last executing test programs:

7m4.213268405s ago: executing program 4 (id=316):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b70500000800000085"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x5, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d00000007"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
creat(&(0x7f00000003c0)='./file0\x00', 0x36)

7m4.100695187s ago: executing program 4 (id=317):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x6, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0xb, 0xb76a}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xa, 0x20000261, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
r4 = dup(r0)
fsetxattr$security_selinux(r4, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)

7m3.806930812s ago: executing program 4 (id=322):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x44041, 0x0)
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xff2e)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r1 = gettid()
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
readv(0xffffffffffffffff, &(0x7f0000001140)=[{&(0x7f0000000700)=""/206, 0x18}], 0x1)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@ipv4_newrule={0x24, 0x1e, 0x1, 0x0, 0x2, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xe}, [@FRA_GENERIC_POLICY=@FRA_GOTO={0x8, 0x4, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x2}, 0x2810)
r4 = epoll_create(0x3)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x10000000})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0xb, &(0x7f0000000040)=ANY=[@ANYRESHEX], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x47, '\x00', 0x0, @cgroup_skb=0x1, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)

7m3.680436413s ago: executing program 4 (id=325):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000080)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_DSTOPTS(r2, 0x29, 0x3b, &(0x7f0000000d80)=ANY=[@ANYBLOB="eeff8f55cd480000f4c43f67b87fb80086a0b615e0c3c49bdc5f1ec050c212d017732b58d3cc1d49bb5cb683e2150fbb5cb34b300c90250f49caf0d26e8850c6cdf572728d2f11d68b9df2048ea979dbbdb324332b8c20345afb341395cf9135d66cf0e908234da03cfb5084b33726d596513104146a07b1d4aa5fc8d5cc5fa6296a92abdc29485642ee9a6b46c100b2112c5362b3acc4749649e8f9cbb0c719e6f0f1f8957bb4fed861be2d99b0144d17de7e751d569a6b696a3efa3de3"], 0x8)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
mknod$loop(&(0x7f0000000200)='./file0\x00', 0x2000, 0x0)
setsockopt$inet_tcp_buf(r0, 0x6, 0x1a, &(0x7f0000000d00)="2936302d0955ca241e8e2058917b24182a08b596b5b924d3c13216e2b929a8a56d128c4b2587dd6c444b02f4a774c117a33b6563bcbff540fe53b2db39f7bd6acd6c0a2cbb0014bb3e2442e04a26d63d32307107266a2adba099854fc9311d8a033f80f1723ecc", 0x67)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000700)='kfree\x00', r1, 0x0, 0x7}, 0x18)
recvfrom$inet(r0, &(0x7f00000005c0)=""/78, 0x4e, 0x18162, &(0x7f0000000640)={0x2, 0x4e23, @broadcast}, 0x10)
openat$binfmt_format(0xffffff9c, &(0x7f0000000040)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$setregs(0x1a, r3, 0xba, &(0x7f0000000040))
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x3c0, 0x210, 0x9403, 0x3002, 0x210, 0x2c0, 0x2f0, 0x3d8, 0x3d8, 0x2f0, 0x3d8, 0x3, 0x0, {[{{@ipv6={@private2, @remote, [0xffffff00, 0x0, 0xffffffff], [0xffffffff, 0xffffff00, 0xffffffff], 'macvlan1\x00', 'wg2\x00', {}, {0xa4c8dd0ffa9b1578}, 0x73, 0x9, 0x4, 0x48}, 0x0, 0x1c8, 0x210, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xc}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x80, 0x1, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@private1}}}, {{@uncond, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0xffffffffffffffff, 0x0, 0x2}, {0x4, 0x5, 0x5}, {0x3, 0x4}, 0xbf, 0xb}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x47b)
r5 = memfd_secret(0x0)
ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, 0x0)
ioctl$BTRFS_IOC_GET_DEV_STATS(r5, 0xc4089434, 0x0)
inotify_add_watch(r5, &(0x7f0000000680)='./bus\x00', 0xa4000000)
quotactl$Q_GETQUOTA(0xffffffff80000701, 0x0, 0xee00, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1, 0xf, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000000400000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000008b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000084000000b70000000000000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
lsetxattr$security_selinux(&(0x7f0000000440)='./bus\x00', &(0x7f0000000500), &(0x7f0000000580)='system_u:object_r:syslogd_var_run_t:s0\x00', 0x27, 0x1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))

7m3.29328249s ago: executing program 4 (id=330):
r0 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000180)={0xffffffffffffffff, 0x0, 0x25, 0x16, @void}, 0x10)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000800), 0x8000, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x20, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x2041}})
r1 = syz_open_dev$usbfs(&(0x7f0000000240), 0x75, 0x109301)
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f00000001c0)=@urb_type_bulk={0x3, {0x1, 0x1}, 0x800, 0x20, 0x0, 0x0, 0xc, 0x2, 0x9e8e, 0x5, 0x4, 0x0})

7m2.61541214s ago: executing program 4 (id=335):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x44041, 0x0)
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xff2e)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r1 = gettid()
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
readv(0xffffffffffffffff, &(0x7f0000001140)=[{&(0x7f0000000700)=""/206, 0x18}], 0x1)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@ipv4_newrule={0x24, 0x1e, 0x1, 0x0, 0x2, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xe}, [@FRA_GENERIC_POLICY=@FRA_GOTO={0x8, 0x4, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x2}, 0x2810)
r4 = epoll_create(0x3)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x10000000})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0xb, &(0x7f0000000040)=ANY=[@ANYRESHEX], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x47, '\x00', 0x0, @cgroup_skb=0x1, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)

7m2.577977311s ago: executing program 32 (id=335):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x44041, 0x0)
write$binfmt_aout(r0, &(0x7f00000001c0)=ANY=[], 0xff2e)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r1 = gettid()
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
readv(0xffffffffffffffff, &(0x7f0000001140)=[{&(0x7f0000000700)=""/206, 0x18}], 0x1)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=@ipv4_newrule={0x24, 0x1e, 0x1, 0x0, 0x2, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xe}, [@FRA_GENERIC_POLICY=@FRA_GOTO={0x8, 0x4, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x2}, 0x2810)
r4 = epoll_create(0x3)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x10000000})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0xb, &(0x7f0000000040)=ANY=[@ANYRESHEX], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x47, '\x00', 0x0, @cgroup_skb=0x1, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)

5m21.001385579s ago: executing program 3 (id=1654):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = perf_event_open(&(0x7f0000000fc0)={0x2, 0x80, 0x82, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x3, 0x4, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000180)='cpu>=0!|!')

5m20.90297866s ago: executing program 3 (id=1656):
perf_event_open(&(0x7f0000004cc0)={0x1, 0x80, 0x8, 0x0, 0x0, 0x0, 0x0, 0x9, 0x400, 0x6, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xaf1d, 0x1, @perf_bp={0x0, 0x1}, 0x100410, 0x4, 0x2, 0x1, 0x9, 0x5, 0xfffd, 0x0, 0xbbd0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
openat$sysfs(0xffffff9c, &(0x7f0000000000)='/sys/kernel/uevent_helper', 0x42, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000040000000900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000f9ffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
fadvise64(0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0x1)

5m20.843615071s ago: executing program 3 (id=1658):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff0000", @ANYRES32=r1, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)

5m20.247420841s ago: executing program 3 (id=1663):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x20081e, &(0x7f0000000000), 0x1, 0x503, &(0x7f0000000140)="$eJzs3c9vG1kdAPDvOL+cbHaTXfYACNiyLBRU1Unc3Wi1B1hOCKGVEHsEqRsSN4pix1HsLJvQQ/o/IFGJExz5Azj3xJ0LghuXckDiRwRqKnHwasaT1E3tJm0SO4o/H2k08+Y5830v7rxnf934BTC0rkXEXkSMR8QnETGTn0/yLT5sb+njHu3fXT7Yv7ucRKv18b+TrD49Fx0/k3olv2YxIn7yg4ifJ8/Gbezsri9Vq5WtdnFyrlnbnGvs7N5cqy2tVlYrG+Xy4sLi/Pu33iufW1/fqo3nR199+Ke97/wybdZ0fqazH+ep3fWxozip0Yj40UUEG4CRvD/jg24IL6UQEW9ExNvZ/T8TI9mzCQBcZa3WTLRmOssAwFVXyHJgSaGU5wKmo1Aoldo5vDdjqlCtN5o37tS3N1baubLZGCvcWatW5vNc4WyMJWl5ITt+Ui4fK9+KiNcj4lcTk1m5tFyvrgzyhQ8ADLFXjs3//5toz/8AwBVXHHQDAIC+M/8DwPAx/wPA8DH/A8DwMf8DwPAx/wPA8DH/A8BQ+fFHH6Vb6yD//uuVT3e21+uf3lypNNZLte3l0nJ9a7O0Wq+vZt/ZUzvpetV6fXPh3dj+bPa7m43mXGNn93atvr3RvJ19r/ftylhfegUAPM/rbz34axIRex9MZlt0rOVgroarrTDoBgADMzLoBgADc7TalwXcYOic4T2+9ABcEV2W6H1KMSImj59stVqti2sScMGuf0n+H4ZVR/7f/wKGISP/D8NrdNANAAam1UpOu+Z/nPaBAMDlJscP9Pj8/418//v8w4GfrRx/xP2LbBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcbofr/5bytcCno1AolSJejYjZGEvurFUr8xHxWkT8ZWJsIi0vDLjNAMBZFf6R5Ot/XZ95Z/p47XjyeCLbR8QvfvPxrz9baja3/pye/89Ekp9v3s/PlwfSAQDgBIfzdLbveCP/aP/u8uHWz/b88/sRUWzHP9gfj4Oj+KMxmu2LMRYRU/9N8nJb0pG7OIu9exHxxW79T2I6y4G0Vz49Hj+N/Wpf4xeeil/I6tr79HfxhXNoCwybB+n482G3+68Q17J99/u/mI1QZ5ePf+mllg+yMfBJ/MPxb6TH+HfttDHe/eMP20eTz9bdi/jyaMRh7IOO8ecwftIj/junjP+3r3zt7V51rd9GXI/u8TtjzTVrm3ONnd2ba7Wl1cpqZaNcXlxYnH//1nvluSxHPdd7NvjXBzde61WX9n+qR/ziCf3/5in7/7v/f/LTrz8n/re/0S1+Id58Tvx0TvzWKeMvTf2h2Ksujb/So/8nPf83Thn/4d93n1k2HAAYnMbO7vpStVrZ6ufB4QuJvgZ18CIHI3G+F4yIvXO4Tvqv5lL8frocfK9fscbjhX6q1XqpWL1GjPPIugGXwdFNHxGPB90YAAAAAAAAAAAAAACgq378xdKg+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDV9XkAAAD///ogzOo=")
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x4800000, 0x8005, 0x0, 0x0, 0x9, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d10a00966d61fdcf335263bd9bffbcc2542ded71038259ca0400e1a311efec32d71e14ef3dc177b5b48b00", "f2fdffffffffffffff810000000000d300e6d602000000000000000000000001", [0xca4e]})
write$binfmt_misc(r1, &(0x7f00000003c0)='(', 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r0}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00'}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a00000095"], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x20081e, &(0x7f0000000000), 0x1, 0x503, &(0x7f0000000140)="$eJzs3c9vG1kdAPDvOL+cbHaTXfYACNiyLBRU1Unc3Wi1B1hOCKGVEHsEqRsSN4pix1HsLJvQQ/o/IFGJExz5Azj3xJ0LghuXckDiRwRqKnHwasaT1E3tJm0SO4o/H2k08+Y5830v7rxnf934BTC0rkXEXkSMR8QnETGTn0/yLT5sb+njHu3fXT7Yv7ucRKv18b+TrD49Fx0/k3olv2YxIn7yg4ifJ8/Gbezsri9Vq5WtdnFyrlnbnGvs7N5cqy2tVlYrG+Xy4sLi/Pu33iufW1/fqo3nR199+Ke97/wybdZ0fqazH+ep3fWxozip0Yj40UUEG4CRvD/jg24IL6UQEW9ExNvZ/T8TI9mzCQBcZa3WTLRmOssAwFVXyHJgSaGU5wKmo1Aoldo5vDdjqlCtN5o37tS3N1baubLZGCvcWatW5vNc4WyMJWl5ITt+Ui4fK9+KiNcj4lcTk1m5tFyvrgzyhQ8ADLFXjs3//5toz/8AwBVXHHQDAIC+M/8DwPAx/wPA8DH/A8DwMf8DwPAx/wPA8DH/A8BQ+fFHH6Vb6yD//uuVT3e21+uf3lypNNZLte3l0nJ9a7O0Wq+vZt/ZUzvpetV6fXPh3dj+bPa7m43mXGNn93atvr3RvJ19r/ftylhfegUAPM/rbz34axIRex9MZlt0rOVgroarrTDoBgADMzLoBgADc7TalwXcYOic4T2+9ABcEV2W6H1KMSImj59stVqti2sScMGuf0n+H4ZVR/7f/wKGISP/D8NrdNANAAam1UpOu+Z/nPaBAMDlJscP9Pj8/418//v8w4GfrRx/xP2LbBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcbofr/5bytcCno1AolSJejYjZGEvurFUr8xHxWkT8ZWJsIi0vDLjNAMBZFf6R5Ot/XZ95Z/p47XjyeCLbR8QvfvPxrz9baja3/pye/89Ekp9v3s/PlwfSAQDgBIfzdLbveCP/aP/u8uHWz/b88/sRUWzHP9gfj4Oj+KMxmu2LMRYRU/9N8nJb0pG7OIu9exHxxW79T2I6y4G0Vz49Hj+N/Wpf4xeeil/I6tr79HfxhXNoCwybB+n482G3+68Q17J99/u/mI1QZ5ePf+mllg+yMfBJ/MPxb6TH+HfttDHe/eMP20eTz9bdi/jyaMRh7IOO8ecwftIj/junjP+3r3zt7V51rd9GXI/u8TtjzTVrm3ONnd2ba7Wl1cpqZaNcXlxYnH//1nvluSxHPdd7NvjXBzde61WX9n+qR/ziCf3/5in7/7v/f/LTrz8n/re/0S1+Id58Tvx0TvzWKeMvTf2h2Ksujb/So/8nPf83Thn/4d93n1k2HAAYnMbO7vpStVrZ6ufB4QuJvgZ18CIHI3G+F4yIvXO4Tvqv5lL8frocfK9fscbjhX6q1XqpWL1GjPPIugGXwdFNHxGPB90YAAAAAAAAAAAAAACgq378xdKg+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDV9XkAAAD///ogzOo=") (async)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111) (async)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) (async)
open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) (async)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x4800000, 0x8005, 0x0, 0x0, 0x9, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d10a00966d61fdcf335263bd9bffbcc2542ded71038259ca0400e1a311efec32d71e14ef3dc177b5b48b00", "f2fdffffffffffffff810000000000d300e6d602000000000000000000000001", [0xca4e]}) (async)
write$binfmt_misc(r1, &(0x7f00000003c0)='(', 0x1) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r0}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00'}, 0x10) (async)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0) (async)

5m19.091032709s ago: executing program 3 (id=1667):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f0000000780)='net/tcp6\x00')
preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000001140)=""/4096, 0x1000}], 0x1, 0x300, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

5m18.792843224s ago: executing program 3 (id=1672):
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="02130000050000000000000000000000030008"], 0x28}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e00000000000000001801", @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x8, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0300000004000000040000000a13000000000000", @ANYRES32=0x1, @ANYBLOB='\a\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="040000000300"/28], 0x50)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x75}], 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="ec08d02f4464750000030100"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r5, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r6, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000001380)=ANY=[@ANYBLOB="4e07f5c1a76520194f4229042629b97b00", @ANYRES16=r7, @ANYBLOB="0308000000000000000009000000240004800400078008000500000000001300010062726f6164636173742d6c696e6b0000"], 0x38}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001500)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r8 = socket(0x10, 0x3, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r9}, 0x10)
setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000000)={0x9}, 0x3c33)
write(r8, &(0x7f00000000c0)="240000001e005f0214fffffffffffff80700000001000000000000000500080002000000", 0x24)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)

5m18.791232764s ago: executing program 33 (id=1672):
socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70300001d000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="02130000050000000000000000000000030008"], 0x28}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e00000000000000001801", @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x8, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0300000004000000040000000a13000000000000", @ANYRES32=0x1, @ANYBLOB='\a\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="040000000300"/28], 0x50)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x75}], 0x1}, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="ec08d02f4464750000030100"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r5, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_SET(r6, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000001380)=ANY=[@ANYBLOB="4e07f5c1a76520194f4229042629b97b00", @ANYRES16=r7, @ANYBLOB="0308000000000000000009000000240004800400078008000500000000001300010062726f6164636173742d6c696e6b0000"], 0x38}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001500)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r8 = socket(0x10, 0x3, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r9}, 0x10)
setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000000)={0x9}, 0x3c33)
write(r8, &(0x7f00000000c0)="240000001e005f0214fffffffffffff80700000001000000000000000500080002000000", 0x24)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)

6.33282985s ago: executing program 5 (id=6455):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b7030000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800002}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='sched_switch\x00', r0}, 0x18)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x20182)
ioctl$USBDEVFS_ALLOW_SUSPEND(r1, 0x5522)
ioctl$USBDEVFS_BULK(r1, 0x5523, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)

6.216759242s ago: executing program 5 (id=6458):
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001fc0)={0x214, 0x0, 0x1, 0x70bd29, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x200, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x72}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x589d}, @ETHTOOL_A_BITSET_BITS={0xb4, 0x3, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '$-\\\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '$\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8f3}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}]}]}, @ETHTOOL_A_BITSET_BITS={0x130, 0x3, 0x0, 0x1, [{0x4}, {0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x37f3}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '{,\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fffffff}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fff}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, ')!-&\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '}*\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '.\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xff}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7ff}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x4}, {0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8a}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, '[\\&-(%[,\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'syz_tun\x00'}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '$-\\\x00'}]}]}, @ETHTOOL_A_BITSET_VALUE={0x4}]}]}, 0x214}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})

6.188758642s ago: executing program 5 (id=6460):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
mq_timedreceive(0xffffffffffffffff, &(0x7f0000000000)=""/45, 0x2d, 0x9, &(0x7f00000000c0)={0x77359400})
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdffffffc}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$rds(0x15, 0x5, 0x0)
timer_create(0x3, &(0x7f0000000500)={0x0, 0x2a, 0x4, @thr={&(0x7f00000003c0)="a7b5f983b3daffa92bb316c2d543b2b0fdb526264acef940d446ec9b6e7741311543f5564b4106aef4cc1dd73f9e643d072bfbb893299fc7f02e9eea17ec9e7cd0f6426ebbb1673dc1fedb32de788a7007085ac9657697812bd7ef006dc09fb5bdefb1ff67336086953e20bb93ac25df8272cd5e383166887df0fb6e3a6c76544826325b8ef82dbc22dff12fb658eb60660458505c1ff364f6872e06b0aaf5d558905947ffc07780f40a906f2ada64fe9657981522c214db15ea69a2f83b6cb3193cf781991e356a5117ab", &(0x7f00000004c0)="9911018e639b95756cc35996de15c503ddf177034fd85dbc0e3506"}}, &(0x7f0000000640)=<r3=>0x0)
timer_settime(r3, 0x0, &(0x7f0000000680), &(0x7f00000006c0))
bind$rds(r2, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f0000000740)={&(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1f}}, 0x10, 0x0, 0x0, &(0x7f0000001240)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f0000002bc0)=[{&(0x7f0000001900)=""/135, 0x87}], 0x1}}], 0x48, 0x4000}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_ADD(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)={0x30, 0x0, 0x505, 0x0, 0x25dfdbfd, {}, [@FOU_ATTR_LOCAL_V6={0x14, 0x7, @ipv4={'\x00', '\xff\xff', @multicast1}}, @FOU_ATTR_AF={0x5, 0x2, 0xa}]}, 0x30}}, 0x10)

6.159806723s ago: executing program 5 (id=6463):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000009060102000000e0ffffff00000000000900020073797a310000000005000100070000001c0007800c00018008000140ffffffff0c0002"], 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4) (fail_nth: 1)

3.381247577s ago: executing program 1 (id=6508):
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4000000", @ANYRES32=r3, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
write(0xffffffffffffffff, &(0x7f0000004200)='t', 0x1)
unshare(0x64000600)

3.253727639s ago: executing program 0 (id=6510):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r0, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x0, @ANYRES8=r0, @ANYRES64=r1, @ANYRES32=0x0], 0x50)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000004000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000040bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000003c0)='io_uring_register\x00', r3, 0x0, 0xfffc}, 0x6e)
r4 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x902r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x80, 0x0)
mq_timedsend(r4, 0x0, 0x0, 0x6, 0x0)
mq_timedreceive(r4, &(0x7f0000004600)=""/102368, 0x18fe0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket(0x8000000010, 0x2, 0x0)
r5 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000, 0x0, @perf_bp={0x0}, 0x8, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xb, 0x2000000000000122, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x103f81af530ab711, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{}, &(0x7f0000000180), &(0x7f00000001c0)=r5}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x81c000, &(0x7f0000000080)={[{@nouid32}], [{@seclabel}]}, 0x1, 0x72b, &(0x7f00000007c0)="$eJzs3U9rXFUUAPDzXjNObKOJoOIfkIpixdJJE1tKV8aF6KYYKLhNQzIJMS99MTNTm9BFunIroii40e/gxpXi2g/gV1AQLXFRV5E3mUn/zTTTmmQg8/vBmzn3vTc9986UeyB3mBvAwDpZPKQRL0bEdBIx2jqfRESpGQ1FTO3ct3XrxlxxJLG9ffmvpHlP0Y67XlM4ERGbEfFCRPxSijidPpi3tr6xPJtl1bVWe7y+sjpeW984s7Qyu1hdrF69eO7c5LkL5y9e3L+xvvXhR89Xzr838uP0wsypid9/SGIqRlrX7h7Hftp5T0rFW3iP9w8iWR8l/e4Aj2UoIo61np+L0TjWjACAo2y7HLENAAyYRP0HgAHT/jtAe23voNbBuvnz3YgY7pR/qLVmNtxchzy+ldyzMpFExNhhdpQjafNmRFwZO/ng/7/kgTXb++y5UHZ2vzrJgfm5mH+mOs0/6e78Ex3mn+H2dyf+p+7z3538x7rMf9M95vjg5UbeNf/NiJeGOuVPdvMnXfJf6TH/T7fn/+12bfv7iDc61p/knlzdvx8yvrCUVc/uPHbOcbJx4+OHjf94l/ybe4x/tcfxj3zx6q+bD8n/5msP//w75S9q4uc95v+s9M5X3a4V+ee7jH+vz/+7HvNfeOWTjR5vBQAAAAAAAAAAAAAAAAAAAAAAAAAAgCMhjYiRSNLKbpymlcrOHt7PxvE0y2v10wt54+p8NPfKHotS2v6p5dGddlK0J1q/x99uTzbjrd322xHxTER8WX6y2a7M5dl8vwcPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC0n7tv//5/yzv7/AMARN9zvDgAAh079B4DBo/4DwOBR/wFg8Kj/ADB41H8AGDyPUf/LB9EPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbG9KVLxbG9devGXNGev7beWM6vnZmv1pYrK425yly+tlpZzPPFrFqZy1f2+veyPF+dnIzG9fF6tVYfr61vzKzkjav1maWV2cXqTLV0KKMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEcz0jyStBIRaTNO00ol4qmIGItSsrCUVc9GxNMR8Vu5VC7aE/3uNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADss9r6xvJsllXXBALBUQ6mIuIRXtXvmQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO351Nv/vdEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADop/SPJCKK49To6yP3X30iuV1uPkfEp99e/vr6bL2+NlGc/3v3fP2b1vnJfvQfANhLu0636zgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdFJb31iezbLq2gEG/R4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7578AAAD///lSzmc=")

2.948896654s ago: executing program 0 (id=6512):
io_uring_setup(0x2cf1, &(0x7f0000000180)={0x0, 0x7f18, 0x3, 0x2, 0x315})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c21000000a12cae0000000007010000f800b7030000000000008500000006000000181100000000000000ff0100000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/timers\x00', 0x0, 0x0)
close(r2)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x94)
r3 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000240)={0x0, r1}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x3, 0x0, 0x0, 0x40f00, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f687372000000001400010076657468315f766c616e"], 0xfc}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff"], 0x48)
syz_emit_ethernet(0xfc0, &(0x7f0000000340)=ANY=[@ANYRESDEC=r3], 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)

1.535186286s ago: executing program 1 (id=6516):
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x44040})
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x67, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x6, 0x14, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000045000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000007000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xd, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f08", 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c2}, 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
arch_prctl$ARCH_REQ_XCOMP_PERM(0x1023, 0x2)
unshare(0x22020600)
io_uring_enter(0xffffffffffffffff, 0x47f6, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80000)
fcntl$setpipe(r2, 0x407, 0x0)
vmsplice(r2, &(0x7f0000000140), 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="340000006800010000000000fedbdf250a00000000000000140006000000000000000000000000000000000108000500", @ANYRES32, @ANYBLOB='F'], 0x34}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000000)=@newsa={0x15c, 0x10, 0x1, 0x70bd26, 0x0, {{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, @in6=@empty, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in=@broadcast, 0x0, 0x6c}, @in=@remote, {0x200000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, {0x0, 0x4, 0xd, 0xa}, {0x0, 0x400}, 0xfffffffc, 0x0, 0xa, 0x1, 0x6}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @lifetime_val={0x24, 0x9, {0x3, 0x10, 0x1, 0x1}}]}, 0x15c}}, 0x20000000)

1.458908647s ago: executing program 0 (id=6518):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000cc0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB='\t\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000010000000300"/28], 0x50)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000540)={<r3=>0x0, @initdev, @local}, &(0x7f0000000580)=0xc)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f00000005c0)={{0x1, 0x1, 0x18, <r4=>0xffffffffffffffff}, './file0\x00'})
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000800)={0xffffffffffffffff, 0x20, &(0x7f00000007c0)={&(0x7f0000000700)=""/159, 0x9f, <r5=>0x0, &(0x7f0000000680)=""/49, 0x31}}, 0x10)
ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, &(0x7f0000000c40)={0x3, <r6=>r0, 'id1\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x1a, 0x17, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2a, 0x0, 0x0, 0x0, 0xd}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@map_fd={0x18, 0xa, 0x1, 0x0, r1}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @cb_func={0x18, 0x7, 0x4, 0x0, 0x8}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000004c0)='GPL\x00', 0x800, 0x4c, &(0x7f0000000440)=""/76, 0x41100, 0x4e, '\x00', r3, @tracing=0x17, r4, 0x8, &(0x7f0000000600)={0x9, 0x4}, 0x8, 0x10, &(0x7f0000000640)={0x1, 0xa, 0xece8da0c, 0x2}, 0x10, r5, 0xffffffffffffffff, 0x5, &(0x7f00000008c0)=[r1, r1, r6, r2, 0xffffffffffffffff, r2, r2, r1], &(0x7f0000000ac0)=[{0x5, 0x1, 0x9, 0x1}, {0x1, 0x4, 0x8, 0x8}, {0x0, 0x1, 0xd, 0x5}, {0x4, 0x5, 0x6, 0x5}, {0x5, 0x3, 0xc, 0x5}], 0x10, 0x10000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
r7 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0xe, &(0x7f0000000880)=ANY=[], 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000001c0), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000001080)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0xffffffff, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x2}, 0x50)
r8 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r8}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r9 = mq_open(&(0x7f0000000040)='!se\xf7ih,\x17i\xacP\xe6lNnuxselinux\x00', 0x6e93ebbbcc0884f2, 0x2, &(0x7f0000000300)={0x0, 0x1, 0x6})
mq_timedsend(r9, 0x0, 0x0, 0x0, 0x0)
r10 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r10, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
sendmsg$nl_generic(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000003640)={0x14, 0x12, 0xa01, 0x0, 0x0, {0x2}}, 0x14}}, 0x0)
mq_timedsend(r9, 0x0, 0x0, 0x0, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r11}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000002306000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, 0x2}, 0x94)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

1.30762728s ago: executing program 2 (id=6520):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x20, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
r2 = socket(0x1d, 0x2, 0x6)
setsockopt$pppl2tp_PPPOL2TP_SO_RECVSEQ(r2, 0x6a, 0x4, 0x20000000, 0x4)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x9fc69000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b402000000000000791100000000000085000000010000009500000000000000359bb9f43d86b136000000008762000000f33ad18fa9b151092e9172d8ca80be3fd2fe548fa036cf6151d76a8b71e51807e420da77440079a86cdda66fedd4922a95cd42662d9dafae9602325ef1a30b8aba9c271a51a56f7f73de45084cd90fa9ac55778d6c272c473383785c34c5b372e52138cf7f6c081c29a5eec551cd928f1f289175a9ff"], &(0x7f0000000100)='syzkaller\x00', 0x4, 0xc5, &(0x7f0000000300)=""/197, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000002c0), 0xffffffffffffff35}, 0x54)
lsm_set_self_attr(0x66, &(0x7f0000000340)={0x65, 0x6, 0x20}, 0x20, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={0xffffffffffffffff, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x0, @ANYBLOB="000000000000f3fe22a1684db42e0000000000005324575356cb165f631874", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21}, 0x50)
r5 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_load(r5, &(0x7f0000000280)=ANY=[@ANYBLOB="8cff7cf9080000005345204c696e757815"], 0x65)

1.216236631s ago: executing program 1 (id=6522):
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000100)=@nameseq={0x1e, 0x1, 0x0, {0x0, 0x0, 0x1}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x200000, 0x3}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
pipe(&(0x7f0000000480)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f0000000200), 0x3af, 0x2)
r3 = epoll_create1(0x80000)
r4 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1064, 0x80, 0x0, 0x224}, &(0x7f0000000040)=<r5=>0x0, &(0x7f00000000c0)=<r6=>0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
syz_io_uring_submit(r5, r6, &(0x7f0000000300)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x2, 0xa3d8, &(0x7f00000005c0)=[{&(0x7f0000000240)="5db5bd", 0x3}], 0x81, 0x8, 0x1, {0x2}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r4, 0x47f8, 0x0, 0x0, 0x0, 0x0)
epoll_pwait2(r3, &(0x7f00000001c0)=[{}], 0x1, &(0x7f0000000380)={0x0, 0x989680}, &(0x7f00000004c0)={[0x8]}, 0x8)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10)
sendmsg$tipc(r1, &(0x7f0000000140)={0x0, 0x20d302, 0x0}, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000000), 0x4)
r9 = dup3(r0, r1, 0x0)
r10 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000f1bdb85c8a787d7c80", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r12}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getcwd(&(0x7f0000000380)=""/131, 0x83)
recvmmsg(r10, &(0x7f0000004600)=[{{&(0x7f0000000280)=@nfc_llcp, 0x80, &(0x7f0000000200)=[{&(0x7f0000000500)=""/182, 0xb6}, {&(0x7f0000000600)=""/184, 0xb8}, {&(0x7f00000003c0)=""/75, 0x4b}], 0x3, &(0x7f00000006c0)=""/105, 0x69}, 0x4}, {{&(0x7f0000000740)=@rc={0x1f, @fixed}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000900)=""/180, 0xb4}, {&(0x7f0000001500)=""/4096, 0x1000}], 0x2, &(0x7f00000009c0)=""/136, 0x88}, 0xd}, {{&(0x7f0000000a80)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @private}}}, 0x80, &(0x7f0000001040)=[{&(0x7f0000000b00)=""/255, 0xff}, {&(0x7f0000000c00)=""/62, 0x3e}, {&(0x7f0000002500)=""/4096, 0x1000}, {&(0x7f0000000c40)=""/111, 0x6f}, {&(0x7f0000000cc0)=""/189, 0xbd}, {&(0x7f0000000d80)=""/252, 0xfc}, {&(0x7f0000003500)=""/4096, 0x1000}, {&(0x7f0000000e80)=""/237, 0xed}, {&(0x7f0000000f80)=""/98, 0x62}, {&(0x7f0000001000)=""/39, 0x27}], 0xa, &(0x7f0000001100)}, 0xc2}, {{&(0x7f0000001140)=@hci, 0x80, &(0x7f0000001400)=[{&(0x7f00000011c0)=""/44, 0x2c}, {&(0x7f0000001200)=""/68, 0x44}, {&(0x7f0000001280)=""/4, 0x4}, {&(0x7f00000012c0)=""/220, 0xdc}, {&(0x7f00000013c0)=""/56, 0x38}, {&(0x7f0000004500)=""/212, 0xd4}], 0x6}, 0x7}], 0x4, 0x102, &(0x7f0000004700)={0x0, 0x3938700})
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r9, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r9, 0x10f, 0x88)

1.162935852s ago: executing program 0 (id=6523):
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x44040})
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x67, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x6, 0x14, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000045000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000007000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xd, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f08", 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c2}, 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
arch_prctl$ARCH_REQ_XCOMP_PERM(0x1023, 0x2)
unshare(0x22020600)
io_uring_enter(0xffffffffffffffff, 0x47f6, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80000)
fcntl$setpipe(r2, 0x407, 0x0)
vmsplice(r2, &(0x7f0000000140)=[{0x0}], 0x1, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="340000006800010000000000fedbdf250a00000000000000140006000000000000000000000000000000000108000500", @ANYRES32, @ANYBLOB='F'], 0x34}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000000)=@newsa={0x15c, 0x10, 0x1, 0x70bd26, 0x0, {{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, @in6=@empty, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in=@broadcast, 0x0, 0x6c}, @in=@remote, {0x200000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, {0x0, 0x4, 0xd, 0xa}, {0x0, 0x400}, 0xfffffffc, 0x0, 0xa, 0x1, 0x6}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @lifetime_val={0x24, 0x9, {0x3, 0x10, 0x1, 0x1}}]}, 0x15c}}, 0x20000000)

772.494978ms ago: executing program 1 (id=6524):
openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
perf_event_open(&(0x7f0000000bc0)={0x2, 0x80, 0x3d, 0x1, 0xbd, 0x0, 0x0, 0x8, 0xcc38b, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000, 0x0, @perf_config_ext={0x4, 0x100000006}, 0x8342, 0x4, 0x3, 0x0, 0x9, 0x800001, 0x42, 0x0, 0x400, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NFT_MSG_GETTABLE(0xffffffffffffffff, 0x0, 0x84)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x80000e, &(0x7f0000000340)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@quota}, {@errors_remount}, {@barrier}]}, 0x3, 0x44a, &(0x7f0000000bc0)="$eJzs271vG2UYAPDn7CSlXyRU5aMfQKAgylfSpKV0YAGBxFAkJBjKGJK0CnUb1ASJVhEEhMqIKjGxIEYk/gImWBAwIbHCjipVKEsLk9HZd43t2E6dOnGpfz/p3Pe9O/d9nrt77ffujQPoW6PpSxKxKyL+iIjharV+h9HqPzdWlqb/WVmaTqJcfuvvpLLf9ZWl6XzX/H0788pAROGzJA40aXfh4qWzU6XS7IWsPr547v3xhYuXnp87N3Vm9szs+ckTJ44dnXjx+OQLXckzzev6/o/mD+57/Z0rb0yfuvLuL98lef4NeXTJaLuNT5bLXW6ut3bXlJOBHgZCR4rVbhqDlf4/HMVYPXnD8dqnPQ0O2FTlcrn8QOvNy2XgLpZEryMAeiP/ok/vf/Nli4Yed4RrL1dvgNK8b2RLdctAFLJ9Bhvub7tpNCJOLf/7dbrE5jyHAACo80M6/nmu2fivELXPhe7N5lBGIuK+iNgTEccjYm9E3B9R2ffBiHiow/YbJ0nWjn8KV2tr5aTDBtaRjv9eyua26sd/+egvRopZbXcl/8Hk9Fxp9kh2TA7H4La0PtGmjR9f/f2LVttqx3/pkrafjwWzOK4ObKt/z8zU4tTt5Fzr2icR+wca8j8ZlQm8fCYgPeT7ImL/BtuYe+bbg622rZ9/G12YZyp/E/FU9fwvR935X73Qkvbzk+P3RGn2yHh+Vaz162+X32zV/m3l3wXp+d/R9Pq/mf9IUjtfu9DJ//7V0+nr5T8/b3lPs9Hrfyh5u1IeytZ9OLW4eGEiYig5WQ26dv3k6nvzer5/mv/hQ837/55YPRIHIiK9iB+OiEci4tEs9sci4vGIONTmKPz8yhPvbTz/zZXmP9PR+V8tDEXjmuaF4tmfvq9rdKST/NPzf6xSOpytuZXPv1uJq9OrGQAAAP6vChGxK5LC2M1yoTA2Vv0b/r2xo1CaX1h89vT8B+dnqr8RGInBQv6ka7jmeehEdluf1ycb6kez58ZfFrdX6mPT86WZXicPfW5ni/6f+qvY6+iATef3WtC/9H/oX/o/9C/9H/pXk/6/vRdxAFuv2ff/xz2IA9h6Df3ftB/0Eff/0L820v99ZsDdoW1fHtq6OIAttbA91v+RvILCmkIU7ogwFDap0OtPJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgO74LwAA///lI+j0")
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000680)={{{@in=@initdev, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6}, 0x0, @in=@multicast2}}, &(0x7f0000000440)=0xfffffffffffffeaa)
mount$cgroup(0x0, &(0x7f0000000600)='.\x00', &(0x7f0000000640), 0x2008000, &(0x7f0000000840)={[{@none}, {@xattr}], [{@hash}, {@rootcontext={'rootcontext', 0x3d, 'staff_u'}}, {@subj_type={'subj_type', 0x3d, '[-[\xb0-{:+'}}]})
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x21, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket(0x40000000015, 0x5, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r3)
sendmsg$NLBL_CIPSOV4_C_ADD(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002bbd0000fbdbdf2501000000080001000300000014020480050003000100000005446824c20003000100000008000200"], 0x38}, 0x1, 0x0, 0x0, 0x8000}, 0x4000)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xb, &(0x7f0000000240)=ANY=[@ANYRESOCT], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r5}, 0x18)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r6, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'veth0_virt_wifi\x00', 0x2000000}, 0x18)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r6, 0x0, 0x48c, &(0x7f00000002c0)={0x1, 'ipvlan1\x00', 0x100}, 0x18)
bind$inet(r2, &(0x7f0000000400)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x15}}, 0xfffffffffffffe46)
getpid()
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r8 = openat(r7, &(0x7f0000000280)='./file1\x00', 0x169142, 0x0)
fcntl$setlease(r8, 0x400, 0x1)
r9 = openat(r8, &(0x7f0000000040)='./file1\x00', 0x163043, 0x1)
pwritev2(r9, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
io_setup(0x3, &(0x7f0000000280))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)

494.396932ms ago: executing program 0 (id=6525):
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb85000000430000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r0, 0x0, 0x178}, 0x18)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r2=>0x0})
sendto$packet(r1, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080081004803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r2}, 0x14)

392.220974ms ago: executing program 1 (id=6527):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1000})
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000004c0)='mm_page_free\x00', r1, 0x0, 0x1d6}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x9, 0x50032, 0xffffffffffffffff, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x4e20, @multicast2}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000300)='\x04\x00\x00Ub^\xf6jAc')
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x18}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f)
timer_create(0x2, 0x0, &(0x7f0000000000))
timer_create(0x3, 0x0, &(0x7f0000000100)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x9}}, 0x0)
syz_read_part_table(0x104f, &(0x7f0000001200)="$eJzsz8EJwkAQBdC/GyPuyZZswiZswtiGdy+24EWr8qgEE0gDIsJ7h93PDHyY8FO3epzjZTu+LbmXlHRJDknW8/p5Ki01w5jPSX116bNZVLUhKTWtrJL0n9kjU+fim+yS7K9fPQ4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/sQ7AAD//4vpCY8=")

391.675444ms ago: executing program 0 (id=6528):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000140)="2e00000011008188040f80ec59acbc0413a1810031000000000f000000028002002d1f00"/46, 0x2e}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xd, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000020000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70000850000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x3, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r4}, 0x10)
close(r2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x4, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000005c0)='GPL\x00', 0xead, 0x0, 0x0, 0x0, 0x73, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x2, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000800000010001000000000018110000548a90929dea27a41d99d9cb9192c8", @ANYRES32=r6, @ANYRESOCT=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000004c0)='nilfs2_collection_stage_transition\x00', r4, 0x0, 0x4000000000}, 0x14)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r6}, &(0x7f0000000800), &(0x7f0000000840)=r7}, 0x20)
msync(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1)
modify_ldt$write(0x1, &(0x7f0000000300)={0x9, 0x20000000, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x1}, 0xffffffffffffff78)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
mlock2(&(0x7f0000495000/0x2000)=nil, 0x2000, 0x0)

359.797285ms ago: executing program 2 (id=6530):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x5, &(0x7f0000000540)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000000e00), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000000)={0x80, 0x6, 0x9, 0xffff, 0x0, 0x0, 0x0})

338.291915ms ago: executing program 6 (id=6531):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x202080, 0x0)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000180), 0x200000, 0x0)
ioctl$GIO_UNIMAP(r1, 0x4b66, &(0x7f0000000200)={0x2, &(0x7f00000001c0)=[{}, {}]})
write$tun(r0, &(0x7f0000000540)=ANY=[@ANYBLOB="00000010432000bc00640000d30290780a010100ac14143c891312ac1414aae0000001000000000a010102442462217f00000100ec32cfb50000010000008100000000000000010a010101000000080013079078ffffffffdee75d6935ed2cb1e5855ea3bf770ae4139816a702c5c0c3e9dce0e3471fda811a0fb417eda1ff4ad7f61d6fe0f9b9641b659e71d64df8eb86ed05b8558519fee70be1889dfaabba3caee0d5c1df9c8c9b2f7fea47c8c011f9d8575cbd0534cf8fe0f52aac29b81d637d0393ec84f9785b1a92e4f27dd73691ea8bc37af4da6e0684407fd5413929525d72605fbb0e2d74448421a69afc63c045201d6b738b861fe3132b9a2fd10271209636cb63524b92bd2e83b4eebe748757ea2ad0f7000000000000000000"], 0xc0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)=@newtaction={0x14, 0x30, 0x1, 0x4000000, 0x0, {0x0, 0x0, 0x6a00}}, 0x14}}, 0x0) (async)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000280), 0x0)
r3 = creat(&(0x7f00000000c0)='./file1\x00', 0x5)
write$UHID_INPUT(r3, &(0x7f0000001dc0)={0x8, {"853ab24900c4324ba0a54924be394740de70da5de983494d7cc25ded1efaba8c976be458ccc9062657fbaef1e6a9e61b6f50a69e75025eb0958038ef90a9fdc578ef757efa706fccb12144df66a88a2236efb0cc9cdab8ac718eb7a7d8d91eea6047d8b6eba421c38d6e1a6038026c774730d2caefcce79324e6ab0496a7c312a67a9fa1e1ede3ee4ae7aab51b64e5afeef753d05ebfca690692489418cbafa1fe2355c648cd850364aac7fc89b20697ad9cbcc1f13e16aa59a4a77f5b90e3adb6a423d80da2c22f91fc6df6969bd0785ee3bb1c4b486f1cbfa68764897873e93c9e5c18c7385b14136c4c274cb004d5f7ccfc74faf299db548e6e5cc6f18f5e4c212aeb13ebd6218cb20b1e6711beade6041711040a50dd155d9b0a1744185f051018024f822403d271d74401c698abce97f8ba92f17833a00277cae859a2cf7f64963bed820aea4a318b1e7ea630f83bdb3b8d6f0ae77b3dd38ff3a7d67e99192514ec6308fff1ee74106b463f7e64a856b312cfe5ffbf390f9b8b2249bb68533ff624c07b91c4c5c9418bd8525401f31046fec411c8638509f87f3184546e64b7d0e58bf347a2ec195821263b23fae17d3ccf92f1531aadb02265da19af220d549cea88a363dad243e3495b75dc59f1df1b4cfa459e52113dfd470cd180b8a0860488e51efa7278a727d4c4525d079489b7f6e3a5668191ee03f0bbb8eed928c5959cb5017cbe7888ea84b638b5025dc57bae2a423d5641717d0a5d03309ff8e6c04eecbf2f1933b3e41178cf647fdd81edda3aa4d3b26448b7aae4dcdbec10a193f09e2c621d936e091428b229d4b9fb6f1227708456aff1925b8c7fa2b532ee253c52a155872086f74e2dee175c0af483fe70ac567bb34c612f6601cc15d08daf7fdcd60c57bae800823509642ab9fade6c271e2b2745feb9d134d617ccf0688f416f34de7a84c9e85e27bca68b5d14846dbf449fb931a4c131fa45258342b9342774b4b4e089c7105a674691f652df1e8cb7703687c07d487af11e8783d49081fd39de33e939bcf218abf2816fb0f4576348b0870104c03b3f9f73f35b2ae94fffc369a9cb2b58eb8da2c14f9c76e48787dacbabd5632007451499e66ca6819e8850ed71ce53ae6713a52d7b8f82b4030c965bdbeec0ba186e89ebb9a01d3a99b41395b8e71eb16f045be8b2d2b80d158ee23707b7ab02cad005b71175f5e3e682fdfd921009bb10f96d4b2c88ba4aff2946a27f6be4bb910e93464d1d6d22f6d28094af28ed8b9063f6ffac9aacc84742705409ad5a31b3e9dcd8d8e48f4f36ccee31097559d11c377765ce53a72cf6fe4b56b01b4d14bd8f35a555c0b07200e775bf358e2d4110077179aacedaf5cc040d7473eef0255333a323afe5364904df074834fc51010920cc45207b941b8f460e0242b9f2313b249d0060e52681d9e2569052741b5de1617ac26dd4d966b9e2f01684567b4dbdc6a651e45cf012cf0f2a3ea67d18476962baf1f3d84bc2cd99ceef40830b50f674e525e61c16873ce92b91ce5495e78edcc0e6f24d2ad5307c5a79164ad621a12abc49c2db974ea9ca8f5ff6804095868109bbba6f3a709211c53b53d38186c56dfd9eeb256f7b98ebe975bcb21fc9cd0adef8c52b9e5afd307754461470a535753fd1ebbd3c40b8e66ed3719d1b6445db9b05ac92dfff625d3c7288b867eb2da9b7191a0141cc68489fa1ded1a24562eb7e4c025fb434717094cc3ae9da8f7076083d8f7a5c8974a8db1acc2dd7f1a8883c084e68df14b52bfd32707afa0ad23df7e41111e3235cfe7aed7dc683db8f62e0448bbef9aaee9926f6498318dc8fdca7a046af8e0e8e2e96a5f70d1e8ca8250c3848363b0f9e867f61c666fb60c15a814175c869ccbf077802d8793ffe69a167669496106dea8599b393d314d1272e4fb3421d367ad5f4e6034442a2c2ae44ec0be638c01ed584963a3459a047da9b1bef2761f0d9f9e2ff360aa681e99a6a9b792e6dd972872f47c5637c6c373756f69799e265370f10c6303c65c5e0a9905ef2a3a4ca51ce9b1e768b1d9fe6344b93ac7ba176c6825f5ace83927477e59af5e3a2d44c40f6afea1f0cc38d3353f631cb696f82ab07f10544f427746bf26776b5d83b42a3cbe5fde4c7265f8ada846115ecdeb716e0a45c06a8c94b174249a2c538b93ed921a7552b09cadb416bc50835043c31f99264585c8477c528e40055526e20a55b139ca30a94e83371c04c49bc1d7f803feea5ceb45d176704818e9fa2bd09e3f812ce0ababbcbab7a2206a2c74cbb17ea4f4015ec27af31f632a2f0bd881c84f05cc50b6b5ac09060885596d068d74a8f2dffc23cb84da009aa948c0ec87224bd72c7d13fba16f7775e808f819544f4155cb2c11619f964fb13f73de9e4c3b896b4698add7a1287670a65da20cd3af2731c5dfa14f6cbb225673e064e1bb51208d8479baea1051839e4e239e0081150e42cdf24a7d12b8c5a3e32eef6f707c980db7e464c5864cca9e032386172157bfb8a3ab96f81e38aa566768a0ea7cbdd19731d17e4bf0fb478c1f963bdc77986a722c14834fcab0f3e2ce9110a95b870a26a273093455f07369fed3ee5cccaa91904eeb66f386bd9dbfafd549724fd94366aecd83f2e58223a427872b0b4a02c40f78dbb87813ea73add024a2d864566058376375f70408cc0d3da42376d172b131ef36b0378784d3885958edf07a3e6e915ad6189a2b3ae62642cd602d7313fe3c4eac9a9b9f9146019c5e72418a5b1df9af56654e92eca8c2962ab80061b3d8d8b9a6ccf1f1dd536acf771c0598e59c8f8b3972f6e96128dc0822e2eb00b8f0bead77ea55523eeb3a3805b674ee283d71474a588243e62c4b134c987d95c3fd891a2af82b11e44763a3e24db063d664a96a8b1448c21c9bff1f92205af1e925f79ceec9a7633879913b6dd059213ba7c560de055f789df63345eb57b7917637893706b24bbbacbf99d15a217200f6e75ff01d37e9697f5b3605c124176dc1375dac7f280087a6f6584e53eab69f27a4ee74db8c5515c801200e5384e6ab73ff869dcd2bcd6356971c1292cb15712723eafc2fd00ebabea0e84cf51ac5e87e2d58fe461bea10ab830f003ce930bbb2952b2cea5857564743666bb8d33df2f8f011fb0e28d041a24fd2e1a20349d8b0c9a539605c690af7d5d8b42c7d997a41e87c8baef507c0f9fbd214d91f6a0d4c901d3bb1738bb4c9b4d343301f1ab43f7df8ad58abe82893976bcef1dae4a91f3f3411b7f2a9539864fdc145ff216f9b183a791bda70f3f4631fdf8483ebbc2266aa7157d8e9f8f6c6b7c4d97e616e2f8e75c7ab4b18084e41d952255ac8242973ff7d9bcc3888764ac2bd577152c9c0af8b0b8705461203d5b2aea6aba0d53f68793f1abb190bcf2315fe7a20524ef999c0f3081b570619aacfc11efcd07db59a9209a6f181bde6b095e000ef97c012c762c6631356cc587e40bd96775a9f3be4dc167249017c344faa963b4823438fb21e06e5626c41c9f5139b0e9137946351378570f52ce90daf7d871518d4bc89f2b8dbe9a7e3edee803f21a22ce7d7e8d3434294392042b7103e9f84f6927e0b88eec9d65d031cfacb4121c5819975d2292d5f02a74ec4c1563d9677024ca881f7e8eaeeb9e476a6f32464dd5b8806fc1a9363fc02b3d22cc07b42b26f84a4ace114225bad3b18e4310ecd8b4e6c89aba0c5b0102d9f0e34995525faa2e09c21b29e1a65c6ee2cdfe9eea50b17e5293e6a1a161fdfd762bdf2e554cf01ad99fb370567f8c22e5175605e83ced3518df6cefa9f085783f50c4ce0ab28c68e56b53ed1a8bbe2ad2e7d7081f01172f08eb762c78ffe4c7cd6279e7411e1add52bd689914b4e82c0a8629c9e0e70e1e75af86e26e9833a882442f9f3672ff54cbb83f9fef4a13e68738019c200423a9a0be074eed8abe852a29ec6dd243c680565f541c1896e8e49dbc5b6207b88c5b2451326a5c9122db34a60613709f503849275f4242b77e2f8e114a447ef99b0db0d622721494757c4ec5c7fb750e276d5c9ff78964268f3d3bdddfee554621c7cd134ca1cd5a5d761f4ddb7844eec96029c07a45e2e6c08462295a05846f0ef5c0fcb55d4461d1f2a7681ddab24a42c77704168e335e090c3cbc5cdd269e8bacdc000a5a85d30e2cb25183d3527f22031711c7c96a5ea206fd236e5af15f5f0fab7dab4ac7d64f47b2369303de961644cc13e427e4e95446e80abda3d2abd927304844fb8ac06678e9fcb888b083ed330e0e4b9613ef4ea4091cf02cb02640062f25625f395e632ec4f341609c2ffe9faacc3433b51ec02b4bb10df84639b96f7315ad16843c26ffa8e2b704c6bc3bc1931f7212d8b3b7e6f7d3f740c359b3c97e7e3ad799520a4dc0690822b6cf87e7d64f01af30af12b45a36c8ba1597dda4ebead32bb3a7b99369ace1c9e6a5af49a785a2393e332a8f46cc01ed949c0860be4c5350360d5aacd1788d336cf594d87ddf7b430c3000185c169a64288802c33739ad4dcdf389472f08c410084c97d5f6ab114c7f40a6c0baf6626fab0765eb9ed21e22cb6c3792ea46b8c0b99c8e69d1c7a68df124453115b0d47e538f1569d7b3b58589e2e6ca71c73813f0c2c5b2c7e4b89a7b17e24b8f4002a0c59db805137bfef58699688df4cdebfbde3d8f257183127ceaf78935159cfc6061b35e068a21f8ad3299e68d8dc4994e1661160b2cdcaec1ca6c693086d2ab97ecd4dab0701a02e1ab0b5b3a2a27732eb2c3ae7f81bd1d2a22ac399285c1062927d97827a5dd9eef3aef343ddd46a39bfedb1833044007ebc29b8c5650c50fe9827300d39adaefffca610e5f354cdf728de4d451871d8e9608b53ce9be1bbd0b2d080344af9f5190d781ac4ede2411107250f55f622ec311745c31c4240ff619562a1364e9434cdea6ddb6c60d966ea65d74688fab181800098bf19abc444b3d30c7914f668724ebeec216ec99328b87c896568d6dee41e8e392ef2287cda55eb27b6ea2b3d13e3d6e8943959c1213551fe8a1d017da446853289f66b06328dd5b3e4d3aa21cceda53393e3b6ba89fdaf778f82a1a6f48dd9687e0ce974b676bfaf089475371d8398131e5522d3e5a5c1bd908e8bfbcb015d1fab064561b532354f2c9dda4e31c568885dbfd85c622a258257923f4da11530dfa1a80efeb3fead5b74a8b49b1568b28e89a353807cad5a5bd3494f20dedc7b2824706332d8da3cb41ad53cfc2f428e81202fc53c73e73dbb4efda93b14f823fea350785a7df27a74ff4e14a365a76b92def9a7106d9ddbf0673bbe98c7c8b12d16cfc920f84024365d526dbff684e0e6438c3124978b832c4a00f2fe1cb301beedb72033496b30fcb5a8ec71b3c0edc6dd91e2b4cdeadab4951654dc41ebe7e154afe8bff82be5d85d33fa235fd0fd58bba8aad6924e179e9a71e0148a9bffe986b53ec4027f3690ce2d0ddd0f4d1bf7c525196cf5e572dc0a2502c0c0c5350647c75922fde1ffad3df1b64bdb136ae3987a43242173161e3183b61b760064e12baf19981278356b72c0344ec8744edf387a744883a554cecc37768f77321f892192007e49fb6aa7f6ea5aef5ee99d30dbc722da65b3f6679c02f10edec17d421a488be59f0664c54dc95b732a089727427124e2942dd02bf83f92151211c124683405f80f05b51bfd90e96d88b47ec2030a149728112e718b75d44699570034b4df6dfd055a5c0360850ae8171a3b2c83dba9715450803052bbdbc8a", 0x1000}}, 0x1006) (async)
setsockopt(r3, 0x200, 0x7fffffff, &(0x7f00000000c0)="394493058d7fa0a0cc7551f82707140f1e1219efb9565d4c0e7bfb57a6dc0c8f9b0a5af3b66cea96ef2bbea53b3677ba083f0f6fa6a44e211b86f79fb4ae20d62c849104568c362c26c7a5c16c9afb88e710d96ad035a7b34d8b66efe99c2c8107045312e45bd66365e63803fe19760b3841d1e2fe4391406b9880d6e58e1f91c4712705e670fd5bb2f4739cc2e649998322f4754667228bf5a9567e2791ec1dd063e79f7f163ff2287d5c4d6b0c16f7c9c509a00e7edf", 0xb7) (async)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) (async)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f00000083c0)={{0x1, 0x0, 0x0, 0x0, 0x3}})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r4}, 0x18)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f00000007c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0100030010651fbe347b2c2b00000c00018008000100", @ANYRES16=r5], 0x20}}, 0x0) (async)
read(r2, &(0x7f00000002c0)=""/200, 0x39) (async)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r2, 0x54a2)

337.737905ms ago: executing program 2 (id=6532):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000440)='objagg_obj_get\x00', r0}, 0x18)
r1 = socket(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="14000000f503010000080000000000000000000a1400c85e1100010000000000000000000000000a809e0a9e3196ea76f26ab400074a3a4e5bbfc998206d7f5de8c1f70dc6e45e8ca38a8947621d31ffd7834cd5bbdc42c803fdcdb100922d344e6dc976a12f971e542f32f835f57d9ba52ac5e923cc539d1dc323e781f7c8097f4c2df8ad18e3cce1e11e0757f59ce290dfbfa21d68d167723903615e1f49f6409f66673b2837074344a077fc5ae85f8a505b1b5f6a7d210abb025ef29fe8512c745e1ace66e727253b794e53bade544f53d74c14e0b9c9d98a65d41f5b5212bf536d39a901c37037ed4de858937f54fb32c5c062389206711300000004000000000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x64841}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0xc4)
socket$nl_generic(0x10, 0x3, 0x10)
sigaltstack(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000030000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r3, 0x1, 0x4c, &(0x7f0000000000), 0x4)
sendmsg$inet(r2, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r3, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0xff01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$inet_mreqsrc(r1, 0x0, 0x25, &(0x7f0000000400)={@private, @multicast2, @loopback}, &(0x7f00000005c0)=0xc)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000fc0)=@security={'security\x00', 0xe, 0x4, 0x300, 0xffffffff, 0x0, 0x1a0, 0xd0, 0xffffffff, 0xffffffff, 0x268, 0x268, 0x268, 0xffffffff, 0x4, &(0x7f0000000380), {[{{@ip={@multicast2, @private=0xa010102, 0xff000000, 0xff000000, 'veth0_to_bridge\x00', 'gretap0\x00', {0xff}, {}, 0x16, 0x3, 0x8}, 0x0, 0x70, 0xd0}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@loopback, [0xfea7435933fd41ff, 0xffffffff, 0xffffff00], 0x4e24, 0x4e20, 0x4e23, 0x4e22, 0x7, 0x4, 0xe2, 0x580c11b4, 0x4}}}, {{@ip={@private=0xa010101, @remote, 0xffffffff, 0xffffff00, 'macvlan0\x00', 'lo\x00', {}, {}, 0x6c, 0x1, 0x44}, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x1, @local, 0x7fff, 0x6, [0x14, 0x27, 0x9, 0x1b, 0x14, 0x1b, 0x0, 0x1e, 0x3d, 0x25, 0x33, 0x20, 0x3, 0x39, 0x3a, 0x14], 0x2, 0x4, 0x1fe}}}, {{@ip={@empty, @local, 0xffffff00, 0xffffffff, 'ip6_vti0\x00', 'bridge0\x00', {0xff}, {0xff}, 0x21, 0x7, 0x46}, 0x0, 0xa0, 0xc8, 0x0, {}, [@common=@inet=@esp={{0x30}, {[0x4d5, 0x4d3], 0x1}}]}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x2}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x360)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000006c0)='./file0\x00', 0x11, &(0x7f0000000240)={[{@nombcache}, {@resgid}, {@norecovery}, {@commit={'commit', 0x3d, 0x5}}, {@nombcache}]}, 0x8, 0x61b, &(0x7f0000000980)="$eJzs3c9vVNUeAPDvvf1J+96bQl7eExfSxBhIlJYWMMSYCHtC8MfOVaWFIIUSWqNFEkuCGxPjxoWJKxfif6Ekbl24My7cuDIkxBgWYoiMuTNzy3Q6U6btTKfMfD7Jpefc27nnzGS+fM+cnnsngJ41nv2TRuyPiKtJRKHqWH9UDo6Xf+/+HzfOZVsSxeKbvydx46NkpfpcSeXnaOXBfxci+TGN2Ne3vt3F5euXZubn565V6pNLl69OLi5fP3zx8syFuQtzV6Zfnj5x/NjxE1NHtvX80qry6Vvvvl/45MzbX3/5MJn65pczSZyMR5W+Zc+r9rFD22o5e83Go1j2oHp/9rqe2Oa5d4s/C/n75LGkdge71vnK+3EgIv4fheiretcX4uPXO9o5oK2KSeQ5Cug5yZbif7j1HQF2WD4OyD/b1/scvF7a5lEJsBPunSpPAJRjfyAi8vjvL88NxnBpbmDkfrJmnieJiO3NzJVlbfzw/Zlb2RYN5uFWmVeCllq5mc/31eb/pBSbYzFcqo3cT9eEX1q1Zfvf2GL74zX15sYfQCus3IyIZyr5fzA2Ff/jVfH/zhbbF/8AAAAAAADQOndORcRL9db/pavrfwbrrP8ZjYiTLWj/yX//S+9WCkkLmgOq3DsV8Wrd9b+ra3zH+iq1f5fWAwwk5y/Ozx2JiP9ExKEYGMrqUzXnrV4hfPjTfV80ar96/V+2Ze3nawErZ7rbn6yN/tmZpZlWPHfodfduRjxbWv97oLJn7fqfLP8ndfJ/Ft9Xm2xj3wu3zzY69uT4B9ql+FXEwbr5/3HCTTa+P8dkaTwwmY8K1nvuw8++bdS++IfOyfL/yMbxP5RU369ncXPnH4yIo8v9xUbHmxr/19yIJxv/DyZv9eXnz3wws7R0bSpiMDm9fv/05voM3SqPhzxesvg/9PzG83+r4/+qONwTEStNtvm/R6O/Njom/0PnZPE/u3H+H1ub/zdfmL499l2j9s82lf+PlXL6ocoe839Qbf39OJoN0I50FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACecmlE/CuSdGK1nKYTExGjEfHfGEnnFxaXXjy/8N6V2exY6fv/0/ybfgvlepJ///9YVX26pn40IvZGxOd9e0r1iXML87OdfvIAAAAAAAAAAAAAAAAAAACwS4yWrvkvDtVe/5/5ra/TvQParr/yU7xD7+nf8iOLQy3tCLDjth7/wNOu+fgfaGs/gJ3XOP4fPCyW7Gh3gB1k/A+9a4vx788F0AXkf+hVTc7pDbe7H0AnyP8AAAAAANBV9h6483MSESuv7CltmcHKMYv9obulne4A0DHW8ELv6l/odA+ATvEZH0hWS3/Vvdi/8er/pD0dAgAAAAAAAAAAAADWObjf9f/Qqza+/t/afuhmG1z/Xy/43S4Aukjjr/6Q+6Hb+YwPPa1YaCLbu/4fAAAAAAAAAAAAAHaB4euXZubn564tLj99hdc2/J18YfKu6OrjwsrMruhGSwuP2nPmgYho3Ql/Giq/H3bFK/aEQn4Ljg52o1P/IQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALX+CQAA//9DtyKW")

273.355386ms ago: executing program 6 (id=6533):
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="240000001a0d5b228b3e99613606aa786d769289bd00010025bd7000fbdb5f251c0e80089633b531206a96cfcf4aea1ab96df0668a1cea60a49ea35c586164b6bd750fd2c4d93faf7abbd937bee045e0a513f07b3c0110414b8d9ef75ef65a17639166"], 0x24}, 0x1, 0x0, 0x0, 0x4c25}, 0x400c020)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b00010069703667726500001800028014000600fe800000000000000000000000000006140003006e69"], 0x5c}, 0x1, 0x0, 0x0, 0xc845}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000004c0))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = getpgid(0x0)
r4 = syz_pidfd_open(r3, 0x0)
pidfd_send_signal(r4, 0x21, 0x0, 0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000004340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a300000000034000000030a010100000000000000000100000209000b0073797a31000000000900010073797a300000000008000a4000000004d4010000020a05"], 0x250}}, 0x0)

258.354016ms ago: executing program 5 (id=6464):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
close(r0)

256.500586ms ago: executing program 2 (id=6534):
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x44040})
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x67, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x6, 0x14, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000045000000180100002020692500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000007000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xd, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f08", 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c2}, 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
arch_prctl$ARCH_REQ_XCOMP_PERM(0x1023, 0x2)
unshare(0x22020600)
io_uring_enter(0xffffffffffffffff, 0x47f6, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80000)
fcntl$setpipe(r2, 0x407, 0x0)
vmsplice(r2, &(0x7f0000000140)=[{&(0x7f0000000100)}], 0x1, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="340000006800010000000000fedbdf250a00000000000000140006000000000000000000000000000000000108000500", @ANYRES32, @ANYBLOB='F'], 0x34}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000000)=@newsa={0x15c, 0x10, 0x1, 0x70bd26, 0x0, {{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, @in6=@empty, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in=@broadcast, 0x0, 0x6c}, @in=@remote, {0x200000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}, {0x0, 0x4, 0xd, 0xa}, {0x0, 0x400}, 0xfffffffc, 0x0, 0xa, 0x1, 0x6}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @lifetime_val={0x24, 0x9, {0x3, 0x10, 0x1, 0x1}}]}, 0x15c}}, 0x20000000)

199.048787ms ago: executing program 2 (id=6535):
socket(0x10, 0x3, 0x0)
r0 = socket$key(0xf, 0x3, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000002900000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0xc, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000060060000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000180)='kfree\x00', r2}, 0x18)
sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="0202000311000000000000000000000005000500000000000a00000000000000fe8000000000000000000000000000bb000000000000000002000100000007000000000b000000000200090000000000000000000000000005000600000000000a00000000000000fe8800000000000000000000000000010000000000000000010018"], 0x88}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48801}, 0x0)

177.692257ms ago: executing program 5 (id=6536):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x3e, &(0x7f00000000c0)=0x7, 0x4)
bind$llc(r1, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x54}, 0x10)
socket$packet(0x11, 0x2, 0x300)
socket$kcm(0x2, 0x3, 0x2)
r2 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7734, 0x80, 0x0, 0x34f}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x15523ea56aa22b9a, 0x0, 0x0, 0x0, 0x12345})
io_uring_enter(r2, 0x47bc, 0x0, 0x0, 0x0, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r6}, 0x18)
r7 = getpgid(0x0)
r8 = syz_pidfd_open(r7, 0x0)
pidfd_send_signal(r8, 0x21, 0x0, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r9}, 0x10)
shutdown(0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
setxattr$security_selinux(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f0000000080)='system_u:object_r:dpkg_lock_t:s0\x00', 0x21, 0x1)

158.706818ms ago: executing program 1 (id=6537):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x70, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000004c0)='mm_page_free\x00', r1, 0x0, 0x1d6}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x9, 0x50032, 0xffffffffffffffff, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x4e20, @multicast2}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000300)='\x04\x00\x00Ub^\xf6jAc')
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x18}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f)
timer_create(0x2, 0x0, &(0x7f0000000000))
timer_create(0x3, 0x0, &(0x7f0000000100)=<r3=>0x0)
timer_settime(r3, 0x0, &(0x7f00000001c0)={{}, {0x0, 0x9}}, 0x0)
syz_read_part_table(0x104f, &(0x7f0000001200)="$eJzsz8EJwkAQBdC/GyPuyZZswiZswtiGdy+24EWr8qgEE0gDIsJ7h93PDHyY8FO3epzjZTu+LbmXlHRJDknW8/p5Ki01w5jPSX116bNZVLUhKTWtrJL0n9kjU+fim+yS7K9fPQ4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/sQ7AAD//4vpCY8=")

151.580748ms ago: executing program 6 (id=6538):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @multicast2}, 0x2}}, 0x2e)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast1}, 0x2, 0x2}}, 0x26)
close_range(r1, 0xffffffffffffffff, 0x0)

102.995349ms ago: executing program 6 (id=6539):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000440)="9f000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7811e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08123d00020039000140010000009bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff55e461247604821d35c86ee54bbab3eaf8956e2ca426", 0x9f}], 0x1}, 0x0) (fail_nth: 3)

17.44624ms ago: executing program 6 (id=6540):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000440)="9f000000120081ae08060cdc030ec0007f03e3f70000000000e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7811e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08123d00020039000140010000009bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff55e461247604821d35c86ee54bbab3eaf8956e2ca426", 0x9f}], 0x1}, 0x0)

15.24512ms ago: executing program 6 (id=6541):
sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001fc0)={0xf94, 0x0, 0x1, 0x70bd29, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0xf80, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x72}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x589d}, @ETHTOOL_A_BITSET_BITS={0xb4, 0x3, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '$-\\\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x5}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '$\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x1}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8f3}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}]}]}, @ETHTOOL_A_BITSET_BITS={0x130, 0x3, 0x0, 0x1, [{0x4}, {0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x37f3}, @ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '{,\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fffffff}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7fff}, @ETHTOOL_A_BITSET_BIT_NAME={0x9, 0x2, ')!-&\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x7, 0x2, '}*\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '.\x00'}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0xff}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}]}, {0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x7ff}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}, {0x4}, {0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x3}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'ethtool\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x8a}]}, {0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, '[\\&-(%[,\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0xc, 0x2, 'syz_tun\x00'}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x8, 0x2, '$-\\\x00'}]}]}, @ETHTOOL_A_BITSET_VALUE={0xd84, 0x4, "b58feccac96009cf35ddcd2b9df86c1e35a96b2e7fea4d4b0022391ce59884ad37257014c36662bf4dad523da95bf9db063cb55ff46b7f949832335102ae3ea76d480d42ace39c459174c4efd40fc5f1a21e3dcb989b784fa4f148217a25d0ebaadc417a50392ef9bdc4cddfd15804a64d520ba4060901ca801d5052c16486b48f33f04fcdbb2dfa6894a0c3e696205bf9473ad15990f10c465f72e9bc693e7afa118ea7d8fcaee19127089d9a864481664fae3bffb50d90e609ccb6d4e44a996325b3e63b89d0006186964f86c6a41a702b7009e54096b843e30310949e5e9b160e37759e803fdea8b9873e9fc9324ec7641ef1420ba7e4f2b91c736b094eac5c7f60aee89784b6b0d9accd3f7fa25796b6310e2af5c4a545df996a5d718ce6196e6aa086f30d6b3d655865d1696ba97800a8714455a0f311596b8016e239097bf469eb9fd9c4e8c4148d5fd789e775087020690a3bd8edb97f1916346d65226d56b20426198ba6d11f0a2075550551968ec86befdfd82be0099f8b185e539d88f248680fb8505397338ea3b83ecc50cf00e92d3de0ee3a2c185b73c83334ba1393a3dd82dd02f8ba21252dc5b589e6b415deee8fde1865932adc18cc00175ebc72cff4f3a931f3639c7a2797839e15c271adee1032505aca1dadd749358e5c7c55508afcd8f5d0fbbf6ee9451972d69cacd116d8e5a9f95a0450e1391d8ee6a73c9b8fca459806bd343ec6e1de89e38b90dbb3d6b2e72c79aa1ee3067ec2ebba1908e54adc53bc2c738c82567969ce153a96cf2094d5fcd198ca1dc9bbaf12a7774617963aebbbf51e20e8f843df0ae803a71bd22932f0dc1e26759683e59c05f43aeaca140b0dcb86aab70fa18b9bcbd88531ee74648cc90b3befb9f9023d7606a28cd2519f25d8334648e611395ada3e523dd38f4ce886ca849151f7e53a98dd429511d92680aef10830828e25d6d9515f3c79fb2da7e902439f5396a033c3f6902f28bdd8d6296009ae70d1a665b1c717d6fdf474b211b3ef3c8b1d372e49b2c17aaa3e2db9ee6be1946e6a9187a4b627a91aeee53b2f6da82a5384936ce72b53a91286c63a2163a1eb687e9ef53556789a45d8d57f1089eb12ab2b78ec093e77163da7b348b30ff9a4a9ab9932172b22ee26e195979f2f842021b5147fdc4db0354f60737eb658d66ae7fc0a7776c66988223e1fdd7412918bf147ef3b8949b18fb357e0e2ca88eb65f439db7b53360364df8eba50ec64f008289b87a50935780b25fbe0a1f122700d5924a27b3d1e78e6e17244b17e43b35d2b1f1bb54e432af216987710fd132a5b1b396deeaab9464dd1e9c7e0ffc8083c9de7b0922d8b55865504a2ffc6f422b8f558e737c18b627f0f00e8b9dfc8eb210cc46e2f57fa2f268e4d470ce5a056a87a586d062e32e0fe5b99785ad249deaac8a324a41b4793aa871ce69f5d559a6edfdc6b4782c619e2882bec5964fd7b6eeb7fdd5a67044a6b4476cb391c8ab182954a403a5eb62d88498e017e6660e743da3808158868b61fc61cb190570d19c939948bb02cad64881af959ce82063a108776e2b2b4125533cdbb45dc11b2d972697a2b7acc64fd88429a83598de86bf2e4b62596945b1c4e41334ae6c478e74781916a9ddf9f0599a0faf8b139bc3f3ac909364af383360f21cc2e39cf9f2baba00a2a03b8f55efc1b4988532f2388c1df00d672e3e5a31062ddf69266aa7f17de29827c6bb3bd44fbba916c0a02e4dbb1f7955e3e631734d0ae25c0ed2611d233461e486daa3703b6da36ced76931a89f609206e471c8f1d78219274bda7a6138ee79fef57b840da5b4c4d0a1a0f5ee04800f2e3e12f541a0600115ba6eaceb4092e48e217eda475fb929ddec0bc73da0cc788aed1f31d8c67647efe948f555ad6bc0accbb012d00dac58e1fe00376c4dcc0173db7f56760fe1337b3124f1a28f256b17082cac9a0ba33b5566fdc5849ee16734b9447b3a2ff5e33668868d159e7de93dc2b7494330d6caea16489809fc951146ea8fd555f91379ae0a10262736d481ad105c0b594d40a9a24c612a1df38f46b34c69851253fb2c53dc1b897dfaba7c29a9e64a839f1c2ee3f757b2a8b365ce8cb2e3bee240db5b838e7b103e005473d37db64af8a71460a404a1833cf24ffb6c8c989c4e9b2eeb33e101c54de20d4e3dbf2abf99da9e6219f054171849e981a7894b02da1248b38ac5c458ea46ecb8d1b9a0920441881ae0dea690b8afaec13c8851a56994a7c50e7d43b342950ed3a7bdcd1d8d713fd11a39c8f2bdf8d210dcf45f5a99edf44bb537996e1749b814833af562dea2fb3b9879ac93dd226d80d21c5398f011d7dc57e018805acfde1bc5eae7ccc4c830744a974fc9684ea69272a678d6105fe26721f72f12d29d88463df34e18ef4e53e1fcb54421ae9d188635bf6690d815921dbb5525d493981e0a121749f1c8acd754b93b470d6d3320511184c6358bb6ea03f25bde9e343a1d03ae2cb77c5fdd398c953fceb5d948379e6656b4c56bc4d54e2f432f4d23471c52b362eb95b79824821b576ac3a44db87f3122623b2176d131c8c4706bf541cc65ec5a4790fd94a3b4bd8da9a009e2dc4bf635d1d562b367490807ef79c3fecdf72fe6c0555b43ca769c78afec53a22814b71885bef50f8b671cf4b3292aac72d00657796d004eb1c4ed552c87739859e652962f36023fa311f6062598d37007fba250f79bf8aa3ab5c962a7552027486908e51cbf933b10205d928ca477d40e535e22b848e4bcb7c366212f9b5f9e9efc22bd4ac527d181cf1220a7e7b1d408308f626b009c7b50e884b81aaa72750052c456938420bd900dbd40c95dacea1d5d13c8ce09656280d4193bf4e89bc94b63ee3e010c767256e896a666f5ebaec9e4afc3610d12ac6e789b916e4d40b38dcf9f1de8fde8b3c4775e36e0e8be5fcae229186ce5da3ea5b4281f77181f5b105818d01929d0d8f02642389ee8a05e55b0c8ac7fca7c77130c4ea98a2c6b12f93a84c8830ff1892ffe589e3dfccf60f065d3e2d81f999371a557700ccb73132d1a5a5159537f48013c8ab2ae17ce60512aa0f22834788b5a84ef9d96de4882324484f3f6602fa06f48320d16e9eb2ffbef26d602a930d20c2b5926844a9d49e4ea48be7c5236d8086dfbff9047e418b22236171f2968220c1a48bfb3850a1e54db4ce3fa5c117458a7c89c3975795191c63dab23574d5131daa50c0a31ab527d8f048c9ede6847caa2cb484dc686240f89573d56f05bc954529ddbc714930435fea315533a23a5c929cec06602e55ebda0e7e90eb0a9c0087eb3a6444e1bdeb1db66ef4df89cc541971007beab523d5fbe84cf4d78070965856611ed7730d7fcbc067c72eb8f52c643507ef6ae738865ad9d6f5d3aa7150b4b55c362e24a87e02287361df9966ac43a69c7dc010d3f791975a1e157e723fcbeca3352b8f9abab475f72c78be8e0d4628bdf165adc1579612a454951a4fa160cc0e1f9698c1443b308ac94f7b9bb3929200c50aff60f1aea42c12b7ca0e79df5c3278703df3dff05b9664e21690b3403206e5787f5111af62c447ef2064c29210a70f25a9dc1ba9aab596ab6925e718f6c31b18205b9a6dcb1bdd4839b200b30c4fbe4ad6525203146a2037ec2dc98677345c278e99c35c5600f16efb6738e4de2e96ad877e5b082f77a6e2f6e3acdc5bf7d03f039393cc4a434f8b25a1d995ad305ef5a759ea14dfd85dcc3eb5df2fc2ccc07d926f9bcac7f688a8597fdca61d5becb3661005705ca856c46ee6c8d6a8236ab2042146a093bf41bf8373b1fed5ae1dffc5d1d9791ea8ecab230d74a3ff7681cf3164f5b73f4df3c4403fbed230b150c826dd650fe2aae543adbd4f96eabfeddc9ca7d791695e0cb2d8b2a60919a2cd7c3c22329743c9c14abc5a22327a8713f55633068a0f8e19ac6adc38f24a0b74c9f0927559fea22a4ae9276955b2e2059dd8998b0e170ae039b899f89cab6f17c4ecceaa4ee9a2e0f0b5ba38d06305442c8c51848564966cb6ba0cff6e12627cacd973d7781a85b6c28640e1a56ea1b5ee32a08abee2d1ad2bb81a01472d2caafaf43b6c84050421361f925bf65a220cb767e8427f88b5376378c3fb08fd8f3e19ade5bf85fc1d3a2ad2b612698213bc0b1941fa03fefd9361606f6eb4110c785c6fff3f0d0f888ecb7bd79d32ff4188c3239bcdc1b613707d2bc955db051e5df4ccb130b61f066cbcb96c93f3da101c47f0ad283ed6d87e8fc50e71f4f310de02851aa9f014cb3d962985065ca58762ee4023c3d9e151ef3fbcfc261ee5bfa2938000e78c712c06d82a781261a03b61129b5828980e4337449a9a983553d2889e5f1cc4bb98d04a6bc57c3c8a9d707a0725de6d5e7b0c6abb0f2f899512eb7582206c51d01bc97883576d5d217507eaebfdeb133a4c6264e73748d2f24c6dc76fca5e5a2574797d16419f23080a4834cb569ea937afd25c6ae810555846086ce319b9eb66e9a8ed1381425a623d49b6ccb361320596fd7c25921b9af09828c14379745a198b95d08a450d3bbaabe14b8be003bb89405f13b47d556d3a634e47201d0da09d9a13efaf22fae92897d58bf064587bf8bca7beb63c8612b15fb6d38268062d84e73dacdd768de51a186dc2d233cbbb3dbf568ab119db73dbfab38728b029ace282de0d123d31902585677ee40885c826ca74e04707e94a5323010397fff0680b32e396e4f1da2172e541bf153626be3e199583231e7b85462d6afca6396875a1184c4727052162041c26d0cbc526e6516e2575e35f806f973cf9c1eb7e634501ec66ad5e1e909e95e4520baff9456c612054b335a04a3bde67220d2189f0dd92da8"}]}]}, 0xf94}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r0 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})

0s ago: executing program 2 (id=6542):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000085000000080000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
migrate_pages(0x0, 0x8, 0x0, &(0x7f0000001fc0)=0x1)

kernel console output (not intermixed with test programs):

.141377][   T29] audit: type=1400 audit(2000001133.849:19838): avc:  denied  { execute_no_trans } for  pid=20322 comm="syz.1.5967" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=1729 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  458.183674][T20326] batman_adv: batadv0: Adding interface: dummy0
[  458.189985][T20326] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  458.221021][T20326] batman_adv: batadv0: Interface activated: dummy0
[  458.234359][T20332] Invalid ELF header magic: != ELF
[  458.242071][T20329] batadv0: mtu less than device minimum
[  458.248317][T20329] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  458.259112][T20329] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  458.270177][T20329] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  458.280965][T20329] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  458.291941][T20329] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  458.303141][T20329] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  458.313839][T20329] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  458.363185][T20332] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.402265][T20274] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.437692][T20342] netlink: 14 bytes leftover after parsing attributes in process `syz.0.5972'.
[  458.454569][T20332] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.486566][T20274] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.497907][   T29] audit: type=1326 audit(2000001134.261:19839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20341 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001da6e929 code=0x7ffc0000
[  458.521372][   T29] audit: type=1326 audit(2000001134.261:19840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20341 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f001da6e929 code=0x7ffc0000
[  458.544655][   T29] audit: type=1326 audit(2000001134.261:19841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20341 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001da6e929 code=0x7ffc0000
[  458.567737][   T29] audit: type=1326 audit(2000001134.261:19842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20341 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f001da6e929 code=0x7ffc0000
[  458.591123][   T29] audit: type=1326 audit(2000001134.261:19843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20341 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001da6e929 code=0x7ffc0000
[  458.614261][   T29] audit: type=1326 audit(2000001134.261:19844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20341 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001da6e929 code=0x7ffc0000
[  458.637554][   T29] audit: type=1326 audit(2000001134.261:19845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20341 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f001da6e929 code=0x7ffc0000
[  458.660792][   T29] audit: type=1326 audit(2000001134.261:19846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20341 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001da6e929 code=0x7ffc0000
[  458.704193][T20332] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.745527][T20274] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.800600][T20274] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.839898][T20332] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.992282][T20332] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  459.059424][T20332] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  459.072559][T20332] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  459.083874][T20332] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  459.229871][T20365] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  459.247469][T20365] SELinux: failed to load policy
[  459.284429][T20369] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3354 sclass=netlink_route_socket pid=20369 comm=syz.0.5982
[  459.305576][T20369] netlink: 'syz.0.5982': attribute type 11 has an invalid length.
[  459.313875][T20369] netlink: 448 bytes leftover after parsing attributes in process `syz.0.5982'.
[  459.457751][T20380] loop6: detected capacity change from 0 to 8192
[  459.508613][T20380]  loop6: p1 p3 p4
[  459.512485][T20380] loop6: p1 size 8390912 extends beyond EOD, truncated
[  459.520029][T20380] loop6: p3 size 589824 extends beyond EOD, truncated
[  459.583863][T20393] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[  459.593732][T20393] SELinux: failed to load policy
[  459.725149][T20398] loop5: detected capacity change from 0 to 8192
[  459.765586][T20398]  loop5: p1 p3 p4
[  459.769479][T20398] loop5: p1 size 8390912 extends beyond EOD, truncated
[  459.776932][T20398] loop5: p3 size 589824 extends beyond EOD, truncated
[  460.113239][T20274] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  460.139751][T20274] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  460.166925][T20274] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  460.206579][T20274] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  460.810890][T15418] bond0 (unregistering): (slave bridge1): Removing an active aggregator
[  460.829412][T15418] bond0 (unregistering): (slave bridge1): Releasing backup interface
[  460.887003][T15418] bridge1 (unregistering): left promiscuous mode
[  460.893562][T15418] bridge1 (unregistering): left allmulticast mode
[  461.099025][T20442] loop6: detected capacity change from 0 to 8192
[  461.139695][T20442]  loop6: p1 p3 p4
[  461.143537][T20442] loop6: p1 size 8390912 extends beyond EOD, truncated
[  461.143718][T15418] $Hÿ (unregistering): (slave bond_slave_0): Releasing backup interface
[  461.151407][T20442] loop6: p3 size 589824 extends beyond EOD, truncated
[  461.166408][T15418] bond_slave_0: left promiscuous mode
[  461.173391][T15418] $Hÿ (unregistering): (slave bond_slave_1): Releasing backup interface
[  461.182451][T15418] bond_slave_1: left promiscuous mode
[  461.188673][T15418] $Hÿ (unregistering): Released all slaves
[  461.197741][T15418] bond0 (unregistering): Released all slaves
[  461.249838][T20450] loop5: detected capacity change from 0 to 1024
[  461.280454][T20274] 8021q: adding VLAN 0 to HW filter on device bond0
[  461.336142][T20274] 8021q: adding VLAN 0 to HW filter on device team0
[  461.344112][T15418] tipc: Left network mode
[  461.349603][ T1644] bridge0: port 1(bridge_slave_0) entered blocking state
[  461.356796][ T1644] bridge0: port 1(bridge_slave_0) entered forwarding state
[  461.370987][ T1644] bridge0: port 2(bridge_slave_1) entered blocking state
[  461.378283][ T1644] bridge0: port 2(bridge_slave_1) entered forwarding state
[  461.527084][T20274] 8021q: adding VLAN 0 to HW filter on device batadv0
[  461.535581][T20462] loop6: detected capacity change from 0 to 8192
[  461.547228][T20456] loop5: detected capacity change from 0 to 8192
[  461.558463][T15418] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  461.565978][T15418] batman_adv: batadv0: Removing interface: batadv_slave_1
[  461.567646][T20465] loop1: detected capacity change from 0 to 8192
[  461.583564][T15418] veth1_macvtap: left promiscuous mode
[  461.584984][T20462]  loop6: p1 p3 p4
[  461.589468][T15418] veth0_macvtap: left promiscuous mode
[  461.593053][T20462] loop6: p1 size 8390912 extends beyond EOD, truncated
[  461.598506][T20456]  loop5: p1 p3 p4
[  461.598540][T20456] loop5: p1 size 8390912 extends beyond EOD, 
[  461.609171][T15418] veth1_vlan: left promiscuous mode
[  461.609523][T20456] truncated
[  461.615760][T15418] veth0_vlan: left promiscuous mode
[  461.621894][T20456] loop5: p3 size 589824 extends beyond EOD, truncated
[  461.629370][T20462] loop6: p3 size 589824 extends beyond EOD, truncated
[  461.645543][T20465]  loop1: p1 p3 p4
[  461.649355][T20465] loop1: p1 size 8390912 extends beyond EOD, truncated
[  461.657514][T20465] loop1: p3 size 589824 extends beyond EOD, truncated
[  461.740131][T15418] team0 (unregistering): Port device team_slave_1 removed
[  461.750164][T15418] team0 (unregistering): Port device team_slave_0 removed
[  461.758082][   T37] smc: removing ib device syz!
[  461.892694][T20485] syzkaller0: tun_chr_ioctl cmd 37730
[  461.950275][T20274] veth0_vlan: entered promiscuous mode
[  461.971048][T20274] veth1_vlan: entered promiscuous mode
[  462.010166][T20274] veth0_macvtap: entered promiscuous mode
[  462.018809][T20274] veth1_macvtap: entered promiscuous mode
[  462.020308][T20500] loop5: detected capacity change from 0 to 128
[  462.052889][T20274] batman_adv: batadv0: Interface activated: batadv_slave_0
[  462.079726][T20274] batman_adv: batadv0: Interface activated: batadv_slave_1
[  462.083950][T20504] xt_bpf: check failed: parse error
[  462.107191][T20274] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  462.116028][T20274] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  462.124776][T20274] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  462.133626][T20274] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  462.324580][T20518] loop6: detected capacity change from 0 to 512
[  462.331536][T20518] EXT4-fs: Ignoring removed oldalloc option
[  462.337631][T20518] EXT4-fs: inline encryption not supported
[  462.343624][T20518] EXT4-fs: Ignoring removed mblk_io_submit option
[  462.364573][T20518] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  462.507058][T20518] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.6029: bg 0: block 64: padding at end of block bitmap is not set
[  462.545828][T20518] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.6029: Failed to acquire dquot type 0
[  462.617622][T20518] EXT4-fs (loop6): 1 truncate cleaned up
[  462.706966][T20518] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  462.749029][T20530] loop1: detected capacity change from 0 to 8192
[  463.018493][   T29] kauditd_printk_skb: 263 callbacks suppressed
[  463.018513][   T29] audit: type=1400 audit(2000001139.018:20106): avc:  denied  { read } for  pid=20540 comm="syz.2.6037" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  463.035873][T20530]  loop1: p1 p3 p4
[  463.048636][   T29] audit: type=1400 audit(2000001139.018:20107): avc:  denied  { setattr } for  pid=20540 comm="syz.2.6037" name="file0" dev="tmpfs" ino=33 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  463.053602][T20530] loop1: p1 size 8390912 extends beyond EOD, truncated
[  463.077130][T20544] netlink: 160 bytes leftover after parsing attributes in process `syz.6.6029'.
[  463.091437][T20544] unsupported nla_type 32769
[  463.102087][   T29] audit: type=1326 audit(2000001139.092:20108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20517 comm="syz.6.6029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6264c6e929 code=0x7ffc0000
[  463.125744][   T29] audit: type=1326 audit(2000001139.092:20109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20517 comm="syz.6.6029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6264c6e929 code=0x7ffc0000
[  463.137387][T20530] loop1: p3 size 589824 extends beyond EOD, 
[  463.149393][   T29] audit: type=1326 audit(2000001139.092:20110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20517 comm="syz.6.6029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6264c6e929 code=0x7ffc0000
[  463.149432][   T29] audit: type=1326 audit(2000001139.092:20111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20517 comm="syz.6.6029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6264c6e929 code=0x7ffc0000
[  463.149466][   T29] audit: type=1326 audit(2000001139.092:20112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20517 comm="syz.6.6029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6264c6e929 code=0x7ffc0000
[  463.155441][T20530] truncated
[  463.179036][   T29] audit: type=1326 audit(2000001139.092:20113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20517 comm="syz.6.6029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f6264c6e929 code=0x7ffc0000
[  463.275614][T16994] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  463.332593][   T29] audit: type=1326 audit(2000001139.113:20114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20517 comm="syz.6.6029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6264c6e929 code=0x7ffc0000
[  463.356483][   T29] audit: type=1326 audit(2000001139.113:20115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20517 comm="syz.6.6029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6264c6e929 code=0x7ffc0000
[  463.410586][T20553] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6042'.
[  463.437149][T20558] netlink: 'syz.6.6041': attribute type 3 has an invalid length.
[  463.445570][T20558] netlink: 'syz.6.6041': attribute type 3 has an invalid length.
[  463.454463][T20558] FAULT_INJECTION: forcing a failure.
[  463.454463][T20558] name failslab, interval 1, probability 0, space 0, times 0
[  463.467333][T20558] CPU: 1 UID: 0 PID: 20558 Comm: syz.6.6041 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  463.467362][T20558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  463.467375][T20558] Call Trace:
[  463.467460][T20558]  <TASK>
[  463.467468][T20558]  __dump_stack+0x1d/0x30
[  463.467491][T20558]  dump_stack_lvl+0xe8/0x140
[  463.467556][T20558]  dump_stack+0x15/0x1b
[  463.467600][T20558]  should_fail_ex+0x265/0x280
[  463.467633][T20558]  should_failslab+0x8c/0xb0
[  463.467666][T20558]  kmem_cache_alloc_node_noprof+0x57/0x320
[  463.467696][T20558]  ? __alloc_skb+0x101/0x320
[  463.467729][T20558]  __alloc_skb+0x101/0x320
[  463.467767][T20558]  tca_action_gd+0x640/0x1290
[  463.467833][T20558]  ? dev_hard_start_xmit+0x3b0/0x3e0
[  463.467903][T20558]  tc_ctl_action+0x208/0x830
[  463.467934][T20558]  ? __kfree_skb+0x109/0x150
[  463.467966][T20558]  ? __rcu_read_unlock+0x4f/0x70
[  463.468008][T20558]  ? avc_has_perm_noaudit+0x1b1/0x200
[  463.468040][T20558]  ? selinux_capable+0x1f9/0x270
[  463.468087][T20558]  ? mutex_spin_on_owner+0x87/0x170
[  463.468114][T20558]  ? __mutex_lock+0x1a7/0xa50
[  463.468191][T20558]  ? security_capable+0x83/0x90
[  463.468223][T20558]  ? __pfx_tc_ctl_action+0x10/0x10
[  463.468251][T20558]  rtnetlink_rcv_msg+0x657/0x6d0
[  463.468324][T20558]  netlink_rcv_skb+0x120/0x220
[  463.468417][T20558]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  463.468457][T20558]  rtnetlink_rcv+0x1c/0x30
[  463.468478][T20558]  netlink_unicast+0x59e/0x670
[  463.468583][T20558]  netlink_sendmsg+0x58b/0x6b0
[  463.468605][T20558]  ? __pfx_netlink_sendmsg+0x10/0x10
[  463.468626][T20558]  __sock_sendmsg+0x145/0x180
[  463.468653][T20558]  ____sys_sendmsg+0x31e/0x4e0
[  463.468745][T20558]  ___sys_sendmsg+0x17b/0x1d0
[  463.468797][T20558]  __x64_sys_sendmsg+0xd4/0x160
[  463.468840][T20558]  x64_sys_call+0x2999/0x2fb0
[  463.468895][T20558]  do_syscall_64+0xd2/0x200
[  463.468913][T20558]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  463.468942][T20558]  ? clear_bhb_loop+0x40/0x90
[  463.468964][T20558]  ? clear_bhb_loop+0x40/0x90
[  463.468988][T20558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  463.469089][T20558] RIP: 0033:0x7f6264c6e929
[  463.469104][T20558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  463.469123][T20558] RSP: 002b:00007f62632d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  463.469171][T20558] RAX: ffffffffffffffda RBX: 00007f6264e95fa0 RCX: 00007f6264c6e929
[  463.469189][T20558] RDX: 0000000000000000 RSI: 0000200000000700 RDI: 0000000000000006
[  463.469202][T20558] RBP: 00007f62632d7090 R08: 0000000000000000 R09: 0000000000000000
[  463.469214][T20558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  463.469227][T20558] R13: 0000000000000000 R14: 00007f6264e95fa0 R15: 00007ffe655c4b88
[  463.469248][T20558]  </TASK>
[  463.841168][T20559] lo speed is unknown, defaulting to 1000
[  463.974287][T20563] loop1: detected capacity change from 0 to 512
[  463.986647][T20563] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.6044: Failed to acquire dquot type 1
[  464.015419][T20563] EXT4-fs (loop1): 1 truncate cleaned up
[  464.028046][T20563] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  464.041370][T20563] ext4 filesystem being mounted at /518/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  464.082815][T20563] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.6044: Failed to acquire dquot type 1
[  464.140943][T13363] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  464.219202][T20585] FAULT_INJECTION: forcing a failure.
[  464.219202][T20585] name failslab, interval 1, probability 0, space 0, times 0
[  464.231898][T20585] CPU: 0 UID: 0 PID: 20585 Comm: syz.1.6053 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  464.231932][T20585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  464.231957][T20585] Call Trace:
[  464.231964][T20585]  <TASK>
[  464.231974][T20585]  __dump_stack+0x1d/0x30
[  464.231999][T20585]  dump_stack_lvl+0xe8/0x140
[  464.232021][T20585]  dump_stack+0x15/0x1b
[  464.232040][T20585]  should_fail_ex+0x265/0x280
[  464.232076][T20585]  should_failslab+0x8c/0xb0
[  464.232120][T20585]  kmem_cache_alloc_noprof+0x50/0x310
[  464.232153][T20585]  ? skb_clone+0x151/0x1f0
[  464.232183][T20585]  skb_clone+0x151/0x1f0
[  464.232204][T20585]  ip_rcv_core+0xd3/0x690
[  464.232274][T20585]  ip_rcv+0x48/0x140
[  464.232307][T20585]  ? xas_create+0xb89/0xbe0
[  464.232340][T20585]  ? inat_get_opcode_attribute+0xc/0x20
[  464.232436][T20585]  ? __pfx_ip_rcv+0x10/0x10
[  464.232469][T20585]  __netif_receive_skb_core+0x1c88/0x2410
[  464.232505][T20585]  __netif_receive_skb_list_core+0x113/0x500
[  464.232547][T20585]  netif_receive_skb_list_internal+0x487/0x600
[  464.232577][T20585]  netif_receive_skb_list+0x31/0x200
[  464.232659][T20585]  bpf_test_run_xdp_live+0xdcb/0xfe0
[  464.232695][T20585]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  464.232728][T20585]  ? synchronize_rcu+0x45/0x320
[  464.232833][T20585]  ? 0xffffffffa02057c0
[  464.232848][T20585]  ? bpf_test_run_xdp_live+0x29d/0xfe0
[  464.232929][T20585]  bpf_prog_test_run_xdp+0x4f5/0x910
[  464.233035][T20585]  ? __rcu_read_unlock+0x4f/0x70
[  464.233063][T20585]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  464.233101][T20585]  bpf_prog_test_run+0x227/0x390
[  464.233123][T20585]  __sys_bpf+0x3dc/0x790
[  464.233229][T20585]  __x64_sys_bpf+0x41/0x50
[  464.233260][T20585]  x64_sys_call+0x2478/0x2fb0
[  464.233283][T20585]  do_syscall_64+0xd2/0x200
[  464.233302][T20585]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  464.233345][T20585]  ? clear_bhb_loop+0x40/0x90
[  464.233396][T20585]  ? clear_bhb_loop+0x40/0x90
[  464.233463][T20585]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.233509][T20585] RIP: 0033:0x7f7783e4e929
[  464.233527][T20585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  464.233548][T20585] RSP: 002b:00007f77824b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  464.233570][T20585] RAX: ffffffffffffffda RBX: 00007f7784075fa0 RCX: 00007f7783e4e929
[  464.233584][T20585] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  464.233598][T20585] RBP: 00007f77824b7090 R08: 0000000000000000 R09: 0000000000000000
[  464.233666][T20585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  464.233680][T20585] R13: 0000000000000000 R14: 00007f7784075fa0 R15: 00007ffd688f6f88
[  464.233701][T20585]  </TASK>
[  464.615188][T20597] FAULT_INJECTION: forcing a failure.
[  464.615188][T20597] name failslab, interval 1, probability 0, space 0, times 0
[  464.627922][T20597] CPU: 1 UID: 0 PID: 20597 Comm: syz.0.6058 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  464.628004][T20597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  464.628021][T20597] Call Trace:
[  464.628063][T20597]  <TASK>
[  464.628072][T20597]  __dump_stack+0x1d/0x30
[  464.628165][T20597]  dump_stack_lvl+0xe8/0x140
[  464.628191][T20597]  dump_stack+0x15/0x1b
[  464.628208][T20597]  should_fail_ex+0x265/0x280
[  464.628240][T20597]  ? ramfs_init_fs_context+0x31/0x90
[  464.628265][T20597]  should_failslab+0x8c/0xb0
[  464.628337][T20597]  __kmalloc_cache_noprof+0x4c/0x320
[  464.628437][T20597]  ramfs_init_fs_context+0x31/0x90
[  464.628462][T20597]  alloc_fs_context+0x3ef/0x4e0
[  464.628504][T20597]  fs_context_for_mount+0x22/0x30
[  464.628710][T20597]  __se_sys_fsopen+0xa0/0x1e0
[  464.628732][T20597]  __x64_sys_fsopen+0x31/0x40
[  464.628757][T20597]  x64_sys_call+0x2a54/0x2fb0
[  464.628781][T20597]  do_syscall_64+0xd2/0x200
[  464.628799][T20597]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  464.628825][T20597]  ? clear_bhb_loop+0x40/0x90
[  464.628948][T20597]  ? clear_bhb_loop+0x40/0x90
[  464.628978][T20597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.629060][T20597] RIP: 0033:0x7f001da6e929
[  464.629080][T20597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  464.629102][T20597] RSP: 002b:00007f001c0d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[  464.629151][T20597] RAX: ffffffffffffffda RBX: 00007f001dc95fa0 RCX: 00007f001da6e929
[  464.629163][T20597] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000001c0
[  464.629175][T20597] RBP: 00007f001c0d7090 R08: 0000000000000000 R09: 0000000000000000
[  464.629190][T20597] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  464.629225][T20597] R13: 0000000000000000 R14: 00007f001dc95fa0 R15: 00007fff77d177d8
[  464.629250][T20597]  </TASK>
[  464.841812][T20599] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6059'.
[  464.850936][T20599] netlink: 'syz.0.6059': attribute type 7 has an invalid length.
[  464.858727][T20599] netlink: 'syz.0.6059': attribute type 8 has an invalid length.
[  464.866577][T20599] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6059'.
[  464.886187][T20599] FAULT_INJECTION: forcing a failure.
[  464.886187][T20599] name failslab, interval 1, probability 0, space 0, times 0
[  464.899108][T20599] CPU: 0 UID: 0 PID: 20599 Comm: syz.0.6059 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  464.899196][T20599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  464.899208][T20599] Call Trace:
[  464.899214][T20599]  <TASK>
[  464.899222][T20599]  __dump_stack+0x1d/0x30
[  464.899312][T20599]  dump_stack_lvl+0xe8/0x140
[  464.899339][T20599]  dump_stack+0x15/0x1b
[  464.899355][T20599]  should_fail_ex+0x265/0x280
[  464.899388][T20599]  ? alloc_netdev_mqs+0x829/0xab0
[  464.899475][T20599]  should_failslab+0x8c/0xb0
[  464.899505][T20599]  __kmalloc_cache_noprof+0x4c/0x320
[  464.899544][T20599]  alloc_netdev_mqs+0x829/0xab0
[  464.899605][T20599]  rtnl_create_link+0x239/0x710
[  464.899650][T20599]  rtnl_newlink_create+0x14c/0x620
[  464.899683][T20599]  ? __schedule+0x6a8/0xb30
[  464.899726][T20599]  rtnl_newlink+0xf29/0x12d0
[  464.899841][T20599]  ? xas_load+0x413/0x430
[  464.899884][T20599]  ? __memcg_slab_free_hook+0x135/0x230
[  464.899943][T20599]  ? __kfree_skb+0x109/0x150
[  464.899974][T20599]  ? __rcu_read_unlock+0x4f/0x70
[  464.899998][T20599]  ? avc_has_perm_noaudit+0x1b1/0x200
[  464.900047][T20599]  ? selinux_capable+0x1f9/0x270
[  464.900223][T20599]  ? security_capable+0x83/0x90
[  464.900253][T20599]  ? ns_capable+0x7d/0xb0
[  464.900323][T20599]  ? __pfx_rtnl_newlink+0x10/0x10
[  464.900430][T20599]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  464.900498][T20599]  netlink_rcv_skb+0x120/0x220
[  464.900537][T20599]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  464.900573][T20599]  rtnetlink_rcv+0x1c/0x30
[  464.900639][T20599]  netlink_unicast+0x59e/0x670
[  464.900676][T20599]  netlink_sendmsg+0x58b/0x6b0
[  464.900702][T20599]  ? __pfx_netlink_sendmsg+0x10/0x10
[  464.900724][T20599]  __sock_sendmsg+0x145/0x180
[  464.900798][T20599]  ____sys_sendmsg+0x31e/0x4e0
[  464.900844][T20599]  ___sys_sendmsg+0x17b/0x1d0
[  464.900896][T20599]  __x64_sys_sendmsg+0xd4/0x160
[  464.900950][T20599]  x64_sys_call+0x2999/0x2fb0
[  464.900977][T20599]  do_syscall_64+0xd2/0x200
[  464.901097][T20599]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  464.901141][T20599]  ? clear_bhb_loop+0x40/0x90
[  464.901168][T20599]  ? clear_bhb_loop+0x40/0x90
[  464.901190][T20599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  464.901289][T20599] RIP: 0033:0x7f001da6e929
[  464.901309][T20599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  464.901333][T20599] RSP: 002b:00007f001c0d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  464.901357][T20599] RAX: ffffffffffffffda RBX: 00007f001dc95fa0 RCX: 00007f001da6e929
[  464.901372][T20599] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000004
[  464.901384][T20599] RBP: 00007f001c0d7090 R08: 0000000000000000 R09: 0000000000000000
[  464.901395][T20599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  464.901410][T20599] R13: 0000000000000000 R14: 00007f001dc95fa0 R15: 00007fff77d177d8
[  464.901509][T20599]  </TASK>
[  465.260735][T20611] FAULT_INJECTION: forcing a failure.
[  465.260735][T20611] name failslab, interval 1, probability 0, space 0, times 0
[  465.273705][T20611] CPU: 1 UID: 0 PID: 20611 Comm: syz.2.6064 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  465.273734][T20611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  465.273747][T20611] Call Trace:
[  465.273798][T20611]  <TASK>
[  465.273807][T20611]  __dump_stack+0x1d/0x30
[  465.273833][T20611]  dump_stack_lvl+0xe8/0x140
[  465.273915][T20611]  dump_stack+0x15/0x1b
[  465.273932][T20611]  should_fail_ex+0x265/0x280
[  465.273970][T20611]  should_failslab+0x8c/0xb0
[  465.274002][T20611]  kmem_cache_alloc_noprof+0x50/0x310
[  465.274055][T20611]  ? getname_flags+0x80/0x3b0
[  465.274082][T20611]  getname_flags+0x80/0x3b0
[  465.274120][T20611]  do_sys_openat2+0x60/0x110
[  465.274148][T20611]  __x64_sys_openat+0xf2/0x120
[  465.274176][T20611]  x64_sys_call+0x1af/0x2fb0
[  465.274253][T20611]  do_syscall_64+0xd2/0x200
[  465.274274][T20611]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  465.274300][T20611]  ? clear_bhb_loop+0x40/0x90
[  465.274321][T20611]  ? clear_bhb_loop+0x40/0x90
[  465.274344][T20611]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  465.274420][T20611] RIP: 0033:0x7fec9c69d290
[  465.274439][T20611] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  465.274456][T20611] RSP: 002b:00007fec9ad06f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  465.274475][T20611] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fec9c69d290
[  465.274488][T20611] RDX: 0000000000000002 RSI: 00007fec9ad06fa0 RDI: 00000000ffffff9c
[  465.274552][T20611] RBP: 00007fec9ad06fa0 R08: 0000000000000000 R09: 0000000000000000
[  465.274650][T20611] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  465.274666][T20611] R13: 0000000000000001 R14: 00007fec9c8c5fa0 R15: 00007ffc9549fbd8
[  465.274691][T20611]  </TASK>
[  465.280154][T20613] netlink: 56 bytes leftover after parsing attributes in process `syz.6.6066'.
[  465.603958][T20642] netlink: 'syz.5.6074': attribute type 3 has an invalid length.
[  465.627583][T20642] netlink: 'syz.5.6074': attribute type 3 has an invalid length.
[  465.713357][T20651] netlink: 'syz.5.6079': attribute type 4 has an invalid length.
[  465.721265][T20651] netlink: 152 bytes leftover after parsing attributes in process `syz.5.6079'.
[  465.747561][T20651] net_ratelimit: 15 callbacks suppressed
[  465.747583][T20651] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  465.963846][T20649] loop1: detected capacity change from 0 to 164
[  465.990688][T20649] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  466.195088][T20701] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  466.230062][T20707] loop1: detected capacity change from 0 to 512
[  466.245276][T20701] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  466.262592][T20707] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  466.278234][T20707] EXT4-fs (loop1): mount failed
[  466.289490][T20701] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  466.308385][T20714] netlink: 'syz.0.6099': attribute type 4 has an invalid length.
[  466.316221][T20714] netlink: 152 bytes leftover after parsing attributes in process `syz.0.6099'.
[  466.337424][T20701] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  466.366060][T20714] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  466.399684][T20701] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  466.423663][T20701] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  466.443587][T20701] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  466.455827][T20701] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  466.465947][T20722] Invalid ELF header magic: != ELF
[  466.546901][T20722] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  466.627541][T20734] loop6: detected capacity change from 0 to 164
[  466.635111][T20734] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  466.677303][T20740] loop5: detected capacity change from 0 to 1024
[  466.785734][T20749] loop6: detected capacity change from 0 to 1024
[  466.801393][T20749] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (1764!=20869)
[  466.807815][T20722] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  466.817182][T20749] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  466.817780][T20749] EXT4-fs (loop6): invalid journal inode
[  466.856788][T20749] EXT4-fs (loop6): can't get journal size
[  466.873113][T20749] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  466.893141][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  466.964930][T20749] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  466.998081][T20722] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  467.026423][T20761] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3354 sclass=netlink_route_socket pid=20761 comm=syz.2.6116
[  467.040557][T20759] netlink: 'syz.5.6115': attribute type 4 has an invalid length.
[  467.048386][T20759] netlink: 152 bytes leftover after parsing attributes in process `syz.5.6115'.
[  467.063797][T20761] netlink: 'syz.2.6116': attribute type 11 has an invalid length.
[  467.072088][T20761] netlink: 448 bytes leftover after parsing attributes in process `syz.2.6116'.
[  467.083703][T20759] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  467.165992][T20722] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  467.308044][T20722] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  467.336610][T20722] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  467.352983][T20722] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  467.374028][T20722] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  467.560431][T20791] loop5: detected capacity change from 0 to 8192
[  467.615881][T20791]  loop5: p1 p3 p4
[  467.619862][T20791] loop5: p1 size 8390912 extends beyond EOD, truncated
[  467.637780][T20778] netlink: 24 bytes leftover after parsing attributes in process `syz.6.6123'.
[  467.640540][T20791] loop5: p3 size 589824 extends beyond EOD, truncated
[  467.778644][T20809] loop5: detected capacity change from 0 to 512
[  467.778970][   T29] kauditd_printk_skb: 303 callbacks suppressed
[  467.778987][   T29] audit: type=1400 audit(2000001144.048:20414): avc:  denied  { create } for  pid=20810 comm="syz.1.6135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  467.811399][T20809] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  467.813415][   T29] audit: type=1400 audit(2000001144.058:20415): avc:  denied  { setopt } for  pid=20806 comm="syz.6.6133" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  467.826814][T20814] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6136'.
[  467.844522][T20809] EXT4-fs (loop5): 1 truncate cleaned up
[  467.857469][T20809] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  467.872881][T20817] sg_write: data in/out 124/1 bytes for SCSI command 0x75-- guessing data in;
[  467.872881][T20817]    program syz.1.6135 not setting count and/or reply_len properly
[  467.876431][   T29] audit: type=1400 audit(2000001144.143:20416): avc:  denied  { lock } for  pid=20808 comm="syz.5.6134" path="socket:[73858]" dev="sockfs" ino=73858 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  467.914432][T20817] loop1: detected capacity change from 0 to 512
[  467.922095][T20817] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -13
[  467.930728][T20817] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #13: comm syz.1.6135: iget: bad i_size value: 12154757448730
[  467.934580][T20820] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 80:00:00:00:00:85
[  467.943761][T20817] EXT4-fs error (device loop1): ext4_orphan_get:1398: comm syz.1.6135: couldn't read orphan inode 13 (err -117)
[  467.971386][   T29] audit: type=1400 audit(2000001144.248:20417): avc:  denied  { create } for  pid=20808 comm="syz.5.6134" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  467.977827][T20817] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  468.013827][   T29] audit: type=1400 audit(2000001144.290:20418): avc:  denied  { unmount } for  pid=13130 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  468.035241][   T29] audit: type=1400 audit(2000001144.301:20419): avc:  denied  { write } for  pid=20823 comm="syz.0.6138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  468.041738][T13130] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  468.055922][   T29] audit: type=1400 audit(2000001144.301:20420): avc:  denied  { read } for  pid=20823 comm="syz.0.6138" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  468.086469][T20817] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  468.087735][   T29] audit: type=1400 audit(2000001144.311:20421): avc:  denied  { mac_admin } for  pid=20810 comm="syz.1.6135" capability=33  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  468.122235][   T29] audit: type=1400 audit(2000001144.311:20422): avc:  denied  { relabelto } for  pid=20810 comm="syz.1.6135" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  468.149687][   T29] audit: type=1400 audit(2000001144.438:20423): avc:  denied  { setopt } for  pid=20810 comm="syz.1.6135" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  468.174080][T20817] netlink: 108 bytes leftover after parsing attributes in process `syz.1.6135'.
[  468.207303][T20817] netlink: 112 bytes leftover after parsing attributes in process `syz.1.6135'.
[  468.223093][T20837] FAULT_INJECTION: forcing a failure.
[  468.223093][T20837] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  468.236383][T20837] CPU: 0 UID: 0 PID: 20837 Comm: syz.5.6139 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  468.236418][T20837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  468.236473][T20837] Call Trace:
[  468.236481][T20837]  <TASK>
[  468.236491][T20837]  __dump_stack+0x1d/0x30
[  468.236588][T20837]  dump_stack_lvl+0xe8/0x140
[  468.236614][T20837]  dump_stack+0x15/0x1b
[  468.236706][T20837]  should_fail_ex+0x265/0x280
[  468.236748][T20837]  should_fail+0xb/0x20
[  468.236784][T20837]  should_fail_usercopy+0x1a/0x20
[  468.236828][T20837]  _copy_from_user+0x1c/0xb0
[  468.236856][T20837]  ___sys_sendmsg+0xc1/0x1d0
[  468.236998][T20837]  __x64_sys_sendmsg+0xd4/0x160
[  468.237046][T20837]  x64_sys_call+0x2999/0x2fb0
[  468.237073][T20837]  do_syscall_64+0xd2/0x200
[  468.237096][T20837]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  468.237164][T20837]  ? clear_bhb_loop+0x40/0x90
[  468.237192][T20837]  ? clear_bhb_loop+0x40/0x90
[  468.237221][T20837]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.237250][T20837] RIP: 0033:0x7f6c859be929
[  468.237330][T20837] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  468.237354][T20837] RSP: 002b:00007f6c84027038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  468.237378][T20837] RAX: ffffffffffffffda RBX: 00007f6c85be5fa0 RCX: 00007f6c859be929
[  468.237395][T20837] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  468.237487][T20837] RBP: 00007f6c84027090 R08: 0000000000000000 R09: 0000000000000000
[  468.237560][T20837] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  468.237577][T20837] R13: 0000000000000000 R14: 00007f6c85be5fa0 R15: 00007ffe068cf0e8
[  468.237637][T20837]  </TASK>
[  468.241487][T20834] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=20834 comm=syz.0.6143
[  468.455181][T20844] netlink: 'syz.0.6145': attribute type 4 has an invalid length.
[  468.475137][T20846] netlink: 'syz.2.6146': attribute type 10 has an invalid length.
[  468.495533][T20846] team0: Port device dummy0 added
[  468.503053][T20846] netlink: 'syz.2.6146': attribute type 10 has an invalid length.
[  468.520338][T20846] team0: Port device dummy0 removed
[  468.528193][T20846] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  468.559305][T20852] FAULT_INJECTION: forcing a failure.
[  468.559305][T20852] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  468.572549][T20852] CPU: 1 UID: 0 PID: 20852 Comm: syz.2.6149 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  468.572585][T20852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  468.572641][T20852] Call Trace:
[  468.572649][T20852]  <TASK>
[  468.572659][T20852]  __dump_stack+0x1d/0x30
[  468.572681][T20852]  dump_stack_lvl+0xe8/0x140
[  468.572701][T20852]  dump_stack+0x15/0x1b
[  468.572718][T20852]  should_fail_ex+0x265/0x280
[  468.572831][T20852]  should_fail+0xb/0x20
[  468.572860][T20852]  should_fail_usercopy+0x1a/0x20
[  468.572901][T20852]  _copy_to_user+0x20/0xa0
[  468.572976][T20852]  simple_read_from_buffer+0xb5/0x130
[  468.573054][T20852]  proc_fail_nth_read+0x100/0x140
[  468.573092][T20852]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  468.573128][T20852]  vfs_read+0x19d/0x6f0
[  468.573225][T20852]  ? __rcu_read_unlock+0x4f/0x70
[  468.573248][T20852]  ? __fget_files+0x184/0x1c0
[  468.573271][T20852]  ksys_read+0xda/0x1a0
[  468.573377][T20852]  __x64_sys_read+0x40/0x50
[  468.573411][T20852]  x64_sys_call+0x2d77/0x2fb0
[  468.573434][T20852]  do_syscall_64+0xd2/0x200
[  468.573453][T20852]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  468.573525][T20852]  ? clear_bhb_loop+0x40/0x90
[  468.573599][T20852]  ? clear_bhb_loop+0x40/0x90
[  468.573623][T20852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  468.573646][T20852] RIP: 0033:0x7fec9c69d33c
[  468.573735][T20852] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  468.573754][T20852] RSP: 002b:00007fec9ad07030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  468.573774][T20852] RAX: ffffffffffffffda RBX: 00007fec9c8c5fa0 RCX: 00007fec9c69d33c
[  468.573786][T20852] RDX: 000000000000000f RSI: 00007fec9ad070a0 RDI: 0000000000000003
[  468.573799][T20852] RBP: 00007fec9ad07090 R08: 0000000000000000 R09: 0000000000000000
[  468.573811][T20852] R10: 0000000000000036 R11: 0000000000000246 R12: 0000000000000001
[  468.573824][T20852] R13: 0000000000000001 R14: 00007fec9c8c5fa0 R15: 00007ffc9549fbd8
[  468.573908][T20852]  </TASK>
[  469.007021][T20873] netlink: 'syz.5.6158': attribute type 4 has an invalid length.
[  469.015169][T20873] FAULT_INJECTION: forcing a failure.
[  469.015169][T20873] name failslab, interval 1, probability 0, space 0, times 0
[  469.027939][T20873] CPU: 0 UID: 0 PID: 20873 Comm: syz.5.6158 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  469.028037][T20873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  469.028050][T20873] Call Trace:
[  469.028056][T20873]  <TASK>
[  469.028063][T20873]  __dump_stack+0x1d/0x30
[  469.028082][T20873]  dump_stack_lvl+0xe8/0x140
[  469.028116][T20873]  dump_stack+0x15/0x1b
[  469.028144][T20873]  should_fail_ex+0x265/0x280
[  469.028172][T20873]  should_failslab+0x8c/0xb0
[  469.028269][T20873]  kmem_cache_alloc_node_noprof+0x57/0x320
[  469.028295][T20873]  ? __alloc_skb+0x101/0x320
[  469.028322][T20873]  __alloc_skb+0x101/0x320
[  469.028419][T20873]  rtmsg_ifinfo_build_skb+0x5f/0x1b0
[  469.028465][T20873]  ? __rcu_read_unlock+0x4f/0x70
[  469.028532][T20873]  ? __pfx_rtnetlink_event+0x10/0x10
[  469.028586][T20873]  rtnetlink_event+0x18c/0x200
[  469.028607][T20873]  raw_notifier_call_chain+0x6f/0x1b0
[  469.028624][T20873]  ? call_netdevice_notifiers_info+0x9c/0x100
[  469.028678][T20873]  call_netdevice_notifiers_info+0xae/0x100
[  469.028746][T20873]  netif_set_mtu_ext+0x296/0x370
[  469.028773][T20873]  do_setlink+0x751/0x2810
[  469.028797][T20873]  ? save_fpregs_to_fpstate+0x100/0x160
[  469.028903][T20873]  ? _raw_spin_unlock+0x26/0x50
[  469.028939][T20873]  ? finish_task_switch+0xad/0x2b0
[  469.028963][T20873]  ? __schedule+0x6a8/0xb30
[  469.029050][T20873]  rtnl_setlink+0x311/0x420
[  469.029107][T20873]  ? security_capable+0x83/0x90
[  469.029134][T20873]  ? ns_capable+0x7d/0xb0
[  469.029219][T20873]  ? __pfx_rtnl_setlink+0x10/0x10
[  469.029305][T20873]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  469.029329][T20873]  netlink_rcv_skb+0x120/0x220
[  469.029359][T20873]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  469.029465][T20873]  rtnetlink_rcv+0x1c/0x30
[  469.029497][T20873]  netlink_unicast+0x59e/0x670
[  469.029553][T20873]  netlink_sendmsg+0x58b/0x6b0
[  469.029572][T20873]  ? __pfx_netlink_sendmsg+0x10/0x10
[  469.029591][T20873]  __sock_sendmsg+0x145/0x180
[  469.029624][T20873]  sock_write_iter+0x165/0x1b0
[  469.029649][T20873]  do_iter_readv_writev+0x41e/0x4c0
[  469.029743][T20873]  vfs_writev+0x2df/0x8b0
[  469.029773][T20873]  do_writev+0xe7/0x210
[  469.029796][T20873]  __x64_sys_writev+0x45/0x50
[  469.029814][T20873]  x64_sys_call+0x2006/0x2fb0
[  469.029888][T20873]  do_syscall_64+0xd2/0x200
[  469.029904][T20873]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  469.029963][T20873]  ? clear_bhb_loop+0x40/0x90
[  469.029984][T20873]  ? clear_bhb_loop+0x40/0x90
[  469.030020][T20873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.030038][T20873] RIP: 0033:0x7f6c859be929
[  469.030052][T20873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  469.030067][T20873] RSP: 002b:00007f6c84027038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  469.030084][T20873] RAX: ffffffffffffffda RBX: 00007f6c85be5fa0 RCX: 00007f6c859be929
[  469.030169][T20873] RDX: 0000000000000001 RSI: 0000200000000300 RDI: 0000000000000003
[  469.030181][T20873] RBP: 00007f6c84027090 R08: 0000000000000000 R09: 0000000000000000
[  469.030192][T20873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  469.030232][T20873] R13: 0000000000000000 R14: 00007f6c85be5fa0 R15: 00007ffe068cf0e8
[  469.030292][T20873]  </TASK>
[  469.459130][T20881] loop5: detected capacity change from 0 to 2048
[  469.476401][T20881] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  469.499738][T13130] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  469.520830][T20887] FAULT_INJECTION: forcing a failure.
[  469.520830][T20887] name failslab, interval 1, probability 0, space 0, times 0
[  469.533622][T20887] CPU: 0 UID: 0 PID: 20887 Comm: syz.5.6162 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  469.533660][T20887] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  469.533681][T20887] Call Trace:
[  469.533689][T20887]  <TASK>
[  469.533700][T20887]  __dump_stack+0x1d/0x30
[  469.533782][T20887]  dump_stack_lvl+0xe8/0x140
[  469.533801][T20887]  dump_stack+0x15/0x1b
[  469.533891][T20887]  should_fail_ex+0x265/0x280
[  469.533929][T20887]  ? __pfx_loop_control_ioctl+0x10/0x10
[  469.534040][T20887]  ? loop_add+0x64/0x590
[  469.534076][T20887]  should_failslab+0x8c/0xb0
[  469.534104][T20887]  __kmalloc_cache_noprof+0x4c/0x320
[  469.534177][T20887]  ? __pfx_loop_control_ioctl+0x10/0x10
[  469.534213][T20887]  loop_add+0x64/0x590
[  469.534389][T20887]  ? __pfx_loop_control_ioctl+0x10/0x10
[  469.534425][T20887]  loop_control_ioctl+0xd0/0x3f0
[  469.534464][T20887]  ? __pfx_loop_control_ioctl+0x10/0x10
[  469.534577][T20887]  __se_sys_ioctl+0xcb/0x140
[  469.534614][T20887]  __x64_sys_ioctl+0x43/0x50
[  469.534760][T20887]  x64_sys_call+0x19a8/0x2fb0
[  469.534790][T20887]  do_syscall_64+0xd2/0x200
[  469.534828][T20887]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  469.534862][T20887]  ? clear_bhb_loop+0x40/0x90
[  469.534889][T20887]  ? clear_bhb_loop+0x40/0x90
[  469.534944][T20887]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  469.534971][T20887] RIP: 0033:0x7f6c859be929
[  469.534990][T20887] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  469.535013][T20887] RSP: 002b:00007f6c84027038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  469.535091][T20887] RAX: ffffffffffffffda RBX: 00007f6c85be5fa0 RCX: 00007f6c859be929
[  469.535148][T20887] RDX: 0000000007000000 RSI: 0000000000004c80 RDI: 0000000000000004
[  469.535160][T20887] RBP: 00007f6c84027090 R08: 0000000000000000 R09: 0000000000000000
[  469.535172][T20887] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  469.535184][T20887] R13: 0000000000000000 R14: 00007f6c85be5fa0 R15: 00007ffe068cf0e8
[  469.535203][T20887]  </TASK>
[  469.755942][T20887] loop5: detected capacity change from 0 to 2048
[  469.770444][T20887] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  469.784906][T20887] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.6162: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  469.802643][T20887] EXT4-fs (loop5): Remounting filesystem read-only
[  469.848529][T13130] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  469.949994][T20908] Invalid ELF header magic: != ELF
[  469.970514][T20901] lo speed is unknown, defaulting to 1000
[  470.029384][T20908] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  470.116043][T20901] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6167'.
[  470.150517][T20908] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  470.265483][T20908] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  470.401300][T20908] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  470.458174][T20936] FAULT_INJECTION: forcing a failure.
[  470.458174][T20936] name failslab, interval 1, probability 0, space 0, times 0
[  470.470937][T20936] CPU: 0 UID: 0 PID: 20936 Comm: syz.2.6180 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  470.470983][T20936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  470.470999][T20936] Call Trace:
[  470.471007][T20936]  <TASK>
[  470.471018][T20936]  __dump_stack+0x1d/0x30
[  470.471098][T20936]  dump_stack_lvl+0xe8/0x140
[  470.471117][T20936]  dump_stack+0x15/0x1b
[  470.471133][T20936]  should_fail_ex+0x265/0x280
[  470.471232][T20936]  should_failslab+0x8c/0xb0
[  470.471262][T20936]  kmem_cache_alloc_node_noprof+0x57/0x320
[  470.471292][T20936]  ? __alloc_skb+0x101/0x320
[  470.471320][T20936]  ? __rtnl_unlock+0x95/0xb0
[  470.471359][T20936]  __alloc_skb+0x101/0x320
[  470.471448][T20936]  netlink_ack+0xfd/0x500
[  470.471497][T20936]  netlink_rcv_skb+0x192/0x220
[  470.471585][T20936]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  470.471613][T20936]  rtnetlink_rcv+0x1c/0x30
[  470.471635][T20936]  netlink_unicast+0x59e/0x670
[  470.471675][T20936]  netlink_sendmsg+0x58b/0x6b0
[  470.471737][T20936]  ? __pfx_netlink_sendmsg+0x10/0x10
[  470.471756][T20936]  __sock_sendmsg+0x145/0x180
[  470.471782][T20936]  ____sys_sendmsg+0x31e/0x4e0
[  470.471827][T20936]  ___sys_sendmsg+0x17b/0x1d0
[  470.471909][T20936]  __x64_sys_sendmsg+0xd4/0x160
[  470.471948][T20936]  x64_sys_call+0x2999/0x2fb0
[  470.471996][T20936]  do_syscall_64+0xd2/0x200
[  470.472020][T20936]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  470.472127][T20936]  ? clear_bhb_loop+0x40/0x90
[  470.472156][T20936]  ? clear_bhb_loop+0x40/0x90
[  470.472184][T20936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  470.472264][T20936] RIP: 0033:0x7fec9c69e929
[  470.472285][T20936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  470.472308][T20936] RSP: 002b:00007fec9ad07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  470.472332][T20936] RAX: ffffffffffffffda RBX: 00007fec9c8c5fa0 RCX: 00007fec9c69e929
[  470.472348][T20936] RDX: 0000000004000080 RSI: 0000200000001200 RDI: 0000000000000003
[  470.472365][T20936] RBP: 00007fec9ad07090 R08: 0000000000000000 R09: 0000000000000000
[  470.472406][T20936] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  470.472423][T20936] R13: 0000000000000000 R14: 00007fec9c8c5fa0 R15: 00007ffc9549fbd8
[  470.472446][T20936]  </TASK>
[  470.734486][T13363] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  470.912860][T20946] loop6: detected capacity change from 0 to 164
[  470.920685][T20946] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  471.245557][T20908] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  471.257516][T20908] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  471.278968][T20908] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  471.294598][T20908] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  471.316966][T20959] loop6: detected capacity change from 0 to 512
[  471.339202][T20959] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  471.370118][T20959] ext4 filesystem being mounted at /300/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  471.387671][T20968] x_tables: unsorted underflow at hook 2
[  471.406872][T20968] loop5: detected capacity change from 0 to 512
[  471.423908][T20968] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  471.454113][T20968] EXT4-fs (loop5): 1 truncate cleaned up
[  471.460533][T20968] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  471.529884][T20976] netlink: 40 bytes leftover after parsing attributes in process `syz.5.6190'.
[  471.613439][T13130] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  471.725517][T16994] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  471.784665][T20988] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  471.808242][T20988] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  471.991603][T20995] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  472.000339][T20995] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  472.044219][T20997] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6202'.
[  472.094386][T20998] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  472.102675][T20998] SELinux: failed to load policy
[  472.176399][T21000] loop5: detected capacity change from 0 to 512
[  472.193341][T21000] EXT4-fs (loop5): 1 orphan inode deleted
[  472.200470][T21000] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  472.214747][T21000] ext4 filesystem being mounted at /562/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  472.443198][T21008] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  472.452151][T21008] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  472.599799][T21012] netlink: 3 bytes leftover after parsing attributes in process `syz.0.6207'.
[  472.611318][T21013] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=21013 comm=syz.0.6207
[  472.623949][T21013] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=21013 comm=syz.0.6207
[  472.910812][ T1644] __quota_error: 390 callbacks suppressed
[  472.910830][ T1644] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  472.926714][ T1644] EXT4-fs error (device loop5): ext4_release_dquot:6969: comm kworker/u8:7: Failed to release dquot type 1
[  472.938117][T21017] loop1: detected capacity change from 0 to 512
[  472.944771][   T29] audit: type=1400 audit(2000001149.476:20814): avc:  denied  { create } for  pid=21016 comm="syz.1.6208" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  472.946275][T21017] EXT4-fs (loop1): orphan cleanup on readonly fs
[  472.964694][   T29] audit: type=1400 audit(2000001149.476:20815): avc:  denied  { listen } for  pid=21016 comm="syz.1.6208" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  472.964722][   T29] audit: type=1400 audit(2000001149.476:20816): avc:  denied  { accept } for  pid=21016 comm="syz.1.6208" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  472.967027][T21000] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  472.971723][T21017] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.6208: bg 0: block 248: padding at end of block bitmap is not set
[  473.012809][T21012] 0ªX¹¦À: renamed from caif0
[  473.020703][T21017] Quota error (device loop1): write_blk: dquota write failed
[  473.046692][T21017] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  473.056647][T21017] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.6208: Failed to acquire dquot type 1
[  473.070018][T21012] 0ªX¹¦À: entered allmulticast mode
[  473.075491][T21012] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  473.100237][T21017] EXT4-fs (loop1): 1 truncate cleaned up
[  473.101375][T21017] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  473.138809][   T29] audit: type=1326 audit(2000001149.697:20817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21025 comm="syz.0.6211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001da6e929 code=0x7ffc0000
[  473.163993][T21017] EXT4-fs error (device loop1): ext4_lookup:1791: inode #2: comm syz.1.6208: deleted inode referenced: 12
[  473.178289][   T29] audit: type=1326 audit(2000001149.719:20818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21025 comm="syz.0.6211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001da6e929 code=0x7ffc0000
[  473.202484][   T29] audit: type=1326 audit(2000001149.719:20819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21025 comm="syz.0.6211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f001da6e929 code=0x7ffc0000
[  473.226343][   T29] audit: type=1326 audit(2000001149.719:20820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21025 comm="syz.0.6211" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001da6e929 code=0x7ffc0000
[  473.284808][T21034] loop6: detected capacity change from 0 to 128
[  473.300208][T13363] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  473.310296][T21034] vfat: Unknown parameter 'shor~œm»U™rznnt'
[  473.405407][T21045] loop5: detected capacity change from 0 to 8192
[  473.414131][T21043] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 80:00:00:00:00:85
[  473.428967][T21047] loop6: detected capacity change from 0 to 8192
[  473.441750][T21045]  loop5: p1 p3 p4
[  473.445549][T21045] loop5: p1 size 8390912 extends beyond EOD, truncated
[  473.456400][T21045] loop5: p3 size 589824 extends beyond EOD, truncated
[  473.479821][T21047]  loop6: p1 p3 p4
[  473.484065][T21047] loop6: p1 size 8390912 extends beyond EOD, truncated
[  473.518618][T21047] loop6: p3 size 589824 extends beyond EOD, truncated
[  473.603697][T21064] FAULT_INJECTION: forcing a failure.
[  473.603697][T21064] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  473.617081][T21064] CPU: 0 UID: 0 PID: 21064 Comm: syz.5.6228 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  473.617116][T21064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  473.617128][T21064] Call Trace:
[  473.617134][T21064]  <TASK>
[  473.617142][T21064]  __dump_stack+0x1d/0x30
[  473.617168][T21064]  dump_stack_lvl+0xe8/0x140
[  473.617270][T21064]  dump_stack+0x15/0x1b
[  473.617298][T21064]  should_fail_ex+0x265/0x280
[  473.617332][T21064]  should_fail+0xb/0x20
[  473.617386][T21064]  should_fail_usercopy+0x1a/0x20
[  473.617428][T21064]  _copy_from_user+0x1c/0xb0
[  473.617455][T21064]  __se_sys_mount+0x10d/0x2e0
[  473.617474][T21064]  ? fput+0x8f/0xc0
[  473.617553][T21064]  ? ksys_write+0x192/0x1a0
[  473.617597][T21064]  __x64_sys_mount+0x67/0x80
[  473.617621][T21064]  x64_sys_call+0xd36/0x2fb0
[  473.617695][T21064]  do_syscall_64+0xd2/0x200
[  473.617716][T21064]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  473.617747][T21064]  ? clear_bhb_loop+0x40/0x90
[  473.617837][T21064]  ? clear_bhb_loop+0x40/0x90
[  473.617864][T21064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  473.617887][T21064] RIP: 0033:0x7f6c859be929
[  473.617983][T21064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  473.618007][T21064] RSP: 002b:00007f6c84027038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  473.618026][T21064] RAX: ffffffffffffffda RBX: 00007f6c85be5fa0 RCX: 00007f6c859be929
[  473.618041][T21064] RDX: 0000200000000040 RSI: 0000200000000000 RDI: 0000000000000000
[  473.618056][T21064] RBP: 00007f6c84027090 R08: 0000200000001700 R09: 0000000000000000
[  473.618072][T21064] R10: 0000000000008000 R11: 0000000000000246 R12: 0000000000000001
[  473.618087][T21064] R13: 0000000000000000 R14: 00007f6c85be5fa0 R15: 00007ffe068cf0e8
[  473.618171][T21064]  </TASK>
[  473.819204][T21067] Invalid ELF header magic: != ELF
[  474.158138][T21081] pimreg: entered allmulticast mode
[  474.164855][T21081] pimreg: left allmulticast mode
[  474.315634][T21087] FAULT_INJECTION: forcing a failure.
[  474.315634][T21087] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  474.328808][T21087] CPU: 1 UID: 0 PID: 21087 Comm: syz.6.6232 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  474.328836][T21087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  474.328849][T21087] Call Trace:
[  474.328856][T21087]  <TASK>
[  474.328864][T21087]  __dump_stack+0x1d/0x30
[  474.328946][T21087]  dump_stack_lvl+0xe8/0x140
[  474.328969][T21087]  dump_stack+0x15/0x1b
[  474.328998][T21087]  should_fail_ex+0x265/0x280
[  474.329057][T21087]  should_fail+0xb/0x20
[  474.329157][T21087]  should_fail_usercopy+0x1a/0x20
[  474.329198][T21087]  _copy_from_user+0x1c/0xb0
[  474.329229][T21087]  kstrtouint_from_user+0x69/0xf0
[  474.329276][T21087]  ? 0xffffffff81000000
[  474.329343][T21087]  ? selinux_file_permission+0x1e4/0x320
[  474.329369][T21087]  proc_fail_nth_write+0x50/0x160
[  474.329413][T21087]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  474.329473][T21087]  vfs_write+0x266/0x8e0
[  474.329510][T21087]  ? vfs_read+0x47f/0x6f0
[  474.329620][T21087]  ? __rcu_read_unlock+0x4f/0x70
[  474.329708][T21087]  ? __fget_files+0x184/0x1c0
[  474.329737][T21087]  ksys_write+0xda/0x1a0
[  474.329814][T21087]  __x64_sys_write+0x40/0x50
[  474.329872][T21087]  x64_sys_call+0x2cdd/0x2fb0
[  474.329922][T21087]  do_syscall_64+0xd2/0x200
[  474.329945][T21087]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  474.329972][T21087]  ? clear_bhb_loop+0x40/0x90
[  474.329997][T21087]  ? clear_bhb_loop+0x40/0x90
[  474.330027][T21087]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  474.330092][T21087] RIP: 0033:0x7f6264c6d3df
[  474.330174][T21087] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  474.330197][T21087] RSP: 002b:00007f62632b6030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  474.330220][T21087] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6264c6d3df
[  474.330243][T21087] RDX: 0000000000000001 RSI: 00007f62632b60a0 RDI: 0000000000000003
[  474.330290][T21087] RBP: 00007f62632b6090 R08: 0000000000000000 R09: 0000000000000000
[  474.330302][T21087] R10: 0000200000008640 R11: 0000000000000293 R12: 0000000000000001
[  474.330318][T21087] R13: 0000000000000001 R14: 00007f6264e96080 R15: 00007ffe655c4b88
[  474.330341][T21087]  </TASK>
[  474.593461][T21089] loop5: detected capacity change from 0 to 8192
[  474.627785][T21089]  loop5: p1 p3 p4
[  474.627823][T21089] loop5: p1 size 8390912 extends beyond EOD, truncated
[  474.632553][T21089] loop5: p3 size 589824 extends beyond EOD, truncated
[  474.674652][T21098] FAULT_INJECTION: forcing a failure.
[  474.674652][T21098] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  474.687933][T21098] CPU: 1 UID: 0 PID: 21098 Comm: syz.2.6240 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  474.688034][T21098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  474.688047][T21098] Call Trace:
[  474.688054][T21098]  <TASK>
[  474.688063][T21098]  __dump_stack+0x1d/0x30
[  474.688088][T21098]  dump_stack_lvl+0xe8/0x140
[  474.688119][T21098]  dump_stack+0x15/0x1b
[  474.688136][T21098]  should_fail_ex+0x265/0x280
[  474.688171][T21098]  should_fail+0xb/0x20
[  474.688224][T21098]  should_fail_usercopy+0x1a/0x20
[  474.688259][T21098]  _copy_from_iter+0xcf/0xe40
[  474.688293][T21098]  ? __build_skb_around+0x1a0/0x200
[  474.688381][T21098]  ? __alloc_skb+0x223/0x320
[  474.688414][T21098]  netlink_sendmsg+0x471/0x6b0
[  474.688443][T21098]  ? __pfx_netlink_sendmsg+0x10/0x10
[  474.688476][T21098]  __sock_sendmsg+0x145/0x180
[  474.688579][T21098]  ____sys_sendmsg+0x31e/0x4e0
[  474.688615][T21098]  ___sys_sendmsg+0x17b/0x1d0
[  474.688677][T21098]  __x64_sys_sendmsg+0xd4/0x160
[  474.688743][T21098]  x64_sys_call+0x2999/0x2fb0
[  474.688765][T21098]  do_syscall_64+0xd2/0x200
[  474.688783][T21098]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  474.688846][T21098]  ? clear_bhb_loop+0x40/0x90
[  474.688871][T21098]  ? clear_bhb_loop+0x40/0x90
[  474.688936][T21098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  474.688957][T21098] RIP: 0033:0x7fec9c69e929
[  474.688973][T21098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  474.688991][T21098] RSP: 002b:00007fec9ad07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  474.689014][T21098] RAX: ffffffffffffffda RBX: 00007fec9c8c5fa0 RCX: 00007fec9c69e929
[  474.689104][T21098] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000003
[  474.689168][T21098] RBP: 00007fec9ad07090 R08: 0000000000000000 R09: 0000000000000000
[  474.689181][T21098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  474.689264][T21098] R13: 0000000000000000 R14: 00007fec9c8c5fa0 R15: 00007ffc9549fbd8
[  474.689284][T21098]  </TASK>
[  474.738737][T21104] Invalid ELF header magic: != ELF
[  474.776419][T21110] SELinux:  policydb magic number 0x2 does not match expected magic number 0xf97cff8c
[  474.966509][T21110] SELinux: failed to load policy
[  474.979249][T21104] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  475.055922][T21130] 8021q: VLANs not supported on vxcan1
[  475.099907][T21104] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  475.203405][T21104] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  475.324949][T21104] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  475.343580][T21155] FAULT_INJECTION: forcing a failure.
[  475.343580][T21155] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  475.357366][T21155] CPU: 1 UID: 0 PID: 21155 Comm: syz.2.6258 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  475.357401][T21155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  475.357421][T21155] Call Trace:
[  475.357429][T21155]  <TASK>
[  475.357438][T21155]  __dump_stack+0x1d/0x30
[  475.357466][T21155]  dump_stack_lvl+0xe8/0x140
[  475.357491][T21155]  dump_stack+0x15/0x1b
[  475.357513][T21155]  should_fail_ex+0x265/0x280
[  475.357616][T21155]  should_fail+0xb/0x20
[  475.357654][T21155]  should_fail_usercopy+0x1a/0x20
[  475.357709][T21155]  _copy_from_iter+0xcf/0xe40
[  475.357755][T21155]  ? __build_skb_around+0x1a0/0x200
[  475.357791][T21155]  ? __alloc_skb+0x223/0x320
[  475.357850][T21155]  pfkey_sendmsg+0x126/0x900
[  475.357894][T21155]  ? avc_has_perm+0xd3/0x150
[  475.357930][T21155]  ? selinux_socket_sendmsg+0x175/0x1b0
[  475.357986][T21155]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  475.358023][T21155]  __sock_sendmsg+0x145/0x180
[  475.358078][T21155]  ____sys_sendmsg+0x31e/0x4e0
[  475.358162][T21155]  ___sys_sendmsg+0x17b/0x1d0
[  475.358219][T21155]  __x64_sys_sendmsg+0xd4/0x160
[  475.358335][T21155]  x64_sys_call+0x2999/0x2fb0
[  475.358363][T21155]  do_syscall_64+0xd2/0x200
[  475.358432][T21155]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  475.358510][T21155]  ? clear_bhb_loop+0x40/0x90
[  475.358534][T21155]  ? clear_bhb_loop+0x40/0x90
[  475.358563][T21155]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  475.358591][T21155] RIP: 0033:0x7fec9c69e929
[  475.358610][T21155] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  475.358645][T21155] RSP: 002b:00007fec9ad07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  475.358670][T21155] RAX: ffffffffffffffda RBX: 00007fec9c8c5fa0 RCX: 00007fec9c69e929
[  475.358686][T21155] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  475.358743][T21155] RBP: 00007fec9ad07090 R08: 0000000000000000 R09: 0000000000000000
[  475.358755][T21155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  475.358770][T21155] R13: 0000000000000000 R14: 00007fec9c8c5fa0 R15: 00007ffc9549fbd8
[  475.358791][T21155]  </TASK>
[  475.613441][T21162] xt_bpf: check failed: parse error
[  475.645757][T21166] FAULT_INJECTION: forcing a failure.
[  475.645757][T21166] name failslab, interval 1, probability 0, space 0, times 0
[  475.659395][T21166] CPU: 0 UID: 0 PID: 21166 Comm: syz.2.6263 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  475.659424][T21166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  475.659436][T21166] Call Trace:
[  475.659443][T21166]  <TASK>
[  475.659452][T21166]  __dump_stack+0x1d/0x30
[  475.659480][T21166]  dump_stack_lvl+0xe8/0x140
[  475.659572][T21166]  dump_stack+0x15/0x1b
[  475.659594][T21166]  should_fail_ex+0x265/0x280
[  475.659633][T21166]  should_failslab+0x8c/0xb0
[  475.659720][T21166]  __kvmalloc_node_noprof+0x123/0x4e0
[  475.659756][T21166]  ? xt_alloc_table_info+0x3b/0x80
[  475.659842][T21166]  ? should_fail_ex+0xdb/0x280
[  475.659880][T21166]  xt_alloc_table_info+0x3b/0x80
[  475.659967][T21166]  do_ipt_set_ctl+0x59c/0x820
[  475.660001][T21166]  ? _raw_spin_unlock_bh+0x36/0x40
[  475.660029][T21166]  ? tcp_release_cb+0xf1/0x370
[  475.660135][T21166]  nf_setsockopt+0x196/0x1b0
[  475.660160][T21166]  ip_setsockopt+0x102/0x110
[  475.660193][T21166]  ipv6_setsockopt+0xfb/0x130
[  475.660220][T21166]  tcp_setsockopt+0x98/0xb0
[  475.660295][T21166]  sock_common_setsockopt+0x66/0x80
[  475.660325][T21166]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  475.660356][T21166]  __sys_setsockopt+0x181/0x200
[  475.660479][T21166]  __x64_sys_setsockopt+0x64/0x80
[  475.660596][T21166]  x64_sys_call+0x2bd5/0x2fb0
[  475.660624][T21166]  do_syscall_64+0xd2/0x200
[  475.660645][T21166]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  475.660732][T21166]  ? clear_bhb_loop+0x40/0x90
[  475.660755][T21166]  ? clear_bhb_loop+0x40/0x90
[  475.660779][T21166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  475.660803][T21166] RIP: 0033:0x7fec9c69e929
[  475.660820][T21166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  475.660904][T21166] RSP: 002b:00007fec9ad07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  475.660928][T21166] RAX: ffffffffffffffda RBX: 00007fec9c8c5fa0 RCX: 00007fec9c69e929
[  475.660942][T21166] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000004
[  475.660954][T21166] RBP: 00007fec9ad07090 R08: 00000000000004c8 R09: 0000000000000000
[  475.660966][T21166] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  475.661034][T21166] R13: 0000000000000000 R14: 00007fec9c8c5fa0 R15: 00007ffc9549fbd8
[  475.661059][T21166]  </TASK>
[  475.926783][T21169] FAULT_INJECTION: forcing a failure.
[  475.926783][T21169] name failslab, interval 1, probability 0, space 0, times 0
[  475.939578][T21169] CPU: 1 UID: 0 PID: 21169 Comm: syz.1.6265 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  475.939611][T21169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  475.939627][T21169] Call Trace:
[  475.939636][T21169]  <TASK>
[  475.939645][T21169]  __dump_stack+0x1d/0x30
[  475.939671][T21169]  dump_stack_lvl+0xe8/0x140
[  475.939746][T21169]  dump_stack+0x15/0x1b
[  475.939765][T21169]  should_fail_ex+0x265/0x280
[  475.939803][T21169]  should_failslab+0x8c/0xb0
[  475.939831][T21169]  kmem_cache_alloc_noprof+0x50/0x310
[  475.939892][T21169]  ? __inet_bhash2_update_saddr+0x12f/0xd40
[  475.939955][T21169]  __inet_bhash2_update_saddr+0x12f/0xd40
[  475.940003][T21169]  ? ip_route_output_flow+0xf1/0x130
[  475.940125][T21169]  inet_bhash2_update_saddr+0x25/0x30
[  475.940170][T21169]  tcp_v4_connect+0x60b/0xac0
[  475.940227][T21169]  mptcp_connect+0x4ac/0x7e0
[  475.940333][T21169]  __inet_stream_connect+0x166/0x7e0
[  475.940425][T21169]  ? tcp_sendmsg_fastopen+0x172/0x520
[  475.940481][T21169]  ? should_failslab+0x8c/0xb0
[  475.940511][T21169]  ? __kmalloc_cache_noprof+0x189/0x320
[  475.940550][T21169]  tcp_sendmsg_fastopen+0x43a/0x520
[  475.940632][T21169]  mptcp_sendmsg_fastopen+0x122/0x320
[  475.940669][T21169]  mptcp_sendmsg+0xe22/0xf00
[  475.940704][T21169]  ? selinux_socket_sendmsg+0x175/0x1b0
[  475.940751][T21169]  ? __pfx_mptcp_sendmsg+0x10/0x10
[  475.940819][T21169]  inet_sendmsg+0xc2/0xd0
[  475.940894][T21169]  __sock_sendmsg+0x102/0x180
[  475.940927][T21169]  ____sys_sendmsg+0x345/0x4e0
[  475.941047][T21169]  ___sys_sendmsg+0x17b/0x1d0
[  475.941131][T21169]  __sys_sendmmsg+0x178/0x300
[  475.941169][T21169]  __x64_sys_sendmmsg+0x57/0x70
[  475.941194][T21169]  x64_sys_call+0x2f2f/0x2fb0
[  475.941223][T21169]  do_syscall_64+0xd2/0x200
[  475.941283][T21169]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  475.941400][T21169]  ? clear_bhb_loop+0x40/0x90
[  475.941427][T21169]  ? clear_bhb_loop+0x40/0x90
[  475.941454][T21169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  475.941542][T21169] RIP: 0033:0x7f7783e4e929
[  475.941562][T21169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  475.941586][T21169] RSP: 002b:00007f77824b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  475.941611][T21169] RAX: ffffffffffffffda RBX: 00007f7784075fa0 RCX: 00007f7783e4e929
[  475.941627][T21169] RDX: 0000000000000001 RSI: 0000200000003a80 RDI: 0000000000000003
[  475.941642][T21169] RBP: 00007f77824b7090 R08: 0000000000000000 R09: 0000000000000000
[  475.941694][T21169] R10: 000000002c000011 R11: 0000000000000246 R12: 0000000000000001
[  475.941709][T21169] R13: 0000000000000000 R14: 00007f7784075fa0 R15: 00007ffd688f6f88
[  475.941734][T21169]  </TASK>
[  475.951580][T21170] netlink: 'syz.0.6264': attribute type 4 has an invalid length.
[  476.225814][T21170] netlink: 152 bytes leftover after parsing attributes in process `syz.0.6264'.
[  476.237772][T21170] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  476.273175][T21182] loop1: detected capacity change from 0 to 512
[  476.304232][T21182] EXT4-fs warning (device loop1): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[  476.344113][T21182] EXT4-fs (loop1): mount failed
[  476.379790][T21198] FAULT_INJECTION: forcing a failure.
[  476.379790][T21198] name failslab, interval 1, probability 0, space 0, times 0
[  476.392604][T21198] CPU: 0 UID: 0 PID: 21198 Comm: syz.0.6275 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  476.392642][T21198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  476.392659][T21198] Call Trace:
[  476.392667][T21198]  <TASK>
[  476.392675][T21198]  __dump_stack+0x1d/0x30
[  476.392703][T21198]  dump_stack_lvl+0xe8/0x140
[  476.392737][T21198]  dump_stack+0x15/0x1b
[  476.392758][T21198]  should_fail_ex+0x265/0x280
[  476.392789][T21198]  ? genl_start+0x117/0x390
[  476.392816][T21198]  should_failslab+0x8c/0xb0
[  476.392909][T21198]  __kmalloc_cache_noprof+0x4c/0x320
[  476.392987][T21198]  genl_start+0x117/0x390
[  476.393021][T21198]  __netlink_dump_start+0x331/0x520
[  476.393186][T21198]  genl_family_rcv_msg_dumpit+0x115/0x180
[  476.393220][T21198]  ? __pfx_genl_start+0x10/0x10
[  476.393244][T21198]  ? __pfx_genl_dumpit+0x10/0x10
[  476.393275][T21198]  ? __pfx_genl_done+0x10/0x10
[  476.393335][T21198]  genl_rcv_msg+0x3f0/0x460
[  476.393376][T21198]  ? __pfx_batadv_tt_global_dump+0x10/0x10
[  476.393453][T21198]  netlink_rcv_skb+0x120/0x220
[  476.393487][T21198]  ? __pfx_genl_rcv_msg+0x10/0x10
[  476.393557][T21198]  genl_rcv+0x28/0x40
[  476.393579][T21198]  netlink_unicast+0x59e/0x670
[  476.393611][T21198]  netlink_sendmsg+0x58b/0x6b0
[  476.393639][T21198]  ? __pfx_netlink_sendmsg+0x10/0x10
[  476.393739][T21198]  __sock_sendmsg+0x145/0x180
[  476.393766][T21198]  ____sys_sendmsg+0x31e/0x4e0
[  476.393802][T21198]  ___sys_sendmsg+0x17b/0x1d0
[  476.393936][T21198]  __x64_sys_sendmsg+0xd4/0x160
[  476.393981][T21198]  x64_sys_call+0x2999/0x2fb0
[  476.394008][T21198]  do_syscall_64+0xd2/0x200
[  476.394026][T21198]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  476.394070][T21198]  ? clear_bhb_loop+0x40/0x90
[  476.394111][T21198]  ? clear_bhb_loop+0x40/0x90
[  476.394207][T21198]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  476.394232][T21198] RIP: 0033:0x7f001da6e929
[  476.394248][T21198] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  476.394266][T21198] RSP: 002b:00007f001c0d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  476.394285][T21198] RAX: ffffffffffffffda RBX: 00007f001dc95fa0 RCX: 00007f001da6e929
[  476.394297][T21198] RDX: 0000000004000048 RSI: 0000200000000240 RDI: 0000000000000004
[  476.394327][T21198] RBP: 00007f001c0d7090 R08: 0000000000000000 R09: 0000000000000000
[  476.394343][T21198] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  476.394432][T21198] R13: 0000000000000000 R14: 00007f001dc95fa0 R15: 00007fff77d177d8
[  476.394457][T21198]  </TASK>
[  476.712997][T21205] FAULT_INJECTION: forcing a failure.
[  476.712997][T21205] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  476.726243][T21205] CPU: 0 UID: 0 PID: 21205 Comm: syz.6.6278 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  476.726279][T21205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  476.726294][T21205] Call Trace:
[  476.726300][T21205]  <TASK>
[  476.726320][T21205]  __dump_stack+0x1d/0x30
[  476.726341][T21205]  dump_stack_lvl+0xe8/0x140
[  476.726360][T21205]  dump_stack+0x15/0x1b
[  476.726379][T21205]  should_fail_ex+0x265/0x280
[  476.726418][T21205]  should_fail+0xb/0x20
[  476.726527][T21205]  should_fail_usercopy+0x1a/0x20
[  476.726570][T21205]  _copy_from_iter+0xcf/0xe40
[  476.726613][T21205]  ? __build_skb_around+0x1a0/0x200
[  476.726705][T21205]  ? __alloc_skb+0x223/0x320
[  476.726743][T21205]  pfkey_sendmsg+0x126/0x900
[  476.726786][T21205]  ? avc_has_perm+0xd3/0x150
[  476.726823][T21205]  ? selinux_socket_sendmsg+0x175/0x1b0
[  476.726959][T21205]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  476.727000][T21205]  __sock_sendmsg+0x145/0x180
[  476.727029][T21205]  ____sys_sendmsg+0x31e/0x4e0
[  476.727148][T21205]  ___sys_sendmsg+0x17b/0x1d0
[  476.727209][T21205]  __x64_sys_sendmsg+0xd4/0x160
[  476.727330][T21205]  x64_sys_call+0x2999/0x2fb0
[  476.727356][T21205]  do_syscall_64+0xd2/0x200
[  476.727421][T21205]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  476.727452][T21205]  ? clear_bhb_loop+0x40/0x90
[  476.727503][T21205]  ? clear_bhb_loop+0x40/0x90
[  476.727529][T21205]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  476.727626][T21205] RIP: 0033:0x7f6264c6e929
[  476.727647][T21205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  476.727722][T21205] RSP: 002b:00007f62632d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  476.727747][T21205] RAX: ffffffffffffffda RBX: 00007f6264e95fa0 RCX: 00007f6264c6e929
[  476.727764][T21205] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  476.727780][T21205] RBP: 00007f62632d7090 R08: 0000000000000000 R09: 0000000000000000
[  476.727793][T21205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  476.727809][T21205] R13: 0000000000000000 R14: 00007f6264e95fa0 R15: 00007ffe655c4b88
[  476.727833][T21205]  </TASK>
[  476.982099][T21212] bond0: (slave dummy0): Releasing backup interface
[  476.996618][T21212] batman_adv: batadv0: Adding interface: dummy0
[  477.002961][T21212] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  477.028393][T21212] batman_adv: batadv0: Not using interface dummy0 (retrying later): interface not active
[  477.114153][T21218] xt_connbytes: Forcing CT accounting to be enabled
[  477.122478][T21218] set match dimension is over the limit!
[  477.297180][T21234] FAULT_INJECTION: forcing a failure.
[  477.297180][T21234] name failslab, interval 1, probability 0, space 0, times 0
[  477.309902][T21234] CPU: 0 UID: 0 PID: 21234 Comm: syz.0.6288 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  477.309930][T21234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  477.309945][T21234] Call Trace:
[  477.309966][T21234]  <TASK>
[  477.309977][T21234]  __dump_stack+0x1d/0x30
[  477.310004][T21234]  dump_stack_lvl+0xe8/0x140
[  477.310029][T21234]  dump_stack+0x15/0x1b
[  477.310049][T21234]  should_fail_ex+0x265/0x280
[  477.310127][T21234]  should_failslab+0x8c/0xb0
[  477.310157][T21234]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  477.310193][T21234]  ? shmem_alloc_inode+0x34/0x50
[  477.310291][T21234]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  477.310317][T21234]  shmem_alloc_inode+0x34/0x50
[  477.310338][T21234]  alloc_inode+0x3d/0x170
[  477.310436][T21234]  new_inode+0x1d/0xe0
[  477.310461][T21234]  shmem_get_inode+0x244/0x750
[  477.310488][T21234]  shmem_mknod+0x46/0x180
[  477.310568][T21234]  shmem_create+0x34/0x50
[  477.310590][T21234]  ? __pfx_shmem_create+0x10/0x10
[  477.310614][T21234]  path_openat+0x1102/0x2170
[  477.310660][T21234]  do_filp_open+0x109/0x230
[  477.310761][T21234]  do_sys_openat2+0xa6/0x110
[  477.310798][T21234]  __x64_sys_open+0xe6/0x110
[  477.310850][T21234]  x64_sys_call+0x14d4/0x2fb0
[  477.310875][T21234]  do_syscall_64+0xd2/0x200
[  477.310924][T21234]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  477.311016][T21234]  ? clear_bhb_loop+0x40/0x90
[  477.311039][T21234]  ? clear_bhb_loop+0x40/0x90
[  477.311122][T21234]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  477.311151][T21234] RIP: 0033:0x7f001da6e929
[  477.311168][T21234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  477.311189][T21234] RSP: 002b:00007f001c0d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[  477.311208][T21234] RAX: ffffffffffffffda RBX: 00007f001dc95fa0 RCX: 00007f001da6e929
[  477.311220][T21234] RDX: 0000000000000000 RSI: 000000000014507e RDI: 0000200000000780
[  477.311232][T21234] RBP: 00007f001c0d7090 R08: 0000000000000000 R09: 0000000000000000
[  477.311244][T21234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  477.311255][T21234] R13: 0000000000000000 R14: 00007f001dc95fa0 R15: 00007fff77d177d8
[  477.311330][T21234]  </TASK>
[  477.688623][T21235] lo speed is unknown, defaulting to 1000
[  477.846190][T21231] loop1: detected capacity change from 0 to 8192
[  477.949060][T21231]  loop1: p1 p3 p4
[  477.953099][T21231] loop1: p1 size 8390912 extends beyond EOD, truncated
[  478.029034][T21231] loop1: p3 size 589824 extends beyond EOD, truncated
[  478.437609][T21248] loop6: detected capacity change from 0 to 8192
[  478.497919][T21248]  loop6: p1 p3 p4
[  478.504515][T21248] loop6: p1 size 8390912 extends beyond EOD, truncated
[  478.521016][T21248] loop6: p3 size 589824 extends beyond EOD, truncated
[  478.544863][   T29] kauditd_printk_skb: 229 callbacks suppressed
[  478.544881][   T29] audit: type=1400 audit(2000001155.388:21049): avc:  denied  { write } for  pid=21252 comm="syz.1.6294" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  478.874704][T21267] loop6: detected capacity change from 0 to 2048
[  478.885248][T21271] netlink: 'syz.0.6303': attribute type 4 has an invalid length.
[  478.893154][T21271] netlink: 152 bytes leftover after parsing attributes in process `syz.0.6303'.
[  478.904779][T21271] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  478.922981][T21267] EXT4-fs (loop6): failed to initialize system zone (-117)
[  478.932194][T21267] EXT4-fs (loop6): mount failed
[  479.136738][   T29] audit: type=1400 audit(2000001156.020:21050): avc:  denied  { setopt } for  pid=21278 comm="syz.2.6306" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  479.174648][T21284] netlink: 'syz.6.6307': attribute type 4 has an invalid length.
[  479.182508][T21284] netlink: 152 bytes leftover after parsing attributes in process `syz.6.6307'.
[  479.192016][T21284] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  479.218274][T21104] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  479.227380][   T29] audit: type=1400 audit(2000001156.104:21051): avc:  denied  { read } for  pid=21285 comm="syz.2.6308" name="event2" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  479.250943][   T29] audit: type=1400 audit(2000001156.104:21052): avc:  denied  { open } for  pid=21285 comm="syz.2.6308" path="/dev/input/event2" dev="devtmpfs" ino=245 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  479.275262][   T29] audit: type=1400 audit(2000001156.104:21053): avc:  denied  { ioctl } for  pid=21285 comm="syz.2.6308" path="/dev/input/event2" dev="devtmpfs" ino=245 ioctlcmd=0x450a scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  479.304073][T21287] xt_connbytes: Forcing CT accounting to be enabled
[  479.304557][T21104] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  479.320906][T21287] set match dimension is over the limit!
[  479.349363][   T29] audit: type=1400 audit(2000001156.230:21054): avc:  denied  { read } for  pid=21288 comm="syz.6.6309" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  479.356450][T21104] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  479.383360][T21104] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  479.414396][   T29] audit: type=1400 audit(2000001156.304:21055): avc:  denied  { shutdown } for  pid=21288 comm="syz.6.6309" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  479.440127][T21294] loop6: detected capacity change from 0 to 512
[  479.446603][   T29] audit: type=1400 audit(2000001156.336:21056): avc:  denied  { mounton } for  pid=21288 comm="syz.6.6309" path="/syzcgroup/unified/syz6" dev="cgroup2" ino=249 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=dir permissive=1
[  479.529861][T21294] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  479.557120][T21293] loop5: detected capacity change from 0 to 8192
[  479.563636][T21294] ext4 filesystem being mounted at /330/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  479.598744][   T29] audit: type=1400 audit(2000001156.494:21057): avc:  denied  { write } for  pid=21288 comm="syz.6.6309" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  479.623216][   T29] audit: type=1400 audit(2000001156.525:21058): avc:  denied  { write } for  pid=21288 comm="syz.6.6309" path="socket:[75524]" dev="sockfs" ino=75524 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  479.648723][T21293]  loop5: p1 p3 p4
[  479.652591][T21293] loop5: p1 size 8390912 extends beyond EOD, truncated
[  479.660816][T21293] loop5: p3 size 589824 extends beyond EOD, truncated
[  479.747268][T21277] Set syz1 is full, maxelem 65536 reached
[  479.753781][T16994] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  479.798720][T21302] loop5: detected capacity change from 0 to 2048
[  479.843576][T21314] netlink: 'syz.0.6319': attribute type 4 has an invalid length.
[  479.851512][T21314] netlink: 152 bytes leftover after parsing attributes in process `syz.0.6319'.
[  479.861345][T21314] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  479.868724][T21302] Alternate GPT is invalid, using primary GPT.
[  479.883265][T21302]  loop5: p2 p3 p7
[  479.884417][T21317] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6315'.
[  479.896793][T21317] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6315'.
[  480.043207][T21321] loop1: detected capacity change from 0 to 8192
[  480.066562][T21331] netlink: 14 bytes leftover after parsing attributes in process `syz.6.6327'.
[  480.094184][T21321]  loop1: p1 p3 p4
[  480.099222][T21321] loop1: p1 size 8390912 extends beyond EOD, truncated
[  480.116251][T21321] loop1: p3 size 589824 extends beyond EOD, truncated
[  480.132494][T21327] loop5: detected capacity change from 0 to 164
[  480.141979][T21327] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  480.286722][T21339] netlink: 84 bytes leftover after parsing attributes in process `syz.0.6330'.
[  480.339044][T21350] netlink: 'syz.0.6333': attribute type 4 has an invalid length.
[  480.346965][T21350] netlink: 152 bytes leftover after parsing attributes in process `syz.0.6333'.
[  480.372905][T21352] loop1: detected capacity change from 0 to 2048
[  480.376838][T21350] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  480.408302][T21352] EXT4-fs (loop1): failed to initialize system zone (-117)
[  480.416957][T21352] EXT4-fs (loop1): mount failed
[  480.459380][T21360] loop1: detected capacity change from 0 to 128
[  480.471219][T21360] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  480.485138][T21360] ext4 filesystem being mounted at /563/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  480.497473][T21360] EXT4-fs warning (device loop1): ext4_group_add:1736: No reserved GDT blocks, can't resize
[  480.523091][T13363] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  480.693184][T21369] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  480.701256][T21369] SELinux: failed to load policy
[  481.366381][T21366] loop1: detected capacity change from 0 to 8192
[  481.490338][T21366]  loop1: p1 p3 p4
[  481.497963][T21366] loop1: p1 size 8390912 extends beyond EOD, truncated
[  481.507363][T21366] loop1: p3 size 589824 extends beyond EOD, truncated
[  481.548655][T21393] netlink: 'syz.5.6347': attribute type 4 has an invalid length.
[  481.556539][T21393] netlink: 152 bytes leftover after parsing attributes in process `syz.5.6347'.
[  481.591304][T21382] xt_hashlimit: max too large, truncated to 1048576
[  481.598956][T21382] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  481.674715][T21393] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  481.948434][T21391] loop6: detected capacity change from 0 to 8192
[  481.999155][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  482.008722][T21391]  loop6: p1 p3 p4
[  482.012791][T21391] loop6: p1 size 8390912 extends beyond EOD, truncated
[  482.022394][T21391] loop6: p3 size 589824 extends beyond EOD, truncated
[  482.045712][T21403] FAULT_INJECTION: forcing a failure.
[  482.045712][T21403] name failslab, interval 1, probability 0, space 0, times 0
[  482.058455][T21403] CPU: 1 UID: 0 PID: 21403 Comm: syz.1.6348 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  482.058492][T21403] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  482.058507][T21403] Call Trace:
[  482.058513][T21403]  <TASK>
[  482.058521][T21403]  __dump_stack+0x1d/0x30
[  482.058621][T21403]  dump_stack_lvl+0xe8/0x140
[  482.058650][T21403]  dump_stack+0x15/0x1b
[  482.058673][T21403]  should_fail_ex+0x265/0x280
[  482.058750][T21403]  should_failslab+0x8c/0xb0
[  482.058785][T21403]  __kmalloc_noprof+0xa5/0x3e0
[  482.058820][T21403]  ? copy_splice_read+0xc2/0x5f0
[  482.058877][T21403]  copy_splice_read+0xc2/0x5f0
[  482.058928][T21403]  ? __pfx_copy_splice_read+0x10/0x10
[  482.058978][T21403]  splice_direct_to_actor+0x26c/0x680
[  482.059028][T21403]  ? __pfx_direct_splice_actor+0x10/0x10
[  482.059079][T21403]  do_splice_direct+0xda/0x150
[  482.059117][T21403]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  482.059219][T21403]  do_sendfile+0x380/0x650
[  482.059315][T21403]  __x64_sys_sendfile64+0x105/0x150
[  482.059352][T21403]  x64_sys_call+0xb39/0x2fb0
[  482.059384][T21403]  do_syscall_64+0xd2/0x200
[  482.059410][T21403]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  482.059511][T21403]  ? clear_bhb_loop+0x40/0x90
[  482.059583][T21403]  ? clear_bhb_loop+0x40/0x90
[  482.059669][T21403]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  482.059702][T21403] RIP: 0033:0x7f7783e4e929
[  482.059724][T21403] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  482.059749][T21403] RSP: 002b:00007f7782475038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  482.059770][T21403] RAX: ffffffffffffffda RBX: 00007f7784076160 RCX: 00007f7783e4e929
[  482.059784][T21403] RDX: 0000000000000000 RSI: 000000000000000b RDI: 000000000000000c
[  482.059798][T21403] RBP: 00007f7782475090 R08: 0000000000000000 R09: 0000000000000000
[  482.059824][T21403] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  482.059837][T21403] R13: 0000000000000000 R14: 00007f7784076160 R15: 00007ffd688f6f88
[  482.059858][T21403]  </TASK>
[  482.567336][T21409] loop6: detected capacity change from 0 to 764
[  482.693704][T21409] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  482.785903][T21419] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  482.794126][T21419] SELinux: failed to load policy
[  483.646219][   T29] kauditd_printk_skb: 226 callbacks suppressed
[  483.646236][   T29] audit: type=1326 audit(2000001160.770:21285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21414 comm="syz.2.6355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec9c69e929 code=0x7ffc0000
[  483.676101][   T29] audit: type=1326 audit(2000001160.770:21286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21414 comm="syz.2.6355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec9c69e929 code=0x7ffc0000
[  483.860547][T21434] IPv6: NLM_F_CREATE should be specified when creating new route
[  483.879520][   T29] audit: type=1326 audit(2000001161.002:21287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21426 comm="syz.2.6359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec9c69e929 code=0x7ffc0000
[  483.903338][   T29] audit: type=1326 audit(2000001161.002:21288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21426 comm="syz.2.6359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec9c69e929 code=0x7ffc0000
[  483.927057][   T29] audit: type=1326 audit(2000001161.002:21289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21426 comm="syz.2.6359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec9c69e929 code=0x7ffc0000
[  483.951144][   T29] audit: type=1326 audit(2000001161.002:21290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21426 comm="syz.2.6359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec9c69e929 code=0x7ffc0000
[  483.974812][   T29] audit: type=1326 audit(2000001161.002:21291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21426 comm="syz.2.6359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec9c69e929 code=0x7ffc0000
[  483.998428][   T29] audit: type=1326 audit(2000001161.002:21292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21426 comm="syz.2.6359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec9c69e929 code=0x7ffc0000
[  484.022022][   T29] audit: type=1326 audit(2000001161.002:21293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21426 comm="syz.2.6359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec9c69e929 code=0x7ffc0000
[  484.045827][   T29] audit: type=1326 audit(2000001161.002:21294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21426 comm="syz.2.6359" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec9c69e929 code=0x7ffc0000
[  484.403397][T21452] loop5: detected capacity change from 0 to 1024
[  484.461168][T21460] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 80:00:00:00:00:85
[  484.607618][T21471] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  484.616008][T21471] SELinux: failed to load policy
[  484.698843][T21468] sd 0:0:1:0: device reset
[  484.778256][T21479] FAULT_INJECTION: forcing a failure.
[  484.778256][T21479] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  484.791562][T21479] CPU: 0 UID: 0 PID: 21479 Comm: syz.0.6373 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  484.791591][T21479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  484.791608][T21479] Call Trace:
[  484.791615][T21479]  <TASK>
[  484.791646][T21479]  __dump_stack+0x1d/0x30
[  484.791674][T21479]  dump_stack_lvl+0xe8/0x140
[  484.791700][T21479]  dump_stack+0x15/0x1b
[  484.791722][T21479]  should_fail_ex+0x265/0x280
[  484.791829][T21479]  should_fail+0xb/0x20
[  484.791857][T21479]  should_fail_usercopy+0x1a/0x20
[  484.791912][T21479]  strncpy_from_user+0x25/0x230
[  484.791948][T21479]  strncpy_from_user_nofault+0x68/0xf0
[  484.791976][T21479]  bpf_bprintf_prepare+0x8f3/0xd50
[  484.792051][T21479]  ? bpf_trace_run2+0xf5/0x1c0
[  484.792079][T21479]  bpf_trace_printk+0x84/0x1c0
[  484.792115][T21479]  ? bpf_trace_run2+0xf5/0x1c0
[  484.792147][T21479]  bpf_prog_7c77c7e0f6645ad8+0x3e/0x44
[  484.792169][T21479]  bpf_trace_run2+0x104/0x1c0
[  484.792289][T21479]  ? do_getxattr+0x259/0x2a0
[  484.792310][T21479]  ? do_getxattr+0x259/0x2a0
[  484.792330][T21479]  __traceiter_kfree+0x2e/0x50
[  484.792356][T21479]  ? do_getxattr+0x259/0x2a0
[  484.792380][T21479]  kfree+0x27b/0x320
[  484.792421][T21479]  do_getxattr+0x259/0x2a0
[  484.792446][T21479]  path_getxattrat+0x22c/0x2a0
[  484.792485][T21479]  __x64_sys_fgetxattr+0x59/0x70
[  484.792520][T21479]  x64_sys_call+0x2a12/0x2fb0
[  484.792549][T21479]  do_syscall_64+0xd2/0x200
[  484.792572][T21479]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  484.792606][T21479]  ? clear_bhb_loop+0x40/0x90
[  484.792627][T21479]  ? clear_bhb_loop+0x40/0x90
[  484.792671][T21479]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  484.792700][T21479] RIP: 0033:0x7f001da6e929
[  484.792719][T21479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  484.792774][T21479] RSP: 002b:00007f001c0d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c1
[  484.792800][T21479] RAX: ffffffffffffffda RBX: 00007f001dc95fa0 RCX: 00007f001da6e929
[  484.792812][T21479] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  484.792826][T21479] RBP: 00007f001c0d7090 R08: 0000000000000000 R09: 0000000000000000
[  484.792842][T21479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  484.792918][T21479] R13: 0000000000000000 R14: 00007f001dc95fa0 R15: 00007fff77d177d8
[  484.792938][T21479]  </TASK>
[  485.150446][T21482] loop5: detected capacity change from 0 to 2048
[  485.176205][T21482] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  485.235834][T21482] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.6374: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  485.381600][T21488] wireguard2: entered promiscuous mode
[  485.387464][T21488] wireguard2: entered allmulticast mode
[  485.410789][T21482] EXT4-fs (loop5): Remounting filesystem read-only
[  485.448269][T13130] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  485.860739][T21513] lo speed is unknown, defaulting to 1000
[  486.415244][T21519] loop1: detected capacity change from 0 to 164
[  487.224640][T21519] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  487.338655][T21527] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6389'.
[  487.401009][T21529] batman_adv: batadv0: Local translation table size (96) exceeds maximum packet size (-320); Ignoring new local tt entry: 80:00:00:00:00:85
[  487.525839][T21544] loop5: detected capacity change from 0 to 2048
[  487.574736][T21544] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  487.590349][T21552] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3354 sclass=netlink_route_socket pid=21552 comm=syz.2.6395
[  487.613592][T21547] loop1: detected capacity change from 0 to 2048
[  487.622008][T21552] netlink: 20 bytes leftover after parsing attributes in process `syz.2.6395'.
[  487.632241][T21544] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  487.650765][T21552] netlink: 'syz.2.6395': attribute type 11 has an invalid length.
[  487.666024][T21552] netlink: 448 bytes leftover after parsing attributes in process `syz.2.6395'.
[  487.677925][T21547] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  487.711565][T21547] EXT4-fs error (device loop1): ext4_find_extent:939: inode #2: comm syz.1.6394: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  487.749492][T21547] EXT4-fs (loop1): Remounting filesystem read-only
[  487.788696][T13363] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  487.928715][T21591] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3354 sclass=netlink_route_socket pid=21591 comm=syz.6.6408
[  487.943289][T21591] netlink: 20 bytes leftover after parsing attributes in process `syz.6.6408'.
[  487.954826][T21591] netlink: 'syz.6.6408': attribute type 11 has an invalid length.
[  487.963437][T21591] netlink: 448 bytes leftover after parsing attributes in process `syz.6.6408'.
[  488.047528][T21607] xt_hashlimit: max too large, truncated to 1048576
[  488.134939][T21607] syzkaller0: entered promiscuous mode
[  488.140529][T21607] syzkaller0: entered allmulticast mode
[  488.227020][T13130] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  488.256607][T21619] usb usb8: usbfs: process 21619 (syz.0.6418) did not claim interface 0 before use
[  488.274264][T21622] netlink: 14 bytes leftover after parsing attributes in process `syz.5.6420'.
[  488.302344][T21624] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3354 sclass=netlink_route_socket pid=21624 comm=syz.6.6421
[  488.324156][T21624] netlink: 20 bytes leftover after parsing attributes in process `syz.6.6421'.
[  488.338291][T21624] netlink: 'syz.6.6421': attribute type 11 has an invalid length.
[  488.346486][T21624] netlink: 448 bytes leftover after parsing attributes in process `syz.6.6421'.
[  488.418399][   T29] kauditd_printk_skb: 309 callbacks suppressed
[  488.418418][   T29] audit: type=1326 audit(2000001165.783:21604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21621 comm="syz.5.6420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=325 compat=0 ip=0x7f6c859be929 code=0x7ffc0000
[  488.464448][   T29] audit: type=1326 audit(2000001165.783:21605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21621 comm="syz.5.6420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c859be929 code=0x7ffc0000
[  488.488188][   T29] audit: type=1326 audit(2000001165.783:21606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21621 comm="syz.5.6420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c859be929 code=0x7ffc0000
[  488.511894][   T29] audit: type=1326 audit(2000001165.783:21607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21621 comm="syz.5.6420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f6c859be929 code=0x7ffc0000
[  488.689441][   T29] audit: type=1400 audit(2000001166.078:21608): avc:  denied  { unlink } for  pid=21657 comm="syz.1.6431" name="file1" dev="tmpfs" ino=3040 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  488.785752][T21666] xt_CT: No such helper "syz1"
[  488.810491][   T29] audit: type=1326 audit(2000001166.194:21609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21665 comm="syz.0.6435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001da6e929 code=0x7ffc0000
[  488.834712][   T29] audit: type=1326 audit(2000001166.194:21610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21665 comm="syz.0.6435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001da6e929 code=0x7ffc0000
[  488.858406][   T29] audit: type=1326 audit(2000001166.194:21611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21665 comm="syz.0.6435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f001da6e929 code=0x7ffc0000
[  488.882033][   T29] audit: type=1326 audit(2000001166.194:21612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21665 comm="syz.0.6435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001da6e929 code=0x7ffc0000
[  488.905767][   T29] audit: type=1326 audit(2000001166.194:21613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21665 comm="syz.0.6435" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001da6e929 code=0x7ffc0000
[  489.211420][T21694] netlink: 14 bytes leftover after parsing attributes in process `syz.2.6445'.
[  489.225862][T21694] hsr_slave_0: left promiscuous mode
[  489.239567][T21694] hsr_slave_1: left promiscuous mode
[  489.297215][T21702] loop1: detected capacity change from 0 to 256
[  489.598782][T21721] lo speed is unknown, defaulting to 1000
[  489.639139][T21725] vhci_hcd: invalid port number 96
[  489.644367][T21725] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  490.138614][T21702] syz.1.6446 (21702) used greatest stack depth: 5904 bytes left
[  490.229551][T21738] syzkaller1: entered promiscuous mode
[  490.235122][T21738] syzkaller1: entered allmulticast mode
[  490.292416][T21750] FAULT_INJECTION: forcing a failure.
[  490.292416][T21750] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  490.305600][T21750] CPU: 0 UID: 0 PID: 21750 Comm: syz.5.6463 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  490.305636][T21750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  490.305652][T21750] Call Trace:
[  490.305662][T21750]  <TASK>
[  490.305728][T21750]  __dump_stack+0x1d/0x30
[  490.305755][T21750]  dump_stack_lvl+0xe8/0x140
[  490.305793][T21750]  dump_stack+0x15/0x1b
[  490.305815][T21750]  should_fail_ex+0x265/0x280
[  490.305854][T21750]  should_fail+0xb/0x20
[  490.305909][T21750]  should_fail_usercopy+0x1a/0x20
[  490.305950][T21750]  _copy_from_user+0x1c/0xb0
[  490.306001][T21750]  ___sys_sendmsg+0xc1/0x1d0
[  490.306060][T21750]  __x64_sys_sendmsg+0xd4/0x160
[  490.306107][T21750]  x64_sys_call+0x2999/0x2fb0
[  490.306134][T21750]  do_syscall_64+0xd2/0x200
[  490.306222][T21750]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  490.306290][T21750]  ? clear_bhb_loop+0x40/0x90
[  490.306312][T21750]  ? clear_bhb_loop+0x40/0x90
[  490.306336][T21750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  490.306374][T21750] RIP: 0033:0x7f6c859be929
[  490.306444][T21750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  490.306468][T21750] RSP: 002b:00007f6c84027038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  490.306537][T21750] RAX: ffffffffffffffda RBX: 00007f6c85be5fa0 RCX: 00007f6c859be929
[  490.306550][T21750] RDX: 00000000240008c4 RSI: 0000200000000000 RDI: 0000000000000003
[  490.306562][T21750] RBP: 00007f6c84027090 R08: 0000000000000000 R09: 0000000000000000
[  490.306574][T21750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  490.306590][T21750] R13: 0000000000000000 R14: 00007f6c85be5fa0 R15: 00007ffe068cf0e8
[  490.306615][T21750]  </TASK>
[  490.556990][T21752] infiniband syz!: set active
[  490.561966][T21752] infiniband syz!: added team_slave_0
[  490.596641][T21752] RDS/IB: syz!: added
[  490.600735][T21752] smc: adding ib device syz! with port count 1
[  490.616783][T21752] smc:    ib device syz! port 1 has pnetid 
[  490.874454][T21774] netlink: 32 bytes leftover after parsing attributes in process `syz.6.6469'.
[  490.914354][   T51] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  490.951184][   T51] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  491.015140][   T51] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  491.102567][   T51] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  491.111423][T21785] FAULT_INJECTION: forcing a failure.
[  491.111423][T21785] name failslab, interval 1, probability 0, space 0, times 0
[  491.125254][T21785] CPU: 1 UID: 0 PID: 21785 Comm: syz.2.6473 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  491.125290][T21785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  491.125304][T21785] Call Trace:
[  491.125312][T21785]  <TASK>
[  491.125320][T21785]  __dump_stack+0x1d/0x30
[  491.125352][T21785]  dump_stack_lvl+0xe8/0x140
[  491.125377][T21785]  dump_stack+0x15/0x1b
[  491.125399][T21785]  should_fail_ex+0x265/0x280
[  491.125446][T21785]  should_failslab+0x8c/0xb0
[  491.125539][T21785]  kmem_cache_alloc_noprof+0x50/0x310
[  491.125567][T21785]  ? getname_flags+0x80/0x3b0
[  491.125598][T21785]  getname_flags+0x80/0x3b0
[  491.125628][T21785]  __x64_sys_linkat+0x73/0xa0
[  491.125682][T21785]  x64_sys_call+0x2cfe/0x2fb0
[  491.125704][T21785]  do_syscall_64+0xd2/0x200
[  491.125755][T21785]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  491.125831][T21785]  ? clear_bhb_loop+0x40/0x90
[  491.125854][T21785]  ? clear_bhb_loop+0x40/0x90
[  491.125883][T21785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  491.126012][T21785] RIP: 0033:0x7fec9c69e929
[  491.126032][T21785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  491.126051][T21785] RSP: 002b:00007fec9ad07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000109
[  491.126109][T21785] RAX: ffffffffffffffda RBX: 00007fec9c8c5fa0 RCX: 00007fec9c69e929
[  491.126124][T21785] RDX: ffffffffffffffff RSI: 0000200000004040 RDI: ffffffffffffffff
[  491.126140][T21785] RBP: 00007fec9ad07090 R08: 0000000000001000 R09: 0000000000000000
[  491.126156][T21785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  491.126171][T21785] R13: 0000000000000000 R14: 00007fec9c8c5fa0 R15: 00007ffc9549fbd8
[  491.126197][T21785]  </TASK>
[  491.334075][T21761] lo speed is unknown, defaulting to 1000
[  491.420224][   T51] bridge_slave_1: left allmulticast mode
[  491.426183][   T51] bridge_slave_1: left promiscuous mode
[  491.432110][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[  491.457095][   T51] bridge_slave_0: left allmulticast mode
[  491.462861][   T51] bridge_slave_0: left promiscuous mode
[  491.468709][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[  491.642437][   T51] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  491.652426][   T51] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  491.662363][   T51] bond0 (unregistering): Released all slaves
[  491.699277][   T51] tipc: Left network mode
[  491.788138][T21819] netlink: 'syz.1.6486': attribute type 12 has an invalid length.
[  491.822030][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  491.829695][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[  491.860646][   T51] veth1_macvtap: left promiscuous mode
[  491.872698][   T51] veth0_macvtap: left promiscuous mode
[  491.879688][   T51] veth1_vlan: left promiscuous mode
[  491.884990][   T51] veth0_vlan: left promiscuous mode
[  491.957512][   T51] team0 (unregistering): Port device team_slave_1 removed
[  491.970934][   T51] team0 (unregistering): Port device team_slave_0 removed
[  492.038223][T21761] chnl_net:caif_netlink_parms(): no params data found
[  492.103119][T21761] bridge0: port 1(bridge_slave_0) entered blocking state
[  492.110268][T21761] bridge0: port 1(bridge_slave_0) entered disabled state
[  492.129714][T21761] bridge_slave_0: entered allmulticast mode
[  492.135920][T21849] __nla_validate_parse: 2 callbacks suppressed
[  492.135938][T21849] netlink: 396 bytes leftover after parsing attributes in process `syz.1.6494'.
[  492.136833][T21761] bridge_slave_0: entered promiscuous mode
[  492.160379][T21761] bridge0: port 2(bridge_slave_1) entered blocking state
[  492.167626][T21761] bridge0: port 2(bridge_slave_1) entered disabled state
[  492.176153][T21761] bridge_slave_1: entered allmulticast mode
[  492.183278][T21761] bridge_slave_1: entered promiscuous mode
[  492.209282][T21761] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  492.221211][T21761] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  492.253961][T21761] team0: Port device team_slave_0 added
[  492.261459][T21761] team0: Port device team_slave_1 added
[  492.311948][T21761] batman_adv: batadv0: Adding interface: batadv_slave_0
[  492.318992][T21761] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  492.345156][T21761] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  492.357902][T21761] batman_adv: batadv0: Adding interface: batadv_slave_1
[  492.364955][T21761] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  492.391076][T21761] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  492.422785][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  492.530293][T21865] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3354 sclass=netlink_route_socket pid=21865 comm=syz.1.6501
[  492.552147][T21865] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6501'.
[  492.553676][T21761] hsr_slave_0: entered promiscuous mode
[  492.567323][T21761] hsr_slave_1: entered promiscuous mode
[  492.578705][T21865] netlink: 'syz.1.6501': attribute type 11 has an invalid length.
[  492.650649][T21872] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  492.658537][T21872] SELinux: failed to load policy
[  492.681846][T21865] netlink: 448 bytes leftover after parsing attributes in process `syz.1.6501'.
[  492.707865][T21875] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3354 sclass=netlink_route_socket pid=21875 comm=syz.0.6504
[  492.772292][T21876] netlink: 'syz.0.6504': attribute type 11 has an invalid length.
[  492.806612][T21876] netlink: 448 bytes leftover after parsing attributes in process `syz.0.6504'.
[  492.939695][   T51] IPVS: stop unused estimator thread 0...
[  493.053859][T21761] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  493.145515][T21761] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  493.169139][T21761] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  493.200541][T21761] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  493.284338][   T29] kauditd_printk_skb: 229 callbacks suppressed
[  493.284359][   T29] audit: type=1326 audit(2000001170.858:21843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21860 comm="syz.2.6499" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec9c69e929 code=0x7ffc0000
[  493.334639][T21894] loop1: detected capacity change from 0 to 2048
[  493.381512][T21894] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  493.401578][   T29] audit: type=1400 audit(2000001171.026:21844): avc:  denied  { mount } for  pid=21883 comm="syz.1.6508" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  493.423830][   T29] audit: type=1400 audit(2000001171.026:21845): avc:  denied  { add_name } for  pid=21883 comm="syz.1.6508" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  493.444902][   T29] audit: type=1400 audit(2000001171.026:21846): avc:  denied  { create } for  pid=21883 comm="syz.1.6508" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  493.465334][   T29] audit: type=1400 audit(2000001171.037:21847): avc:  denied  { read write open } for  pid=21883 comm="syz.1.6508" path="/594/file1/bus" dev="loop1" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  493.601855][T21894] lo speed is unknown, defaulting to 1000
[  493.795618][T21761] 8021q: adding VLAN 0 to HW filter on device bond0
[  493.890599][   T29] audit: type=1400 audit(2000001171.468:21848): avc:  denied  { sqpoll } for  pid=21902 comm="syz.0.6512" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  494.036766][T21911] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3354 sclass=netlink_route_socket pid=21911 comm=syz.2.6514
[  494.051042][T21911] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6514'.
[  494.068340][T21911] netlink: 'syz.2.6514': attribute type 11 has an invalid length.
[  494.076649][T21761] 8021q: adding VLAN 0 to HW filter on device team0
[  494.086451][T21911] netlink: 448 bytes leftover after parsing attributes in process `syz.2.6514'.
[  494.099832][   T57] bridge0: port 1(bridge_slave_0) entered blocking state
[  494.107076][   T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[  494.117492][   T57] bridge0: port 2(bridge_slave_1) entered blocking state
[  494.124715][   T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[  494.906274][   T29] audit: type=1400 audit(2000001172.616:21849): avc:  denied  { unmount } for  pid=13363 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  494.937416][T13363] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  495.043126][T21917] 9pnet_fd: Insufficient options for proto=fd
[  495.094484][T21761] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  495.104923][T21761] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  495.230889][   T29] audit: type=1326 audit(2000001172.953:21850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21926 comm="syz.2.6520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec9c69e929 code=0x7ffc0000
[  495.254645][   T29] audit: type=1326 audit(2000001172.953:21851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21926 comm="syz.2.6520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec9c69e929 code=0x7ffc0000
[  495.278600][   T29] audit: type=1326 audit(2000001172.953:21852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21926 comm="syz.2.6520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7fec9c69e929 code=0x7ffc0000
[  495.322268][T21937] tipc: Can't bind to reserved service type 0
[  495.423950][T21761] 8021q: adding VLAN 0 to HW filter on device batadv0
[  495.440558][T21948] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[  495.448340][T21948] SELinux: failed to load policy
[  495.689548][T21957] loop1: detected capacity change from 0 to 512
[  495.709471][T21957] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  495.756920][T21957] EXT4-fs error (device loop1): xattr_find_entry:333: inode #15: comm syz.1.6524: corrupted xattr entries
[  495.779482][T21957] EXT4-fs (loop1): Remounting filesystem read-only
[  495.803908][T21957] EXT4-fs (loop1): 1 truncate cleaned up
[  495.836182][T21761] veth0_vlan: entered promiscuous mode
[  495.843839][T21957] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  495.860959][T21761] veth1_vlan: entered promiscuous mode
[  495.880415][T21957] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  495.896939][T21761] veth0_macvtap: entered promiscuous mode
[  495.900757][T21957] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6524'.
[  495.914217][T21761] veth1_macvtap: entered promiscuous mode
[  495.914397][T21957] IPVS: stopping master sync thread 21964 ...
[  495.921406][T21964] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  495.932800][T21761] batman_adv: batadv0: Interface activated: batadv_slave_0
[  495.953842][T21761] batman_adv: batadv0: Interface activated: batadv_slave_1
[  495.975888][T21761] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  495.984788][T21761] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  495.993583][T21761] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  496.002352][T21761] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  496.017028][T13363] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  496.059610][T21971] netlink: 14 bytes leftover after parsing attributes in process `syz.0.6528'.
[  496.152494][T21989] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=3354 sclass=netlink_route_socket pid=21989 comm=syz.6.6533
[  496.165427][T21979] loop1: detected capacity change from 0 to 8192
[  496.198325][T21989] netlink: 'syz.6.6533': attribute type 11 has an invalid length.
[  496.211415][T21979]  loop1: p1 p3 p4
[  496.215287][T21979] loop1: p1 size 8390912 extends beyond EOD, truncated
[  496.216563][T21989] netlink: 448 bytes leftover after parsing attributes in process `syz.6.6533'.
[  496.232381][T21979] loop1: p3 size 589824 extends beyond EOD, truncated
[  496.432379][T22006] loop1: detected capacity change from 0 to 8192
[  496.451399][T22017] ==================================================================
[  496.459541][T22017] BUG: KCSAN: data-race in folios_put_refs / need_mlock_drain
[  496.467137][T22017] 
[  496.469483][T22017] write to 0xffff888237d26a10 of 1 bytes by task 21971 on cpu 1:
[  496.477245][T22017]  folios_put_refs+0x285/0x2d0
[  496.482080][T22017]  mlock_folio_batch+0x1a5b/0x1a70
[  496.487251][T22017]  mlock_new_folio+0x1a3/0x200
[  496.492246][T22017]  folio_add_lru_vma+0x5f/0x70
[  496.497158][T22017]  handle_mm_fault+0x27e0/0x2be0
[  496.502143][T22017]  __get_user_pages+0x1036/0x1fb0
[  496.507305][T22017]  __mm_populate+0x243/0x3a0
[  496.511925][T22017]  __se_sys_mremap+0x640/0x6f0
[  496.516736][T22017]  __x64_sys_mremap+0x67/0x80
[  496.521468][T22017]  x64_sys_call+0x2ba9/0x2fb0
[  496.526229][T22017]  do_syscall_64+0xd2/0x200
[  496.530794][T22017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.536743][T22017] 
[  496.539126][T22017] read to 0xffff888237d26a10 of 1 bytes by task 22017 on cpu 0:
[  496.546803][T22017]  need_mlock_drain+0x30/0x50
[  496.551620][T22017]  __lru_add_drain_all+0x220/0x3f0
[  496.556789][T22017]  lru_cache_disable+0x1f/0x30
[  496.561701][T22017]  do_migrate_pages+0x3a/0x5a0
[  496.566521][T22017]  __se_sys_migrate_pages+0x2aa/0x310
[  496.571968][T22017]  __x64_sys_migrate_pages+0x55/0x70
[  496.577311][T22017]  x64_sys_call+0x2b5c/0x2fb0
[  496.582040][T22017]  do_syscall_64+0xd2/0x200
[  496.586604][T22017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.592733][T22017] 
[  496.595140][T22017] value changed: 0x03 -> 0x00
[  496.600195][T22017] 
[  496.602547][T22017] Reported by Kernel Concurrency Sanitizer on:
[  496.609086][T22017] CPU: 0 UID: 0 PID: 22017 Comm: syz.2.6542 Not tainted 6.16.0-rc3-syzkaller-00329-gdfba48a70cb6 #0 PREEMPT(voluntary) 
[  496.622159][T22017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  496.632252][T22017] ==================================================================
[  496.647061][T22006]  loop1: p1 p3 p4
[  496.651120][T22006] loop1: p1 size 8390912 extends beyond EOD, truncated
[  496.665355][T22006] loop1: p3 size 589824 extends beyond EOD, truncated