe9f9b9183ce8873f0a2d0a4d4eeeac9fddf1e541e198ababc6cb1c3a1e4f", 0xb6}, {&(0x7f0000004400)="7a8b2703292f185257ea99aaa8a2462022468e4f528dbe40b4016041822f67feea0ea81f97eabd4be822f67ea5a4af50972cea85f8f15609f5390208e3e4a9df31be238e33a35a627063db05bb9bfdee134946e2e171de2fd8ff2dcd3c23f35bfd6995cb653938de8e4dcab3e1bd09029ed7874e8192378778521c98ecd7b6951104951d41e17abab6a126ea4412132c1fcda4dbf5acbf95fd049d5dc730075db625a5b115e85ef00ec4f1861cb8ac1d5d3cb5331fcb4960e390ae030527a07c56c2d01fcbb9191c6b4eeae8342d88cb690c8c527aa471f570f0297d3f4652a404172701b96e40bf39c80a685ba6989661bfd3bc52", 0xf5}, {&(0x7f0000004500)="2f1d659899ecfb0674df725d492983a05a4579d0dd028516de59d9450e64be85ea81c16c1a8c615618b1cffcffec43fcab", 0x31}, {&(0x7f0000004540)="8d3cea8bb52b25582268f0f122b947e0a7c95b371e3ee949cd43887508d27774efd223c71c4b0e6566b13d62a3db7545b2a92190c01eea6ee2c75f7d55f960e19950943b5f0a9d134ded4e22052b93b4c08223a32a72433c7aea1f0c479cb567788b6e27780e80f05039ce7585cb052ea28f17daf339f403c9abfb5d715fd4b61998ff3c332ed213e51ce9945d44163cd4d759b00a4707a554bff23fa15f7fda4f7e33406b3f261141a3a12e65321b9ce8759070b3c3e03b", 0xb8}], 0x9}, 0x8040)
recvfrom$packet(r4, &(0x7f0000004700)=""/44, 0x2c, 0x42, &(0x7f0000004740)={0x11, 0xf6, r3, 0x1, 0x6, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x28}}, 0x14)
setxattr$security_ima(&(0x7f0000004780)='./file0\x00', &(0x7f00000047c0), &(0x7f0000004800)=@sha1={0x1, "7b5e64b8a268de43687fe60b8121b58d26e345cd"}, 0x15, 0x1)
ioctl$SCSI_IOCTL_SEND_COMMAND(r4, 0x1, &(0x7f0000004840)={0x7e, 0x8bc, 0xfffffff8, "04944d3d861de7f9ca44d64e6e3cfba108147eb63ae211004e7f49082935fd0b383644fcaa38596fd3bad015f83b2dd1f4144549a5984c226a9fe59b9db394ab9b3fd861d1c0caa07d2a24391bd674a8dbd35c9e2d11d90df3fda6c8fa374c1dfb78e127f8f7f9dddaf887929688378c476a92bdf76cb206144544015c67"})
read$watch_queue(r4, &(0x7f0000004900)=""/159, 0x9f)
mount(&(0x7f0000004cc0)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000004d00)='./file0\x00', &(0x7f0000004d40)='gadgetfs\x00', 0x200008, &(0x7f0000004d80)='\xaa\xaa\xaa\xaa\xaa')

172.546597ms ago: executing program 4 (id=1847):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
socket$packet(0x11, 0x2, 0x300)
set_mempolicy(0x3, &(0x7f00000000c0)=0x5, 0xa)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd88500000004000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x2, 0x0, 0x40000000000000, 0x80400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000340), 0x4}, 0xc0db, 0xfffffffffffffffd, 0x5, 0x8, 0xd, 0x100, 0x0, 0x0, 0x6, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
ioctl$PERF_EVENT_IOC_SET_FILTER(r4, 0x40082406, &(0x7f0000000000)='cpu<=0||!')
bind$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @remote}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x10, '\x00', r2, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
socket$kcm(0x10, 0x3, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x200, {0x0, 0x0, 0x0, r6, {0xfff2}, {}, {0x9}}}, 0x24}}, 0x0)

172.200016ms ago: executing program 2 (id=1848):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x25}]}, @NFT_MSG_NEWSETELEM={0x14, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x8}}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x98}}, 0x0)

155.183227ms ago: executing program 4 (id=1849):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000080)={0x0, 0x700, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="0209000002"], 0x10}, 0x1, 0xfdffffff}, 0x0)

152.828677ms ago: executing program 1 (id=1850):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000280)='./file0\x00', 0x414, &(0x7f0000000000)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000"], 0x1, 0x2bb, &(0x7f0000000440)="$eJzs3UFrE1sYxvGnTW+TprTJhcuFe0E96EY3oY0fQIO0IAaU2hR1IUztREPGpMyESkRsNuLWD+Gq6M6doC7ddCNu3LsrguCmC3HETNImbVrTNklj+/9BmTd5z8OcttPyptDJ2o1n9/NZL5G1ShqMGA1KFa1L8V9VzUDtOFith9WoonOj3z6duH7z1pVUOj01Y8x0avZ80hgzfurNg0cvTr8rjc69Gn8d1mr89trX5OfVf1f/W/sxey/nmZxnCsWSscx8sViy5h3bLOS8fMKYa45tebbJFTzbbepnneLiYtlYhYWx6KJre56xCmWTt8umVDQlt2ysu1auYBKJhBmL6ngbamNNZmVmxkrt2PZDHd0Rum6k1ZOum6q0bmZWerAnAADQZ3af/4NZf+f5Pz0XHNua/18+l9qb/6VOzv8DPf2C9rlK06PfzP84Elw3ZUVrP7/NmP8BAAAAAAAAAAAAAAAAAAAAAPgTrPt+zPf9WP1Y/whLikiqPz7sfaI79vn9v3BI20WHNfzjXkRyni5lljLBMeinssrJka0JxfS9ej3UBPX05fTUhKmK662zXMsvL2VCCtfzdfFW+ZN/TwZ505z/S9HG8ycV0z+tz59smR/W2TMN+YRi+nBHRTlaqF7Xm/nHk8Zcuprekh+prgMAAAAA4ChImA3bXr9X+9UFEW3vB/k9/H1gy+vrIf3fzi0qAQAAAADAgXnlh3nLcWx3H0VY0gHieyj8ga6fonNFSH2xjS3FRUl9sI1eFRFJwTNmP/EvG/G2Un4ba4YkHfTzivTw0jrs30wAAAAAOm1z6N9D6OOTLu4IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDjp937gdXXb2vVG7vEG04X0vuNtwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjp2fAQAA//91iCZA")
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)

147.394167ms ago: executing program 2 (id=1851):
r0 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000200)={[{@max_batch_time={'max_batch_time', 0x3d, 0x358}}, {@resuid}, {@stripe={'stripe', 0x3d, 0x9}}]}, 0x3, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==")
dup2(r0, r0)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
dup2(r1, r1)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r2, 0x10001, 0x0)

121.341537ms ago: executing program 4 (id=1852):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x25}]}, @NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x28, 0x3, 0x0, 0x1, [{0x24, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x18, 0xb, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @limit={{0xa}, @val={0x4}}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xcc}}, 0x0)

91.366558ms ago: executing program 4 (id=1853):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc11a900e8d164a40, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000140)={'veth1_to_team\x00', @link_local})
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r3)
syz_usb_connect(0x2, 0x36, &(0x7f0000000000)=ANY=[], 0x0)
ioctl$EVIOCGBITSW(r3, 0x5509, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_WAIT(r3, 0x942e, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="19000000040000000400"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r4, &(0x7f0000000100), &(0x7f0000000000), 0x2}, 0x20)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x40000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r5, 0x401054d5, &(0x7f0000000440)={0x1, &(0x7f0000000000)=[{0x1d, 0x0, 0x7}]})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="240000001900010000000000fbdbdf258020"], 0x24}}, 0x8000)
fcntl$setlease(r6, 0x400, 0x0)
statfs(&(0x7f0000000400)='./file1/file0\x00', &(0x7f00000004c0)=""/116)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="9feb2000180a0000000000001c0000001c000000080000000700000000000008000000000600000000000001000000002c005d030000002e615f30007b3269fa"], 0x0, 0x3c, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f0000000300)=[{&(0x7f0000001240)=""/4096, 0x1000}, {&(0x7f00000000c0)=""/177, 0xb1}, {&(0x7f0000000180)=""/155, 0x9b}, {&(0x7f0000000240)=""/80, 0x50}], 0x4)

80.020668ms ago: executing program 1 (id=1854):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="2400000020100103001000000000000002000000"], 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)

61.206908ms ago: executing program 2 (id=1855):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000cc0)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_io_uring_setup(0x7540, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0x208000}, &(0x7f0000000100), &(0x7f0000000200)=<r3=>0x0)
r4 = syz_io_uring_setup(0x34ef, &(0x7f0000000400)={0x0, 0x0, 0x1}, &(0x7f00000003c0)=<r5=>0x0, &(0x7f0000001480))
syz_io_uring_submit(r5, r3, &(0x7f00000001c0)=@IORING_OP_MSG_RING={0x28, 0x0, 0x0, r4, 0x0, 0x0})
io_uring_enter(r2, 0x2003, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f0000000680)={[{@noauto_da_alloc}, {@errors_remount}, {@barrier_val={'barrier', 0x3d, 0xff}}, {@quota}, {@inlinecrypt}]}, 0xff, 0x53c, &(0x7f0000000140)="$eJzs3c1rJGkZAPCnerpnkpnMJqsedGHX1V2ZWXS6k427GzysK4ieFsTd+xiTTgjppEO6szsJi2bAuyCigie9eBH8AwQZ8OJRhAU9K6woorMKetAt6erKd3WSme1JZzq/H9TU+9bX87w1qeqqrpfqAC6sZyPitYj4IE3TFyJiPJ9eyofY7g6d5d6//85cZ0giTd/4exJJPm1nW0k+vpavNhIRX/9qxDeTo3Fbm1vLs41GfT2v19ora7XW5tatpZXZxfpifXV6eurlmVdmXpqZfMiWVQ7UrkfEq1/+8w+++7OvvPqrz739p9t/vfmtTlpj+fz97XhA5eNmdpteuTJyaIX1hwx2HpX37+3R061z9xHmAwBAb51r/I9ExKcj4oUYj0vHX84CAAAAj6H0i2Px3yQiLXa5x3QAAADgMVLK+sAmpWreF2AsSqVqtduH92NxtdRottqfXWhurM53+8pORKW0sNSoT+Z9hSeiknTqU1l5r/7iofp0RDwZEd8fH83q1blmY37QX34AAADABXHt4P3/6L/Gu/f/AAAAwJCZGHQCAAAAwCPn/h8AAACGn/t/AAAAGGpfe/31zpDu/P71/FubG8vNt27N11vL1ZWNuepcc32tuthsLmbv7Fs5aXuNZnPt87G6cafWrrfatdbm1u2V5sZq+/ZSjJxJgwAAAIAjnvzkvT8kEbH9hdFs6Lg86KSAM1HeLSX5uODo/+MT3fF7Z5QUcCYunWKZ964UT3edAI+38uEJPY51YPhUBp0AMHDJCfN7dt75bT7+VH/zAQAA+u/GJ4qf/5dOXHP75EWAc81BDBfXoef/6figEgHOXPb8/7QdeVwswFCpnKoHIDDMPvTz/xOl6QMlBAAA9N1YNiSlav713liUStVqxPXsZwEqycJSoz4ZEU9ExO/HK1c69alszeTEewYAAAAAAAAAAAAAAAAAAAAAAAAAoCtNk0gBAACAoRZR+kvy6+67/G+MPz92+PuBy8l/sp8EvhwRb//4jR/emW2316c60/+xO739o3z6ixHx5ncG8TUGAAAAsM/OfXo2/vegswEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg2Lx//525neHAjErh4qP9ivu3L0XERFH8coxk45Eshav/TKK8b70kIi71If723Yj4eFH8pJPWbsii+P3YCSfEj4l8LxTFv9aH+HCR3eucf14rOv5K8Ww2Lj7+yhEH6g+r9/kvds9/l3oc/9dPGeOpd39R6xn/bsRT5eLzz078pEf8504Z/xtvbm31mpf+JOLGzudPdsbbH2GvVGuvrNVam1u3llZmF+uL9dXp6amXZ16ZeWlmsraw1Kjn/xbG+N7Tv/zguPZfLfz8S/Jserf/+YLtFX0m/e/dO/c/ulPZPhr/5nMF8X/z03yJo/FLeZzP5OUkkmwfZuXt7v7c75mf/+6Z49o/v9f+yoP8/9/stdHDjhwoT5/2TwcAeARam1vLs41GfX1oC5279HOQhsI5LHy7rxtM0zTtHFMFs+5FRO/VK7t/okn0uaWl4nz2Cj3PAIM+MwEAAP22d9E/6EwAAAAAAAAAAAAAAAAAAADg4jqLt6wdjrn3CuSkH6/QBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoi/8HAAD//5Zg0yw=")
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0x40086602, &(0x7f0000000080)=0x4)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000050)
sendto$inet6(r7, &(0x7f0000000080)="a4", 0x1, 0x2000c810, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, 0xffffffff}, 0x1c)

41.618819ms ago: executing program 1 (id=1856):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c00000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_256={{0x304}, "76f7bc3e4ae1c84c", "af193cff4810ba5ac120d096eb00b40752095b4285514ca312c52e3a08756735", '8\x00', "bc3a20b10f4ad11e"}, 0x38)
close(r2)

41.137899ms ago: executing program 1 (id=1857):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_256={{0x304}, "76f7bc3e4ae1c84c", "af193cff4810ba5ac120d096eb00b40752095b4285514ca312c52e3a08756735", '8\x00', "bc3a20b10f4ad11e"}, 0x38)
close(r2)

23.721849ms ago: executing program 1 (id=1858):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000002d00090027bd70000000000002"], 0x20}}, 0x84)
syz_emit_ethernet(0x6e, &(0x7f0000000340)={@local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "00cd04", 0x38, 0x3a, 0x0, @private1, @mcast2, {[], @time_exceed={0x3, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "0bae2b", 0x0, 0x2f, 0x0, @empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [@fragment={0x87}]}}}}}}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
listxattr(0x0, 0x0, 0x0)
unshare(0x2a020400)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
inotify_init()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
signalfd(0xffffffffffffffff, 0x0, 0x0)
r1 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
mq_timedsend(r1, 0x0, 0x0, 0x6, 0x0)
mq_timedreceive(r1, &(0x7f0000004600)=""/102381, 0xfffffceb, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000300)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback, 0xfffffffe}, 0x1c)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=0x0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)

0s ago: executing program 1 (id=1859):
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40007, 0x4, @perf_bp={0x0}, 0x0, 0x4, 0x800000, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x20, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, 0x0, &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b703000000090000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
r3 = socket$kcm(0x29, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x41, &(0x7f0000000300)=0x2028, 0x4)
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f00000000c0), 0x2, 0xbd1, &(0x7f0000002380)="$eJzs3M1rHOcZAPBnRquVbKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKCK0/kFRcyTqskn8gX+dALoEkJiGH+OxLQnLNJbGvCTkETFCsBEJIFGY/pI2lleR4V6PIvx+8mvedd7TP8+ywO/PC7gbwxBrJ/qQRxyLiYhJRau5PI6JY7w1G1BrHra4sTX65sjSZxNravz5LIomIBytLk63HSprbI83BYES8/9ckfvb05rhzC4szE9VqZbY5Pjl/5frJuYXFP0xfmbhcuVy5Onb6T+Onxk+PnhnvWq1ffXTu9he/+fsnta9f/ebW58+/nMS5GGrOtdfRLSMxsv6ctCtExES3g+Wkr1lPe51JYYd/SnucFAAAHaVt93C/iFL0xcbNWyne/iDX5AAAAICuWOuLWAMAAAAOuMT6HwAAAA641ucAHqwsTbZavp9I2Fv3z0fEcKP+1WZrzBSiVt8ORn9EHH6QRPvXWpPGvz22kYj4+N6ZN7IWPfoe8nZqyxHxy63Of1Kvf7j+Le7N9acRMdqF+CMPjX9M9Z/rQvy86wfgyXTnfONCtvn6l67f/8QW17/CFteuHyLv61/r/m910/3fRv19He7//rnLGDdfefFGp7ms/j/f/tvrrZbFz7aPVdQjuL8c8avCVvUn6/UnHeq/uMsYpW9vVDrN5V3/2ksRx2Pr+luS7X+f6OTUdLUy2vi7ZYzl98Zf6xQ/7/qz83+4Q/2t33/qdP6v7zLGfy5ceHPTznsb3e3rTz8tJv+u94rNPf+fmJ+fHYsoJv/YvP/U9rm0jmk9Rlb/id9u//rfqv7sPaHWfB6ytcByc5uNn3oo5l9u3XyrUz6t9V+e5/9Sh/PfXv+7hc3n/5ldxvjdO8+d6DTXvv7NWha/tRYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJY0IoYiScvr/TQtlyOORMTP43BavTY3//upa/+7eimbixiO/nRquloZjYhSY5xk47F6f2N86qHxHyPiaES8UDpUH5cnr1Uv5V08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA645ExFAkaTki0ohYLaVpuZx3VgAAAEDXDeedAAAAANBz1v8AAABw8Fn/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GNHf33nbhIRtbOH6i1TbM7155oZ0Gtp3gkAuenLOwEgN4W8EwBy84hrfLcLcAAlO8wPdpwZ6HouAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/duZtERO3soXrLFJtz/blmBvRa2tZPcswD2Ht9200W9i4PYO95icOTyxof2GntP7hxTO37MwM9ywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/Weo3pK0HBHF5r5yOeInETEc/cnUdLUyGhE/jYgPS/0D2Xgs55wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovrmFxZmJarUym3XSaHbW9/Sg09eM3MMQvekkjbxr+yWfg90ZeHanY/4bjxmiGPui0n3ayfNdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvMwtLM5MVKuV2bm8MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyNrewODNRrVZme9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzXQAAAP//jAsGRw==")
r4 = inotify_init1(0x0)
inotify_add_watch(r4, &(0x7f0000000380)='./file0\x00', 0x20000202)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0)
getdents64(r5, 0x0, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001fff000000000000000000060000", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
syslog(0x2, &(0x7f0000000200)=""/224, 0xe0)

kernel console output (not intermixed with test programs):

338][ T6419] xt_hashlimit: size too large, truncated to 1048576
[   84.104720][ T6443] netlink: 4 bytes leftover after parsing attributes in process `syz.3.827'.
[   84.141645][ T6447] SELinux:  Context system_u:object_r:semanage_exec_t:s0 is not valid (left unmapped).
[   84.205330][ T6433] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   84.213863][ T6433] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   84.223475][ T6433] netlink: 'syz.1.824': attribute type 39 has an invalid length.
[   84.278064][ T6456] loop0: detected capacity change from 0 to 128
[   84.292562][ T6456] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   84.306302][ T6456] ext4 filesystem being mounted at /150/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   84.340617][ T3312] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   84.358273][   T29] kauditd_printk_skb: 466 callbacks suppressed
[   84.358339][   T29] audit: type=1326 audit(1743724420.850:3579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6463 comm="syz.0.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f563c39d169 code=0x7ffc0000
[   84.389198][   T29] audit: type=1326 audit(1743724420.850:3580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6463 comm="syz.0.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f563c39d169 code=0x7ffc0000
[   84.401953][ T6466] loop0: detected capacity change from 0 to 512
[   84.412798][   T29] audit: type=1326 audit(1743724420.850:3581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6463 comm="syz.0.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f563c39d169 code=0x7ffc0000
[   84.442434][   T29] audit: type=1326 audit(1743724420.850:3582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6463 comm="syz.0.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f563c39d169 code=0x7ffc0000
[   84.454128][ T6466] EXT4-fs (loop0): orphan cleanup on readonly fs
[   84.466109][   T29] audit: type=1326 audit(1743724420.850:3583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6463 comm="syz.0.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f563c39d169 code=0x7ffc0000
[   84.475352][ T6466] EXT4-fs warning (device loop0): ext4_enable_quotas:7170: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[   84.495509][   T29] audit: type=1326 audit(1743724420.850:3584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6463 comm="syz.0.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f563c39d169 code=0x7ffc0000
[   84.511932][ T6466] EXT4-fs (loop0): Cannot turn on quotas: error -22
[   84.533482][   T29] audit: type=1326 audit(1743724420.850:3585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6463 comm="syz.0.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f563c39d169 code=0x7ffc0000
[   84.533536][   T29] audit: type=1326 audit(1743724420.850:3586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6463 comm="syz.0.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f563c39d169 code=0x7ffc0000
[   84.533561][   T29] audit: type=1326 audit(1743724420.850:3587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6463 comm="syz.0.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f563c39d169 code=0x7ffc0000
[   84.566177][ T6466] EXT4-fs error (device loop0): ext4_ext_check_inode:524: inode #13: comm syz.0.836: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   84.586918][   T29] audit: type=1326 audit(1743724420.850:3588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6463 comm="syz.0.835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f563c39d169 code=0x7ffc0000
[   84.651999][ T6466] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.836: couldn't read orphan inode 13 (err -117)
[   84.664526][ T6466] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   84.792592][ T6474] netlink: 4 bytes leftover after parsing attributes in process `syz.4.839'.
[   84.919457][ T6490] usb usb1: usbfs: process 6490 (syz.1.844) did not claim interface 0 before use
[   84.921501][ T6492] loop4: detected capacity change from 0 to 128
[   84.947478][ T6492] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   84.959992][ T6492] ext4 filesystem being mounted at /175/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   84.986444][ T3314] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   85.067460][ T6504] netlink: 'syz.4.850': attribute type 4 has an invalid length.
[   85.197249][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.236244][ T6519] usb usb1: usbfs: process 6519 (syz.4.856) did not claim interface 0 before use
[   85.263307][ T6523] loop3: detected capacity change from 0 to 128
[   85.282749][ T6523] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   85.299301][ T6523] ext4 filesystem being mounted at /183/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   85.325644][ T3310] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   85.363211][ T6511] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   85.378265][ T6511] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   85.392763][ T6511] netlink: 'syz.2.852': attribute type 39 has an invalid length.
[   85.411103][ T6538] xt_hashlimit: size too large, truncated to 1048576
[   85.543907][ T6544] loop3: detected capacity change from 0 to 2048
[   85.777806][ T6547] loop0: detected capacity change from 0 to 512
[   85.784441][ T6547] EXT4-fs: inline encryption not supported
[   85.796430][ T6547] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.867: bg 0: block 248: padding at end of block bitmap is not set
[   85.810998][ T6547] EXT4-fs (loop0): Remounting filesystem read-only
[   85.817680][ T6547] EXT4-fs (loop0): 1 truncate cleaned up
[   85.823930][ T6547] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.837016][ T6547] ext4 filesystem being mounted at /159/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.859407][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.941029][ T6559] xt_CT: You must specify a L4 protocol and not use inversions on it
[   86.105290][ T6576] 9pnet_fd: Insufficient options for proto=fd
[   86.446652][ T6591] xt_CT: You must specify a L4 protocol and not use inversions on it
[   86.688459][ T6596] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   86.705145][ T6596] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   86.713516][ T6596] netlink: 'syz.3.883': attribute type 39 has an invalid length.
[   86.725371][ T6596] netlink: 8 bytes leftover after parsing attributes in process `syz.3.883'.
[   87.098076][ T6604] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   87.106783][ T6604] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   87.115563][ T6604] netlink: 'syz.0.887': attribute type 39 has an invalid length.
[   87.190650][ T6621] netlink: 4 bytes leftover after parsing attributes in process `syz.1.894'.
[   87.355922][ T6635] netlink: 24 bytes leftover after parsing attributes in process `syz.4.899'.
[   87.451982][ T6631] loop3: detected capacity change from 0 to 512
[   87.458714][ T6631] EXT4-fs: inline encryption not supported
[   87.487832][ T6631] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.898: bg 0: block 248: padding at end of block bitmap is not set
[   87.504991][ T6631] EXT4-fs (loop3): Remounting filesystem read-only
[   87.511720][ T6631] EXT4-fs (loop3): 1 truncate cleaned up
[   87.517795][ T6631] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.530317][ T6631] ext4 filesystem being mounted at /192/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.578872][ T6647] xt_CT: You must specify a L4 protocol and not use inversions on it
[   88.120761][ T6631] Set syz1 is full, maxelem 65536 reached
[   88.168976][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.245798][ T6671] xt_CT: You must specify a L4 protocol and not use inversions on it
[   88.365669][ T6685] xt_CT: You must specify a L4 protocol and not use inversions on it
[   88.411334][ T6678] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   88.428146][ T6678] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   88.436449][ T6678] netlink: 'syz.2.915': attribute type 39 has an invalid length.
[   88.448775][ T6678] netlink: 8 bytes leftover after parsing attributes in process `syz.2.915'.
[   88.496027][ T6693] netlink: 4 bytes leftover after parsing attributes in process `syz.3.921'.
[   88.630730][ T6713] netlink: 24 bytes leftover after parsing attributes in process `syz.1.928'.
[   88.718342][ T6718] loop0: detected capacity change from 0 to 128
[   88.725936][ T6718] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   88.739201][ T6718] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   88.778230][ T6726] loop4: detected capacity change from 0 to 128
[   88.785726][ T6726] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   88.799489][ T6726] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   88.811723][ T6726] FAULT_INJECTION: forcing a failure.
[   88.811723][ T6726] name failslab, interval 1, probability 0, space 0, times 0
[   88.824472][ T6726] CPU: 1 UID: 0 PID: 6726 Comm: syz.4.935 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(voluntary) 
[   88.824505][ T6726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   88.824519][ T6726] Call Trace:
[   88.824527][ T6726]  <TASK>
[   88.824536][ T6726]  dump_stack_lvl+0xf6/0x150
[   88.824565][ T6726]  dump_stack+0x15/0x1a
[   88.824651][ T6726]  should_fail_ex+0x261/0x270
[   88.824678][ T6726]  should_failslab+0x8f/0xb0
[   88.824761][ T6726]  kmem_cache_alloc_noprof+0x59/0x340
[   88.824818][ T6726]  ? getname_flags+0x81/0x3b0
[   88.824847][ T6726]  getname_flags+0x81/0x3b0
[   88.824870][ T6726]  user_path_at+0x26/0x140
[   88.824960][ T6726]  __se_sys_mount+0x25e/0x2e0
[   88.825010][ T6726]  ? fput+0x99/0xd0
[   88.825035][ T6726]  __x64_sys_mount+0x67/0x80
[   88.825075][ T6726]  x64_sys_call+0xd11/0x2e10
[   88.825100][ T6726]  do_syscall_64+0xc9/0x1c0
[   88.825135][ T6726]  ? clear_bhb_loop+0x25/0x80
[   88.825156][ T6726]  ? clear_bhb_loop+0x25/0x80
[   88.825184][ T6726]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.825210][ T6726] RIP: 0033:0x7ff97113d169
[   88.825227][ T6726] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.825250][ T6726] RSP: 002b:00007ff96f7a7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   88.825289][ T6726] RAX: ffffffffffffffda RBX: 00007ff971355fa0 RCX: 00007ff97113d169
[   88.825335][ T6726] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000000
[   88.825349][ T6726] RBP: 00007ff96f7a7090 R08: 0000000000000000 R09: 0000000000000000
[   88.825364][ T6726] R10: 0000000000000021 R11: 0000000000000246 R12: 0000000000000001
[   88.825377][ T6726] R13: 0000000000000000 R14: 00007ff971355fa0 R15: 00007fff8b03f448
[   88.825401][ T6726]  </TASK>
[   89.029354][ T6738] capability: warning: `syz.0.941' uses deprecated v2 capabilities in a way that may be insecure
[   89.042954][ T6738] loop0: detected capacity change from 0 to 128
[   89.119104][ T6743] netlink: 24 bytes leftover after parsing attributes in process `syz.0.942'.
[   89.237463][ T6749] xt_hashlimit: max too large, truncated to 1048576
[   89.659446][   T29] kauditd_printk_skb: 517 callbacks suppressed
[   89.659467][   T29] audit: type=1326 audit(1743724426.150:4102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6756 comm="syz.1.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[   89.689177][   T29] audit: type=1326 audit(1743724426.150:4103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6756 comm="syz.1.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[   89.715024][   T29] audit: type=1326 audit(1743724426.200:4104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6756 comm="syz.1.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[   89.738626][   T29] audit: type=1326 audit(1743724426.200:4105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6756 comm="syz.1.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[   89.761986][   T29] audit: type=1326 audit(1743724426.200:4106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6756 comm="syz.1.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[   89.785347][   T29] audit: type=1326 audit(1743724426.200:4107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6756 comm="syz.1.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[   89.808700][   T29] audit: type=1326 audit(1743724426.200:4108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6756 comm="syz.1.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[   89.832054][   T29] audit: type=1326 audit(1743724426.200:4109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6756 comm="syz.1.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[   89.855366][   T29] audit: type=1326 audit(1743724426.210:4110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6756 comm="syz.1.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[   89.880374][   T29] audit: type=1326 audit(1743724426.210:4111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6756 comm="syz.1.946" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[   89.911135][ T6759] xt_hashlimit: max too large, truncated to 1048576
[   89.936455][ T6761] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.009129][ T6761] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.041599][ T6769] FAULT_INJECTION: forcing a failure.
[   90.041599][ T6769] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   90.054807][ T6769] CPU: 0 UID: 0 PID: 6769 Comm: syz.1.951 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(voluntary) 
[   90.054843][ T6769] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   90.054859][ T6769] Call Trace:
[   90.054868][ T6769]  <TASK>
[   90.054878][ T6769]  dump_stack_lvl+0xf6/0x150
[   90.054976][ T6769]  dump_stack+0x15/0x1a
[   90.054993][ T6769]  should_fail_ex+0x261/0x270
[   90.055022][ T6769]  should_fail+0xb/0x10
[   90.055045][ T6769]  should_fail_usercopy+0x1a/0x20
[   90.055094][ T6769]  _copy_from_user+0x1c/0xa0
[   90.055134][ T6769]  copy_from_sockptr_offset+0x6d/0xb0
[   90.055181][ T6769]  do_ipt_set_ctl+0x68a/0x8a0
[   90.055235][ T6769]  nf_setsockopt+0x195/0x1b0
[   90.055273][ T6769]  ip_setsockopt+0xea/0x100
[   90.055317][ T6769]  udp_setsockopt+0x95/0xb0
[   90.055383][ T6769]  sock_common_setsockopt+0x64/0x80
[   90.055406][ T6769]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   90.055428][ T6769]  __sys_setsockopt+0x187/0x200
[   90.055487][ T6769]  __x64_sys_setsockopt+0x66/0x80
[   90.055519][ T6769]  x64_sys_call+0x2a09/0x2e10
[   90.055548][ T6769]  do_syscall_64+0xc9/0x1c0
[   90.055623][ T6769]  ? clear_bhb_loop+0x25/0x80
[   90.055652][ T6769]  ? clear_bhb_loop+0x25/0x80
[   90.055682][ T6769]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.055769][ T6769] RIP: 0033:0x7f835933d169
[   90.055855][ T6769] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.055904][ T6769] RSP: 002b:00007f83579a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   90.055929][ T6769] RAX: ffffffffffffffda RBX: 00007f8359555fa0 RCX: 00007f835933d169
[   90.055947][ T6769] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000006
[   90.055964][ T6769] RBP: 00007f83579a7090 R08: 0000000000000538 R09: 0000000000000000
[   90.055980][ T6769] R10: 0000200000000540 R11: 0000000000000246 R12: 0000000000000001
[   90.055996][ T6769] R13: 0000000000000000 R14: 00007f8359555fa0 R15: 00007ffcd4ca8228
[   90.056054][ T6769]  </TASK>
[   90.099804][ T6774] FAULT_INJECTION: forcing a failure.
[   90.099804][ T6774] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   90.099852][ T6774] CPU: 1 UID: 0 PID: 6774 Comm: syz.0.952 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(voluntary) 
[   90.099884][ T6774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   90.099898][ T6774] Call Trace:
[   90.099904][ T6774]  <TASK>
[   90.099912][ T6774]  dump_stack_lvl+0xf6/0x150
[   90.099939][ T6774]  dump_stack+0x15/0x1a
[   90.099988][ T6774]  should_fail_ex+0x261/0x270
[   90.100016][ T6774]  should_fail+0xb/0x10
[   90.100065][ T6774]  should_fail_usercopy+0x1a/0x20
[   90.100121][ T6774]  _copy_to_user+0x20/0xa0
[   90.100161][ T6774]  simple_read_from_buffer+0xb2/0x130
[   90.100192][ T6774]  proc_fail_nth_read+0x103/0x140
[   90.100306][ T6774]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   90.100475][ T6774]  vfs_read+0x1b2/0x710
[   90.100590][ T6774]  ? __rcu_read_unlock+0x4e/0x70
[   90.100624][ T6774]  ? __fget_files+0x186/0x1c0
[   90.100683][ T6774]  ksys_read+0xeb/0x1b0
[   90.100713][ T6774]  __x64_sys_read+0x42/0x50
[   90.100740][ T6774]  x64_sys_call+0x2a3b/0x2e10
[   90.100838][ T6774]  do_syscall_64+0xc9/0x1c0
[   90.100866][ T6774]  ? clear_bhb_loop+0x25/0x80
[   90.100890][ T6774]  ? clear_bhb_loop+0x25/0x80
[   90.100917][ T6774]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.100943][ T6774] RIP: 0033:0x7f563c39bb7c
[   90.101018][ T6774] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   90.101041][ T6774] RSP: 002b:00007f563a9e6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   90.101064][ T6774] RAX: ffffffffffffffda RBX: 00007f563c5b6080 RCX: 00007f563c39bb7c
[   90.101080][ T6774] RDX: 000000000000000f RSI: 00007f563a9e60a0 RDI: 0000000000000007
[   90.101096][ T6774] RBP: 00007f563a9e6090 R08: 0000000000000000 R09: 0000000000000000
[   90.101151][ T6774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.101165][ T6774] R13: 0000000000000000 R14: 00007f563c5b6080 R15: 00007ffc1ca44ac8
[   90.101192][ T6774]  </TASK>
[   90.102286][ T6761] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.502719][ T6784] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   90.517207][ T6783] netlink: 4 bytes leftover after parsing attributes in process `syz.0.956'.
[   90.525802][ T6784] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   90.538818][ T6784] netlink: 'syz.1.954': attribute type 39 has an invalid length.
[   90.569197][ T6761] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   90.585445][ T6784] netlink: 8 bytes leftover after parsing attributes in process `syz.1.954'.
[   90.647344][ T6761] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.647361][ T6794] loop0: detected capacity change from 0 to 512
[   90.667747][ T6761] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.677521][ T6794] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.692333][ T6761] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.706374][ T6794] ext4 filesystem being mounted at /175/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.720231][ T6794] netlink: 4 bytes leftover after parsing attributes in process `syz.0.960'.
[   90.721493][ T6761] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.729412][ T6792] loop3: detected capacity change from 0 to 512
[   90.744104][ T6792] EXT4-fs: inline encryption not supported
[   90.788215][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.812679][ T6792] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.959: bg 0: block 248: padding at end of block bitmap is not set
[   90.827743][ T6792] EXT4-fs (loop3): Remounting filesystem read-only
[   90.834448][ T6792] EXT4-fs (loop3): 1 truncate cleaned up
[   90.840790][ T6792] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   90.853792][ T6792] ext4 filesystem being mounted at /200/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.907036][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.918952][ T6799] loop2: detected capacity change from 0 to 512
[   90.927426][ T6799] EXT4-fs: inline encryption not supported
[   90.944757][ T6813] loop3: detected capacity change from 0 to 128
[   90.952866][ T6813] EXT4-fs: Ignoring removed nobh option
[   90.969322][ T6813] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[   90.969352][ T6813] EXT4-fs: failed to create workqueue
[   90.970497][ T6799] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.961: bg 0: block 248: padding at end of block bitmap is not set
[   90.978868][ T6813] EXT4-fs (loop3): mount failed
[   90.984559][ T6799] EXT4-fs (loop2): Remounting filesystem read-only
[   91.010871][ T6799] EXT4-fs (loop2): 1 truncate cleaned up
[   91.017661][ T6799] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.030302][ T6799] ext4 filesystem being mounted at /176/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.062709][ T6824] Invalid ELF header magic: != ELF
[   91.085989][ T3593] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.095842][ T6820] xt_hashlimit: size too large, truncated to 1048576
[   91.164076][ T6828] netlink: 4 bytes leftover after parsing attributes in process `syz.2.967'.
[   91.253463][ T6835] xt_CT: You must specify a L4 protocol and not use inversions on it
[   91.307765][ T6841] loop4: detected capacity change from 0 to 512
[   91.333082][ T6841] EXT4-fs: Ignoring removed oldalloc option
[   91.341486][ T6845] netlink: 4 bytes leftover after parsing attributes in process `syz.1.971'.
[   91.353861][ T6841] EXT4-fs error (device loop4): ext4_xattr_inode_iget:433: comm syz.4.969: Parent and EA inode have the same ino 15
[   91.367071][ T6841] EXT4-fs (loop4): Remounting filesystem read-only
[   91.373747][ T6841] EXT4-fs warning (device loop4): ext4_evict_inode:262: couldn't mark inode dirty (err -30)
[   91.385777][ T6843] netlink: 4 bytes leftover after parsing attributes in process `syz.2.970'.
[   91.504343][ T6841] EXT4-fs (loop4): 1 orphan inode deleted
[   91.510574][ T6841] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.581859][ T6857] xt_CT: You must specify a L4 protocol and not use inversions on it
[   91.597839][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.651670][ T6863] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.709510][ T6869] xt_CT: No such helper "snmp_trap"
[   91.727719][ T6873] dvmrp5: entered allmulticast mode
[   91.738860][ T6863] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.759091][ T6873] dvmrp5: left allmulticast mode
[   91.878130][ T6863] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.882061][ T6880] xt_hashlimit: size too large, truncated to 1048576
[   92.038397][ T6863] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.128049][ T6894] 8021q: adding VLAN 0 to HW filter on device bond1
[   92.151328][ T6894] dvmrp5: entered allmulticast mode
[   92.157345][ T6894] dvmrp5: left allmulticast mode
[   92.270101][ T6903] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.286796][ T6905] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.307682][ T6903] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.357045][ T6905] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.387851][ T6917] netlink: 'syz.3.994': attribute type 4 has an invalid length.
[   92.397025][ T6903] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.416616][ T6917] netlink: 'syz.3.994': attribute type 4 has an invalid length.
[   92.446293][ T6905] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.486352][ T6903] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.528628][ T6905] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   92.590584][ T6903] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.601709][ T6903] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.612587][ T6903] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.623980][ T6903] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.647209][ T6905] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   92.664661][ T6905] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   92.690223][ T6905] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   92.690961][ T6932] xt_CT: You must specify a L4 protocol and not use inversions on it
[   92.704153][ T6905] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   92.758921][ T6939] xt_CT: You must specify a L4 protocol and not use inversions on it
[   92.766507][ T6942] loop1: detected capacity change from 0 to 512
[   92.781695][ T6942] EXT4-fs: Ignoring removed mblk_io_submit option
[   92.791899][ T6942] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   92.813817][ T6942] EXT4-fs (loop1): 1 truncate cleaned up
[   92.820095][ T6942] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.840513][ T6946] loop2: detected capacity change from 0 to 8192
[   92.848248][ T6946] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   93.490240][ T7062] xt_TCPMSS: Only works on TCP SYN packets
[   93.512388][ T6863] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   93.529067][ T6863] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   93.540820][ T6863] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   93.547314][ T6863] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   93.640130][ T7087] xt_CT: You must specify a L4 protocol and not use inversions on it
[   93.692417][ T7088] __nla_validate_parse: 4 callbacks suppressed
[   93.692431][ T7088] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1011'.
[   93.721065][ T7092] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1015'.
[   93.782003][ T7103] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1017'.
[   93.812524][ T7108] loop4: detected capacity change from 0 to 512
[   93.828297][ T7108] ext4 filesystem being mounted at /213/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.841711][ T7108] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1018'.
[   93.888182][ T7115] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1020'.
[   94.059468][ T7113] xt_hashlimit: size too large, truncated to 1048576
[   94.069301][ T7124] FAULT_INJECTION: forcing a failure.
[   94.069301][ T7124] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   94.082584][ T7124] CPU: 0 UID: 0 PID: 7124 Comm: syz.1.1023 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(voluntary) 
[   94.082616][ T7124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   94.082628][ T7124] Call Trace:
[   94.082634][ T7124]  <TASK>
[   94.082642][ T7124]  dump_stack_lvl+0xf6/0x150
[   94.082737][ T7124]  dump_stack+0x15/0x1a
[   94.082758][ T7124]  should_fail_ex+0x261/0x270
[   94.082864][ T7124]  should_fail_alloc_page+0xfd/0x110
[   94.082896][ T7124]  __alloc_frozen_pages_noprof+0x11d/0x360
[   94.082932][ T7124]  __alloc_pages_noprof+0x9/0x20
[   94.083026][ T7124]  ___kmalloc_large_node+0x83/0x130
[   94.083051][ T7124]  __kmalloc_large_node_noprof+0x17/0xa0
[   94.083079][ T7124]  __kmalloc_noprof+0x2bb/0x410
[   94.083099][ T7124]  ? slhc_init+0xf8/0x390
[   94.083183][ T7124]  slhc_init+0xf8/0x390
[   94.083205][ T7124]  ppp_ioctl+0xed9/0x1250
[   94.083226][ T7124]  ? __fget_files+0x186/0x1c0
[   94.083248][ T7124]  ? __pfx_ppp_ioctl+0x10/0x10
[   94.083266][ T7124]  __se_sys_ioctl+0xc9/0x140
[   94.083382][ T7124]  __x64_sys_ioctl+0x43/0x50
[   94.083409][ T7124]  x64_sys_call+0x168d/0x2e10
[   94.083431][ T7124]  do_syscall_64+0xc9/0x1c0
[   94.083464][ T7124]  ? clear_bhb_loop+0x25/0x80
[   94.083486][ T7124]  ? clear_bhb_loop+0x25/0x80
[   94.083507][ T7124]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.083556][ T7124] RIP: 0033:0x7f835933d169
[   94.083572][ T7124] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.083628][ T7124] RSP: 002b:00007f83579a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   94.083649][ T7124] RAX: ffffffffffffffda RBX: 00007f8359555fa0 RCX: 00007f835933d169
[   94.083669][ T7124] RDX: 0000200000000180 RSI: 0000000040047451 RDI: 0000000000000003
[   94.083683][ T7124] RBP: 00007f83579a7090 R08: 0000000000000000 R09: 0000000000000000
[   94.083696][ T7124] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.083726][ T7124] R13: 0000000000000000 R14: 00007f8359555fa0 R15: 00007ffcd4ca8228
[   94.083745][ T7124]  </TASK>
[   94.336434][ T7127] loop2: detected capacity change from 0 to 512
[   94.343472][ T7127] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   94.356233][ T7127] EXT4-fs (loop2): 1 truncate cleaned up
[   94.451136][ T7136] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1028'.
[   94.471443][ T7132] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1026'.
[   94.596638][ T7153] xt_CT: You must specify a L4 protocol and not use inversions on it
[   94.739553][ T7170] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1041'.
[   94.798331][ T7156] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   94.806983][ T7156] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   94.815454][ T7156] netlink: 'syz.2.1036': attribute type 39 has an invalid length.
[   94.823791][ T7161] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   94.833009][ T7156] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1036'.
[   94.843256][ T7161] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   94.851924][ T7161] netlink: 'syz.4.1037': attribute type 39 has an invalid length.
[   94.885102][ T7161] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1037'.
[   95.394805][ T7181] FAULT_INJECTION: forcing a failure.
[   95.394805][ T7181] name failslab, interval 1, probability 0, space 0, times 0
[   95.407679][ T7181] CPU: 0 UID: 0 PID: 7181 Comm: syz.2.1046 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(voluntary) 
[   95.407707][ T7181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   95.407722][ T7181] Call Trace:
[   95.407730][ T7181]  <TASK>
[   95.407739][ T7181]  dump_stack_lvl+0xf6/0x150
[   95.407768][ T7181]  dump_stack+0x15/0x1a
[   95.407836][ T7181]  should_fail_ex+0x261/0x270
[   95.407937][ T7181]  should_failslab+0x8f/0xb0
[   95.407998][ T7181]  kmem_cache_alloc_node_noprof+0x5c/0x340
[   95.408067][ T7181]  ? __alloc_skb+0x10d/0x320
[   95.408110][ T7181]  __alloc_skb+0x10d/0x320
[   95.408130][ T7181]  netlink_alloc_large_skb+0xad/0xe0
[   95.408148][ T7181]  netlink_sendmsg+0x3da/0x720
[   95.408218][ T7181]  ? __pfx_netlink_sendmsg+0x10/0x10
[   95.408238][ T7181]  __sock_sendmsg+0x140/0x180
[   95.408286][ T7181]  ____sys_sendmsg+0x350/0x4e0
[   95.408322][ T7181]  __sys_sendmsg+0x1a0/0x240
[   95.408358][ T7181]  __x64_sys_sendmsg+0x46/0x50
[   95.408411][ T7181]  x64_sys_call+0x26f3/0x2e10
[   95.408429][ T7181]  do_syscall_64+0xc9/0x1c0
[   95.408485][ T7181]  ? clear_bhb_loop+0x25/0x80
[   95.408520][ T7181]  ? clear_bhb_loop+0x25/0x80
[   95.408538][ T7181]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.408555][ T7181] RIP: 0033:0x7fcfe89fd169
[   95.408568][ T7181] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.408583][ T7181] RSP: 002b:00007fcfe7067038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   95.408608][ T7181] RAX: ffffffffffffffda RBX: 00007fcfe8c15fa0 RCX: 00007fcfe89fd169
[   95.408623][ T7181] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000006
[   95.408691][ T7181] RBP: 00007fcfe7067090 R08: 0000000000000000 R09: 0000000000000000
[   95.408731][ T7181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   95.408741][ T7181] R13: 0000000000000000 R14: 00007fcfe8c15fa0 R15: 00007ffd50256978
[   95.408758][ T7181]  </TASK>
[   95.627674][ T7185] xt_CT: You must specify a L4 protocol and not use inversions on it
[   95.700006][   T29] kauditd_printk_skb: 287 callbacks suppressed
[   95.700062][   T29] audit: type=1326 audit(1743724432.190:4393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7192 comm="syz.1.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[   95.740169][   T29] audit: type=1326 audit(1743724432.200:4394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7192 comm="syz.1.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[   95.763668][   T29] audit: type=1326 audit(1743724432.230:4395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7192 comm="syz.1.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[   95.787025][   T29] audit: type=1326 audit(1743724432.230:4396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7192 comm="syz.1.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[   95.810433][   T29] audit: type=1326 audit(1743724432.230:4397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7192 comm="syz.1.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[   95.833957][   T29] audit: type=1326 audit(1743724432.230:4398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7192 comm="syz.1.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[   95.857419][   T29] audit: type=1326 audit(1743724432.230:4399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7192 comm="syz.1.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[   95.880787][   T29] audit: type=1326 audit(1743724432.230:4400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7192 comm="syz.1.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[   95.904242][   T29] audit: type=1326 audit(1743724432.230:4401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7192 comm="syz.1.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[   95.927760][   T29] audit: type=1326 audit(1743724432.230:4402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7192 comm="syz.1.1051" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[   96.110011][ T7210] loop3: detected capacity change from 0 to 128
[   96.152128][ T7203] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   96.161069][ T7203] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   96.170880][ T7203] netlink: 'syz.4.1055': attribute type 39 has an invalid length.
[   96.467922][ T7225] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   96.497777][ T7227] loop2: detected capacity change from 0 to 512
[   96.504200][ T7225] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   96.518909][ T7227] ext4 filesystem being mounted at /195/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   96.539142][ T7225] netlink: 'syz.1.1064': attribute type 39 has an invalid length.
[   97.055447][ T7252] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.056746][ T7253] loop3: detected capacity change from 0 to 512
[   97.087483][ T7252] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.102256][ T7253] ext4 filesystem being mounted at /226/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.157276][ T7252] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.186670][ T7260] loop4: detected capacity change from 0 to 512
[   97.202097][ T7252] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.213774][ T7260] ext4 filesystem being mounted at /227/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   97.290311][ T7252] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.301906][ T7252] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.314204][ T7252] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.326146][ T7252] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.477758][ T7286] xt_hashlimit: size too large, truncated to 1048576
[   97.787137][ T7293] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   97.796921][ T7293] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   97.805458][ T7293] netlink: 'syz.0.1088': attribute type 39 has an invalid length.
[   97.814354][ T7305] xt_hashlimit: size too large, truncated to 1048576
[   98.145258][ T7315] xt_hashlimit: size too large, truncated to 1048576
[   98.415421][ T7324] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.466486][ T7324] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.519228][ T7324] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.626149][ T7324] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   98.693640][ T7324] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   98.698079][ T7349] sctp: [Deprecated]: syz.2.1107 (pid 7349) Use of struct sctp_assoc_value in delayed_ack socket option.
[   98.698079][ T7349] Use struct sctp_sack_info instead
[   98.705343][ T7324] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   98.729848][ T7324] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   98.742678][ T7324] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   98.757423][ T7339] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   98.765982][ T7339] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   98.780171][ T7339] netlink: 'syz.4.1102': attribute type 39 has an invalid length.
[   98.795154][ T7339] __nla_validate_parse: 17 callbacks suppressed
[   98.795171][ T7339] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1102'.
[   98.806171][ T7345] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   98.821532][ T7345] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   98.832213][ T7345] netlink: 'syz.1.1105': attribute type 39 has an invalid length.
[   98.843045][ T7345] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1105'.
[   98.867974][ T7356] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1110'.
[   99.121451][ T7368] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   99.123123][ T7380] xt_CT: You must specify a L4 protocol and not use inversions on it
[   99.130215][ T7368] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   99.147963][ T7368] netlink: 'syz.3.1115': attribute type 39 has an invalid length.
[   99.160544][ T7368] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1115'.
[   99.398458][ T7387] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1123'.
[   99.431382][ T7397] Invalid ELF header magic: != ELF
[   99.509468][ T7406] xt_CT: You must specify a L4 protocol and not use inversions on it
[   99.541028][ T7410] loop0: detected capacity change from 0 to 512
[   99.558438][ T7410] ext4 filesystem being mounted at /193/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.571048][ T7410] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1132'.
[   99.644684][ T7419] FAULT_INJECTION: forcing a failure.
[   99.644684][ T7419] name failslab, interval 1, probability 0, space 0, times 0
[   99.657508][ T7419] CPU: 0 UID: 0 PID: 7419 Comm: syz.0.1135 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(voluntary) 
[   99.657543][ T7419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   99.657559][ T7419] Call Trace:
[   99.657567][ T7419]  <TASK>
[   99.657575][ T7419]  dump_stack_lvl+0xf6/0x150
[   99.657604][ T7419]  dump_stack+0x15/0x1a
[   99.657658][ T7419]  should_fail_ex+0x261/0x270
[   99.657691][ T7419]  should_failslab+0x8f/0xb0
[   99.657794][ T7419]  kmem_cache_alloc_node_noprof+0x5c/0x340
[   99.657838][ T7419]  ? __alloc_skb+0x10d/0x320
[   99.657867][ T7419]  __alloc_skb+0x10d/0x320
[   99.657896][ T7419]  netlink_alloc_large_skb+0xad/0xe0
[   99.657922][ T7419]  netlink_sendmsg+0x3da/0x720
[   99.658026][ T7419]  ? __pfx_netlink_sendmsg+0x10/0x10
[   99.658053][ T7419]  __sock_sendmsg+0x140/0x180
[   99.658106][ T7419]  ____sys_sendmsg+0x350/0x4e0
[   99.658135][ T7419]  __sys_sendmsg+0x1a0/0x240
[   99.658174][ T7419]  __x64_sys_sendmsg+0x46/0x50
[   99.658206][ T7419]  x64_sys_call+0x26f3/0x2e10
[   99.658284][ T7419]  do_syscall_64+0xc9/0x1c0
[   99.658312][ T7419]  ? clear_bhb_loop+0x25/0x80
[   99.658338][ T7419]  ? clear_bhb_loop+0x25/0x80
[   99.658437][ T7419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.658463][ T7419] RIP: 0033:0x7f563c39d169
[   99.658479][ T7419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.658497][ T7419] RSP: 002b:00007f563aa07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   99.658546][ T7419] RAX: ffffffffffffffda RBX: 00007f563c5b5fa0 RCX: 00007f563c39d169
[   99.658559][ T7419] RDX: 0000000000000000 RSI: 0000200000001040 RDI: 0000000000000003
[   99.658573][ T7419] RBP: 00007f563aa07090 R08: 0000000000000000 R09: 0000000000000000
[   99.658588][ T7419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.658601][ T7419] R13: 0000000000000000 R14: 00007f563c5b5fa0 R15: 00007ffc1ca44ac8
[   99.658639][ T7419]  </TASK>
[   99.912625][ T7427] loop0: detected capacity change from 0 to 512
[   99.922958][ T7426] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1140'.
[   99.955086][ T7427] ext4 filesystem being mounted at /196/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  100.130328][ T7457] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.191282][ T7461] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1153'.
[  100.209612][ T7457] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.315776][ T7457] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.398248][ T7457] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.490730][ T7457] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  100.507388][ T7457] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  100.526952][ T7457] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  100.554167][ T7457] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  100.604607][ T7483] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1161'.
[  100.625866][ T7485] FAULT_INJECTION: forcing a failure.
[  100.625866][ T7485] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.639070][ T7485] CPU: 1 UID: 0 PID: 7485 Comm: syz.2.1162 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(voluntary) 
[  100.639097][ T7485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  100.639122][ T7485] Call Trace:
[  100.639130][ T7485]  <TASK>
[  100.639139][ T7485]  dump_stack_lvl+0xf6/0x150
[  100.639168][ T7485]  dump_stack+0x15/0x1a
[  100.639185][ T7485]  should_fail_ex+0x261/0x270
[  100.639213][ T7485]  should_fail+0xb/0x10
[  100.639248][ T7485]  should_fail_usercopy+0x1a/0x20
[  100.639300][ T7485]  _copy_from_user+0x1c/0xa0
[  100.639338][ T7485]  __sys_bpf+0x16a/0x800
[  100.639442][ T7485]  __x64_sys_bpf+0x43/0x50
[  100.639460][ T7485]  x64_sys_call+0x23da/0x2e10
[  100.639482][ T7485]  do_syscall_64+0xc9/0x1c0
[  100.639560][ T7485]  ? clear_bhb_loop+0x25/0x80
[  100.639620][ T7485]  ? clear_bhb_loop+0x25/0x80
[  100.639641][ T7485]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.639662][ T7485] RIP: 0033:0x7fcfe89fd169
[  100.639680][ T7485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.639699][ T7485] RSP: 002b:00007fcfe7067038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  100.639726][ T7485] RAX: ffffffffffffffda RBX: 00007fcfe8c15fa0 RCX: 00007fcfe89fd169
[  100.639780][ T7485] RDX: 0000000000000028 RSI: 0000200000000080 RDI: 000000000000000a
[  100.639795][ T7485] RBP: 00007fcfe7067090 R08: 0000000000000000 R09: 0000000000000000
[  100.639810][ T7485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.639839][ T7485] R13: 0000000000000000 R14: 00007fcfe8c15fa0 R15: 00007ffd50256978
[  100.639862][ T7485]  </TASK>
[  100.881617][ T7491] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1165'.
[  100.958977][ T7497] FAULT_INJECTION: forcing a failure.
[  100.958977][ T7497] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  100.972140][ T7497] CPU: 1 UID: 0 PID: 7497 Comm: syz.3.1167 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(voluntary) 
[  100.972173][ T7497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  100.972188][ T7497] Call Trace:
[  100.972196][ T7497]  <TASK>
[  100.972205][ T7497]  dump_stack_lvl+0xf6/0x150
[  100.972231][ T7497]  dump_stack+0x15/0x1a
[  100.972247][ T7497]  should_fail_ex+0x261/0x270
[  100.972355][ T7497]  should_fail+0xb/0x10
[  100.972383][ T7497]  should_fail_usercopy+0x1a/0x20
[  100.972416][ T7497]  _copy_from_user+0x1c/0xa0
[  100.972454][ T7497]  copy_msghdr_from_user+0x54/0x2b0
[  100.972523][ T7497]  ? __fget_files+0x186/0x1c0
[  100.972551][ T7497]  __sys_sendmsg+0x141/0x240
[  100.972595][ T7497]  __x64_sys_sendmsg+0x46/0x50
[  100.972621][ T7497]  x64_sys_call+0x26f3/0x2e10
[  100.972647][ T7497]  do_syscall_64+0xc9/0x1c0
[  100.972727][ T7497]  ? clear_bhb_loop+0x25/0x80
[  100.972754][ T7497]  ? clear_bhb_loop+0x25/0x80
[  100.972779][ T7497]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.972799][ T7497] RIP: 0033:0x7f67c79bd169
[  100.972888][ T7497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.972907][ T7497] RSP: 002b:00007f67c601f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  100.972927][ T7497] RAX: ffffffffffffffda RBX: 00007f67c7bd5fa0 RCX: 00007f67c79bd169
[  100.972962][ T7497] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000005
[  100.972975][ T7497] RBP: 00007f67c601f090 R08: 0000000000000000 R09: 0000000000000000
[  100.972990][ T7497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.973004][ T7497] R13: 0000000000000000 R14: 00007f67c7bd5fa0 R15: 00007ffe225b66f8
[  100.973027][ T7497]  </TASK>
[  100.974153][   T29] kauditd_printk_skb: 282 callbacks suppressed
[  100.974165][   T29] audit: type=1400 audit(1743724437.470:4685): avc:  denied  { setopt } for  pid=7496 comm="syz.3.1167" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  101.148946][ T7515] FAULT_INJECTION: forcing a failure.
[  101.148946][ T7515] name failslab, interval 1, probability 0, space 0, times 0
[  101.150127][   T29] audit: type=1326 audit(1743724437.550:4686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7513 comm="syz.4.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff97113d169 code=0x7ffc0000
[  101.156257][ T7515] CPU: 1 UID: 0 PID: 7515 Comm: syz.3.1174 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(voluntary) 
[  101.156434][ T7515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  101.156449][ T7515] Call Trace:
[  101.156457][ T7515]  <TASK>
[  101.156512][ T7515]  dump_stack_lvl+0xf6/0x150
[  101.156542][ T7515]  dump_stack+0x15/0x1a
[  101.156599][ T7515]  should_fail_ex+0x261/0x270
[  101.156634][ T7515]  should_failslab+0x8f/0xb0
[  101.156673][ T7515]  kmem_cache_alloc_node_noprof+0x5c/0x340
[  101.156700][ T7515]  ? __alloc_skb+0x10d/0x320
[  101.156723][ T7515]  __alloc_skb+0x10d/0x320
[  101.156774][ T7515]  netlink_alloc_large_skb+0xad/0xe0
[  101.156801][ T7515]  netlink_sendmsg+0x3da/0x720
[  101.156836][ T7515]  ? __pfx_netlink_sendmsg+0x10/0x10
[  101.156930][ T7515]  __sock_sendmsg+0x140/0x180
[  101.157009][ T7515]  ____sys_sendmsg+0x350/0x4e0
[  101.157106][ T7515]  __sys_sendmsg+0x1a0/0x240
[  101.157167][ T7515]  __x64_sys_sendmsg+0x46/0x50
[  101.157200][ T7515]  x64_sys_call+0x26f3/0x2e10
[  101.157228][ T7515]  do_syscall_64+0xc9/0x1c0
[  101.157264][ T7515]  ? clear_bhb_loop+0x25/0x80
[  101.157346][ T7515]  ? clear_bhb_loop+0x25/0x80
[  101.157456][ T7515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.157482][ T7515] RIP: 0033:0x7f67c79bd169
[  101.157502][ T7515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.157524][ T7515] RSP: 002b:00007f67c601f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  101.157547][ T7515] RAX: ffffffffffffffda RBX: 00007f67c7bd5fa0 RCX: 00007f67c79bd169
[  101.157689][ T7515] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  101.157704][ T7515] RBP: 00007f67c601f090 R08: 0000000000000000 R09: 0000000000000000
[  101.157719][ T7515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.157734][ T7515] R13: 0000000000000000 R14: 00007f67c7bd5fa0 R15: 00007ffe225b66f8
[  101.157765][ T7515]  </TASK>
[  101.407352][   T29] audit: type=1326 audit(1743724437.550:4687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7513 comm="syz.4.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff97113d169 code=0x7ffc0000
[  101.430955][   T29] audit: type=1326 audit(1743724437.550:4688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7513 comm="syz.4.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff97113d169 code=0x7ffc0000
[  101.454335][   T29] audit: type=1326 audit(1743724437.550:4689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7513 comm="syz.4.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff97113d169 code=0x7ffc0000
[  101.477773][   T29] audit: type=1326 audit(1743724437.550:4690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7513 comm="syz.4.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff97113d169 code=0x7ffc0000
[  101.501253][   T29] audit: type=1326 audit(1743724437.550:4691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7513 comm="syz.4.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff97113d169 code=0x7ffc0000
[  101.524624][   T29] audit: type=1326 audit(1743724437.560:4692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7513 comm="syz.4.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff97113d169 code=0x7ffc0000
[  101.548008][   T29] audit: type=1326 audit(1743724437.560:4693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7513 comm="syz.4.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff97113d169 code=0x7ffc0000
[  101.571391][   T29] audit: type=1326 audit(1743724437.600:4694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7513 comm="syz.4.1175" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff97113d169 code=0x7ffc0000
[  101.633730][ T7542] FAULT_INJECTION: forcing a failure.
[  101.633730][ T7542] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  101.646952][ T7542] CPU: 1 UID: 0 PID: 7542 Comm: syz.1.1187 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(voluntary) 
[  101.647033][ T7542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  101.647049][ T7542] Call Trace:
[  101.647057][ T7542]  <TASK>
[  101.647078][ T7542]  dump_stack_lvl+0xf6/0x150
[  101.647107][ T7542]  dump_stack+0x15/0x1a
[  101.647127][ T7542]  should_fail_ex+0x261/0x270
[  101.647243][ T7542]  should_fail+0xb/0x10
[  101.647265][ T7542]  should_fail_usercopy+0x1a/0x20
[  101.647317][ T7542]  _copy_from_user+0x1c/0xa0
[  101.647352][ T7542]  copy_msghdr_from_user+0x54/0x2b0
[  101.647428][ T7542]  ? __fget_files+0x186/0x1c0
[  101.647454][ T7542]  __sys_sendmsg+0x141/0x240
[  101.647563][ T7542]  __x64_sys_sendmsg+0x46/0x50
[  101.647597][ T7542]  x64_sys_call+0x26f3/0x2e10
[  101.647623][ T7542]  do_syscall_64+0xc9/0x1c0
[  101.647658][ T7542]  ? clear_bhb_loop+0x25/0x80
[  101.647716][ T7542]  ? clear_bhb_loop+0x25/0x80
[  101.647783][ T7542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.647817][ T7542] RIP: 0033:0x7f835933d169
[  101.647835][ T7542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  101.647898][ T7542] RSP: 002b:00007f83579a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  101.647974][ T7542] RAX: ffffffffffffffda RBX: 00007f8359555fa0 RCX: 00007f835933d169
[  101.647987][ T7542] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  101.648020][ T7542] RBP: 00007f83579a7090 R08: 0000000000000000 R09: 0000000000000000
[  101.648034][ T7542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.648046][ T7542] R13: 0000000000000000 R14: 00007f8359555fa0 R15: 00007ffcd4ca8228
[  101.648063][ T7542]  </TASK>
[  101.833980][ T7544] loop4: detected capacity change from 0 to 1024
[  101.840900][ T7544] EXT4-fs: Ignoring removed orlov option
[  101.852872][ T7544] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  101.867709][ T7548] loop1: detected capacity change from 0 to 512
[  101.881992][ T7550] loop0: detected capacity change from 0 to 128
[  101.888881][ T7550] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  101.902397][ T7548] EXT4-fs mount: 15 callbacks suppressed
[  101.902415][ T7548] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.922547][ T7544] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.922940][ T7550] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  101.945423][ T7548] ext4 filesystem being mounted at /246/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  101.948936][ T7544] EXT4-fs: Ignoring removed orlov option
[  101.967438][   T23] hid-generic 0000:0003:0000.0001: unknown main item tag 0x6
[  101.976107][ T7544] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  101.994953][   T23] hid-generic 0000:0003:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  102.004718][ T7544] EXT4-fs (loop4): can't enable nombcache during remount
[  102.026692][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.039655][ T7565] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.051511][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.076390][ T7565] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.145709][ T7575] xt_CT: You must specify a L4 protocol and not use inversions on it
[  102.178555][ T7565] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.237172][ T7565] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  102.257091][ T7582] xt_hashlimit: size too large, truncated to 1048576
[  102.350007][ T7588] xt_CT: You must specify a L4 protocol and not use inversions on it
[  102.438036][ T7586] xt_CT: You must specify a L4 protocol and not use inversions on it
[  102.487950][ T7604] loop1: detected capacity change from 0 to 512
[  102.573891][ T7604] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.601876][ T7604] ext4 filesystem being mounted at /250/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.648720][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.814642][ T7633] loop0: detected capacity change from 0 to 512
[  102.850535][ T7631] xt_CT: You must specify a L4 protocol and not use inversions on it
[  102.870629][ T7633] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  102.883350][ T7633] ext4 filesystem being mounted at /205/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.908095][ T7621] loop4: detected capacity change from 0 to 512
[  102.914718][ T7621] EXT4-fs: inline encryption not supported
[  102.916706][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  102.973685][ T7621] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1213: bg 0: block 248: padding at end of block bitmap is not set
[  102.997792][ T7641] loop0: detected capacity change from 0 to 512
[  103.006317][ T7621] EXT4-fs (loop4): Remounting filesystem read-only
[  103.018286][ T7641] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.019565][ T7621] EXT4-fs (loop4): 1 truncate cleaned up
[  103.037021][ T7621] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.040606][ T7641] ext4 filesystem being mounted at /206/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.049576][ T7621] ext4 filesystem being mounted at /258/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.134166][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.154353][ T7643] loop1: detected capacity change from 0 to 512
[  103.172876][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.183967][ T7643] EXT4-fs: inline encryption not supported
[  103.217947][ T7643] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1220: bg 0: block 248: padding at end of block bitmap is not set
[  103.236400][ T7643] EXT4-fs (loop1): Remounting filesystem read-only
[  103.243028][ T7643] EXT4-fs (loop1): 1 truncate cleaned up
[  103.278176][ T7643] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.292370][ T7643] ext4 filesystem being mounted at /255/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.351303][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.362732][ T7662] xt_hashlimit: size too large, truncated to 1048576
[  103.506618][ T7668] xt_CT: You must specify a L4 protocol and not use inversions on it
[  103.513483][ T7657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  103.530419][ T7657] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  103.543183][ T7657] netlink: 'syz.0.1224': attribute type 39 has an invalid length.
[  103.592495][ T7672] loop1: detected capacity change from 0 to 512
[  103.617635][ T7672] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  103.630429][ T7672] ext4 filesystem being mounted at /257/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.657454][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  103.771589][ T7565] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  103.798943][ T7565] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  103.816267][ T7565] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  103.825118][ T7683] xt_hashlimit: size too large, truncated to 1048576
[  103.837653][ T7565] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  103.919284][ T7703] xt_CT: You must specify a L4 protocol and not use inversions on it
[  104.041510][ T7714] __nla_validate_parse: 12 callbacks suppressed
[  104.041529][ T7714] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1244'.
[  104.042584][ T7721] FAULT_INJECTION: forcing a failure.
[  104.042584][ T7721] name failslab, interval 1, probability 0, space 0, times 0
[  104.077422][ T7721] CPU: 0 UID: 0 PID: 7721 Comm: syz.1.1247 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(voluntary) 
[  104.077458][ T7721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  104.077470][ T7721] Call Trace:
[  104.077477][ T7721]  <TASK>
[  104.077484][ T7721]  dump_stack_lvl+0xf6/0x150
[  104.077511][ T7721]  dump_stack+0x15/0x1a
[  104.077538][ T7721]  should_fail_ex+0x261/0x270
[  104.077568][ T7721]  should_failslab+0x8f/0xb0
[  104.077602][ T7721]  kmem_cache_alloc_noprof+0x59/0x340
[  104.077625][ T7721]  ? mas_alloc_nodes+0x1f4/0x4a0
[  104.077655][ T7721]  mas_alloc_nodes+0x1f4/0x4a0
[  104.077687][ T7721]  mas_preallocate+0x48d/0x6b0
[  104.077723][ T7721]  __split_vma+0x23e/0x630
[  104.077751][ T7721]  vms_gather_munmap_vmas+0x171/0x790
[  104.077790][ T7721]  ? mntput+0x49/0x70
[  104.077814][ T7721]  ? terminate_walk+0x271/0x290
[  104.077838][ T7721]  do_vmi_align_munmap+0x1a5/0x3c0
[  104.077888][ T7721]  do_vmi_munmap+0x1eb/0x230
[  104.077925][ T7721]  __se_sys_mremap+0x69d/0x1200
[  104.077966][ T7721]  __x64_sys_mremap+0x67/0x80
[  104.077991][ T7721]  x64_sys_call+0x29c3/0x2e10
[  104.078018][ T7721]  do_syscall_64+0xc9/0x1c0
[  104.078051][ T7721]  ? clear_bhb_loop+0x25/0x80
[  104.078077][ T7721]  ? clear_bhb_loop+0x25/0x80
[  104.078101][ T7721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.078126][ T7721] RIP: 0033:0x7f835933d169
[  104.078146][ T7721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.078169][ T7721] RSP: 002b:00007f83579a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  104.078194][ T7721] RAX: ffffffffffffffda RBX: 00007f8359555fa0 RCX: 00007f835933d169
[  104.078210][ T7721] RDX: 0000000000001000 RSI: 0000000000c00000 RDI: 0000200000400000
[  104.078226][ T7721] RBP: 00007f83579a7090 R08: 00002000008b5000 R09: 0000000000000000
[  104.078241][ T7721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.078255][ T7721] R13: 0000000000000000 R14: 00007f8359555fa0 R15: 00007ffcd4ca8228
[  104.078278][ T7721]  </TASK>
[  104.178467][ T7726] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1248'.
[  104.324966][ T7730] Falling back ldisc for ttyS3.
[  104.363535][ T7741] xt_CT: You must specify a L4 protocol and not use inversions on it
[  104.430178][ T7745] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1254'.
[  104.461986][ T7761] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1260'.
[  104.479854][ T7758] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1259'.
[  104.489053][ T7761] loop2: detected capacity change from 0 to 1024
[  104.513615][ T7761] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  104.562630][ T7761] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  104.570786][ T7761] EXT4-fs (loop2): orphan cleanup on readonly fs
[  104.579103][ T7761] EXT4-fs warning (device loop2): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  104.593758][ T7761] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  104.606570][ T7761] EXT4-fs error (device loop2): ext4_free_blocks:6589: comm syz.2.1260: Freeing blocks not in datazone - block = 0, count = 4096
[  104.620394][ T7761] EXT4-fs (loop2): Remounting filesystem read-only
[  104.628548][ T7761] EXT4-fs (loop2): 1 orphan inode deleted
[  104.634874][ T7761] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  104.682712][ T7761] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.697636][ T7777] FAULT_INJECTION: forcing a failure.
[  104.697636][ T7777] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.710823][ T7777] CPU: 1 UID: 0 PID: 7777 Comm: syz.3.1266 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(voluntary) 
[  104.710850][ T7777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  104.710931][ T7777] Call Trace:
[  104.710936][ T7777]  <TASK>
[  104.710943][ T7777]  dump_stack_lvl+0xf6/0x150
[  104.710966][ T7777]  dump_stack+0x15/0x1a
[  104.710982][ T7777]  should_fail_ex+0x261/0x270
[  104.711011][ T7777]  should_fail+0xb/0x10
[  104.711095][ T7777]  should_fail_usercopy+0x1a/0x20
[  104.711125][ T7777]  _copy_from_user+0x1c/0xa0
[  104.711179][ T7777]  copy_msghdr_from_user+0x54/0x2b0
[  104.711217][ T7777]  ? __fget_files+0x186/0x1c0
[  104.711239][ T7777]  __sys_recvmsg+0x145/0x270
[  104.711302][ T7777]  __x64_sys_recvmsg+0x46/0x50
[  104.711328][ T7777]  x64_sys_call+0xc6d/0x2e10
[  104.711427][ T7777]  do_syscall_64+0xc9/0x1c0
[  104.711455][ T7777]  ? clear_bhb_loop+0x25/0x80
[  104.711476][ T7777]  ? clear_bhb_loop+0x25/0x80
[  104.711499][ T7777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.711520][ T7777] RIP: 0033:0x7f67c79bd169
[  104.711593][ T7777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.711612][ T7777] RSP: 002b:00007f67c601f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  104.711630][ T7777] RAX: ffffffffffffffda RBX: 00007f67c7bd5fa0 RCX: 00007f67c79bd169
[  104.711717][ T7777] RDX: 0000000000000000 RSI: 0000200000000400 RDI: 0000000000000006
[  104.711731][ T7777] RBP: 00007f67c601f090 R08: 0000000000000000 R09: 0000000000000000
[  104.711758][ T7777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.711769][ T7777] R13: 0000000000000000 R14: 00007f67c7bd5fa0 R15: 00007ffe225b66f8
[  104.711791][ T7777]  </TASK>
[  105.042304][ T7789] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1271'.
[  105.127498][ T7812] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1280'.
[  105.231472][ T7819] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1283'.
[  105.294365][ T7831] hub 9-0:1.0: USB hub found
[  105.299188][ T7831] hub 9-0:1.0: 8 ports detected
[  105.430459][ T7843] loop0: detected capacity change from 0 to 512
[  105.458883][ T7843] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.471858][ T7843] ext4 filesystem being mounted at /217/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  105.493227][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.564789][ T7850] pim6reg: entered allmulticast mode
[  105.575500][ T7838] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  105.583948][ T7838] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  105.592273][ T7838] netlink: 'syz.4.1291': attribute type 39 has an invalid length.
[  105.625857][ T7850] pim6reg: left allmulticast mode
[  105.637906][ T7838] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1291'.
[  105.686539][ T7852] xt_hashlimit: size too large, truncated to 1048576
[  105.837688][ T7868] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1303'.
[  106.105982][   T29] kauditd_printk_skb: 423 callbacks suppressed
[  106.106041][   T29] audit: type=1326 audit(1743724442.600:5114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7903 comm="syz.3.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  106.138427][   T29] audit: type=1326 audit(1743724442.630:5115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7903 comm="syz.3.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  106.161848][   T29] audit: type=1326 audit(1743724442.630:5116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7903 comm="syz.3.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  106.177771][ T7894] xt_hashlimit: size too large, truncated to 1048576
[  106.185320][   T29] audit: type=1326 audit(1743724442.630:5117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7903 comm="syz.3.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  106.215817][   T29] audit: type=1326 audit(1743724442.630:5118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7903 comm="syz.3.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  106.239390][   T29] audit: type=1326 audit(1743724442.630:5119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7903 comm="syz.3.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  106.263002][   T29] audit: type=1326 audit(1743724442.630:5120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7903 comm="syz.3.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  106.286420][   T29] audit: type=1326 audit(1743724442.630:5121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7903 comm="syz.3.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  106.309855][   T29] audit: type=1326 audit(1743724442.630:5122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7903 comm="syz.3.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  106.333514][   T29] audit: type=1326 audit(1743724442.630:5123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7903 comm="syz.3.1317" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  106.792222][ T7918] xt_CT: You must specify a L4 protocol and not use inversions on it
[  106.843700][ T7926] loop0: detected capacity change from 0 to 512
[  106.852342][ T7928] Invalid ELF header magic: != ELF
[  106.866698][ T7926] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  106.879466][ T7926] ext4 filesystem being mounted at /231/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.903403][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  106.966998][ T7938] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.021351][ T7938] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.048639][ T7936] xt_hashlimit: size too large, truncated to 1048576
[  107.106621][ T7938] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.176407][ T7938] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  107.244277][ T7938] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  107.256052][ T7938] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  107.267880][ T7938] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  107.279568][ T7938] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  107.978272][ T7984] loop2: detected capacity change from 0 to 512
[  107.996840][ T7984] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.009669][ T7984] ext4 filesystem being mounted at /250/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.040126][ T3593] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.091019][ T7996] loop1: detected capacity change from 0 to 512
[  108.108406][ T7996] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.121429][ T7996] ext4 filesystem being mounted at /281/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.152315][ T3300] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.176069][ T8002] loop1: detected capacity change from 0 to 512
[  108.362522][ T8019] xt_CT: You must specify a L4 protocol and not use inversions on it
[  108.405553][ T8027] loop2: detected capacity change from 0 to 512
[  108.438598][ T8027] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.458251][ T8027] ext4 filesystem being mounted at /254/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.494740][ T3593] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.542907][ T8046] loop4: detected capacity change from 0 to 128
[  108.560215][ T8046] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  108.572365][ T8046] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  108.583740][ T8046] FAULT_INJECTION: forcing a failure.
[  108.583740][ T8046] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  108.596971][ T8046] CPU: 1 UID: 0 PID: 8046 Comm: syz.4.1375 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(voluntary) 
[  108.597066][ T8046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  108.597078][ T8046] Call Trace:
[  108.597085][ T8046]  <TASK>
[  108.597092][ T8046]  dump_stack_lvl+0xf6/0x150
[  108.597118][ T8046]  dump_stack+0x15/0x1a
[  108.597139][ T8046]  should_fail_ex+0x261/0x270
[  108.597172][ T8046]  should_fail+0xb/0x10
[  108.597220][ T8046]  should_fail_usercopy+0x1a/0x20
[  108.597249][ T8046]  _copy_from_user+0x1c/0xa0
[  108.597283][ T8046]  copy_msghdr_from_user+0x54/0x2b0
[  108.597333][ T8046]  ? __fget_files+0x186/0x1c0
[  108.597360][ T8046]  __sys_sendmsg+0x141/0x240
[  108.597409][ T8046]  __x64_sys_sendmsg+0x46/0x50
[  108.597489][ T8046]  x64_sys_call+0x26f3/0x2e10
[  108.597510][ T8046]  do_syscall_64+0xc9/0x1c0
[  108.597615][ T8046]  ? clear_bhb_loop+0x25/0x80
[  108.597635][ T8046]  ? clear_bhb_loop+0x25/0x80
[  108.597718][ T8046]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  108.597738][ T8046] RIP: 0033:0x7ff97113d169
[  108.597752][ T8046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  108.597775][ T8046] RSP: 002b:00007ff96f7a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  108.597816][ T8046] RAX: ffffffffffffffda RBX: 00007ff971355fa0 RCX: 00007ff97113d169
[  108.597828][ T8046] RDX: 0000000020000004 RSI: 0000200000000200 RDI: 0000000000000004
[  108.597841][ T8046] RBP: 00007ff96f7a7090 R08: 0000000000000000 R09: 0000000000000000
[  108.597862][ T8046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  108.597876][ T8046] R13: 0000000000000000 R14: 00007ff971355fa0 R15: 00007fff8b03f448
[  108.597895][ T8046]  </TASK>
[  108.780165][ T8053] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  108.793764][ T8053] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  108.823165][ T8060] loop4: detected capacity change from 0 to 512
[  108.836683][ T8060] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  108.849225][ T8060] ext4 filesystem being mounted at /286/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  108.871966][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  109.471197][ T8077] loop0: detected capacity change from 0 to 128
[  109.478189][ T8077] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  109.491600][ T8077] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  109.520273][ T8080] loop1: detected capacity change from 0 to 128
[  109.527345][ T8080] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  109.541695][ T8080] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  109.573983][ T8087] loop0: detected capacity change from 0 to 512
[  109.596675][ T8087] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  109.609649][ T8087] ext4 filesystem being mounted at /245/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.634546][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  109.644007][ T8095] __nla_validate_parse: 8 callbacks suppressed
[  109.644024][ T8095] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1388'.
[  109.660362][ T8080] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1388'.
[  109.731572][ T8103] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1395'.
[  109.849365][ T8125] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1403'.
[  109.868065][ T8126] loop4: detected capacity change from 0 to 512
[  109.874900][ T8126] EXT4-fs: inline encryption not supported
[  109.888272][ T8126] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1399: bg 0: block 248: padding at end of block bitmap is not set
[  109.903075][ T8126] EXT4-fs (loop4): Remounting filesystem read-only
[  109.909935][ T8126] EXT4-fs (loop4): 1 truncate cleaned up
[  109.916062][ T8126] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.928782][ T8126] ext4 filesystem being mounted at /289/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  109.953661][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.974463][ T8135] loop4: detected capacity change from 0 to 512
[  109.987058][ T8135] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  109.999672][ T8135] ext4 filesystem being mounted at /290/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  110.022587][ T3314] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  110.056875][ T8141] Invalid ELF header magic: != ELF
[  110.315694][ T8153] xt_CT: You must specify a L4 protocol and not use inversions on it
[  110.613378][ T8162] xt_hashlimit: size too large, truncated to 1048576
[  111.075682][ T8184] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1423'.
[  111.165526][ T8211] Invalid ELF header magic: != ELF
[  111.179416][ T8203] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1431'.
[  111.180000][ T8207] xt_CT: You must specify a L4 protocol and not use inversions on it
[  111.282385][ T8221] xt_CT: You must specify a L4 protocol and not use inversions on it
[  111.296187][ T8226] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1439'.
[  111.338654][ T8230] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1441'.
[  111.391656][   T29] kauditd_printk_skb: 264 callbacks suppressed
[  111.391674][   T29] audit: type=1326 audit(1743724447.880:5386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8239 comm="syz.1.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[  111.436800][   T29] audit: type=1326 audit(1743724447.880:5387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8239 comm="syz.1.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[  111.460331][   T29] audit: type=1326 audit(1743724447.920:5388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8239 comm="syz.1.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[  111.483887][   T29] audit: type=1326 audit(1743724447.920:5389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8239 comm="syz.1.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[  111.507763][   T29] audit: type=1326 audit(1743724447.920:5390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8239 comm="syz.1.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[  111.531253][   T29] audit: type=1326 audit(1743724447.920:5391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8239 comm="syz.1.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[  111.554761][   T29] audit: type=1326 audit(1743724447.920:5392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8239 comm="syz.1.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[  111.578309][   T29] audit: type=1326 audit(1743724447.920:5393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8239 comm="syz.1.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[  111.601954][   T29] audit: type=1326 audit(1743724447.920:5394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8239 comm="syz.1.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[  111.625485][   T29] audit: type=1326 audit(1743724447.920:5395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8239 comm="syz.1.1444" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f835933d169 code=0x7ffc0000
[  111.676520][ T8250] xt_CT: You must specify a L4 protocol and not use inversions on it
[  111.705451][ T8251] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1448'.
[  111.822387][ T8266] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1453'.
[  111.871703][ T8275] loop2: detected capacity change from 0 to 1024
[  111.879586][ T8275] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  111.906458][ T8275] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  111.915028][ T8275] EXT4-fs (loop2): orphan cleanup on readonly fs
[  111.921942][ T8275] EXT4-fs warning (device loop2): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  111.936619][ T8275] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  111.967187][ T8275] EXT4-fs error (device loop2): ext4_free_blocks:6589: comm syz.2.1455: Freeing blocks not in datazone - block = 0, count = 4096
[  111.987632][ T8275] EXT4-fs (loop2): Remounting filesystem read-only
[  111.994595][ T8275] EXT4-fs (loop2): 1 orphan inode deleted
[  112.002611][ T8275] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  112.066243][ T8275] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.146148][ T8286] loop2: detected capacity change from 0 to 4096
[  112.154673][ T8286] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.260712][ T8313] Invalid ELF header magic: != ELF
[  112.359743][ T8317] xt_CT: You must specify a L4 protocol and not use inversions on it
[  112.400527][ T8320] loop4: detected capacity change from 0 to 1024
[  112.409757][ T8320] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  112.450336][ T8320] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  112.459121][ T8320] EXT4-fs (loop4): orphan cleanup on readonly fs
[  112.468677][ T8320] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  112.483378][ T8320] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  112.495604][ T8320] EXT4-fs error (device loop4): ext4_free_blocks:6589: comm syz.4.1470: Freeing blocks not in datazone - block = 0, count = 4096
[  112.525713][ T8329] xt_CT: You must specify a L4 protocol and not use inversions on it
[  112.530985][ T8320] EXT4-fs (loop4): Remounting filesystem read-only
[  112.556489][ T8320] EXT4-fs (loop4): 1 orphan inode deleted
[  112.563013][ T8320] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  112.622302][ T8320] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.750921][ T8352] xt_CT: You must specify a L4 protocol and not use inversions on it
[  112.964942][ T3593] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.249306][ T8383] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.316221][ T8383] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.366768][ T8383] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.436163][ T8383] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  113.511755][ T8383] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.527234][ T8383] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.539566][ T8383] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  113.555443][ T8383] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.618508][ T8408] xt_hashlimit: size too large, truncated to 1048576
[  113.829003][ T8414] xt_hashlimit: size too large, truncated to 1048576
[  113.869878][ T8411] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  113.878591][ T8411] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  114.061331][ T8437] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.096314][ T8437] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.107314][ T8430] loop0: detected capacity change from 0 to 512
[  114.114126][ T8430] EXT4-fs: inline encryption not supported
[  114.127860][ T8430] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1508: bg 0: block 248: padding at end of block bitmap is not set
[  114.142925][ T8430] EXT4-fs (loop0): Remounting filesystem read-only
[  114.152600][ T8430] EXT4-fs (loop0): 1 truncate cleaned up
[  114.158874][ T8430] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.159348][ T8437] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.171554][ T8430] ext4 filesystem being mounted at /265/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.272736][ T8437] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  114.347623][ T8467] loop3: detected capacity change from 0 to 1024
[  114.350828][ T8437] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  114.355393][ T8467] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  114.365507][ T8437] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  114.382031][ T8467] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  114.384581][ T8437] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  114.395250][ T8467] EXT4-fs (loop3): orphan cleanup on readonly fs
[  114.409239][ T8437] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  114.419340][ T8467] EXT4-fs warning (device loop3): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  114.433948][ T8467] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  114.443055][ T8467] EXT4-fs error (device loop3): ext4_free_blocks:6589: comm syz.3.1521: Freeing blocks not in datazone - block = 0, count = 4096
[  114.473746][ T8475] xt_CT: You must specify a L4 protocol and not use inversions on it
[  114.475110][ T8467] EXT4-fs (loop3): Remounting filesystem read-only
[  114.490203][ T8467] EXT4-fs (loop3): 1 orphan inode deleted
[  114.513338][ T8467] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  114.566703][ T8467] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.716291][ T8504] __nla_validate_parse: 16 callbacks suppressed
[  114.716308][ T8504] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1532'.
[  114.733169][ T8509] xt_CT: You must specify a L4 protocol and not use inversions on it
[  114.784263][ T8522] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1538'.
[  114.794148][ T8513] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1538'.
[  114.821219][ T8517] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1539'.
[  114.836989][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.914500][ T8538] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1545'.
[  115.043481][ T8545] xt_CT: You must specify a L4 protocol and not use inversions on it
[  115.096825][ T8556] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1545'.
[  115.258980][ T8563] loop3: detected capacity change from 0 to 512
[  115.273411][ T8563] EXT4-fs: inline encryption not supported
[  115.285224][ T8567] loop0: detected capacity change from 0 to 512
[  115.303685][ T8563] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1554: bg 0: block 248: padding at end of block bitmap is not set
[  115.321922][ T8567] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  115.337413][ T8563] EXT4-fs (loop3): Remounting filesystem read-only
[  115.344175][ T8563] EXT4-fs (loop3): 1 truncate cleaned up
[  115.350806][ T8563] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.365726][ T8567] ext4 filesystem being mounted at /273/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.377266][ T8563] ext4 filesystem being mounted at /339/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  115.407574][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  115.451013][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.547392][ T8582] xt_CT: You must specify a L4 protocol and not use inversions on it
[  115.573851][ T8580] xt_hashlimit: size too large, truncated to 1048576
[  115.711799][ T8584] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  115.721939][ T8584] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  115.752023][ T8584] netlink: 'syz.4.1563': attribute type 39 has an invalid length.
[  115.795023][ T8584] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1563'.
[  115.900947][ T8608] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  115.965659][ T8611] xt_CT: You must specify a L4 protocol and not use inversions on it
[  116.037889][ T8598] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  116.046711][ T8598] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  116.055189][ T8598] netlink: 'syz.3.1567': attribute type 39 has an invalid length.
[  116.067593][ T8598] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1567'.
[  116.169204][ T8624] loop2: detected capacity change from 0 to 128
[  116.176129][ T8624] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  116.188246][ T8624] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  116.219565][ T8624] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1579'.
[  116.290888][ T8630] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1581'.
[  116.500647][ T8637] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  116.510626][ T8637] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  116.519406][ T8637] netlink: 'syz.2.1584': attribute type 39 has an invalid length.
[  116.573254][   T29] kauditd_printk_skb: 820 callbacks suppressed
[  116.573270][   T29] audit: type=1400 audit(1743724453.060:6210): avc:  denied  { read } for  pid=8664 comm="syz.1.1595" name="msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  116.602772][   T29] audit: type=1400 audit(1743724453.060:6211): avc:  denied  { open } for  pid=8664 comm="syz.1.1595" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  116.640922][   T29] audit: type=1400 audit(1743724453.130:6212): avc:  denied  { cpu } for  pid=8664 comm="syz.1.1595" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  116.678690][   T29] audit: type=1400 audit(1743724453.170:6213): avc:  denied  { write } for  pid=8664 comm="syz.1.1595" path="socket:[22426]" dev="sockfs" ino=22426 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  116.770040][ T8673] loop0: detected capacity change from 0 to 512
[  116.826086][ T8673] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.838924][ T8673] ext4 filesystem being mounted at /283/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.865660][   T29] audit: type=1326 audit(1743724453.360:6214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8681 comm="syz.3.1601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  116.899378][ T8682] loop3: detected capacity change from 0 to 1024
[  116.906552][   T29] audit: type=1326 audit(1743724453.390:6215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8681 comm="syz.3.1601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  116.926578][ T8682] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  116.930078][   T29] audit: type=1326 audit(1743724453.390:6216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8681 comm="syz.3.1601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  116.930113][   T29] audit: type=1326 audit(1743724453.390:6217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8681 comm="syz.3.1601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  116.930204][   T29] audit: type=1326 audit(1743724453.390:6218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8681 comm="syz.3.1601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  116.930242][   T29] audit: type=1326 audit(1743724453.390:6219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8681 comm="syz.3.1601" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  117.037412][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.056402][ T8682] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  117.064677][ T8682] EXT4-fs (loop3): orphan cleanup on readonly fs
[  117.071385][ T8682] EXT4-fs warning (device loop3): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  117.086043][ T8682] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  117.094400][ T8682] EXT4-fs error (device loop3): ext4_free_blocks:6589: comm syz.3.1601: Freeing blocks not in datazone - block = 0, count = 4096
[  117.109778][ T8682] EXT4-fs (loop3): Remounting filesystem read-only
[  117.120748][ T8682] EXT4-fs (loop3): 1 orphan inode deleted
[  117.151536][ T8682] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  117.199952][ T8682] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.234733][ T8692] loop2: detected capacity change from 0 to 512
[  117.242139][ T8692] EXT4-fs (loop2): The Hurd can't support 64-bit file systems
[  117.257750][ T8685] xt_hashlimit: size too large, truncated to 1048576
[  117.443821][ T8696] loop2: detected capacity change from 0 to 4096
[  117.477282][ T8696] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.853089][ T8737] xt_hashlimit: size too large, truncated to 1048576
[  118.051726][ T8767] loop3: detected capacity change from 0 to 128
[  118.059517][ T8767] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  118.086592][ T8767] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  118.357531][ T3593] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.470007][ T8809] xt_hashlimit: size too large, truncated to 1048576
[  118.523786][ T8813] loop4: detected capacity change from 0 to 1024
[  118.531498][ T8813] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  118.565402][ T8813] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  118.588628][ T8813] EXT4-fs (loop4): orphan cleanup on readonly fs
[  118.602279][ T8813] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  118.617015][ T8813] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  118.644974][ T8813] EXT4-fs error (device loop4): ext4_free_blocks:6589: comm syz.4.1648: Freeing blocks not in datazone - block = 0, count = 4096
[  118.661474][ T8813] EXT4-fs (loop4): Remounting filesystem read-only
[  118.668151][ T8813] EXT4-fs (loop4): 1 orphan inode deleted
[  118.674729][ T8813] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  118.700048][ T8813] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.917521][ T8843] FAULT_INJECTION: forcing a failure.
[  118.917521][ T8843] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  118.930676][ T8843] CPU: 1 UID: 0 PID: 8843 Comm: syz.2.1658 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(voluntary) 
[  118.930711][ T8843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  118.930725][ T8843] Call Trace:
[  118.930733][ T8843]  <TASK>
[  118.930742][ T8843]  dump_stack_lvl+0xf6/0x150
[  118.930767][ T8843]  dump_stack+0x15/0x1a
[  118.930783][ T8843]  should_fail_ex+0x261/0x270
[  118.930888][ T8843]  should_fail+0xb/0x10
[  118.930910][ T8843]  should_fail_usercopy+0x1a/0x20
[  118.930938][ T8843]  _copy_from_user+0x1c/0xa0
[  118.930969][ T8843]  perf_copy_attr+0x150/0x5d0
[  118.931062][ T8843]  ? __rcu_read_unlock+0x4e/0x70
[  118.931091][ T8843]  __se_sys_perf_event_open+0x70/0x2220
[  118.931178][ T8843]  ? proc_fail_nth_write+0x12d/0x160
[  118.931196][ T8843]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  118.931216][ T8843]  ? vfs_write+0x669/0x950
[  118.931242][ T8843]  ? putname+0xe1/0x100
[  118.931266][ T8843]  __x64_sys_perf_event_open+0x67/0x80
[  118.931367][ T8843]  x64_sys_call+0x27bb/0x2e10
[  118.931391][ T8843]  do_syscall_64+0xc9/0x1c0
[  118.931446][ T8843]  ? clear_bhb_loop+0x25/0x80
[  118.931468][ T8843]  ? clear_bhb_loop+0x25/0x80
[  118.931506][ T8843]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.931527][ T8843] RIP: 0033:0x7fcfe89fd169
[  118.931541][ T8843] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  118.931559][ T8843] RSP: 002b:00007fcfe7067038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  118.931577][ T8843] RAX: ffffffffffffffda RBX: 00007fcfe8c15fa0 RCX: 00007fcfe89fd169
[  118.931588][ T8843] RDX: fffffdffffffffff RSI: 0000000000000000 RDI: 0000200000000200
[  118.931601][ T8843] RBP: 00007fcfe7067090 R08: 0000000000000008 R09: 0000000000000000
[  118.931612][ T8843] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  118.931647][ T8843] R13: 0000000000000000 R14: 00007fcfe8c15fa0 R15: 00007ffd50256978
[  118.931665][ T8843]  </TASK>
[  119.136892][ T8844] xt_hashlimit: size too large, truncated to 1048576
[  119.620686][ T8882] loop3: detected capacity change from 0 to 512
[  119.629533][ T8882] EXT4-fs: inline encryption not supported
[  119.650056][ T8882] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1669: bg 0: block 248: padding at end of block bitmap is not set
[  119.671269][ T8882] EXT4-fs (loop3): Remounting filesystem read-only
[  119.677951][ T8882] EXT4-fs (loop3): 1 truncate cleaned up
[  119.683987][ T8882] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.696779][ T8882] ext4 filesystem being mounted at /361/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.798908][ T8881] xt_hashlimit: size too large, truncated to 1048576
[  119.807184][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.868478][ T8890] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  119.892021][ T8890] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  119.903357][ T8890] netlink: 'syz.4.1673': attribute type 39 has an invalid length.
[  119.972060][ T8901] __nla_validate_parse: 19 callbacks suppressed
[  119.972076][ T8901] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1673'.
[  120.099679][ T8905] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1677'.
[  120.551424][ T8915] FAULT_INJECTION: forcing a failure.
[  120.551424][ T8915] name failslab, interval 1, probability 0, space 0, times 0
[  120.564093][ T8915] CPU: 1 UID: 0 PID: 8915 Comm: syz.3.1679 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(voluntary) 
[  120.564184][ T8915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  120.564199][ T8915] Call Trace:
[  120.564207][ T8915]  <TASK>
[  120.564216][ T8915]  dump_stack_lvl+0xf6/0x150
[  120.564243][ T8915]  dump_stack+0x15/0x1a
[  120.564260][ T8915]  should_fail_ex+0x261/0x270
[  120.564286][ T8915]  should_failslab+0x8f/0xb0
[  120.564354][ T8915]  kmem_cache_alloc_noprof+0x59/0x340
[  120.564403][ T8915]  ? security_inode_alloc+0x37/0x100
[  120.564433][ T8915]  security_inode_alloc+0x37/0x100
[  120.564462][ T8915]  inode_init_always_gfp+0x4a2/0x4f0
[  120.564579][ T8915]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  120.564605][ T8915]  alloc_inode+0x86/0x170
[  120.564643][ T8915]  new_inode+0x1e/0xe0
[  120.564684][ T8915]  shmem_get_inode+0x24e/0x730
[  120.564797][ T8915]  __shmem_file_setup+0x127/0x1f0
[  120.564834][ T8915]  shmem_file_setup+0x3b/0x50
[  120.564872][ T8915]  __se_sys_memfd_create+0x2e1/0x5a0
[  120.564924][ T8915]  __x64_sys_memfd_create+0x31/0x40
[  120.565022][ T8915]  x64_sys_call+0x1163/0x2e10
[  120.565101][ T8915]  do_syscall_64+0xc9/0x1c0
[  120.565131][ T8915]  ? clear_bhb_loop+0x25/0x80
[  120.565153][ T8915]  ? clear_bhb_loop+0x25/0x80
[  120.565179][ T8915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.565280][ T8915] RIP: 0033:0x7f67c79bd169
[  120.565295][ T8915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.565334][ T8915] RSP: 002b:00007f67c5fdce18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  120.565351][ T8915] RAX: ffffffffffffffda RBX: 000000000000050a RCX: 00007f67c79bd169
[  120.565363][ T8915] RDX: 00007f67c5fdcef0 RSI: 0000000000000000 RDI: 00007f67c7a3ec3c
[  120.565402][ T8915] RBP: 0000200000000200 R08: 00007f67c5fdcbb7 R09: 00007f67c5fdce40
[  120.565463][ T8915] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0
[  120.565513][ T8915] R13: 00007f67c5fdcef0 R14: 00007f67c5fdceb0 R15: 0000200000000740
[  120.565531][ T8915]  </TASK>
[  121.118884][ T8925] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1684'.
[  121.358269][ T8934] xt_hashlimit: size too large, truncated to 1048576
[  121.785525][ T8967] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1696'.
[  121.875101][ T8975] loop2: detected capacity change from 0 to 512
[  121.892128][ T8975] EXT4-fs (loop2): The Hurd can't support 64-bit file systems
[  121.964319][   T29] kauditd_printk_skb: 303 callbacks suppressed
[  121.964332][   T29] audit: type=1326 audit(1743724458.450:6521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8984 comm="syz.3.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  121.994045][   T29] audit: type=1326 audit(1743724458.450:6522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8984 comm="syz.3.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  122.017946][   T29] audit: type=1326 audit(1743724458.450:6523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8984 comm="syz.3.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  122.041600][   T29] audit: type=1326 audit(1743724458.450:6524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8984 comm="syz.3.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  122.065136][   T29] audit: type=1326 audit(1743724458.450:6525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8984 comm="syz.3.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  122.088896][   T29] audit: type=1326 audit(1743724458.450:6526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8984 comm="syz.3.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=280 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  122.101684][ T8991] xt_hashlimit: size too large, truncated to 1048576
[  122.112673][   T29] audit: type=1326 audit(1743724458.450:6527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8984 comm="syz.3.1704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  122.156196][ T8975] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1700'.
[  122.364552][ T9006] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1709'.
[  122.393679][   T29] audit: type=1326 audit(1743724458.880:6528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9007 comm="syz.3.1712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  122.417800][   T29] audit: type=1326 audit(1743724458.880:6529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9007 comm="syz.3.1712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  122.443283][   T29] audit: type=1326 audit(1743724458.880:6530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9007 comm="syz.3.1712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f67c79bd169 code=0x7ffc0000
[  122.494552][ T9005] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1711'.
[  122.541516][ T9017] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1716'.
[  122.574493][ T9018] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.585077][ T9020] loop0: detected capacity change from 0 to 512
[  122.596809][ T9020] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  122.610502][ T9020] ext4 filesystem being mounted at /301/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.636246][ T9018] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.650144][ T3312] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  122.705906][ T9018] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.721965][ T9027] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1718'.
[  122.756630][ T9018] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.845842][ T9018] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  122.849036][ T9048] loop2: detected capacity change from 0 to 512
[  122.859277][ T9018] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  122.872294][ T9018] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  122.886769][ T9018] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  122.896478][ T9050] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1727'.
[  122.906890][ T9048] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  122.919694][ T9048] ext4 filesystem being mounted at /336/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.954307][ T3593] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  123.056283][ T9077] gadgetfs: Unknown parameter 'ªªªªª'
[  123.075215][ T9079] gadgetfs: Unknown parameter 'ªªªªª'
[  123.255385][ T9108] gadgetfs: Unknown parameter 'ªªªªª'
[  123.353991][ T9127] loop2: detected capacity change from 0 to 512
[  123.369055][ T9127] EXT4-fs (loop2): The Hurd can't support 64-bit file systems
[  123.403519][ T9135] FAULT_INJECTION: forcing a failure.
[  123.403519][ T9135] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.416705][ T9135] CPU: 1 UID: 0 PID: 9135 Comm: syz.1.1763 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(voluntary) 
[  123.416812][ T9135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  123.416825][ T9135] Call Trace:
[  123.416832][ T9135]  <TASK>
[  123.416840][ T9135]  dump_stack_lvl+0xf6/0x150
[  123.416868][ T9135]  dump_stack+0x15/0x1a
[  123.416929][ T9135]  should_fail_ex+0x261/0x270
[  123.416966][ T9135]  should_fail+0xb/0x10
[  123.416994][ T9135]  should_fail_usercopy+0x1a/0x20
[  123.417027][ T9135]  _copy_from_iter+0xd8/0xd10
[  123.417115][ T9135]  ? kmalloc_reserve+0x16e/0x190
[  123.417138][ T9135]  ? __build_skb_around+0x199/0x1f0
[  123.417165][ T9135]  ? __alloc_skb+0x227/0x320
[  123.417228][ T9135]  ? __virt_addr_valid+0x1ed/0x250
[  123.417248][ T9135]  ? __check_object_size+0x367/0x510
[  123.417276][ T9135]  netlink_sendmsg+0x492/0x720
[  123.417333][ T9135]  ? __pfx_netlink_sendmsg+0x10/0x10
[  123.417430][ T9135]  __sock_sendmsg+0x140/0x180
[  123.417464][ T9135]  ____sys_sendmsg+0x350/0x4e0
[  123.417494][ T9135]  __sys_sendmsg+0x1a0/0x240
[  123.417603][ T9135]  __x64_sys_sendmsg+0x46/0x50
[  123.417631][ T9135]  x64_sys_call+0x26f3/0x2e10
[  123.417658][ T9135]  do_syscall_64+0xc9/0x1c0
[  123.417752][ T9135]  ? clear_bhb_loop+0x25/0x80
[  123.417773][ T9135]  ? clear_bhb_loop+0x25/0x80
[  123.417875][ T9135]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.417896][ T9135] RIP: 0033:0x7f835933d169
[  123.417910][ T9135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.417958][ T9135] RSP: 002b:00007f83579a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  123.417977][ T9135] RAX: ffffffffffffffda RBX: 00007f8359555fa0 RCX: 00007f835933d169
[  123.417989][ T9135] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  123.418000][ T9135] RBP: 00007f83579a7090 R08: 0000000000000000 R09: 0000000000000000
[  123.418013][ T9135] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.418028][ T9135] R13: 0000000000000000 R14: 00007f8359555fa0 R15: 00007ffcd4ca8228
[  123.418049][ T9135]  </TASK>
[  123.672802][ T9147] gadgetfs: Unknown parameter 'ªªªªª'
[  123.706757][ T9155] netlink: 'syz.0.1766': attribute type 13 has an invalid length.
[  123.747241][ T9158] loop1: detected capacity change from 0 to 128
[  123.759157][ T9158] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  123.772418][ T9158] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  123.785344][ T9160] loop2: detected capacity change from 0 to 2048
[  123.815464][ T9160] EXT4-fs error (device loop2): ext4_orphan_get:1416: comm syz.2.1772: bad orphan inode 8192
[  123.893390][ T9155] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.010210][ T9155] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  124.023244][ T9155] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  124.064627][ T9155] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  124.073159][ T9155] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  124.081630][ T9155] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  124.090112][ T9155] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  124.139672][ T9181] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.186323][ T9181] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.288577][ T9181] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.325908][ T9205] loop1: detected capacity change from 0 to 512
[  124.341749][ T9205] EXT4-fs error (device loop1): ext4_iget_extra_inode:4692: inode #15: comm syz.1.1783: corrupted in-inode xattr: invalid ea_ino
[  124.359512][ T9205] EXT4-fs error (device loop1): ext4_orphan_get:1395: comm syz.1.1783: couldn't read orphan inode 15 (err -117)
[  124.395950][ T9181] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.450920][ T9181] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  124.473811][ T9181] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  124.487583][ T9181] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  124.496639][ T9227] FAULT_INJECTION: forcing a failure.
[  124.496639][ T9227] name failslab, interval 1, probability 0, space 0, times 0
[  124.509406][ T9227] CPU: 1 UID: 0 PID: 9227 Comm: syz.4.1792 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(voluntary) 
[  124.509444][ T9227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  124.509454][ T9227] Call Trace:
[  124.509460][ T9227]  <TASK>
[  124.509468][ T9227]  dump_stack_lvl+0xf6/0x150
[  124.509581][ T9227]  dump_stack+0x15/0x1a
[  124.509596][ T9227]  should_fail_ex+0x261/0x270
[  124.509636][ T9227]  should_failslab+0x8f/0xb0
[  124.509669][ T9227]  kmem_cache_alloc_noprof+0x59/0x340
[  124.509688][ T9227]  ? security_inode_alloc+0x37/0x100
[  124.509715][ T9227]  security_inode_alloc+0x37/0x100
[  124.509778][ T9227]  inode_init_always_gfp+0x4a2/0x4f0
[  124.509867][ T9227]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  124.509885][ T9227]  alloc_inode+0x86/0x170
[  124.509914][ T9227]  new_inode+0x1e/0xe0
[  124.509938][ T9227]  shmem_get_inode+0x24e/0x730
[  124.509994][ T9227]  __shmem_file_setup+0x127/0x1f0
[  124.510052][ T9227]  shmem_file_setup+0x3b/0x50
[  124.510151][ T9227]  __se_sys_memfd_create+0x2e1/0x5a0
[  124.510184][ T9227]  __x64_sys_memfd_create+0x31/0x40
[  124.510215][ T9227]  x64_sys_call+0x1163/0x2e10
[  124.510241][ T9227]  do_syscall_64+0xc9/0x1c0
[  124.510279][ T9227]  ? clear_bhb_loop+0x25/0x80
[  124.510298][ T9227]  ? clear_bhb_loop+0x25/0x80
[  124.510316][ T9227]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.510334][ T9227] RIP: 0033:0x7ff97113d169
[  124.510346][ T9227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.510424][ T9227] RSP: 002b:00007ff96f7a6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  124.510461][ T9227] RAX: ffffffffffffffda RBX: 000000000000046b RCX: 00007ff97113d169
[  124.510472][ T9227] RDX: 00007ff96f7a6ef0 RSI: 0000000000000000 RDI: 00007ff9711bec3c
[  124.510482][ T9227] RBP: 0000200000000740 R08: 00007ff96f7a6bb7 R09: 00007ff96f7a6e40
[  124.510492][ T9227] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000001c0
[  124.510502][ T9227] R13: 00007ff96f7a6ef0 R14: 00007ff96f7a6eb0 R15: 0000200000000680
[  124.510519][ T9227]  </TASK>
[  124.730686][ T9181] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  124.810571][ T9237] xt_hashlimit: size too large, truncated to 1048576
[  124.883844][ T9240] loop3: detected capacity change from 0 to 512
[  124.892083][ T9240] ext2: Unknown parameter 'dont_measure'
[  124.947023][ T9240] loop3: detected capacity change from 0 to 2048
[  125.093295][ T9244] xt_hashlimit: size too large, truncated to 1048576
[  125.163481][ T9258] loop2: detected capacity change from 0 to 128
[  125.170258][ T9258] EXT4-fs: test_dummy_encryption option not supported
[  125.180506][ T9258] __nla_validate_parse: 18 callbacks suppressed
[  125.180523][ T9258] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1801'.
[  125.197726][ T9258] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1801'.
[  125.278642][ T9262] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1802'.
[  125.317258][ T9273] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.319716][ T9271] loop4: detected capacity change from 0 to 512
[  125.333973][ T9271] EXT4-fs (loop4): The Hurd can't support 64-bit file systems
[  125.355993][ T9273] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.380390][ T9278] loop2: detected capacity change from 0 to 128
[  125.387285][ T9278] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  125.401328][ T9278] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  125.411802][ T9273] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.427056][ T9278] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1808'.
[  125.438887][ T9281] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1809'.
[  125.456536][ T9273] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  125.482444][ T9283] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1810'.
[  125.490047][ T9287] xt_CT: You must specify a L4 protocol and not use inversions on it
[  125.535320][ T9273] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  125.598215][ T9301] loop2: detected capacity change from 0 to 512
[  125.602327][ T9273] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  125.612900][ T9301] EXT4-fs (loop2): The Hurd can't support 64-bit file systems
[  125.626252][ T9273] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  125.641290][ T9273] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  125.641975][ T9295] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1814'.
[  125.692320][ T9301] netlink: 48 bytes leftover after parsing attributes in process `syz.2.1817'.
[  125.744295][ T9312] loop0: detected capacity change from 0 to 128
[  125.769176][ T9315] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1820'.
[  125.780338][ T9314] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1822'.
[  125.790886][ T9312] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  125.835412][ T9312] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  125.871288][ T9321] xt_CT: You must specify a L4 protocol and not use inversions on it
[  125.924059][ T9331] loop4: detected capacity change from 0 to 512
[  125.965904][ T9331] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  126.044889][ T9331] EXT4-fs (loop4): 1 truncate cleaned up
[  126.082705][ T9354] loop1: detected capacity change from 0 to 128
[  126.097368][ T9354] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  126.114447][ T9354] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  126.169602][ T9356] xt_CT: You must specify a L4 protocol and not use inversions on it
[  126.186258][ T9364] loop2: detected capacity change from 0 to 128
[  126.207375][ T9364] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  126.222229][ T9364] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  126.331599][ T9390] loop1: detected capacity change from 0 to 128
[  126.339803][ T9390] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  126.352290][ T9390] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  126.356401][ T9394] loop2: detected capacity change from 0 to 512
[  126.368452][ T9394] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  126.390074][ T9394] EXT4-fs (loop2): 1 truncate cleaned up
[  126.498364][ T9410] loop1: detected capacity change from 0 to 4096
[  126.534440][ T9403] loop2: detected capacity change from 0 to 512
[  126.541149][ T9403] EXT4-fs: inline encryption not supported
[  126.556894][ T9403] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1855: bg 0: block 248: padding at end of block bitmap is not set
[  126.571574][ T9403] EXT4-fs (loop2): Remounting filesystem read-only
[  126.578478][ T9403] EXT4-fs (loop2): 1 truncate cleaned up
[  126.584647][ T9403] ext4 filesystem being mounted at /376/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.591211][ T9397] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  126.604651][ T9397] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  126.613615][ T9397] netlink: 'syz.4.1853': attribute type 39 has an invalid length.
[  126.623660][ T9403] ==================================================================
[  126.631776][ T9403] BUG: KCSAN: data-race in hash_net4_add / hash_net4_gc_do
[  126.639002][ T9403] 
[  126.641329][ T9403] read-write to 0xffff888120381268 of 4 bytes by task 23 on cpu 1:
[  126.649225][ T9403]  hash_net4_gc_do+0x908/0xf90
[  126.654007][ T9403]  hash_net4_gc+0x10d/0x280
[  126.658526][ T9403]  process_scheduled_works+0x4de/0xa20
[  126.664096][ T9403]  worker_thread+0x52c/0x710
[  126.668695][ T9403]  kthread+0x4b7/0x540
[  126.672777][ T9403]  ret_from_fork+0x4b/0x60
[  126.677214][ T9403]  ret_from_fork_asm+0x1a/0x30
[  126.681987][ T9403] 
[  126.684311][ T9403] read to 0xffff888120381268 of 4 bytes by task 9403 on cpu 0:
[  126.691854][ T9403]  hash_net4_add+0x292/0x1d50
[  126.696541][ T9403]  hash_net4_uadt+0x51d/0x5d0
[  126.701227][ T9403]  call_ad+0x1a3/0x550
[  126.705316][ T9403]  ip_set_ad+0x5a7/0x670
[  126.709595][ T9403]  ip_set_uadd+0x41/0x50
[  126.713849][ T9403]  nfnetlink_rcv_msg+0x4ba/0x580
[  126.718803][ T9403]  netlink_rcv_skb+0x12f/0x230
[  126.723584][ T9403]  nfnetlink_rcv+0x187/0x1610
[  126.728279][ T9403]  netlink_unicast+0x605/0x6c0
[  126.733054][ T9403]  netlink_sendmsg+0x609/0x720
[  126.737848][ T9403]  __sock_sendmsg+0x140/0x180
[  126.742545][ T9403]  ____sys_sendmsg+0x350/0x4e0
[  126.747324][ T9403]  __sys_sendmsg+0x1a0/0x240
[  126.751925][ T9403]  __x64_sys_sendmsg+0x46/0x50
[  126.756700][ T9403]  x64_sys_call+0x26f3/0x2e10
[  126.761398][ T9403]  do_syscall_64+0xc9/0x1c0
[  126.766093][ T9403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.771995][ T9403] 
[  126.774319][ T9403] value changed: 0x000003f4 -> 0x00000331
[  126.780035][ T9403] 
[  126.782361][ T9403] Reported by Kernel Concurrency Sanitizer on:
[  126.788512][ T9403] CPU: 0 UID: 0 PID: 9403 Comm: syz.2.1855 Not tainted 6.14.0-syzkaller-12966-ga2cc6ff5ec8f #0 PREEMPT(voluntary) 
[  126.800584][ T9403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  126.810644][ T9403] ==================================================================
[  127.398284][ T9403] Set syz1 is full, maxelem 65536 reached