last executing test programs:

4m57.250056635s ago: executing program 2 (id=9102):
mmap(&(0x7f00002ad000/0xc00000)=nil, 0xc00000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f00007ff000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f0000580000/0x4000)=nil)
mremap(&(0x7f0000580000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f00007ff000/0x2000)=nil)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x10)
munlock(&(0x7f0000e4a000/0x1000)=nil, 0x1000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, &(0x7f00000008c0), &(0x7f0000000040)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r5}, 0x9)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000140)={'veth1_to_bond\x00', <r7=>0x0})
setsockopt$packet_add_memb(r6, 0x107, 0x1, &(0x7f0000000100)={r7, 0x2, 0x6, @local}, 0x10)
setsockopt$packet_add_memb(r6, 0x107, 0x1, &(0x7f0000000000)={r7, 0x1, 0x6, @multicast}, 0x10)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r8, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000080)='sys_enter\x00', r1, 0x0, 0x20000000}, 0x18)
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r10 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r10, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000004740)={<r11=>0xffffffffffffffff}, 0x13f, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r9, &(0x7f0000000180)={0x12, 0x10, 0xfa00, {0x0, r11, r9}}, 0x18)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @ib_path={&(0x7f00000004c0)=[{0x2, 0x0, [0x6, 0x3, 0x2, 0x7, 0x4, 0x6, 0x9, 0x3, 0x2, 0x2898043c, 0x8, 0x1, 0xfffffff8, 0x2, 0x1, 0xfffffffb]}, {0x4, 0x0, [0x9, 0x3, 0x7, 0x9, 0x2, 0x1a6, 0xffffffff, 0x2, 0x4, 0x7, 0x5, 0x4, 0xc546, 0xb, 0x2]}, {0x1, 0x0, [0x6, 0xc, 0x10001, 0x2, 0x0, 0x3, 0x1, 0x100, 0x5, 0x0, 0x5, 0x9, 0x1, 0x5, 0x9a79, 0x8]}], r11, 0x1, 0x1, 0xd8}}, 0x20)
r12 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4206, r12)

4m56.689538513s ago: executing program 2 (id=9108):
r0 = epoll_create1(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000400)={0xa})

4m56.387133828s ago: executing program 2 (id=9113):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x3000046, &(0x7f0000000180), 0x1, 0x581, &(0x7f0000000d80)="$eJzs3d9rW+UbAPDnpO1+f7/rYAwVkcIunMyla+uPCV7MS9HhQO9naM/KaLqMJh1rHWy7cDfeyBBEHIj3eu/l8B/wrxjoYOgoeuFN5aQna9Y2bbrGpDafD5zyvjknec+Tc54375uTNAH0rZHsTyHixYj4Mok4GhFJvm4w8pUjK9stPbk5mS1JLC9//HtS3y6rNx6rcb/DeeWFiPj584jThfXtVhcWZ0rlcjqX10drs9dGqwuLZ67MlqbT6fTq+MTEuTcnxt95+62Oxfraxb+++ejB++e+OLn09Y+Pjt1L4nwcydc1x7EDt5srIzGSPydDcX7NhmMdaGw3SXq9AzyXgTzPhyLrA47GQJ71wN53KyKWgT6VbD//Q6cBe0FjHNCY228+D/5/dwYlXfT4vZUJ0Pr4B1feG4kD9bnRoaXkmZlRNt8d7kD7WRs//Xb/XrZE596HANjS7TsRcXZwcH3/l+T93ya2eNPv7MY3H2iurG1D/wfd8yAb/7y+0finUM/NP/J0XTv+ObxB7j6PrfO/8KgDzbSUjf/e3XD8+/Si1fBAXvtffcw3lFy+Uk7P5qPhUzG0P6tvdj3n3NLD5Vbrmsd/2ZK13xgL5vvxaHD/s/eZKtVKO4m52eM7ES+tGf/ua9q3rLtONjj+2fNxsc02TqT3X2m1buv4/13L30e8uuHxX31xSza/PjlaPx9GG2fFen/ePfFLq/Z7HX92/A9tHv9w0ny9trr9Nr478Hfaat0z8Uf75/++5JN6uXGu3ijVanNjEfuSD/OZ7a3V28dX79uoN7bP4j91snX/1+r8PxgRn7YZ/93jP7zcVvw9Ov5T2zr+2y88/OCzb1u1317/90a9dCq/pZ3+r90d3MlzBwAAAAAAALtNISKORFIoPi0XCsXiyuc7jsehQrlSrZ2+XJm/OhX178oOx1ChcaX7aNPnIcbyz8M26uNr6hMRcSwivho4WK8XJyvlqV4HDwAAAAAAAAAAAAAAAAAAALvE4fp3/gee1le+/7/yX9V/HejhjgHdsa2f/NYpwJ6yZf534peegF1pW6//wJ4i/6F/yX/oX/If+pf8h/4l/6F/tZH/hW7sB9B9Xv8BAAAAAAAAAAAAAAAAAAAAAAAAAACgoy5euJAty0tPbk5m9anrC/MzletnptLqTHF2frI4WZm7VpyuVKbLaXGyMrvV45UrlWtj4zF/Y7SWVmuj1YXFS7OV+au1S1dmS9PppXSoK1EBAAAAAAAAAAAAAAAAAADAf0t1YXGmVC6ncwoKLQoHN91mcBfsoULnC73umQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg1T8BAAD//142O6U=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file2\x00', 0x101042, 0x100)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount$9p_rdma(&(0x7f0000000280), &(0x7f0000000300)='./file2\x00', &(0x7f0000000340), 0x208001, &(0x7f0000000380)={'trans=rdma,', {'port', 0x3d, 0x4e24}, 0x2c, {[{@sq={'sq', 0x3d, 0x9}}, {@sq={'sq', 0x3d, 0x5}}, {@sq}]}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r3 = epoll_create1(0x0)
r4 = socket(0x1, 0x80802, 0x0)
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r5, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f00000000c0)={0x10000001})
epoll_pwait(r5, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x0)
close(r5)
shutdown(r4, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xfecc)

4m56.177944751s ago: executing program 2 (id=9116):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
sendmsg$NL80211_CMD_GET_WIPHY(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00', @ANYRES16=r3, @ANYBLOB="01030000000000000000010000090800010012000000080003"], 0x30}}, 0x40)

4m56.136820792s ago: executing program 2 (id=9118):
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000900), 0x4)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2686dd4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r1}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r4, 0x0, 0x32, &(0x7f0000000f00)=0x1000000, 0x4)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='attr/fscreate\x00')
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000040)="dc", 0x1}], 0x8)
connect$phonet_pipe(r0, &(0x7f0000000040)={0x23, 0x0, 0x0, 0x1}, 0x10)

4m55.929903925s ago: executing program 2 (id=9122):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

4m40.899137051s ago: executing program 32 (id=9122):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x48)
pipe2$9p(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r3)
write$P9_RLERRORu(r4, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])

2.661387248s ago: executing program 4 (id=13515):
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xa, 0x4, 0xffd, 0x7}, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x1}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x50}}, 0x0)

2.642410719s ago: executing program 4 (id=13517):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
lsm_get_self_attr(0x64, 0x0, &(0x7f0000001280)=0x38, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0xfffffffffffffffc, &(0x7f00000002c0)={<r2=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @id_afonly={0x0, r2, 0x0, 0x2, 0x2}}, 0x20)

2.58379296s ago: executing program 4 (id=13519):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
ioprio_set$pid(0x1, r0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
unshare(0x42000000)

2.142729746s ago: executing program 0 (id=13528):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = dup(r0)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000020000000000002000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='kfree\x00', r4}, 0x18)
fsetxattr$security_selinux(r1, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)

2.121460737s ago: executing program 0 (id=13529):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
lsm_get_self_attr(0x64, 0x0, &(0x7f0000001280)=0x38, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0xfffffffffffffffc, &(0x7f00000002c0)={<r2=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @id_afonly={0x0, r2, 0x0, 0x2, 0x2}}, 0x20)

2.063911228s ago: executing program 0 (id=13530):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb904}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000000c0)={0x0, <r1=>0x0})
capset(&(0x7f0000000140)={0x20071026, r1}, &(0x7f0000000340)={0x0, 0x200000, 0x101, 0x4, 0x5989})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000280)={r0, 0x0, &(0x7f0000000040)=""/51}, 0x20)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
r5 = fcntl$getown(r4, 0x9)
sched_getscheduler(r5)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b000000000000000000000000829c7c4d000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0904000000000055090100000000009500000000000000bf91000000000000b70200000000f4ff8400000084000000b70000000000000095000000000000007cd49678cc6fb4444c04d9fde9d69c9fc7d286600b2731c2011abf12bec1627de551963099cf9322fed15315fcd464bd373af672afae55c0970bdac367dd2ce5511cc36ca31743a6bf1b297b7c2fb88b111da63cb9e1dbaa42f7674c4d006adb53a34cbb8a0c638db514c43b9a1e24efe3359802420fdbf8681d24ded696c4cda22ef30051605666c6d74a0094a10d29d6cd28960f611ba5e0016bbf87f3e4ada6201b1700f604ebc1a3c5267e3c9bf1b7681d6cef325c61ad3660bceec47705479bb29ab5b4ddb47be44885d87ac5669b829c2202d2bc3eabc3bc7619b78a0914ddc9b283141ac2cbf3fd56e1a811c0d99aa72ebcc481e7e8ca1962e39508cdc8c991058d2e"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sctp_probe_path\x00', r7, 0x0, 0x2000020000000000}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x159d0682f53ea167, 0x2, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
unshare(0x40000000)
socket$inet6(0xa, 0x2, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)

1.742396093s ago: executing program 4 (id=13531):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$netlink(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="09000000030000000800000004"], 0x50)
syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a0000200"], &(0x7f0000000800)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}}, 0x8040)
epoll_create1(0x80000)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000002c0)={0x10001, <r1=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000040)="3504000041000511d2360f400c0002000200002037153e370404018006", 0x1d}], 0x1}, 0x10049014)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="0f02000039000511d25a80648c63940d0324fc600b003540280009", 0x1b}], 0x1}, 0xe000)
r2 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe00006a"], 0xfe33)
r3 = memfd_create(&(0x7f0000000ec0)='\x103q}2[\xe0\x9a\xee\xaf\x03\x97\x9et\v\"|Ma\x86\xe7\xc0\x14\x9f\xb9h\xb1\x96\xe7=I\x860S6\xb5\xa8\xc2\x95Je%\xfeG\'e\xe5\x8f\xf8\xd2\x1c\xc0\xfb\x1c\xa6\xab\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94k\xcd\t\x00\x90k\xd6\x05\xb6\x03\x00\x00\x00A\xc5\x9c_\xd4\x18,\f\xd4s\xb2\x99/\xc0\x9a\xf2Oc\xc0c\x03gB!\xb0\xb8n\x01\x9bT\x95\x10\x86\xe8$\x7f\r[\xf9\x0e1v\xb1\n\x88\v\x95uy\xb5:`\x8b\nC\x18A;\xaa%\xaf\xc7\xa3\xac\xa2D\xb5\xe2\xe1\xdc(\xfd\x05\x9fB\x84O\xfe@\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1a\xa0\x17\xe3\xac\xe9\xc9\xa7\x8a\x1b\x03\"&\xac\xcap>\xccZ\x01\xbc\x18\xc1\xb9\xe9\v\x8b\x9c\xb4Q\xd4\x96EV<>\x99\xca\xb3\xe0\xc4tL\xed\xf5W\xbd#\xcf\x8a\x84\xed\x9f/\xd4\xbb\xea;-Dp\xf8\xd0F\x90\xf8\x92Ip6\xf4\x16\xe8\x14\xe0\x92!\x92-F\xe2\x14D\x91\xa8b\x04\xdd\x1d\a\xdc\xe0\x18\x85{\x80Q\xf6k\x96\xfaQ\x9fW\vO\xf0\xe4O\\\xceS\xf2\xde\x049d\x06#\x88\xc3\xdf\x85O\x1c\xc3\xad?r\xd7\x0e\x00\xd7\x83\xb0\x88\x9c\xf6Y-F\x98\xdd\x9c~\xfd\x95\xc3\xb6lC\xaa\"Y\xa2K\xecz\x84:*\xf5Y\xd1\x9b1\x91\x9b\x15\xd4\xec\x02o\x01&\xaa\x90w\xc4\xc7yn\xb5\x1ag\xab&?\xbe\xcb\xe8v\xa8\xe0\xa4\x81sW\xacf\x149\xd2}\xefCGa\x9a$4\x8c\xa5!p\x83\x05\x96%\x02%\xabj\n\b\xc8NC\x91}&y\xd3\xe1\xeep\'\xc5\xab\x19GsX5\x8c\n\x9fh\xee;4\xb1%V\xe0\xa9\x8e\xf30:\xd8\x18N~G\x139\xcas\xf4D\xd4\xd0s\r3\xcb\x9a&\xdf+(\xc9S\x9eL5\x84\xb1\x90pN\xe7/\r\b\x9a\xf13Q\xf9\xdf\x7fX\xa0\xafK\xefh\xbfOv\x9bh\xb3\xc0\xf5\x80\xba\"@\'\x02\xafi\xeaE\xa6a6F\xde\xd4\xfa\x84\xe4+A\xb7\xa2\x8f\xc9\xee|xxn\xefw\x93]%\xd0\x19\x132\x86\xabn\xfe\x91\xb6Cl\xcf\x04\x1cq\xc1\x1d~\x8d\x01\x83\x93_\x83\x8a`v\xb0K,|S\xe4\xba\xb1\f\xc8`\xa6s\xad\x11\xd4wG\x80u\x87u\xff\x87\xee', 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f0000000040)={0x0, 0x0, 0x940a, 0x1000007})
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b7020000b0ffffffbfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x94)
fcntl$addseals(r3, 0x409, 0xb)

1.593216075s ago: executing program 4 (id=13532):
r0 = perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x67a, 0x1, 0xfffffffe, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
recvfrom(r1, 0x0, 0x0, 0x100, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x40050)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r5, 0xffffffffffffffff, 0x100000000000000)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x66, &(0x7f00000003c0)={@link_local, @dev, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x8, 0x58, 0x67, 0x0, 0x5, 0x2f, 0x0, @local, @empty}, {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x880b, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x0, 0x1}, {0x8, 0x88be, 0x0, {{0x5, 0x1, 0x7, 0x3, 0x0, 0x0, 0x6, 0xb}, 0x1, {0x38}}}, {0x8, 0x22eb, 0x4, {{0x3, 0x2, 0x6, 0x1, 0x0, 0x1, 0x3, 0x6}, 0x2, {0x7, 0x4, 0x0, 0x5, 0x0, 0x1, 0x2}}}}}}}}, 0x0)

1.590594225s ago: executing program 1 (id=13533):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00\x00\b'], 0x48)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000100)=0x3)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=@newtfilter={0x2c, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r5, {0x0, 0x7}, {0x0, 0x12}, {0x7, 0x2}}, [@TCA_RATE={0x6, 0x5, {0x8, 0x86}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x4)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000007c0)={<r7=>0xffffffffffffffff}, 0x13f, 0x5}}, 0x20)
stat(&(0x7f0000001c40)='./file0\x00', &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, <r8=>0x0, <r9=>0x0})
r10 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r10, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f0000fffffffffffffff000000000"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001d40)={&(0x7f0000000580)=@proc={0x10, 0x0, 0x25dfdbfd, 0x40}, 0xc, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYRES8=r6, @ANYRESDEC, @ANYRES32, @ANYRES32, @ANYBLOB="00000000000001000000", @ANYRES32, @ANYRES32, @ANYRES32=<r11=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="3075253f97c78b70e75f469022b12c3de45ca0c79c5217f2f164e61a5f0967ad748f3e080d98a0bd726374b642dda15d32f838df70ab74d927f8eef21675a01f18cc2a8a1a94005aa96ffde0a7d0c10ec126e5ad3b33a9b21f814bac9b701c92d22baa8ef2ff024dc09d10", @ANYRES16, @ANYRES32, @ANYRES32], 0xffffffffffffff41, 0x24040094}, 0x80)
lchown(&(0x7f0000000000)='./file0\x00', 0x0, r9)
ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x3)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f0000000c00)=ANY=[@ANYRESDEC, @ANYRES32=r11, @ANYBLOB="02000400", @ANYRES64, @ANYBLOB="020002", @ANYRES32=0x0, @ANYRES32=r8, @ANYBLOB="0ffe0500", @ANYRES64, @ANYBLOB="02000000", @ANYRES8=r7, @ANYBLOB="02000300", @ANYRES64, @ANYBLOB="101134a98f83abd7970f8d53c9fe3b0e6f2c99609640b6082ec96d74eafc70e18e1e49ecf606bb1537f6b19ef8d90d688842f870114104da7884d0745ed38f7c20f69891dd50e5c8717c367677a620b59355abe81a22aa2cd1b0ac7e2cf6ab7dfcfd6605fee5ea4a7fbf0c20a027123bf92a0978a6ffbf15c21324e34f798e62816e56ab9d4e1f", @ANYRES32=0xee00, @ANYRES8=r10, @ANYBLOB="7de0de6148d7d44c4d01eeff92df69b773e9c6727f8fbda7576c2a151378b664926695450adc68e74593831c634553c00cb92a5f09f1c013283b5c41e9b48b6df05700293ee4dfd9070d460cc6774ad5cb408f22ce", @ANYRESDEC=r8, @ANYRESDEC, @ANYRES32=0x0, @ANYBLOB="080006", @ANYRES32=r9, @ANYBLOB="08000300", @ANYRES32=0xee00, @ANYBLOB, @ANYRES32, @ANYBLOB="10000400000000002000000000000000"], 0x94, 0x2)
semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f00000004c0)={{0x1, 0x0, 0x0, 0x0, 0x0, 0x181, 0x800}, 0x7fff, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x40})
ioctl$PPPIOCSNPMODE(r1, 0x4008744b, &(0x7f0000000440)={0xfd})
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x42, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r12, 0x0, 0x20}, 0x18)
symlink(&(0x7f0000000000)='./file0/file0/..\x00', &(0x7f0000000240)='./file1\x00')
symlink(&(0x7f0000001500)='./file0\x00', &(0x7f0000000080)='./file0/file0/..\x00')
r13 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r13, 0x0, 0x30, &(0x7f0000000940)=ANY=[], 0x310)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x2000c0, &(0x7f00000005c0), 0x1, 0x54e, &(0x7f0000000600)="$eJzs3U1oHOUbAPBnZrPtv23+pgUFlR6KChVKN0k/tHpKr2Kh0IPgpS6bbQjZZEN2U5uQQ3ovYkFR6aXe9OBR8eBBvHj06kXxLIgGhaYHiUx2N/1Isq61ydbO7wezfT+GPu+bmWey7zBDAsitI9lHGvFMRJxPIobu6huIdueR1n6rK0uV2ytLlSTW1i78mkQSEbdWliqd/ZP2vwciYjkino6Ib4oRx9LNcRsLi1PlWq06164PN6dnhxsLi8cnp8sT1YnqzMmXXzl95tTp0ROjD22u1368/s617167ef3Tzw4vV94vJzEWg+2+u+fxMLV+JsUYu6/91E4E66Ok3wPggRTaeV6MiKdiKArtrAcef2t7I9aAnErkP+RU53tAtv7tbLv5/eOXs60FSBZ3tb21egZa9ybif+trk/2/J/esTLL15sHdHCiPpeWrETEyMLD5/E/a59+DG3kYA2RHfX22daA2H/904/oTW1x/Bjv3Tv+lzvVvddP17078wjbXv/M9xvjzzZ8+2jb+1Yhnt4yfbMRPtoifRsRbPca/8caXZ7brW/s44mhsHb8j6X5/ePjSZK060vrcMsZXRw+/2m3++7eJP9Zl/lnbbI/z/+Lbz59b7hL/xee7H/+t4u+LiHd7jH/o1ievb9eXxR/fZv7d4mdtN3uM/9LYkR963BUAAAAAAAAAAPgH0vVn2ZK0tFFO01Kp9Q7vk7E/rdUbzWOX6vMz461n3g5GMe08aTXUqidZfbT9PG6nfuK++smIOBQR7xX2rddLlXptvN+TBwAAAAAAAAAAAAAAAAAAgEfEgfve//+j0Hr/H8gJf/Ib8kv+Q37dm/9J38YB7D6//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74vy5c9m2dntlqZLVxy8vzE/VLx8frzamStPzlVKlPjdbmqjXJ2rVUqU+/Xf/X61enx2Jmfkrw81qozncWFi8OF2fn2lenJwuT1QvVou7MisAAAAAAAAAAAAAAAAAAAD4bxlc35K0FBHpejlNS6WI/0fEwSgmlyZr1ZGIeCIivi8U92b10X4PGgAAAAAAAAAAAAAAAAAAAB4zjYXFqXKtVp1T2FyIiOVHYBgKCn05+QEAAAAAAAAAAAAAAAAAgF1156Xffo8EAAAAAAAAAAAAAAAAAAAA8iz9OYmIbDs69MLg3T17I2JPslrIynsi4u0bFz64Um4250az9t822psftttP9GsOQC86edrJYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCOxsLiVLlWq87tYKHfcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4EH8FAAD//46R2W8=")

1.569659435s ago: executing program 3 (id=13534):
r0 = perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x67a, 0x1, 0xfffffffe, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
recvfrom(r1, 0x0, 0x0, 0x100, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x40050)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r5, 0xffffffffffffffff, 0x100000000000000)

1.469946447s ago: executing program 1 (id=13537):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb904}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000000c0)={0x0, <r1=>0x0})
capset(&(0x7f0000000140)={0x20071026, r1}, &(0x7f0000000340)={0x0, 0x200000, 0x101, 0x4, 0x5989})
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000280)={r0, &(0x7f0000000580)="6dd08ff8261ff103dc9176ef087bbaa3c2ecaca11d44c78ee3429ce16c41640545a2912df2d65d4d6596008ea07203ea9c89018b5576de7147ecd8140529f584f9c7d5207ca32aac39acc295e9b5c250c2703c074bf3809c47e0e61fa452831d43855a5638cc95596c37f2d9f0fe78088d7a5726b1ffc544906e8bc6ee01385f6800371c4dba6b3cecd6f6628e38d4050e463ff1de45634cb344d17c4bdd4a21775568e946998263040febabc81e991f9c72607b77de66c611153711c8ce69d273dacc7b8fb3e8e5d1d701688737ae0243cbd54a575025d9", &(0x7f0000000040)=""/51}, 0x20)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
r5 = fcntl$getown(r4, 0x9)
sched_getscheduler(r5)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b000000000000000000000000829c7c4d000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000a00)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0904000000000055090100000000009500000000000000bf91000000000000b70200000000f4ff8400000084000000b70000000000000095000000000000007cd49678cc6fb4444c04d9fde9d69c9fc7d286600b2731c2011abf12bec1627de551963099cf9322fed15315fcd464bd373af672afae55c0970bdac367dd2ce5511cc36ca31743a6bf1b297b7c2fb88b111da63cb9e1dbaa42f7674c4d006adb53a34cbb8a0c638db514c43b9a1e24efe3359802420fdbf8681d24ded696c4cda22ef30051605666c6d74a0094a10d29d6cd28960f611ba5e0016bbf87f3e4ada6201b1700f604ebc1a3c5267e3c9bf1b7681d6cef325c61ad3660bceec47705479bb29ab5b4ddb47be44885d87ac5669b829c2202d2bc3eabc3bc7619b78a0914ddc9b283141ac2cbf3fd56e1a811c0d99aa72ebcc481e7e8ca1962e39508cdc8c991058d2e"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sctp_probe_path\x00', r7, 0x0, 0x2000020000000000}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x159d0682f53ea167, 0x2, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
unshare(0x40000000)
socket$inet6(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)

1.220978131s ago: executing program 0 (id=13543):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x11, 0x80a, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000002480)=@newtaction={0x88c, 0x30, 0x12f, 0x0, 0x4, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x1000000, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x6}, {0x7, 0x2, 0x2, 0xfffe, 0x0, 0x5}}}], [@TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x5, 0x2, 0x2, 0xb, 0xfffffffb, 0x0, 0x7, 0x401, 0x1, 0x9, 0x90, 0x9fd, 0x2, 0xb8, 0xca2, 0x6, 0x3c, 0x7, 0x1, 0xa89c, 0x400, 0xc, 0x492217a0, 0x7, 0x5, 0x1, 0x1ff, 0xe5, 0x2f, 0x80, 0x3, 0xa, 0x4, 0x1, 0x9, 0x11, 0x9, 0x6, 0x3ff, 0x7, 0xd, 0x3, 0xc0000, 0x8, 0x8, 0xffffff40, 0x100, 0x3, 0x5, 0x7, 0xe0b2, 0xfffffffe, 0x8fb, 0x84, 0x9, 0x4, 0x9, 0x80000001, 0x6, 0x0, 0x8, 0x800, 0x9, 0x1, 0x100, 0x401, 0x8, 0x3, 0xb5, 0x10001, 0x4, 0x4, 0x7f, 0x0, 0x6, 0x4, 0x81, 0x80000001, 0x2, 0x4, 0x0, 0x5, 0x8000, 0x0, 0x9, 0x8bed, 0x7, 0x5, 0x1, 0x0, 0x7, 0xeb22, 0xd, 0x8000, 0xfffffff7, 0x0, 0x4, 0x3ff, 0x400000, 0x10, 0x5, 0x7, 0x10000, 0x5, 0x1, 0x0, 0x2, 0x7, 0x5, 0x6, 0x5, 0x4, 0x2, 0x81, 0x0, 0x10, 0x1, 0x7fff, 0x800, 0xfffffff4, 0x10000, 0x5, 0x8, 0xba, 0x4, 0x89, 0x2, 0x6, 0x100, 0x9, 0xffffa3e0, 0x401, 0x5, 0x1, 0x2, 0xf, 0x24b9, 0x3a, 0xe01, 0x1, 0x6430, 0xd, 0x8, 0x0, 0x8, 0x7eb7, 0x3, 0x0, 0x200, 0xfffffeff, 0x9, 0xfe, 0xa, 0x6, 0x7, 0x100, 0x1, 0x3, 0x100, 0xb, 0x8, 0x101, 0x6, 0x2, 0xfffffc00, 0x81, 0x81, 0x200, 0x80000001, 0x1, 0x1, 0x9, 0x7, 0x4, 0xb, 0x80, 0x0, 0x0, 0x6, 0x5, 0x2, 0x65, 0x4, 0xfffffa0c, 0x3, 0xfffffffc, 0x4, 0x9, 0x35bc0, 0x9, 0xfffffffa, 0x7, 0x5, 0x3, 0x5, 0x9, 0x8, 0x28, 0x2, 0x5, 0x10001, 0x2, 0xf, 0x0, 0x1, 0x40000723, 0x0, 0xe, 0xb, 0x4, 0x6, 0x7, 0x200, 0xfffffbff, 0x7, 0x3, 0x8, 0x5, 0xfffffffb, 0x1002, 0x7f, 0x2, 0x80000001, 0x0, 0x9, 0xf, 0xfffffffe, 0x928, 0x4, 0x2, 0x5, 0xd1b, 0xb87, 0x3, 0x8d8d, 0x55, 0x101, 0x8, 0x64e8, 0x8, 0x82c, 0x772, 0x80a, 0xfff, 0x6, 0x3f7, 0x4, 0x8, 0x1c1, 0x1, 0x5d, 0x9, 0xd, 0x80]}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x5, 0x3dc6ec7d, 0x7, 0x9, 0x65df, 0x8d, 0x5, 0x7, 0x7, 0x180000, 0x3, 0xe56, 0xd, 0x3, 0x5, 0x9, 0x0, 0x10001, 0x7, 0x3613, 0x9, 0x2, 0xffffffff, 0x7fff, 0x2, 0x5173, 0x6, 0xffffffff, 0x40, 0xffff9b69, 0x0, 0x7, 0x0, 0x401, 0x7, 0x3, 0x2, 0x10, 0x7fff, 0x0, 0xebcd, 0x6, 0x0, 0x3, 0xa9f9, 0x9, 0x8, 0xf, 0xe70, 0x8, 0x866, 0x7, 0x10000, 0x380000, 0x3, 0x1, 0x8, 0x6, 0x7, 0x9, 0xffff, 0xf2, 0x7, 0x5, 0xf, 0x7fff, 0xc1, 0x2, 0x5, 0x5, 0x8, 0x48, 0xe, 0x3, 0x8, 0x81, 0x5, 0x85d5, 0x9, 0x8, 0x9, 0x1, 0xbe1, 0x1, 0x478998ae, 0x7, 0x100, 0x9, 0xfc, 0x6af, 0x9, 0x2, 0x1, 0x3, 0x344, 0x1, 0x15e9f50a, 0xf66d, 0xff, 0x8, 0x4, 0x401, 0x200, 0x8000, 0x1, 0x7, 0x7, 0xb5, 0x4, 0xc000, 0x1, 0xb, 0x4, 0x4, 0x107, 0x0, 0x4, 0x10000, 0x800, 0x7, 0x3ff, 0x2, 0xa1c, 0x1c00, 0x26, 0xfff, 0x7e, 0x6, 0x80000000, 0x7ff, 0x1ff, 0xf, 0x0, 0x9, 0x4, 0x2, 0x800, 0x7, 0xfffffffa, 0x2, 0x8, 0x733, 0xee5, 0x1000, 0x0, 0xffffff71, 0x3, 0x5, 0x0, 0x7, 0x80000000, 0xfffffff9, 0x8, 0x2, 0x7, 0x8000, 0xff, 0x5, 0x6, 0x7, 0x3, 0x4, 0xf29, 0x5, 0x0, 0x7fffffff, 0x9, 0x7cf8, 0x1ff, 0x7fffffff, 0x4, 0x4, 0x5, 0x6, 0x6, 0x5, 0x1ff, 0x1, 0x6, 0x4, 0x114614f8, 0x7, 0x3ff, 0x9, 0x60, 0x3, 0xffffff80, 0x10, 0x10001, 0x807, 0x0, 0x1, 0xbeea, 0x3, 0x8, 0xfffffff9, 0x6, 0x72af873a, 0xe65, 0x7f, 0x9, 0x9, 0x695, 0x3, 0x1, 0x8, 0x4, 0x7ff, 0x4, 0x5, 0xd, 0x1, 0xc1, 0x7fffffff, 0x0, 0xd651, 0x80, 0x4, 0xc, 0x3, 0x2, 0x400, 0x6, 0x6, 0x3, 0x101, 0x80000001, 0x6ba, 0x81, 0x6, 0x7, 0x3, 0x200000, 0x4, 0x4, 0x5, 0x9, 0x9, 0x4b79, 0xfffffffa, 0x7, 0x80000001, 0x7f, 0x6, 0x3, 0x9, 0x3ff, 0x7ff, 0x6, 0x5, 0x5, 0xff, 0x7, 0x8, 0x81, 0x8]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x88c}}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'bond0\x00', <r7=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x401, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r7}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MIIMON={0x8, 0x3, 0x4}, @IFLA_BOND_USE_CARRIER={0x5}]}}}]}, 0x44}}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140604000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x20000000000002b8, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x8000, 0x0, 0x0, 0x41000}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000200)={0x2, &(0x7f0000000000)=[{0x2d, 0x0, 0x2, 0x10000}, {0x0, 0x0, 0x0, 0x7fff7ffc}]})
r10 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r10, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
r11 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r11, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
close_range(r9, 0xffffffffffffffff, 0x0)

1.176373971s ago: executing program 0 (id=13544):
r0 = perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x67a, 0x1, 0xfffffffe, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
recvfrom(r1, 0x0, 0x0, 0x100, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x40050)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r5, 0xffffffffffffffff, 0x100000000000000)
syz_emit_ethernet(0x66, &(0x7f00000003c0)={@link_local, @dev, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x8, 0x58, 0x67, 0x0, 0x5, 0x2f, 0x0, @local, @empty}, {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x880b, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x0, 0x1}, {0x8, 0x88be, 0x0, {{0x5, 0x1, 0x7, 0x3, 0x0, 0x0, 0x6, 0xb}, 0x1, {0x38}}}, {0x8, 0x22eb, 0x4, {{0x3, 0x2, 0x6, 0x1, 0x0, 0x1, 0x3, 0x6}, 0x2, {0x7, 0x4, 0x0, 0x5, 0x0, 0x1, 0x2}}}}}}}}, 0x0)

1.077785703s ago: executing program 5 (id=13547):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00\x00\b'], 0x48)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000100)=0x3)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=@newtfilter={0x2c, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r5, {0x0, 0x7}, {0x0, 0x12}, {0x7, 0x2}}, [@TCA_RATE={0x6, 0x5, {0x8, 0x86}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x4)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000007c0)={<r7=>0xffffffffffffffff}, 0x13f, 0x5}}, 0x20)
stat(&(0x7f0000001c40)='./file0\x00', &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, <r8=>0x0, <r9=>0x0})
r10 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r10, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f0000fffffffffffffff000000000"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001d40)={&(0x7f0000000580)=@proc={0x10, 0x0, 0x25dfdbfd, 0x40}, 0xc, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYRES8=r6, @ANYRESDEC, @ANYRES32, @ANYRES32, @ANYBLOB="00000000000001000000", @ANYRES32, @ANYRES32, @ANYRES32=<r11=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="3075253f97c78b70e75f469022b12c3de45ca0c79c5217f2f164e61a5f0967ad748f3e080d98a0bd726374b642dda15d32f838df70ab74d927f8eef21675a01f18cc2a8a1a94005aa96ffde0a7d0c10ec126e5ad3b33a9b21f814bac9b701c92d22baa8ef2ff024dc09d10", @ANYRES16, @ANYRES32, @ANYRES32], 0xffffffffffffff41, 0x24040094}, 0x80)
lchown(&(0x7f0000000000)='./file0\x00', 0x0, r9)
ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x3)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f0000000c00)=ANY=[@ANYRESDEC, @ANYRES32=r11, @ANYBLOB="02000400", @ANYRES64, @ANYBLOB="020002", @ANYRES32=0x0, @ANYRES32=r8, @ANYBLOB="0ffe0500", @ANYRES64, @ANYBLOB="02000000", @ANYRES8=r7, @ANYBLOB="02000300", @ANYRES64, @ANYBLOB="101134a98f83abd7970f8d53c9fe3b0e6f2c99609640b6082ec96d74eafc70e18e1e49ecf606bb1537f6b19ef8d90d688842f870114104da7884d0745ed38f7c20f69891dd50e5c8717c367677a620b59355abe81a22aa2cd1b0ac7e2cf6ab7dfcfd6605fee5ea4a7fbf0c20a027123bf92a0978a6ffbf15c21324e34f798e62816e56ab9d4e1f", @ANYRES32=0xee00, @ANYRES8=r10, @ANYBLOB="7de0de6148d7d44c4d01eeff92df69b773e9c6727f8fbda7576c2a151378b664926695450adc68e74593831c634553c00cb92a5f09f1c013283b5c41e9b48b6df05700293ee4dfd9070d460cc6774ad5cb408f22ce", @ANYRESDEC=r8, @ANYRESDEC, @ANYRES32=0x0, @ANYBLOB="080006", @ANYRES32=r9, @ANYBLOB="08000300", @ANYRES32=0xee00, @ANYBLOB, @ANYRES32, @ANYBLOB="10000400000000002000000000000000"], 0x94, 0x2)
semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f00000004c0)={{0x1, 0x0, 0x0, 0x0, 0x0, 0x181, 0x800}, 0x7fff, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x40})
ioctl$PPPIOCSNPMODE(r1, 0x4008744b, &(0x7f0000000440)={0xfd})
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x42, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r12, 0x0, 0x20}, 0x18)
symlink(&(0x7f0000000000)='./file0/file0/..\x00', &(0x7f0000000240)='./file1\x00')
symlink(&(0x7f0000001500)='./file0\x00', &(0x7f0000000080)='./file0/file0/..\x00')
r13 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r13, 0x0, 0x30, &(0x7f0000000940)=ANY=[], 0x310)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x2000c0, &(0x7f00000005c0), 0x1, 0x54e, &(0x7f0000000600)="$eJzs3U1oHOUbAPBnZrPtv23+pgUFlR6KChVKN0k/tHpKr2Kh0IPgpS6bbQjZZEN2U5uQQ3ovYkFR6aXe9OBR8eBBvHj06kXxLIgGhaYHiUx2N/1Isq61ydbO7wezfT+GPu+bmWey7zBDAsitI9lHGvFMRJxPIobu6huIdueR1n6rK0uV2ytLlSTW1i78mkQSEbdWliqd/ZP2vwciYjkino6Ib4oRx9LNcRsLi1PlWq06164PN6dnhxsLi8cnp8sT1YnqzMmXXzl95tTp0ROjD22u1368/s617167ef3Tzw4vV94vJzEWg+2+u+fxMLV+JsUYu6/91E4E66Ok3wPggRTaeV6MiKdiKArtrAcef2t7I9aAnErkP+RU53tAtv7tbLv5/eOXs60FSBZ3tb21egZa9ybif+trk/2/J/esTLL15sHdHCiPpeWrETEyMLD5/E/a59+DG3kYA2RHfX22daA2H/904/oTW1x/Bjv3Tv+lzvVvddP17078wjbXv/M9xvjzzZ8+2jb+1Yhnt4yfbMRPtoifRsRbPca/8caXZ7brW/s44mhsHb8j6X5/ePjSZK060vrcMsZXRw+/2m3++7eJP9Zl/lnbbI/z/+Lbz59b7hL/xee7H/+t4u+LiHd7jH/o1ievb9eXxR/fZv7d4mdtN3uM/9LYkR963BUAAAAAAAAAAPgH0vVn2ZK0tFFO01Kp9Q7vk7E/rdUbzWOX6vMz461n3g5GMe08aTXUqidZfbT9PG6nfuK++smIOBQR7xX2rddLlXptvN+TBwAAAAAAAAAAAAAAAAAAgEfEgfve//+j0Hr/H8gJf/Ib8kv+Q37dm/9J38YB7D6//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74vy5c9m2dntlqZLVxy8vzE/VLx8frzamStPzlVKlPjdbmqjXJ2rVUqU+/Xf/X61enx2Jmfkrw81qozncWFi8OF2fn2lenJwuT1QvVou7MisAAAAAAAAAAAAAAAAAAAD4bxlc35K0FBHpejlNS6WI/0fEwSgmlyZr1ZGIeCIivi8U92b10X4PGgAAAAAAAAAAAAAAAAAAAB4zjYXFqXKtVp1T2FyIiOVHYBgKCn05+QEAAAAAAAAAAAAAAAAAgF1156Xffo8EAAAAAAAAAAAAAAAAAAAA8iz9OYmIbDs69MLg3T17I2JPslrIynsi4u0bFz64Um4250az9t822psftttP9GsOQC86edrJYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCOxsLiVLlWq87tYKHfcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4EH8FAAD//46R2W8=")

972.171625ms ago: executing program 5 (id=13548):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2000)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})

956.711705ms ago: executing program 5 (id=13549):
bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="48000000100003050000", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000400000100c2800007000300"], 0x48}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xa, 0x4, 0xffd, 0x7}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000040), &(0x7f0000000080)=r2}, 0x20)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x1}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x50}}, 0x0)

939.377725ms ago: executing program 5 (id=13550):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = dup(r0)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000020000000000002000085000000ae00000095"], &(0x7f0000001b80)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='kfree\x00', r3}, 0x18)
fsetxattr$security_selinux(r1, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)

923.885885ms ago: executing program 5 (id=13551):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
r1 = accept4$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000300), 0x0)
r2 = syz_mount_image$iso9660(&(0x7f0000000cc0), &(0x7f0000000c80)='./file1\x00', 0x1004491, &(0x7f0000000380)=ANY=[], 0x2, 0x826, &(0x7f00000012c0)="$eJzs3U9sHFf9APDvuHacOGp+1e/3U4miNJ0kRUpE6q7t1sXqoWzXY2dae9faXaNEqGqjxilRnLZqVZVGiJJLCwiEOHEsvVa99AZCAokDcEKiBy4cKlXqBVQQSAiEkIJ2djde/1k7ThynlM9n1X2zb957897sZL87W7+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAiqUyXSmNJzOXVxTNpf5Xpem1+k/Xd9n6+KtlkuxFJ67/YuzcOtrMO/v/K6ntbT8ficPvV4djbSvbGlf333vPY/w0OdOtv0qGbdbT/qqHeF0nEN1udunRueXnp5dvQkV30nZ92FvbecJV/XGs9z2bVvFHL58uzWZo3aunU5GTpodMzjXQmn8saZxvNbD6t1LNys1ZPT1ROpmNTUxNpNnq2tlidnS7PZd3MRx8cL5Um0ydHF7JyvVGrPvTkaKNyOp+by6uzRZnx0mvRKvNo60B8Km+mzaw8n6YXLi4vTWzV1VahsVU5w6sOnMMP3PPxqx/99eJS64Ds10jSOTDHx8bGx8cmH5l65NFSaXC8NL46o7RGXC8RAxGtErfloOXO2r9B3mDniFm3IuLa/+zMhzfcooFO/I+5yKMai3Em0khjoHheeQxFJaajHrWYb73+3dCa9evi/+cf+tNvNttub/zvRvmDK6sPRRH/j7RfHekX/9f1Ygceg/1arb7X7k1v3ivxelyJS3EulmM5luLltbX2rK2xweNGytzyY7idDuxsq7ORRTXyaEQSecxHuchJi5xapDEVkzEZpXgmTsdMNCKNmchjLrJoxNloRDOy4oiqRD2yKEczalGPNE5EJU5GGmMxFVMxEWlkMRpnoxaLUY3ZmI5y0cqFuFjs94k1/br3G8/+5Pnffvx2a/l6obFNBpK0vszt/zDiL5sUWhfutxH/WyUGOkf3rsQkdsnebb6rO/PBDTvgWhH/B+90NwAAAIDbKCl+fU8iYijuK5Zm8rnsK3e6WwAAAMAOKv6u+XArGWot3RdJ6/y/tEHJDyKGd717AAAAwA5Iijl2SUSMxP3tpe50qY1+BAAAAAD+AxX///9IKxmJeKPIcP4PAAAAnzHf6neN/Y/2FNfYHYnGwnDysz9HvT6UXF0480ByudwqV758V7teJ/ny9RabM4eSA51GimRy8Mr+JCIGK9nhpHv1y3915hJ8UjwfWrkAYb9r/SdbdCA270DxKr4bR9tljp5vp+e7a9pbGZnJ57LRSm3usbGk8+NI89UXLn4tiuF/uzp/IIkLF5eXRp97cfl80ZerrVauXu5cHj7p1opoT6jYpC/XurMp7tt4xEPFRIzOdkfa2y31jr9zNdmBzcef9G7zzTjWLnNspJ2OrB7/3tY2x0YfG4ty+cBAMzvTfPVaz+g7vRhbGflwd7TJNt6FN+N4u8zxE8fbyQa9GF/VixfW92K8d//f2L644V68ffSNM3/7ZS3JJrbqxcQt9gLgTrlQXPVnJQrtK6LQP6+1tQLamri7r1tzO59yF1a+ZXTr98S6wVgX3dObie5vxol2mRPt7xODhzaIK6UNPtFfuvjSrzqf6A+/+8MfPX3k1++vievb6MW7cbJdppPE//6iT4xtjfl7a6LqO60a7/TdbmNuPHlteGIoad98KK48ePHyueeXnl96YXx8YrL0cKn0yHgMFV8VOkmfnoo8AP/dtrrHzvtfv1603114koe3OKtOBrt/UjAaz8WLsRzn41Qx2yAi7t+41ZGeP0M4tcVZ60jPHV5ObXFuuVJ2fG3Z4eNJ9Ck70bPHPveDIvn7bXpDAGAXHNsiDidxT/uyP6/d3amxpsRdSXKq97z7qxFxqF/MbcXyk+0b53bPjqN/LO/1h076xd3YKQDwGZfVP0lGmm8l9Xq+8MzY1NRYuXk6S+u1ylNpPZ+ezdK82szqldPl6myWLtRrzVql+9PxdNZIG4sLC7V6M52p1dOFWiM/U9z5Pe3c+r2RzZerzbzSWJjLyo0srdSqzXKlmU7njUq6sPjEXN44ndWLyo2FrJLP5JVyM69V00ZtsV7JRtO0kWU9BfPprNrMZ/JsKM2r6UI9ny/Xr0bE3OJ8lk5njUo9X2jW2g12t5VXZw7U54tmR9cP/4+7vb8B4NPgldevXDq3vLz08s0t/P5GCt/pMQIAq4nSAAAAAAAAAAAAAADw6bd+ul4rd1sTAYfipqcPvjIcrYV9N1u9tfB0ZyS3MItxk4XB2OEGN1/4wnvtwexEg+vbGerm3L3VvM99q97TPZ1dvEs7YScXnn388UtXrkZEkZMM9u7eJ944ePrDLLqj26Sdjf+lbDTV9a0DEXt+/P12zpf6FE4Gd3ikH3QHuL3q15JN/uHv6scQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANyQfwcAAP//LdJG/Q==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x2042, 0x10d)
fsync(r2)
statx(r2, &(0x7f0000000240)='./file1\x00', 0x400, 0x40, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000000480)={{{@in6=@empty, @in6=@mcast1, 0x4e24, 0x0, 0x4e23, 0x8, 0xa, 0xa0, 0x20, 0x3b, 0x0, r4}, {0x2, 0x2, 0x3, 0x3, 0x8, 0x4, 0x9, 0xff}, {0x71b, 0xcc, 0x9, 0x200}, 0x1, 0x6e6bb2, 0x2, 0x0, 0x1}, {{@in6=@private0, 0x4d4, 0x6c}, 0x2, @in6=@dev={0xfe, 0x80, '\x00', 0x13}, 0x34ff, 0x4, 0x367c53da26d03169, 0x8, 0x6, 0x1da, 0x2}}, 0xe8)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000700)={{{@in=@local, @in6=@private0, 0x4e23, 0x9, 0x4e20, 0x7, 0xa, 0xa0, 0x60, 0x3c, 0x0, r4}, {0x6, 0x400, 0x80000001, 0x9, 0x1, 0xe64, 0x2, 0x7fff}, {0x5, 0x9, 0x35, 0x7}, 0x540f, 0x0, 0x1, 0x0, 0x3}, {{@in=@remote, 0x4d4, 0x2b}, 0xab7cf0aff62ff397, @in6=@ipv4={'\x00', '\xff\xff', @multicast2}, 0x0, 0x2, 0x0, 0x2, 0x9, 0x5, 0x8}}, 0xe8)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x18, 0x4, &(0x7f0000000400)=ANY=[@ANYRES16=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="e3e6d87511f0c6e4b9c8faa6c75d185e4d28803f5669702ecd6407cdc8c52ecae248fb0e5e3c407389c20553ee2570d95a9afed764b0aac78109259a8b70d306cf350e08325f8b91417e313e5ea1ad568a84e57393df40742b4b52a015b404c69b3dbd4913c729710cb93d49377347a4344dcd386d0daed3429d41e390b780247f5fe04a6c0290e6cb0edd23c4b66139f3f3c3af335c06060955b14c74c42256c810f47a91509d1c915e2bb1bad2297735937cb7f3b9f9c0019cb84a99c0faaed8a2aba00743fabae141dacc8db0705a3a0f3c401d6fed6e812654a702597b8a4cd6fb7411dabecdd28e0134118ddbb7e2273b39887c2768c14ffb72f2b0"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
msgget$private(0x0, 0x100)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb658e0d850000007b00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffff2e, 0x0, 0x0, 0x10, 0x10000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x18)
r9 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
ioctl$SNAPSHOT_FREE(r9, 0x3305)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001240)={&(0x7f0000000200)='kfree\x00', r7, 0x0, 0xfffffffffffffffd}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f00000003c0)='kmem_cache_free\x00', r5}, 0x10)
keyctl$reject(0x13, 0x0, 0x0, 0x201, 0xffffffffffffffff)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x7, 0x80, 0x0, 0x1, 0x101, 0x0})

817.996367ms ago: executing program 5 (id=13552):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x4, 0xf, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000005ed029c0f8b55dd500000018110000", @ANYRES8=0x0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055110100000000009500000000000000bf91000000000000b70200000f0000008500000084000100b700"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0xffffffffffffffb6)
unshare(0x40000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r4, 0x0, 0x7}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x774c)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000011300000000000000000000000a20000000000a03000000000000000000070000040900010073797a300000000088000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d44001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c000280080001400000e41f0800034000000120140000001000010000000000000000000084000a"], 0xd0}}, 0x20050800)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
r7 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r7, 0xc0105512, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$nl_route(0x10, 0x3, 0x0)

699.870749ms ago: executing program 4 (id=13553):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
setresgid(0x0, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000006ac0)=[{{&(0x7f0000000280)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000a00)=[{&(0x7f0000000400)="cfc6f3cb499291a9b4772d7304d6e2e396b6dfd335b68691086c5c659ba6a315f59191b9b850ea00e440f171d27d8f578d30595bba731524ac4bb65868b1292411ffe36e87707b354249a8df8356a26d80c3cdc5f09425329cd39b1a5846d7140468a3b525918f2a552e9eda2c5d04ce6a852059323ba3ef7d499107d9427e2f1bb413ec6d3da985f64c51fc1acbc2117865", 0x92}, {&(0x7f00000004c0)="2d9487a3eff33473deb2d8037cc825e40b56f4b679a2c0380ffb0c06cf704311af405f63b09a7e2e86d670a508348f32addbb54dc83f2e7517eaf9bdeab3b8267daef7dd6dbb6e4671dacdad0a3626474072938032bcd543993c5a58c0629ba370442f003442275402a9fcaca7935a0a7e190616d7bb860dd76b29bfb0924423c0e4c0fa3c68731d5005f1d4b50a3aa549c6d117ba69d3bdd867371709ef6fbe0dfc606dcec4864dd4d05385635df3bb84d9281083859fe88928e656035f7eb2", 0xc0}, {&(0x7f0000000640)="682b3eb1614a49eab050bde552cfc593fae150b97cced31d78af1416084aa1451184204ab7cf92b6c1fbecabe94ccdcf05674c1ee6b5a681e245c68baffac30a1f8208d7fb7aaf00cc", 0x49}, {&(0x7f00000006c0)="6574f53b97623e88eaa0977ea15ee047681e2c331678726ca54f5fc891ed7f89c4e30a4cd51d3c1b2ece458ffe86a6ce205e58bde7e39800778a722538665b6832ea8447a0e16f8b7e0c96d47ae55fddd4bc0b7abf7e70dab5ebc858a50c620022952772cdb098983975b1997d0f225795e3de56eee0c2b03124f224063ac05d2e61f657d557df9c8c8a9988d83b92f8d94563e5d700c8120162e41c42dffd8bd07002d18c306f7edbc368d5b9724fed70a13a238b9a144a43281cf7ad4acea91043d891c0959e4287442ddfa09023f39bd961ce005646eb601fe4", 0xdb}, {&(0x7f00000000c0)="69cc67f34a868502f5", 0x9}, {&(0x7f00000007c0)="271fe61a56a71eff707a1bbcc0b4d010dab881c5b44efb2a300654c7628c2d9de82fc49a8fb5708ba6910f337c97cec1b59ce7451306d8f8498161b4529fc9a91dca4eb247b1c5", 0x47}, {&(0x7f0000000840)="956724155eadfe60441273130bc9e44f0939e0b3cb3a9bea8a4c991b96c67128379316e36a30e59a50430b43e92bb1c2f3613fa9eab0f7ce27164f73b063f58b22672fc61e10e557a1b29f550570982b1f2e0f38c71b1db00eb9f3e7dbdd59d4c490c6250d665746920e62da384bd9e41893d50cab3ebc3cdca57aa1fc149f0305ce57c48185c015", 0x88}, {&(0x7f0000000900)="5a6b89a750fb46212121ae51dba73f8ef269f504d2ce2908bb938c350194aacbc93c62ab78886a2903c4c857fbd19e7928d96454b8544a8942c8989aac82440d112cf82781fda15ba83ef8f730bce043667dd87399329279c4d67687987f827fe185351ea0725fedf965a2df2e4cfb5b1c507a3e5a0582ff0a6e5c60dec53b5d31fe9337d8f0e1860bca042ee0a60b9d220dcfd403d11210db2d7b3b67b44f28ff8f8b02098a751b008402af86f9318a7362155fc73a66cde4f8497989bca79f1357bbafcaa85f835e9563a0e4", 0xcd}], 0x8, &(0x7f0000000d40)=[@cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff]}}, @rights={{0x10}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r0]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, r0, r0, 0xffffffffffffffff, 0xffffffffffffffff, r0]}}, @rights={{0x14, 0x1, 0x1, [r0]}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x140, 0xc0}}, {{0x0, 0x0, &(0x7f00000010c0)=[{&(0x7f0000000ec0)="2677ab3b770da1216edf503e405b30bf2f254075f2f38eac6815988f6f885040e0fe0ef419f776b2252d757f39834f8da81ad818f32fc6b35c4441e5d6cbb73e7b52fae96bb49e7f4433af4e51cccdc89b73ed4010fe96a4f3ec834fc8b99c74bc31d38a9d3e7e6ece31af963c67dc8b0700fbf966e7376f6b80e1df7110f1ec885f0f9981524f7a39e596d44ac294d697f1123a0eaaa754169a95a08eff7c976f7a5542b8849342ac7655f1722f5686e7bb", 0xb2}, {&(0x7f0000000f80)="f4062ca8ada9ce23fcd550f838073336a6d741eec01dca3e428cc593e28451dc2d2b38a348af7b5a1b27c9970f70be5ba33f47bbb5b5f8416735fe3442dde2829e98c8a55fe88281bc6b0816cd18dae9b0d88af54bd410cfa40d0b9df34c327f24fe455e25fdd0260341456ab1c86b79ba43cbca35cc7347cfeeb61eb0a3e0dc14e8c3ad798d308248ee5ea7b087d757aaa4199a080f8a096b0cfaacc0c81f06563980996c8da483e29d79e84cfa714a", 0xb0}, {&(0x7f0000001040)="bb1b7244c058798875b0d91b6f3c7f2c80dd660bbc394f277f1b0c3bf1f0c37f7eff021fea987728a2f2de0397abe2899405dee3c45917825cf43a1da003f81401541601e197b04bc706b07f30ba79cfc8d3107ffe0ee9019e8a3d1ee6371f8849f761b7dede7472dbafc5dcb375e2bffd0fe30688288232", 0x78}], 0x3, &(0x7f0000001140)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xc0, 0x4000000}}, {{&(0x7f0000001200)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000001640)=[{&(0x7f0000001280)="9a6b27f9a73ea5b6d2987781fac8eb942998530da544d0b749852502ea2eecfe04849353635099b7745b096b93fccaa2017ee37d3502e3e4e52abf87a0d9bcddee8ffddcfea78414", 0x48}, {&(0x7f0000001300)="07934f5238660dfcaf02f114627440f823aa9fb303e33f43507df8bdcfeb82f1f0224a53cc5ede6f6d5f2f24bcea9cc0f239da82092044be382ea125b9e193d301f4e4869509392365b934c5450de1ba8a43c645dd68303c894ad0fe717ef4fd5ebe629696d3a5ba14160c7c1cc37fa770974937e39f2212d569d89704d2bd9093d2ecfca40d782ccfd36e762aaa3ed6ed80f2b632417f131e1daae911805c1cf89b0ec5618b11a86c55e34334bb32ad6c54430cf4f7678965203272b6099a09bdd5a7003b6d40ca34420982956e601fad1e6746422c2ecc701fc58651e0ebac07d0a89ee5273f8c5ca42207c241ba7b4b1b43e42886c14a78", 0xf9}, {&(0x7f0000001400)="6851fe1a77057c8e54d82aa948cd716ac1c5f0a9b71af9f623ef68708ba318825fe3ca1680e9acdd6507a206b2bffcac7595ce", 0x33}, {&(0x7f0000001440)="b2dcaa8235e6be040f0adefa3806afcb4b42fd48952c10a7c73ebcb123f0a5b3bde0469c29937787aff8edb3a6ce9d4303d9702f97b1970d88768e11f1340c6ce9c1c080f358b1f45ea4fb591fd5f320edc3ecec1e6701c76e077bcfadba97feb9f057a2f691c279e895dd8440d85bd70cc241d485ce77442228ad04a69e2b68f5d54a8fc690e734b6aa9e2f83129ad1a1f7365bb8461c416398232ee6fbd5c52b93af6e11d6a9118b62247bdf26e2b99260b016d435051f73410552e995769d5b952c94aeab7e44c37ca70dcff0645a941de3bf9c5af5504e10f86524aa919888c429c0ff23518773273d593c71a47f058e1fbc437615d073d0cbe409cc", 0xfe}, {&(0x7f0000001540)="aae2e99bf5690358b320d19f3930fac955de2965b31cc0e7f4ef09babfa6898728308d46712ab72bdc5624ab2a84f505f5475498d995699c116d2eabca783df707bdaf73e72f8fcb58611102e25656c0b6209eef61b7e0191b8f971a120fcea3f7e331aa5695a3ec27e90fa2afae7c844ef990c65c4af73f2ea2bf3ecb1c211cea2a71100f19484394a6a102055d8dff8ca8f049daa7f4b1d26d1dd6f3aae3088497596dacb0f5d9686ae0be7acdc1c2d0a1289ae0a91788b60c6251cda6d46fc4a22f29f353b00984c1616fe2308563bd213d3d1b", 0xd5}], 0x5, &(0x7f0000001780)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0x60, 0x40}}, {{0x0, 0x0, &(0x7f0000003cc0)=[{&(0x7f0000001880)="6c5dcbeb23233ee3f9f02ce1498ddc0e1ffb8c19c123a71ca1bed2a598d60e71464fbf0c9c48fbcf0698ac2c8df3ca1398a6f571b5c06f551efc5437179a557886b2197398b95d5a92ad653a4d3aada4b396b09827fea13876d8b68968ff9a4a265a", 0x62}, {&(0x7f0000001900)="ce2450b70c2626baec540ee69f9de4ce916543dec0e532008e44a7accc493243403446f2bd2d8475c45ba3226c775e8f848ed3081b5c18994c07adf83f784f81cdf33c5d08b127c4cbb145e992c2b078fa692e640cecb56a98b4ca4de7409d007e8816b2c35f46deb872e14a0c0be62926d9f4f07eb7dfff0445da89cffd46aa562028fedf5c128e69defba95e11949e08a26f4dbcda00d08744536582412e87eb8872293938ce8436843e6861a41f83fcb9a77f0b5d5a8d1306190627b83c8ca85337e7fa20e3a77a2c6431fd6f5efcfd00dbe8212744479f0299b6908a271b0c56124246e663", 0xe7}, {&(0x7f0000001cc0)="5809a3212fabb86e2e9d828b432a99873ab3c83158925bff10a1e767bb9de66c7b9dd8f2fda83b6178be6934f7f90dd3f4a53dd55909aa19f0b9642e29fb2f7e193d49595b302152a9ba87e6296cbc12365998eca2b31b4b1054ea5d990bfacbee11dd2e78a90e6f26623141a7d1e0b9db9a7d9d8ca06b6f5d41291f1082d5a8497f6adc14122c4b7e53f8c678d9b63c8e51ac6555443606cf4f8e5722c0bd06a2a3f670249a146b6c198cab452e21049debd1d077b87ac62fac695506b9ffd14c9741f21c81818c7157d78ee74e3570e61e14b8cc103ad4bb959d5266825fc00d6731089aef77c17d9fcf5b3952ed247d4e85690409c28fcf246386eb6e1932dd49c8ab568ba4ec8b245e27cbeb43eeb3d30a39c0e972e4a391d49a7ef57918fb629c17c200ed9197acd7ad4b6501ae335bd5c7d50e25980bd08f6dbacd03c1c7e1c530397c335f48b87a32fba2d42dc4dfe0e10bb058981cf771092d7abf76ba840ab01b3c92bfc31a1389432a9d767c9dc7e566416b3d4e333e1ef8688340104d18c0fed3934e27e131304b390252a27d6181a798fa4a1242d32e6ba19405552167f222780bd8ed8e52d7dcd4ad44698c1ef1e85baa0b65b66f014aa4ed75577486f7dfdfac3f80ddf0c7406234d67198d610b437eced7790482e6ce5fff9408decdd7245ced4025b2ac0401660ad76f2a9ca0cacae1fa61beb8207abfe71cfcda1f2cadcd55cdf7b02e8a1d89bf619d2a681e265556afdc09dcfa28887acd4fd2d0ad2a57cc2dfd53bb40992d0c776cb9d12d031a3f22641ddac7bd180b231d53bdd3dfd730778f556e75dc81637aff39b695922dec6761ba0befe82c22c366700108dc41f87359e83b533c702f92a82b66243773ca260ab81ce272a9718145490c48da1a2e4fbb8683617063b78e54e2271caa8ec84078b0f5b2b7bb81b90ebd6bdb2c8eaa3059928fd9a28b4cb5eed0e0aa63ec31c2dd8ebebe2d69f9c5546bb979bf6cad16d96f817d32a5dc90fd51112984a4f0980a9fd004a150b7e55db75eb23e0836a406f56c10723228d4becf24221a94b9d2391b24c80fd1d02506d62cd6520171a3832c631b129b09b5ca19e18aa44a2050849d009a1a0a9e88e5ac4c30264f2c6c2d44e851ed7f96dcbe9b6fa1b0d7938587c27a1376853dd2ea8d4380148f32192f59c16ff69f6fd00b73f3fe7ff8c432bdb7c415676faf381779ef2f5fe0f6aebd5436caa427175ff41a1c1f900a9c219093902abade0fd5cc69a78623109d34e3858cd3428d8cb73ea1c66d3b23aadb48b2622041ac7025aab7e5beefe08343d81be0bfdffa87cfa70cde26e0b60069b76a35677599f6f4f699d294738fd863640622e167f4d1b391d2b22d807331805acb4f07f576a6e1628960fe62c9876ebb2da483a4c68adfbb75d1d831d2a95ac139dc2629b2877afb3df15bb2d82392b76688e212d41868f6e5e4a290f2c7dd1a83410d69e9f0810e3987df8578323e3f810116cd6761b80656b79fbee5169560b03bb6a1dd139fab8c6293feae17b94823d67b89716cad0d873e0e4b067993c7e78a4c1fddac5cba1aa091cbc5b6bbe2ec31d1af26d13c527f981574a690c2a89a5e5f432ef46732c4b736676c3889754be42947b7456c9fad86ba906232f142be5d49eb4da0aa0afc7596347bab2a30b7383ea1a5276f5f514d77ecdc47f50dd40bd8ec02bdfe4fb805aa78d9296a41e2cd71d7953c9f106cbe0a083da5e31b80f8958ad986270cae2b9c47beb2fd16de3cbf7bbd050bc389a60b8d2b0a002fa0e05c3f267f899d27410e56dc1302fd51038ea17668764bdbd85537e49af1216624b65c1ca97cc4b06fa41f3e19913c9c0073a3468aedd22f631c7476004cde0f95b277754cbf7f6508e597e5991d8adcc0ade8dab1d26edfae8d28b88050c47cfbd65d59a663732a6d801fccaa0cb03b029ce7299376669b9544ebec264b48f3865bec4dafc6e8aeafbe549102ce1790ec3bdee9fba2f29266781e0ae1b05bff6f6abe859a3ff9d33dab39c28b625b142e43d94b1dac1dfeeaf58f08ae68d204cc9fae40ed3ee93e70ad68d37af54944aebff00352b2085bc795a5050aba0de21d784fd76b08f8c7e2e12aa5629968a8543b130780b4c8d30b56bfe29a0baf78fe7e6be", 0x5fe}], 0x3, &(0x7f0000005040)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xc0, 0x2400c805}}], 0x4, 0x0)
write$binfmt_misc(r0, &(0x7f0000000240), 0xfffffecc)

687.694749ms ago: executing program 3 (id=13554):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x11, 0x80a, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000002480)=@newtaction={0x88c, 0x30, 0x12f, 0x0, 0x4, {}, [{0x878, 0x1, [@m_police={0x874, 0x1, 0x0, 0x0, {{0xb}, {0x848, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x1000000, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x6}, {0x7, 0x2, 0x2, 0xfffe, 0x0, 0x5}}}], [@TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x0, 0x5, 0x2, 0x2, 0xb, 0xfffffffb, 0x0, 0x7, 0x401, 0x1, 0x9, 0x90, 0x9fd, 0x2, 0xb8, 0xca2, 0x6, 0x3c, 0x7, 0x1, 0xa89c, 0x400, 0xc, 0x492217a0, 0x7, 0x5, 0x1, 0x1ff, 0xe5, 0x2f, 0x80, 0x3, 0xa, 0x4, 0x1, 0x9, 0x11, 0x9, 0x6, 0x3ff, 0x7, 0xd, 0x3, 0xc0000, 0x8, 0x8, 0xffffff40, 0x100, 0x3, 0x5, 0x7, 0xe0b2, 0xfffffffe, 0x8fb, 0x84, 0x9, 0x4, 0x9, 0x80000001, 0x6, 0x0, 0x8, 0x800, 0x9, 0x1, 0x100, 0x401, 0x8, 0x3, 0xb5, 0x10001, 0x4, 0x4, 0x7f, 0x0, 0x6, 0x4, 0x81, 0x80000001, 0x2, 0x4, 0x0, 0x5, 0x8000, 0x0, 0x9, 0x8bed, 0x7, 0x5, 0x1, 0x0, 0x7, 0xeb22, 0xd, 0x8000, 0xfffffff7, 0x0, 0x4, 0x3ff, 0x400000, 0x10, 0x5, 0x7, 0x10000, 0x5, 0x1, 0x0, 0x2, 0x7, 0x5, 0x6, 0x5, 0x4, 0x2, 0x81, 0x0, 0x10, 0x1, 0x7fff, 0x800, 0xfffffff4, 0x10000, 0x5, 0x8, 0xba, 0x4, 0x89, 0x2, 0x6, 0x100, 0x9, 0xffffa3e0, 0x401, 0x5, 0x1, 0x2, 0xf, 0x24b9, 0x3a, 0xe01, 0x1, 0x6430, 0xd, 0x8, 0x0, 0x8, 0x7eb7, 0x3, 0x0, 0x200, 0xfffffeff, 0x9, 0xfe, 0xa, 0x6, 0x7, 0x100, 0x1, 0x3, 0x100, 0xb, 0x8, 0x101, 0x6, 0x2, 0xfffffc00, 0x81, 0x81, 0x200, 0x80000001, 0x1, 0x1, 0x9, 0x7, 0x4, 0xb, 0x80, 0x0, 0x0, 0x6, 0x5, 0x2, 0x65, 0x4, 0xfffffa0c, 0x3, 0xfffffffc, 0x4, 0x9, 0x35bc0, 0x9, 0xfffffffa, 0x7, 0x5, 0x3, 0x5, 0x9, 0x8, 0x28, 0x2, 0x5, 0x10001, 0x2, 0xf, 0x0, 0x1, 0x40000723, 0x0, 0xe, 0xb, 0x4, 0x6, 0x7, 0x200, 0xfffffbff, 0x7, 0x3, 0x8, 0x5, 0xfffffffb, 0x1002, 0x7f, 0x2, 0x80000001, 0x0, 0x9, 0xf, 0xfffffffe, 0x928, 0x4, 0x2, 0x5, 0xd1b, 0xb87, 0x3, 0x8d8d, 0x55, 0x101, 0x8, 0x64e8, 0x8, 0x82c, 0x772, 0x80a, 0xfff, 0x6, 0x3f7, 0x4, 0x8, 0x1c1, 0x1, 0x5d, 0x9, 0xd, 0x80]}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x5, 0x3dc6ec7d, 0x7, 0x9, 0x65df, 0x8d, 0x5, 0x7, 0x7, 0x180000, 0x3, 0xe56, 0xd, 0x3, 0x5, 0x9, 0x0, 0x10001, 0x7, 0x3613, 0x9, 0x2, 0xffffffff, 0x7fff, 0x2, 0x5173, 0x6, 0xffffffff, 0x40, 0xffff9b69, 0x0, 0x7, 0x0, 0x401, 0x7, 0x3, 0x2, 0x10, 0x7fff, 0x0, 0xebcd, 0x6, 0x0, 0x3, 0xa9f9, 0x9, 0x8, 0xf, 0xe70, 0x8, 0x866, 0x7, 0x10000, 0x380000, 0x3, 0x1, 0x8, 0x6, 0x7, 0x9, 0xffff, 0xf2, 0x7, 0x5, 0xf, 0x7fff, 0xc1, 0x2, 0x5, 0x5, 0x8, 0x48, 0xe, 0x3, 0x8, 0x81, 0x5, 0x85d5, 0x9, 0x8, 0x9, 0x1, 0xbe1, 0x1, 0x478998ae, 0x7, 0x100, 0x9, 0xfc, 0x6af, 0x9, 0x2, 0x1, 0x3, 0x344, 0x1, 0x15e9f50a, 0xf66d, 0xff, 0x8, 0x4, 0x401, 0x200, 0x8000, 0x1, 0x7, 0x7, 0xb5, 0x4, 0xc000, 0x1, 0xb, 0x4, 0x4, 0x107, 0x0, 0x4, 0x10000, 0x800, 0x7, 0x3ff, 0x2, 0xa1c, 0x1c00, 0x26, 0xfff, 0x7e, 0x6, 0x80000000, 0x7ff, 0x1ff, 0xf, 0x0, 0x9, 0x4, 0x2, 0x800, 0x7, 0xfffffffa, 0x2, 0x8, 0x733, 0xee5, 0x1000, 0x0, 0xffffff71, 0x3, 0x5, 0x0, 0x7, 0x80000000, 0xfffffff9, 0x8, 0x2, 0x7, 0x8000, 0xff, 0x5, 0x6, 0x7, 0x3, 0x4, 0xf29, 0x5, 0x0, 0x7fffffff, 0x9, 0x7cf8, 0x1ff, 0x7fffffff, 0x4, 0x4, 0x5, 0x6, 0x6, 0x5, 0x1ff, 0x1, 0x6, 0x4, 0x114614f8, 0x7, 0x3ff, 0x9, 0x60, 0x3, 0xffffff80, 0x10, 0x10001, 0x807, 0x0, 0x1, 0xbeea, 0x3, 0x8, 0xfffffff9, 0x6, 0x72af873a, 0xe65, 0x7f, 0x9, 0x9, 0x695, 0x3, 0x1, 0x8, 0x4, 0x7ff, 0x4, 0x5, 0xd, 0x1, 0xc1, 0x7fffffff, 0x0, 0xd651, 0x80, 0x4, 0xc, 0x3, 0x2, 0x400, 0x6, 0x6, 0x3, 0x101, 0x80000001, 0x6ba, 0x81, 0x6, 0x7, 0x3, 0x200000, 0x4, 0x4, 0x5, 0x9, 0x9, 0x4b79, 0xfffffffa, 0x7, 0x80000001, 0x7f, 0x6, 0x3, 0x9, 0x3ff, 0x7ff, 0x6, 0x5, 0x5, 0xff, 0x7, 0x8, 0x81, 0x8]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x88c}}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x401, 0x70bd2c, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MIIMON={0x8, 0x3, 0x4}, @IFLA_BOND_USE_CARRIER={0x5}]}}}]}, 0x44}}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140604000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

654.35891ms ago: executing program 3 (id=13555):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000980), r3)
syz_clone(0xc0000000, 0x0, 0xe30b, 0x0, 0x0, 0x0)

514.213612ms ago: executing program 1 (id=13556):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$netlink(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="09000000030000000800000004"], 0x50)
syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1900000004000000080000000800000000000000", @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000"], &(0x7f0000000800)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000020000000900010073797a30000000002c000000030a01010000000000000000020000000900010073797a30000000000900030073797a32000000003a000000030a03000000000000000000020000000900010073797a30000000000900030073797a32"], 0xa0}}, 0x8040)
epoll_create1(0x80000)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="0f02000039000511d25a80648c63940d0324fc600b003540280009", 0x1b}], 0x1}, 0xe000)
r1 = socket$kcm(0x10, 0x400000002, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe00006a"], 0xfe33)

244.868446ms ago: executing program 1 (id=13557):
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x281c2, 0x120)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001240)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
truncate(&(0x7f0000000100)='./file1\x00', 0x3)

230.302216ms ago: executing program 0 (id=13558):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\v\x00\x00\x00\a\x00\x00\x00\b'], 0x48)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000100)=0x3)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=@newtfilter={0x2c, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r5, {0x0, 0x7}, {0x0, 0x12}, {0x7, 0x2}}, [@TCA_RATE={0x6, 0x5, {0x8, 0x86}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x4)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x4f0, 0x340, 0x25, 0x148, 0x0, 0x60, 0x458, 0x2a8, 0x2a8, 0x458, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x44, 0x0, 0x9, 0x0, 0x0, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@broadcast, @multicast1, 0x0, 0x0, 'veth1_to_bond\x00', 'veth0\x00', {0xff}}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@unspec=@cgroup0={{0x28}, {0x4}}, @common=@unspec=@statistic={{0x38}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x8000, 'syz0\x00', {0x481c}}}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x550)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x2, &(0x7f00000007c0)={<r7=>0xffffffffffffffff}, 0x13f, 0x5}}, 0x20)
stat(&(0x7f0000001c40)='./file0\x00', &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, <r8=>0x0, <r9=>0x0})
r10 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r10, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f0000fffffffffffffff000000000"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001d40)={&(0x7f0000000580)=@proc={0x10, 0x0, 0x25dfdbfd, 0x40}, 0xc, 0x0, 0x0, &(0x7f0000000680)=ANY=[@ANYRES8=r6, @ANYRESDEC, @ANYRES32, @ANYRES32, @ANYBLOB="00000000000001000000", @ANYRES32, @ANYRES32, @ANYRES32=<r11=>0xffffffffffffffff, @ANYRES32, @ANYBLOB="3075253f97c78b70e75f469022b12c3de45ca0c79c5217f2f164e61a5f0967ad748f3e080d98a0bd726374b642dda15d32f838df70ab74d927f8eef21675a01f18cc2a8a1a94005aa96ffde0a7d0c10ec126e5ad3b33a9b21f814bac9b701c92d22baa8ef2ff024dc09d10", @ANYRES16, @ANYRES32, @ANYRES32], 0xffffffffffffff41, 0x24040094}, 0x80)
lchown(&(0x7f0000000000)='./file0\x00', 0x0, r9)
ioctl$LOOP_SET_BLOCK_SIZE(0xffffffffffffffff, 0x4c09, 0x3)
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, &(0x7f0000000c00)=ANY=[@ANYRESDEC, @ANYRES32=r11, @ANYBLOB="02000400", @ANYRES64, @ANYBLOB="020002", @ANYRES32=0x0, @ANYRES32=r8, @ANYBLOB="0ffe0500", @ANYRES64, @ANYBLOB="02000000", @ANYRES8=r7, @ANYBLOB="02000300", @ANYRES64, @ANYBLOB="101134a98f83abd7970f8d53c9fe3b0e6f2c99609640b6082ec96d74eafc70e18e1e49ecf606bb1537f6b19ef8d90d688842f870114104da7884d0745ed38f7c20f69891dd50e5c8717c367677a620b59355abe81a22aa2cd1b0ac7e2cf6ab7dfcfd6605fee5ea4a7fbf0c20a027123bf92a0978a6ffbf15c21324e34f798e62816e56ab9d4e1f", @ANYRES32=0xee00, @ANYRES8=r10, @ANYBLOB="7de0de6148d7d44c4d01eeff92df69b773e9c6727f8fbda7576c2a151378b664926695450adc68e74593831c634553c00cb92a5f09f1c013283b5c41e9b48b6df05700293ee4dfd9070d460cc6774ad5cb408f22ce", @ANYRESDEC=r8, @ANYRESDEC, @ANYRES32=0x0, @ANYBLOB="080006", @ANYRES32=r9, @ANYBLOB="08000300", @ANYRES32=0xee00, @ANYBLOB='\b\x00', @ANYRES32, @ANYBLOB="10000400000000002000000000000000"], 0x94, 0x2)
semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f00000004c0)={{0x1, 0x0, 0x0, 0x0, 0x0, 0x181, 0x800}, 0x7fff, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x40})
ioctl$PPPIOCSNPMODE(r1, 0x4008744b, &(0x7f0000000440)={0xfd})
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x42, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r12, 0x0, 0x20}, 0x18)
symlink(&(0x7f0000000000)='./file0/file0/..\x00', &(0x7f0000000240)='./file1\x00')
symlink(&(0x7f0000001500)='./file0\x00', &(0x7f0000000080)='./file0/file0/..\x00')
r13 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_MSFILTER(r13, 0x0, 0x30, &(0x7f0000000940)=ANY=[], 0x310)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x2000c0, &(0x7f00000005c0), 0x1, 0x54e, &(0x7f0000000600)="$eJzs3U1oHOUbAPBnZrPtv23+pgUFlR6KChVKN0k/tHpKr2Kh0IPgpS6bbQjZZEN2U5uQQ3ovYkFR6aXe9OBR8eBBvHj06kXxLIgGhaYHiUx2N/1Isq61ydbO7wezfT+GPu+bmWey7zBDAsitI9lHGvFMRJxPIobu6huIdueR1n6rK0uV2ytLlSTW1i78mkQSEbdWliqd/ZP2vwciYjkino6Ib4oRx9LNcRsLi1PlWq06164PN6dnhxsLi8cnp8sT1YnqzMmXXzl95tTp0ROjD22u1368/s617167ef3Tzw4vV94vJzEWg+2+u+fxMLV+JsUYu6/91E4E66Ok3wPggRTaeV6MiKdiKArtrAcef2t7I9aAnErkP+RU53tAtv7tbLv5/eOXs60FSBZ3tb21egZa9ybif+trk/2/J/esTLL15sHdHCiPpeWrETEyMLD5/E/a59+DG3kYA2RHfX22daA2H/904/oTW1x/Bjv3Tv+lzvVvddP17078wjbXv/M9xvjzzZ8+2jb+1Yhnt4yfbMRPtoifRsRbPca/8caXZ7brW/s44mhsHb8j6X5/ePjSZK060vrcMsZXRw+/2m3++7eJP9Zl/lnbbI/z/+Lbz59b7hL/xee7H/+t4u+LiHd7jH/o1ievb9eXxR/fZv7d4mdtN3uM/9LYkR963BUAAAAAAAAAAPgH0vVn2ZK0tFFO01Kp9Q7vk7E/rdUbzWOX6vMz461n3g5GMe08aTXUqidZfbT9PG6nfuK++smIOBQR7xX2rddLlXptvN+TBwAAAAAAAAAAAAAAAAAAgEfEgfve//+j0Hr/H8gJf/Ib8kv+Q37dm/9J38YB7D6//yG/5D/kl/yH/JL/kF/yH/JL/kN+yX/IL/kPAAAAAAAAAAAAAAAAAAAAAAAAAAA74vy5c9m2dntlqZLVxy8vzE/VLx8frzamStPzlVKlPjdbmqjXJ2rVUqU+/Xf/X61enx2Jmfkrw81qozncWFi8OF2fn2lenJwuT1QvVou7MisAAAAAAAAAAAAAAAAAAAD4bxlc35K0FBHpejlNS6WI/0fEwSgmlyZr1ZGIeCIivi8U92b10X4PGgAAAAAAAAAAAAAAAAAAAB4zjYXFqXKtVp1T2FyIiOVHYBgKCn05+QEAAAAAAAAAAAAAAAAAgF1156Xffo8EAAAAAAAAAAAAAAAAAAAA8iz9OYmIbDs69MLg3T17I2JPslrIynsi4u0bFz64Um4250az9t822psftttP9GsOQC86edrJYwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCOxsLiVLlWq87tYKHfcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4EH8FAAD//46R2W8=")

137.954487ms ago: executing program 3 (id=13559):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2000)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})

125.651567ms ago: executing program 1 (id=13560):
bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000140)=ANY=[@ANYBLOB="48000000100003050000", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000400000100c2800007000300"], 0x48}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xa, 0x4, 0xffd, 0x7}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000040), &(0x7f0000000080)=r2}, 0x20)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x1c42}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_XFRM_IF_ID={0x8, 0x2, 0x1}]}}}, @IFLA_IFNAME={0x14, 0x3, 'xfrm0\x00'}]}, 0x50}}, 0x0)

109.572058ms ago: executing program 3 (id=13561):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
lsm_get_self_attr(0x64, 0x0, &(0x7f0000001280)=0x38, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0xfffffffffffffffc, &(0x7f00000002c0)={<r2=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000380)={0xe, 0x18, 0xfa00, @id_afonly={0x0, r2, 0x0, 0x2, 0x2}}, 0x20)

47.880759ms ago: executing program 3 (id=13562):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="1c00000e"], 0xf)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r4 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$restrict_keyring(0xa, r4, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='dd:cb2e')
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000002304e800000000000000ea850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='netlink_extack\x00', r5}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0xfffffffffffffe3c, 0x0, 0x40f00, 0xaf, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ffd}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
r7 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x2000)
r8 = fcntl$dupfd(r7, 0x0, r7)
ioctl$SG_IO(r8, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffe, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x300, 0x0, 0x0, 0x0})
r9 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x38, 0x1403, 0x1, 0x70bd29, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'veth0_to_bridge\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x8081}, 0x20000010)

0s ago: executing program 1 (id=13563):
r0 = perf_event_open(&(0x7f0000000340)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x67a, 0x1, 0xfffffffe, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
recvfrom(r1, 0x0, 0x0, 0x100, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x40050)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r5, 0xffffffffffffffff, 0x100000000000000)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x66, &(0x7f00000003c0)={@link_local, @dev, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x8, 0x58, 0x67, 0x0, 0x5, 0x2f, 0x0, @local, @empty}, {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x880b, 0x0, 0x1}, {0x0, 0x0, 0x1, 0x1}, {0x1, 0x0, 0x0, 0x1}, {0x8, 0x88be, 0x0, {{0x5, 0x1, 0x7, 0x3, 0x0, 0x0, 0x6, 0xb}, 0x1, {0x38}}}, {0x8, 0x22eb, 0x4, {{0x3, 0x2, 0x6, 0x1, 0x0, 0x1, 0x3, 0x6}, 0x2, {0x7, 0x4, 0x0, 0x5, 0x0, 0x1, 0x2}}}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

0xe8/0x140
[  749.321365][T10700]  dump_stack+0x15/0x1b
[  749.321381][T10700]  should_fail_ex+0x265/0x280
[  749.321415][T10700]  should_failslab+0x8c/0xb0
[  749.321438][T10700]  kmem_cache_alloc_noprof+0x50/0x310
[  749.321506][T10700]  ? security_inode_alloc+0x37/0x100
[  749.321565][T10700]  security_inode_alloc+0x37/0x100
[  749.321677][T10700]  inode_init_always_gfp+0x4b7/0x500
[  749.321772][T10700]  ? __pfx_sock_alloc_inode+0x10/0x10
[  749.321845][T10700]  alloc_inode+0x58/0x170
[  749.321879][T10700]  __sock_create+0x122/0x5b0
[  749.321974][T10700]  ? avc_perm_nonode+0x82/0xe0
[  749.322011][T10700]  sock_create_kern+0x38/0x50
[  749.322037][T10700]  mptcp_subflow_create_socket+0x84/0x630
[  749.322072][T10700]  ? avc_has_perm_noaudit+0x156/0x200
[  749.322182][T10700]  __mptcp_nmpc_sk+0xb3/0x3b0
[  749.322288][T10700]  mptcp_connect+0x58/0x7e0
[  749.322318][T10700]  __inet_stream_connect+0x166/0x7e0
[  749.322359][T10700]  ? _raw_spin_unlock_bh+0x36/0x40
[  749.322439][T10700]  ? release_sock+0x116/0x150
[  749.322472][T10700]  ? _raw_spin_unlock_bh+0x36/0x40
[  749.322506][T10700]  ? lock_sock_nested+0x112/0x140
[  749.322651][T10700]  ? selinux_netlbl_socket_connect+0x115/0x130
[  749.322677][T10700]  inet_stream_connect+0x44/0x70
[  749.322707][T10700]  ? __pfx_inet_stream_connect+0x10/0x10
[  749.322798][T10700]  __sys_connect+0x1f2/0x2b0
[  749.322840][T10700]  __x64_sys_connect+0x3f/0x50
[  749.322876][T10700]  x64_sys_call+0x1daa/0x2fb0
[  749.322900][T10700]  do_syscall_64+0xd2/0x200
[  749.322994][T10700]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  749.323020][T10700]  ? clear_bhb_loop+0x40/0x90
[  749.323076][T10700]  ? clear_bhb_loop+0x40/0x90
[  749.323098][T10700]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  749.323118][T10700] RIP: 0033:0x7f06ca9de929
[  749.323133][T10700] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  749.323155][T10700] RSP: 002b:00007f06c9047038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  749.323201][T10700] RAX: ffffffffffffffda RBX: 00007f06cac05fa0 RCX: 00007f06ca9de929
[  749.323215][T10700] RDX: 000000000000001c RSI: 0000200000000040 RDI: 0000000000000006
[  749.323260][T10700] RBP: 00007f06c9047090 R08: 0000000000000000 R09: 0000000000000000
[  749.323276][T10700] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  749.323289][T10700] R13: 0000000000000000 R14: 00007f06cac05fa0 R15: 00007ffe0a0e80d8
[  749.323308][T10700]  </TASK>
[  749.323319][T10700] socket: no more sockets
[  749.775505][T10709] netlink: 4 bytes leftover after parsing attributes in process `syz.4.12543'.
[  749.809879][T10709] bridge0: port 2(bridge_slave_1) entered disabled state
[  749.832194][T10709] bridge_slave_1 (unregistering): left allmulticast mode
[  749.839340][T10709] bridge_slave_1 (unregistering): left promiscuous mode
[  749.846376][T10709] bridge0: port 2(bridge_slave_1) entered disabled state
[  750.030915][T10719] siw: device registration error -23
[  750.179479][T10730] bond6: entered promiscuous mode
[  750.179500][T10730] bond6: entered allmulticast mode
[  750.179656][T10730] 8021q: adding VLAN 0 to HW filter on device bond6
[  750.191986][T10730] bond6 (unregistering): Released all slaves
[  750.235639][T10733] lo speed is unknown, defaulting to 1000
[  750.577767][T10753] lo speed is unknown, defaulting to 1000
[  750.823374][T10758] siw: device registration error -23
[  751.126091][T28480] IPVS: starting estimator thread 0...
[  751.232134][T10769] IPVS: using max 2544 ests per chain, 127200 per kthread
[  751.259372][T10771] bond6: entered promiscuous mode
[  751.264636][T10771] bond6: entered allmulticast mode
[  751.308248][T10771] 8021q: adding VLAN 0 to HW filter on device bond6
[  751.364918][T10771] bond6 (unregistering): Released all slaves
[  751.437205][T10776] lo speed is unknown, defaulting to 1000
[  751.523169][T10779] netlink: 'syz.3.12568': attribute type 13 has an invalid length.
[  751.547324][   T29] kauditd_printk_skb: 145 callbacks suppressed
[  751.547342][   T29] audit: type=1400 audit(2000000008.339:41299): avc:  denied  { name_bind } for  pid=10780 comm="syz.0.12569" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1
[  751.579865][T10779] gretap0: refused to change device tx_queue_len
[  751.601620][T10779] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  751.923658][T10797] siw: device registration error -23
[  752.232863][T10810] lo speed is unknown, defaulting to 1000
[  752.254765][T10809] siw: device registration error -23
[  752.650585][T10817] lo speed is unknown, defaulting to 1000
[  752.683412][T10819] netlink: 12 bytes leftover after parsing attributes in process `syz.5.12584'.
[  752.796415][T10822] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12585'.
[  752.944967][T10833] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12589'.
[  752.968419][   T29] audit: type=1326 audit(2000000009.759:41300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10829 comm="syz.5.12588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e41be929 code=0x7ffc0000
[  753.005464][   T29] audit: type=1326 audit(2000000009.789:41301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10829 comm="syz.5.12588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=306 compat=0 ip=0x7f13e41be929 code=0x7ffc0000
[  753.029335][   T29] audit: type=1326 audit(2000000009.789:41302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10829 comm="syz.5.12588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e41be929 code=0x7ffc0000
[  753.053075][   T29] audit: type=1326 audit(2000000009.789:41303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10829 comm="syz.5.12588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e41be929 code=0x7ffc0000
[  753.076907][   T29] audit: type=1326 audit(2000000009.799:41304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10829 comm="syz.5.12588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=59 compat=0 ip=0x7f13e41be929 code=0x7ffc0000
[  753.100609][   T29] audit: type=1400 audit(2000000009.799:41305): avc:  denied  { execute } for  pid=10829 comm="syz.5.12588" name="file0" dev="tmpfs" ino=572 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  753.123227][   T29] audit: type=1400 audit(2000000009.799:41306): avc:  denied  { execute_no_trans } for  pid=10829 comm="syz.5.12588" path="/104/file0" dev="tmpfs" ino=572 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  753.147411][   T29] audit: type=1326 audit(2000000009.799:41307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10829 comm="syz.5.12588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e41be929 code=0x7ffc0000
[  753.171289][   T29] audit: type=1326 audit(2000000009.799:41308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10829 comm="syz.5.12588" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e41be929 code=0x7ffc0000
[  753.218860][T10834] siw: device registration error -23
[  753.276955][T10841] lo speed is unknown, defaulting to 1000
[  753.391675][T10847] netlink: 172 bytes leftover after parsing attributes in process `syz.3.12596'.
[  753.400897][T10847] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12596'.
[  753.492140][T10858] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  753.535899][T10856] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12598'.
[  753.545613][T10858] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  753.574192][T10856] bridge0: port 2(bridge_slave_1) entered disabled state
[  753.593426][T10856] bridge_slave_1 (unregistering): left allmulticast mode
[  753.600619][T10856] bridge_slave_1 (unregistering): left promiscuous mode
[  753.607681][T10856] bridge0: port 2(bridge_slave_1) entered disabled state
[  754.305626][T10877] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12602'.
[  754.336894][T10876] netlink: 'syz.1.12603': attribute type 1 has an invalid length.
[  754.338912][T10879] siw: device registration error -23
[  754.479023][T10883] siw: device registration error -23
[  754.494963][T10887] lo speed is unknown, defaulting to 1000
[  754.607894][T10894] netlink: 14 bytes leftover after parsing attributes in process `syz.5.12608'.
[  754.653901][T10891] lo speed is unknown, defaulting to 1000
[  754.752531][T10898] bond1: entered promiscuous mode
[  754.757673][T10898] bond1: entered allmulticast mode
[  754.814388][T10898] 8021q: adding VLAN 0 to HW filter on device bond1
[  754.849539][T10898] bond1 (unregistering): Released all slaves
[  754.904161][T10905] netlink: 148 bytes leftover after parsing attributes in process `syz.5.12611'.
[  754.978310][T10912] siw: device registration error -23
[  755.063171][T10919] FAULT_INJECTION: forcing a failure.
[  755.063171][T10919] name failslab, interval 1, probability 0, space 0, times 0
[  755.075942][T10919] CPU: 1 UID: 0 PID: 10919 Comm: syz.5.12616 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  755.076032][T10919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  755.076044][T10919] Call Trace:
[  755.076049][T10919]  <TASK>
[  755.076056][T10919]  __dump_stack+0x1d/0x30
[  755.076077][T10919]  dump_stack_lvl+0xe8/0x140
[  755.076093][T10919]  dump_stack+0x15/0x1b
[  755.076107][T10919]  should_fail_ex+0x265/0x280
[  755.076208][T10919]  should_failslab+0x8c/0xb0
[  755.076228][T10919]  kmem_cache_alloc_noprof+0x50/0x310
[  755.076274][T10919]  ? getname_flags+0x80/0x3b0
[  755.076294][T10919]  getname_flags+0x80/0x3b0
[  755.076368][T10919]  __x64_sys_link+0x33/0x70
[  755.076392][T10919]  x64_sys_call+0x2af9/0x2fb0
[  755.076461][T10919]  do_syscall_64+0xd2/0x200
[  755.076477][T10919]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  755.076500][T10919]  ? clear_bhb_loop+0x40/0x90
[  755.076518][T10919]  ? clear_bhb_loop+0x40/0x90
[  755.076565][T10919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  755.076584][T10919] RIP: 0033:0x7f13e41be929
[  755.076598][T10919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  755.076675][T10919] RSP: 002b:00007f13e2827038 EFLAGS: 00000246 ORIG_RAX: 0000000000000056
[  755.076768][T10919] RAX: ffffffffffffffda RBX: 00007f13e43e5fa0 RCX: 00007f13e41be929
[  755.076780][T10919] RDX: 0000000000000000 RSI: 0000200000000740 RDI: 0000200000000200
[  755.076791][T10919] RBP: 00007f13e2827090 R08: 0000000000000000 R09: 0000000000000000
[  755.076802][T10919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  755.076813][T10919] R13: 0000000000000000 R14: 00007f13e43e5fa0 R15: 00007ffddf6360b8
[  755.076840][T10919]  </TASK>
[  755.299090][T10925] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12617'.
[  755.354229][T10929] netlink: 14 bytes leftover after parsing attributes in process `syz.4.12620'.
[  755.363452][T10925] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  755.370914][T10925] batman_adv: batadv0: Removing interface: batadv_slave_0
[  755.386616][T10925] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  755.394289][T10925] batman_adv: batadv0: Removing interface: batadv_slave_1
[  755.454107][T10933] bond4: entered promiscuous mode
[  755.459350][T10933] bond4: entered allmulticast mode
[  755.465474][T10933] 8021q: adding VLAN 0 to HW filter on device bond4
[  755.562069][T10933] bond4 (unregistering): Released all slaves
[  755.576193][T10931] veth1_to_bond: entered allmulticast mode
[  755.584823][T10931] veth1_to_bond: entered promiscuous mode
[  755.593110][T10939] lo speed is unknown, defaulting to 1000
[  755.602152][T10931] veth1_to_bond: left promiscuous mode
[  755.607793][T10931] veth1_to_bond: left allmulticast mode
[  755.690847][T10946] lo speed is unknown, defaulting to 1000
[  756.065408][T10945] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12624'.
[  756.073953][T10953] netlink: 96 bytes leftover after parsing attributes in process `syz.0.12626'.
[  756.083877][T10953] 8021q: VLANs not supported on sit0
[  756.130259][T10957] bond6: entered promiscuous mode
[  756.135394][T10957] bond6: entered allmulticast mode
[  756.140745][T10957] 8021q: adding VLAN 0 to HW filter on device bond6
[  756.151632][T10957] bond6 (unregistering): Released all slaves
[  756.189461][T10955] lo speed is unknown, defaulting to 1000
[  756.530435][T10979] siw: device registration error -23
[  756.579463][T10980] lo speed is unknown, defaulting to 1000
[  756.653736][T10968] veth1_to_bond: entered allmulticast mode
[  756.660451][T10968] veth1_to_bond: entered promiscuous mode
[  756.668408][T10968] veth1_to_bond: left promiscuous mode
[  756.674163][T10968] veth1_to_bond: left allmulticast mode
[  756.700753][T10985] netlink: 'syz.0.12635': attribute type 37 has an invalid length.
[  756.711467][   T29] kauditd_printk_skb: 298 callbacks suppressed
[  756.711481][   T29] audit: type=1400 audit(2000000013.509:41607): avc:  denied  { bind } for  pid=10974 comm="syz.0.12635" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  756.737388][   T29] audit: type=1400 audit(2000000013.509:41608): avc:  denied  { name_bind } for  pid=10974 comm="syz.0.12635" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  756.759476][   T29] audit: type=1400 audit(2000000013.509:41609): avc:  denied  { node_bind } for  pid=10974 comm="syz.0.12635" saddr=::1 src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=sctp_socket permissive=1
[  756.781446][   T29] audit: type=1400 audit(2000000013.509:41610): avc:  denied  { write } for  pid=10974 comm="syz.0.12635" laddr=::1 lport=20003 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  757.018836][T10990] IPv6: Can't replace route, no match found
[  757.030686][   T29] audit: type=1326 audit(2000000013.809:41611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10988 comm="syz.4.12637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271823e929 code=0x7ffc0000
[  757.054571][   T29] audit: type=1326 audit(2000000013.809:41612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10988 comm="syz.4.12637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271823e929 code=0x7ffc0000
[  757.078351][   T29] audit: type=1326 audit(2000000013.809:41613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10988 comm="syz.4.12637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f271823e929 code=0x7ffc0000
[  757.102187][   T29] audit: type=1326 audit(2000000013.809:41614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10988 comm="syz.4.12637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271823e929 code=0x7ffc0000
[  757.126023][   T29] audit: type=1326 audit(2000000013.809:41615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10988 comm="syz.4.12637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271823e929 code=0x7ffc0000
[  757.149775][   T29] audit: type=1326 audit(2000000013.809:41616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10988 comm="syz.4.12637" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f271823e929 code=0x7ffc0000
[  757.327206][T10989] bond1: entered promiscuous mode
[  757.332346][T10989] bond1: entered allmulticast mode
[  757.348411][T10989] 8021q: adding VLAN 0 to HW filter on device bond1
[  757.374400][T10989] bond1 (unregistering): Released all slaves
[  757.475512][T11003] siw: device registration error -23
[  757.593312][T11004] lo speed is unknown, defaulting to 1000
[  757.699549][T11007] loop0: detected capacity change from 0 to 1024
[  757.998808][T11022] lo speed is unknown, defaulting to 1000
[  758.360740][T11025] hsr_slave_0 (unregistering): left promiscuous mode
[  758.442589][T11018] veth1_to_bond: entered allmulticast mode
[  758.442735][T11018] veth1_to_bond: entered promiscuous mode
[  758.455746][T11018] veth1_to_bond: left promiscuous mode
[  758.461559][T11018] veth1_to_bond: left allmulticast mode
[  758.631551][T11031] loop0: detected capacity change from 0 to 1024
[  758.698074][T11035] 8021q: adding VLAN 0 to HW filter on device bond4
[  758.799183][T11042] bond2: entered promiscuous mode
[  758.804496][T11042] bond2: entered allmulticast mode
[  758.910300][T11042] 8021q: adding VLAN 0 to HW filter on device bond2
[  758.934971][T11042] bond2 (unregistering): Released all slaves
[  759.105187][T11035] bond4: (slave gretap1): Enslaving as an active interface with an up link
[  759.135119][T11048] lo speed is unknown, defaulting to 1000
[  759.190469][T11046] lo speed is unknown, defaulting to 1000
[  759.229180][T11055] lo speed is unknown, defaulting to 1000
[  759.471994][T11065] lo speed is unknown, defaulting to 1000
[  759.536032][T11063] infiniband syz!: set active
[  759.540791][T11063] infiniband syz!: added team_slave_0
[  759.574995][T11063] RDS/IB: syz!: added
[  759.585560][T11063] smc: adding ib device syz! with port count 1
[  759.600072][T11063] smc:    ib device syz! port 1 has pnetid 
[  759.689054][T11073] lo speed is unknown, defaulting to 1000
[  759.912938][T11079] lo speed is unknown, defaulting to 1000
[  760.666620][T11090] loop0: detected capacity change from 0 to 1024
[  760.681635][T11089] 8021q: adding VLAN 0 to HW filter on device bond1
[  760.727003][T11090] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  760.891767][T11099] __nla_validate_parse: 3 callbacks suppressed
[  760.891785][T11099] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12665'.
[  760.929072][T11089] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  760.971756][ T7626] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  761.238130][T11083] siw: device registration error -23
[  761.243891][T11103] siw: device registration error -23
[  761.249364][T11109] siw: device registration error -23
[  761.298708][T11111] netlink: 14 bytes leftover after parsing attributes in process `syz.5.12670'.
[  761.320045][T11096] veth1_to_bond: entered allmulticast mode
[  761.331034][T11104] veth1_to_bond: entered promiscuous mode
[  761.351248][T11096] veth1_to_bond: left promiscuous mode
[  761.356834][T11096] veth1_to_bond: left allmulticast mode
[  761.410914][T11116] vcan0: tx drop: invalid da for name 0x00000000000000f0
[  761.418440][T11113] lo speed is unknown, defaulting to 1000
[  761.566126][T11122] netlink: 14 bytes leftover after parsing attributes in process `syz.5.12674'.
[  762.029516][T11130] lo speed is unknown, defaulting to 1000
[  762.686343][T11143] siw: device registration error -23
[  762.821946][T11152] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12685'.
[  762.886465][T11152] hsr_slave_0 (unregistering): left promiscuous mode
[  763.061577][T11157] lo speed is unknown, defaulting to 1000
[  763.170988][T11145] veth1_to_bond: entered allmulticast mode
[  763.191623][T11145] veth1_to_bond: entered promiscuous mode
[  763.210761][T11145] veth1_to_bond: left promiscuous mode
[  763.216566][T11145] veth1_to_bond: left allmulticast mode
[  763.337193][T11154] veth1_to_bond: entered allmulticast mode
[  763.353974][   T29] kauditd_printk_skb: 61 callbacks suppressed
[  763.353987][   T29] audit: type=1326 audit(2000000020.149:41678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11170 comm="syz.1.12691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  763.395906][T11154] veth1_to_bond: entered promiscuous mode
[  763.411982][T11154] veth1_to_bond: left promiscuous mode
[  763.417718][T11154] veth1_to_bond: left allmulticast mode
[  763.451085][   T29] audit: type=1326 audit(2000000020.179:41679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11170 comm="syz.1.12691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  763.474786][   T29] audit: type=1326 audit(2000000020.179:41680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11170 comm="syz.1.12691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  763.498535][   T29] audit: type=1326 audit(2000000020.179:41681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11170 comm="syz.1.12691" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  763.725745][T11181] veth1_to_bond: entered allmulticast mode
[  763.748461][T11181] veth1_to_bond: entered promiscuous mode
[  763.749019][T11181] veth1_to_bond: left promiscuous mode
[  763.749071][T11181] veth1_to_bond: left allmulticast mode
[  763.799069][T11183] Falling back ldisc for ttyS3.
[  764.246000][T11193] siw: device registration error -23
[  764.606304][T11186] veth1_to_bond: entered allmulticast mode
[  764.606426][T11186] veth1_to_bond: entered promiscuous mode
[  764.607346][T11186] veth1_to_bond: left promiscuous mode
[  764.607460][T11186] veth1_to_bond: left allmulticast mode
[  764.716661][T11204] lo speed is unknown, defaulting to 1000
[  764.716661][T11203] loop0: detected capacity change from 0 to 1024
[  764.936897][   T29] audit: type=1326 audit(2000000021.729:41682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11208 comm="syz.5.12704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f13e41b58e7 code=0x7ffc0000
[  764.960753][   T29] audit: type=1326 audit(2000000021.729:41683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11208 comm="syz.5.12704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f13e415ab19 code=0x7ffc0000
[  764.984577][   T29] audit: type=1326 audit(2000000021.729:41684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11208 comm="syz.5.12704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f13e41b58e7 code=0x7ffc0000
[  765.008301][   T29] audit: type=1326 audit(2000000021.729:41685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11208 comm="syz.5.12704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f13e415ab19 code=0x7ffc0000
[  765.032000][   T29] audit: type=1326 audit(2000000021.729:41686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11208 comm="syz.5.12704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e41be929 code=0x7ffc0000
[  765.055787][   T29] audit: type=1326 audit(2000000021.729:41687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11208 comm="syz.5.12704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13e41be929 code=0x7ffc0000
[  765.112539][T11207] lo speed is unknown, defaulting to 1000
[  765.306555][T11217] netlink: 14 bytes leftover after parsing attributes in process `syz.5.12706'.
[  765.354306][T11215] lo speed is unknown, defaulting to 1000
[  765.436569][T11219] siw: device registration error -23
[  765.678055][T11233] siw: device registration error -23
[  765.773527][T11234] lo speed is unknown, defaulting to 1000
[  765.992649][T11242] lo speed is unknown, defaulting to 1000
[  766.187241][T11242] netlink: 24 bytes leftover after parsing attributes in process `syz.3.12713'.
[  766.855325][T11258] bond6: entered promiscuous mode
[  766.860489][T11258] bond6: entered allmulticast mode
[  766.887858][T11258] 8021q: adding VLAN 0 to HW filter on device bond6
[  766.907140][T11258] bond6 (unregistering): Released all slaves
[  766.959721][T11263] siw: device registration error -23
[  767.162943][T11277] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12726'.
[  767.178450][T11277] hsr_slave_0 (unregistering): left promiscuous mode
[  767.204452][T11265] veth1_to_bond: entered allmulticast mode
[  767.218887][T11265] veth1_to_bond: entered promiscuous mode
[  767.228753][T11265] veth1_to_bond: left promiscuous mode
[  767.234507][T11265] veth1_to_bond: left allmulticast mode
[  767.256693][T11280] netlink: 14 bytes leftover after parsing attributes in process `syz.4.12727'.
[  767.499470][T11285] 8021q: adding VLAN 0 to HW filter on device bond6
[  767.533800][T11298] bond2: entered promiscuous mode
[  767.538953][T11298] bond2: entered allmulticast mode
[  767.544385][T11298] 8021q: adding VLAN 0 to HW filter on device bond2
[  767.559790][T11298] bond2 (unregistering): Released all slaves
[  767.624647][T11302] lo speed is unknown, defaulting to 1000
[  767.777965][T11312] siw: device registration error -23
[  768.018916][T11314] veth1_to_bond: entered allmulticast mode
[  768.025389][T11314] veth1_to_bond: entered promiscuous mode
[  768.034014][T11314] veth1_to_bond: left promiscuous mode
[  768.039658][T11314] veth1_to_bond: left allmulticast mode
[  768.133250][T11342] netlink: 'syz.5.12749': attribute type 4 has an invalid length.
[  768.291535][T11353] SELinux:  policydb magic number 0x6 does not match expected magic number 0xf97cff8c
[  768.320174][T11353] SELinux: failed to load policy
[  768.329299][T11347] wireguard0: entered promiscuous mode
[  768.335779][T11342] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12749'.
[  768.352524][T11348] lo speed is unknown, defaulting to 1000
[  768.352615][T11352] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12752'.
[  768.413908][T11356] siw: device registration error -23
[  768.423342][   T29] kauditd_printk_skb: 182 callbacks suppressed
[  768.423356][   T29] audit: type=1326 audit(2000000025.219:41870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11351 comm="syz.0.12752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f95096958e7 code=0x7ffc0000
[  768.460566][   T29] audit: type=1326 audit(2000000025.249:41871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11351 comm="syz.0.12752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f950963ab19 code=0x7ffc0000
[  768.484230][   T29] audit: type=1326 audit(2000000025.249:41872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11351 comm="syz.0.12752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f95096958e7 code=0x7ffc0000
[  768.508292][   T29] audit: type=1326 audit(2000000025.249:41873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11351 comm="syz.0.12752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f950963ab19 code=0x7ffc0000
[  768.531970][   T29] audit: type=1326 audit(2000000025.249:41874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11351 comm="syz.0.12752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f95096958e7 code=0x7ffc0000
[  768.555642][   T29] audit: type=1326 audit(2000000025.249:41875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11351 comm="syz.0.12752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f950963ab19 code=0x7ffc0000
[  768.579249][   T29] audit: type=1326 audit(2000000025.249:41876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11351 comm="syz.0.12752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f95096958e7 code=0x7ffc0000
[  768.602973][   T29] audit: type=1326 audit(2000000025.249:41877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11351 comm="syz.0.12752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f950963ab19 code=0x7ffc0000
[  768.626616][   T29] audit: type=1326 audit(2000000025.249:41878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11351 comm="syz.0.12752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f95096958e7 code=0x7ffc0000
[  768.650309][   T29] audit: type=1326 audit(2000000025.249:41879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11351 comm="syz.0.12752" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f950963ab19 code=0x7ffc0000
[  768.748036][T11361] siw: device registration error -23
[  768.825558][T11363] lo speed is unknown, defaulting to 1000
[  768.999259][T11376] netlink: 14 bytes leftover after parsing attributes in process `syz.1.12761'.
[  769.041857][T11379] xt_connbytes: Forcing CT accounting to be enabled
[  769.049256][T11379] Cannot find set identified by id 0 to match
[  769.278055][T11388] lo speed is unknown, defaulting to 1000
[  769.378733][T11392] siw: device registration error -23
[  769.410068][T11397] siw: device registration error -23
[  769.426222][T11399] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  769.523303][T11403] netlink: 14 bytes leftover after parsing attributes in process `syz.0.12771'.
[  769.815043][T11410] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[  769.856459][T11413] lo speed is unknown, defaulting to 1000
[  770.081217][T11417] siw: device registration error -23
[  770.300282][T11429] bond1: entered promiscuous mode
[  770.300323][T11429] bond1: entered allmulticast mode
[  770.300531][T11429] 8021q: adding VLAN 0 to HW filter on device bond1
[  770.322856][T11429] bond1 (unregistering): Released all slaves
[  770.479302][T11437] bond5: entered promiscuous mode
[  770.479320][T11437] bond5: entered allmulticast mode
[  770.479519][T11437] 8021q: adding VLAN 0 to HW filter on device bond5
[  770.488150][T11437] bond5 (unregistering): Released all slaves
[  770.659885][T11444] netlink: 'syz.5.12784': attribute type 1 has an invalid length.
[  770.671150][T11444] 8021q: adding VLAN 0 to HW filter on device bond5
[  770.773864][T11447] netlink: 14 bytes leftover after parsing attributes in process `syz.5.12785'.
[  770.857315][T11451] siw: device registration error -23
[  771.055764][T11463] lo speed is unknown, defaulting to 1000
[  771.165314][T11466] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12792'.
[  771.238832][T11459] veth1_to_bond: entered allmulticast mode
[  771.267254][T11473] lo speed is unknown, defaulting to 1000
[  771.267852][T11459] veth1_to_bond: entered promiscuous mode
[  771.280686][T11459] veth1_to_bond: left promiscuous mode
[  771.286365][T11459] veth1_to_bond: left allmulticast mode
[  771.469176][T11485] netlink: 14 bytes leftover after parsing attributes in process `syz.0.12798'.
[  771.483774][T11483] bond6: entered promiscuous mode
[  771.488874][T11483] bond6: entered allmulticast mode
[  771.514907][T11483] 8021q: adding VLAN 0 to HW filter on device bond6
[  771.552249][T11483] bond6 (unregistering): Released all slaves
[  771.760746][T11499] lo speed is unknown, defaulting to 1000
[  771.802617][T11501] netlink: 14 bytes leftover after parsing attributes in process `syz.0.12803'.
[  771.944801][T11504] lo speed is unknown, defaulting to 1000
[  772.244561][T11514] siw: device registration error -23
[  772.296727][T11516] loop0: detected capacity change from 0 to 1024
[  772.599182][T11528] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12814'.
[  772.618766][T11532] netlink: 4 bytes leftover after parsing attributes in process `syz.4.12812'.
[  772.823236][T11538] lo speed is unknown, defaulting to 1000
[  772.844469][T11543] netlink: 14 bytes leftover after parsing attributes in process `syz.3.12819'.
[  772.955739][T11549] netlink: 14 bytes leftover after parsing attributes in process `syz.0.12821'.
[  773.059778][T11520] veth1_to_bond: entered allmulticast mode
[  773.092688][T11520] veth1_to_bond: entered promiscuous mode
[  773.119282][T11520] veth1_to_bond: left promiscuous mode
[  773.124899][T11520] veth1_to_bond: left allmulticast mode
[  773.358140][T11556] siw: device registration error -23
[  773.658746][T11566] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12826'.
[  773.704791][T11572] netlink: 40 bytes leftover after parsing attributes in process `syz.3.12829'.
[  773.732508][   T29] kauditd_printk_skb: 176 callbacks suppressed
[  773.732523][   T29] audit: type=1326 audit(2000000030.529:42056): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11571 comm="syz.3.12829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  773.784996][T11577] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12831'.
[  773.806241][T11574] bond6: entered promiscuous mode
[  773.806330][T11574] bond6: entered allmulticast mode
[  773.806500][T11574] 8021q: adding VLAN 0 to HW filter on device bond6
[  773.809692][T11574] bond6 (unregistering): Released all slaves
[  773.884110][T11581] netlink: 4 bytes leftover after parsing attributes in process `syz.4.12832'.
[  773.890757][   T29] audit: type=1326 audit(2000000030.559:42057): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11571 comm="syz.3.12829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  773.890907][   T29] audit: type=1326 audit(2000000030.559:42058): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11571 comm="syz.3.12829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  773.890937][   T29] audit: type=1326 audit(2000000030.559:42059): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11571 comm="syz.3.12829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  773.890967][   T29] audit: type=1326 audit(2000000030.569:42060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11571 comm="syz.3.12829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  773.891012][   T29] audit: type=1326 audit(2000000030.569:42061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11571 comm="syz.3.12829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  773.891043][   T29] audit: type=1326 audit(2000000030.569:42062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11571 comm="syz.3.12829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  773.891073][   T29] audit: type=1326 audit(2000000030.569:42063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11571 comm="syz.3.12829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  773.891154][   T29] audit: type=1326 audit(2000000030.569:42064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11571 comm="syz.3.12829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  773.891184][   T29] audit: type=1326 audit(2000000030.569:42065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11571 comm="syz.3.12829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  774.341535][T11585] lo speed is unknown, defaulting to 1000
[  774.507463][T11593] hsr_slave_0: left promiscuous mode
[  774.511528][T11593] hsr_slave_1: left promiscuous mode
[  774.579907][T11593] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  774.579907][T11593]    program +}[@ not setting count and/or reply_len properly
[  774.830238][T11604] siw: device registration error -23
[  774.883719][T11596] veth1_to_bond: entered allmulticast mode
[  774.904529][T11596] veth1_to_bond: entered promiscuous mode
[  774.924769][T11596] veth1_to_bond: left promiscuous mode
[  774.930381][T11596] veth1_to_bond: left allmulticast mode
[  774.950229][T11618] lo speed is unknown, defaulting to 1000
[  775.049358][T11623] bond6: entered promiscuous mode
[  775.054469][T11623] bond6: entered allmulticast mode
[  775.084282][T11623] 8021q: adding VLAN 0 to HW filter on device bond6
[  775.117542][T11623] bond6 (unregistering): Released all slaves
[  775.271335][T11616] veth1_to_bond: entered allmulticast mode
[  775.330950][T11616] veth1_to_bond: entered promiscuous mode
[  775.351782][T11616] veth1_to_bond: left promiscuous mode
[  775.351858][T11616] veth1_to_bond: left allmulticast mode
[  776.606315][T11683] lo speed is unknown, defaulting to 1000
[  777.081791][T11664] xt_CT: You must specify a L4 protocol and not use inversions on it
[  777.381781][T11702] __nla_validate_parse: 10 callbacks suppressed
[  777.381797][T11702] netlink: 4 bytes leftover after parsing attributes in process `syz.4.12872'.
[  777.608968][T11710] siw: device registration error -23
[  777.690573][T11719] lo speed is unknown, defaulting to 1000
[  778.054807][T11725] loop0: detected capacity change from 0 to 1024
[  778.155804][T11717] veth1_to_bond: entered allmulticast mode
[  778.162003][T11717] veth1_to_bond: entered promiscuous mode
[  778.168882][T11717] veth1_to_bond: left promiscuous mode
[  778.174474][T11717] veth1_to_bond: left allmulticast mode
[  778.184727][T11733] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12879'.
[  778.219943][T11733] hsr_slave_0 (unregistering): left promiscuous mode
[  778.470583][T11741] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12883'.
[  778.645867][T11755] siw: device registration error -23
[  778.780971][   T29] kauditd_printk_skb: 182 callbacks suppressed
[  778.780986][   T29] audit: type=1326 audit(2000000035.569:42248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11760 comm="syz.1.12890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f06ca9d58e7 code=0x7ffc0000
[  778.781173][   T29] audit: type=1326 audit(2000000035.579:42249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11760 comm="syz.1.12890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f06ca97ab19 code=0x7ffc0000
[  778.781377][   T29] audit: type=1326 audit(2000000035.579:42250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11760 comm="syz.1.12890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f06ca9d58e7 code=0x7ffc0000
[  778.781528][   T29] audit: type=1326 audit(2000000035.579:42251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11760 comm="syz.1.12890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f06ca97ab19 code=0x7ffc0000
[  778.789159][   T29] audit: type=1326 audit(2000000035.579:42252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11760 comm="syz.1.12890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  778.789197][   T29] audit: type=1326 audit(2000000035.579:42253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11760 comm="syz.1.12890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  778.794219][   T29] audit: type=1326 audit(2000000035.589:42254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11760 comm="syz.1.12890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  778.794248][   T29] audit: type=1326 audit(2000000035.589:42255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11760 comm="syz.1.12890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  778.794334][   T29] audit: type=1326 audit(2000000035.589:42256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11760 comm="syz.1.12890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  778.797005][   T29] audit: type=1326 audit(2000000035.589:42257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11760 comm="syz.1.12890" exe="/root/syz-executor" sig=0 arch=c000003e syscall=131 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  779.214233][T11783] FAULT_INJECTION: forcing a failure.
[  779.214233][T11783] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  779.214284][T11783] CPU: 1 UID: 0 PID: 11783 Comm: syz.1.12898 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  779.214316][T11783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  779.214460][T11783] Call Trace:
[  779.214466][T11783]  <TASK>
[  779.214473][T11783]  __dump_stack+0x1d/0x30
[  779.214500][T11783]  dump_stack_lvl+0xe8/0x140
[  779.214524][T11783]  dump_stack+0x15/0x1b
[  779.214545][T11783]  should_fail_ex+0x265/0x280
[  779.214696][T11783]  should_fail+0xb/0x20
[  779.214725][T11783]  should_fail_usercopy+0x1a/0x20
[  779.214800][T11783]  _copy_from_user+0x1c/0xb0
[  779.214869][T11783]  ___sys_sendmsg+0xc1/0x1d0
[  779.214966][T11783]  __x64_sys_sendmsg+0xd4/0x160
[  779.215010][T11783]  x64_sys_call+0x2999/0x2fb0
[  779.215038][T11783]  do_syscall_64+0xd2/0x200
[  779.215111][T11783]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  779.215141][T11783]  ? clear_bhb_loop+0x40/0x90
[  779.215163][T11783]  ? clear_bhb_loop+0x40/0x90
[  779.215186][T11783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  779.215230][T11783] RIP: 0033:0x7f06ca9de929
[  779.215247][T11783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  779.215265][T11783] RSP: 002b:00007f06c9047038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  779.215283][T11783] RAX: ffffffffffffffda RBX: 00007f06cac05fa0 RCX: 00007f06ca9de929
[  779.215319][T11783] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  779.215335][T11783] RBP: 00007f06c9047090 R08: 0000000000000000 R09: 0000000000000000
[  779.215350][T11783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  779.215366][T11783] R13: 0000000000000000 R14: 00007f06cac05fa0 R15: 00007ffe0a0e80d8
[  779.215448][T11783]  </TASK>
[  779.360485][T11790] loop0: detected capacity change from 0 to 1024
[  779.486906][T11792] lo speed is unknown, defaulting to 1000
[  779.708049][T11803] loop0: detected capacity change from 0 to 512
[  779.715085][T11803] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  779.725662][T11803] EXT4-fs error (device loop0): ext4_get_branch:178: inode #11: block 4294967295: comm syz.0.12905: invalid block
[  779.738725][T11803] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.12905: invalid indirect mapped block 4294967295 (level 1)
[  779.753724][T11803] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.12905: invalid indirect mapped block 4294967295 (level 1)
[  779.784440][T11803] EXT4-fs (loop0): 2 truncates cleaned up
[  779.790742][T11803] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  779.812425][T11807] FAULT_INJECTION: forcing a failure.
[  779.812425][T11807] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  779.825593][T11807] CPU: 0 UID: 0 PID: 11807 Comm: syz.4.12906 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  779.825628][T11807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  779.825645][T11807] Call Trace:
[  779.825653][T11807]  <TASK>
[  779.825662][T11807]  __dump_stack+0x1d/0x30
[  779.825702][T11807]  dump_stack_lvl+0xe8/0x140
[  779.825795][T11807]  dump_stack+0x15/0x1b
[  779.825817][T11807]  should_fail_ex+0x265/0x280
[  779.825923][T11807]  should_fail+0xb/0x20
[  779.825976][T11807]  should_fail_usercopy+0x1a/0x20
[  779.826047][T11807]  _copy_from_user+0x1c/0xb0
[  779.826068][T11807]  ___sys_sendmsg+0xc1/0x1d0
[  779.826131][T11807]  __x64_sys_sendmsg+0xd4/0x160
[  779.826298][T11807]  x64_sys_call+0x2999/0x2fb0
[  779.826366][T11807]  do_syscall_64+0xd2/0x200
[  779.826385][T11807]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  779.826469][T11807]  ? clear_bhb_loop+0x40/0x90
[  779.826497][T11807]  ? clear_bhb_loop+0x40/0x90
[  779.826586][T11807]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  779.826614][T11807] RIP: 0033:0x7f271823e929
[  779.826702][T11807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  779.826761][T11807] RSP: 002b:00007f27168a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  779.826786][T11807] RAX: ffffffffffffffda RBX: 00007f2718465fa0 RCX: 00007f271823e929
[  779.826867][T11807] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  779.826884][T11807] RBP: 00007f27168a7090 R08: 0000000000000000 R09: 0000000000000000
[  779.826900][T11807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  779.826916][T11807] R13: 0000000000000000 R14: 00007f2718465fa0 R15: 00007ffe434a0838
[  779.826941][T11807]  </TASK>
[  779.828540][T11803] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm syz.0.12905: bg 0: block 5: invalid block bitmap
[  780.036816][ T7626] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  780.057553][T11812] FAULT_INJECTION: forcing a failure.
[  780.057553][T11812] name failslab, interval 1, probability 0, space 0, times 0
[  780.070230][T11812] CPU: 1 UID: 0 PID: 11812 Comm: syz.3.12908 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  780.070295][T11812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  780.070376][T11812] Call Trace:
[  780.070383][T11812]  <TASK>
[  780.070390][T11812]  __dump_stack+0x1d/0x30
[  780.070415][T11812]  dump_stack_lvl+0xe8/0x140
[  780.070439][T11812]  dump_stack+0x15/0x1b
[  780.070459][T11812]  should_fail_ex+0x265/0x280
[  780.070499][T11812]  should_failslab+0x8c/0xb0
[  780.070627][T11812]  kmem_cache_alloc_noprof+0x50/0x310
[  780.070660][T11812]  ? audit_log_start+0x365/0x6c0
[  780.070738][T11812]  audit_log_start+0x365/0x6c0
[  780.070781][T11812]  audit_seccomp+0x48/0x100
[  780.070813][T11812]  ? __seccomp_filter+0x68c/0x10d0
[  780.070853][T11812]  __seccomp_filter+0x69d/0x10d0
[  780.070885][T11812]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  780.070927][T11812]  ? vfs_write+0x75e/0x8e0
[  780.070971][T11812]  __secure_computing+0x82/0x150
[  780.071014][T11812]  syscall_trace_enter+0xcf/0x1e0
[  780.071043][T11812]  do_syscall_64+0xac/0x200
[  780.071068][T11812]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  780.071097][T11812]  ? clear_bhb_loop+0x40/0x90
[  780.071121][T11812]  ? clear_bhb_loop+0x40/0x90
[  780.071146][T11812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  780.071246][T11812] RIP: 0033:0x7f5fa587e929
[  780.071263][T11812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  780.071285][T11812] RSP: 002b:00007f5fa3ee7038 EFLAGS: 00000246 ORIG_RAX: 000000000000014c
[  780.071302][T11812] RAX: ffffffffffffffda RBX: 00007f5fa5aa5fa0 RCX: 00007f5fa587e929
[  780.071314][T11812] RDX: 0000000000004000 RSI: 0000000000000000 RDI: ffffffffffffff9c
[  780.071325][T11812] RBP: 00007f5fa3ee7090 R08: 0000000000000000 R09: 0000000000000000
[  780.071336][T11812] R10: f1f168a864ced404 R11: 0000000000000246 R12: 0000000000000001
[  780.071346][T11812] R13: 0000000000000000 R14: 00007f5fa5aa5fa0 R15: 00007ffe1da7a558
[  780.071422][T11812]  </TASK>
[  780.367007][T11826] siw: device registration error -23
[  780.543805][T11835] netlink: 14 bytes leftover after parsing attributes in process `syz.3.12916'.
[  780.586907][T11833] lo speed is unknown, defaulting to 1000
[  781.034749][T11847] lo speed is unknown, defaulting to 1000
[  781.389810][T11858] netlink: 'syz.1.12925': attribute type 10 has an invalid length.
[  781.425600][T11858] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  781.447061][T11868] siw: device registration error -23
[  781.501772][T11872] netlink: 14 bytes leftover after parsing attributes in process `syz.5.12929'.
[  781.652065][T11885] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12931'.
[  781.842909][T11890] lo speed is unknown, defaulting to 1000
[  782.258768][T11894] lo speed is unknown, defaulting to 1000
[  782.343757][T11884] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  782.377619][T11906] siw: device registration error -23
[  782.404241][T11909] netlink: 188 bytes leftover after parsing attributes in process `syz.5.12940'.
[  782.665847][T11913] veth1_to_bond: entered allmulticast mode
[  782.691595][T11913] veth1_to_bond: entered promiscuous mode
[  782.709683][T11913] veth1_to_bond: left promiscuous mode
[  782.715303][T11913] veth1_to_bond: left allmulticast mode
[  782.777477][T11931] netlink: 14 bytes leftover after parsing attributes in process `syz.5.12947'.
[  782.839835][T11917] veth1_to_bond: entered allmulticast mode
[  782.846318][T11917] veth1_to_bond: entered promiscuous mode
[  782.852877][T11937] netlink: 14 bytes leftover after parsing attributes in process `syz.0.12950'.
[  782.853552][T11917] veth1_to_bond: left promiscuous mode
[  782.867788][T11917] veth1_to_bond: left allmulticast mode
[  783.164806][T11958] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12954'.
[  783.602902][T11974] lo speed is unknown, defaulting to 1000
[  783.679584][T11967] veth1_to_bond: entered allmulticast mode
[  783.679765][T11967] veth1_to_bond: entered promiscuous mode
[  783.680876][T11967] veth1_to_bond: left promiscuous mode
[  783.697065][T11967] veth1_to_bond: left allmulticast mode
[  783.697100][T11964] veth1_to_bond: entered allmulticast mode
[  783.697321][T11964] veth1_to_bond: entered promiscuous mode
[  783.716611][T11964] veth1_to_bond: left promiscuous mode
[  783.722280][T11964] veth1_to_bond: left allmulticast mode
[  783.825390][T11987] siw: device registration error -23
[  783.978504][T11992] netlink: 28 bytes leftover after parsing attributes in process `syz.4.12968'.
[  784.028909][T11994] netlink: 14 bytes leftover after parsing attributes in process `syz.3.12969'.
[  784.392763][T12000] netlink: 14 bytes leftover after parsing attributes in process `syz.4.12971'.
[  784.441531][T12002] siw: device registration error -23
[  784.580430][T12014] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12975'.
[  784.633962][T12012] netlink: 'syz.3.12975': attribute type 10 has an invalid length.
[  784.642033][T12012] netlink: 40 bytes leftover after parsing attributes in process `syz.3.12975'.
[  784.651674][T12017] netlink: 'syz.3.12975': attribute type 10 has an invalid length.
[  784.659609][T12017] netlink: 40 bytes leftover after parsing attributes in process `syz.3.12975'.
[  784.692395][T12017] team0: Port device geneve1 added
[  784.765438][   T29] kauditd_printk_skb: 291 callbacks suppressed
[  784.765454][   T29] audit: type=1326 audit(2000000041.559:42547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12024 comm="syz.0.12979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f950969e929 code=0x7ffc0000
[  784.765486][   T29] audit: type=1326 audit(2000000041.559:42548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12024 comm="syz.0.12979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f950969e929 code=0x7ffc0000
[  784.771303][   T29] audit: type=1326 audit(2000000041.559:42549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12024 comm="syz.0.12979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f950969e929 code=0x7ffc0000
[  784.869138][   T29] audit: type=1326 audit(2000000041.639:42550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12024 comm="syz.0.12979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f950969e929 code=0x7ffc0000
[  784.869232][   T29] audit: type=1326 audit(2000000041.659:42551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12024 comm="syz.0.12979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f950969e929 code=0x7ffc0000
[  784.869258][   T29] audit: type=1326 audit(2000000041.659:42552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12024 comm="syz.0.12979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f950969e929 code=0x7ffc0000
[  784.869283][   T29] audit: type=1326 audit(2000000041.659:42553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12024 comm="syz.0.12979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f950969e929 code=0x7ffc0000
[  784.869351][   T29] audit: type=1326 audit(2000000041.659:42554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12024 comm="syz.0.12979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f950969e929 code=0x7ffc0000
[  784.869414][   T29] audit: type=1326 audit(2000000041.659:42555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12024 comm="syz.0.12979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f950969e929 code=0x7ffc0000
[  784.869442][   T29] audit: type=1326 audit(2000000041.659:42556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12024 comm="syz.0.12979" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f950969e929 code=0x7ffc0000
[  784.919880][T12026] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[  784.921797][T12026] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[  785.075658][T12015] veth1_to_bond: entered allmulticast mode
[  785.075780][T12015] veth1_to_bond: entered promiscuous mode
[  785.076499][T12015] veth1_to_bond: left promiscuous mode
[  785.093893][T12015] veth1_to_bond: left allmulticast mode
[  785.144447][T12038] lo speed is unknown, defaulting to 1000
[  785.222768][T12042] vhci_hcd: invalid port number 96
[  785.222785][T12042] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  785.392557][T12050] lo speed is unknown, defaulting to 1000
[  785.871981][T12068] siw: device registration error -23
[  786.248723][T12074] lo speed is unknown, defaulting to 1000
[  786.446808][T12098] bond2: entered promiscuous mode
[  786.446825][T12098] bond2: entered allmulticast mode
[  786.446983][T12098] 8021q: adding VLAN 0 to HW filter on device bond2
[  786.460333][T12098] bond2 (unregistering): Released all slaves
[  786.698304][ T2959] IPVS: starting estimator thread 0...
[  786.780942][T12116] IPVS: using max 2784 ests per chain, 139200 per kthread
[  787.163499][T12137] bond2: entered promiscuous mode
[  787.168754][T12137] bond2: entered allmulticast mode
[  787.191039][T12137] 8021q: adding VLAN 0 to HW filter on device bond2
[  787.210173][T12137] bond2 (unregistering): Released all slaves
[  787.302341][T12143] siw: device registration error -23
[  787.530017][T12164] __nla_validate_parse: 11 callbacks suppressed
[  787.530037][T12164] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13023'.
[  787.572515][T12166] FAULT_INJECTION: forcing a failure.
[  787.572515][T12166] name failslab, interval 1, probability 0, space 0, times 0
[  787.585201][T12166] CPU: 1 UID: 0 PID: 12166 Comm: syz.1.13024 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  787.585258][T12166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  787.585269][T12166] Call Trace:
[  787.585275][T12166]  <TASK>
[  787.585282][T12166]  __dump_stack+0x1d/0x30
[  787.585304][T12166]  dump_stack_lvl+0xe8/0x140
[  787.585323][T12166]  dump_stack+0x15/0x1b
[  787.585348][T12166]  should_fail_ex+0x265/0x280
[  787.585380][T12166]  ? sf_setstate+0x188/0x300
[  787.585410][T12166]  should_failslab+0x8c/0xb0
[  787.585489][T12166]  __kmalloc_cache_noprof+0x4c/0x320
[  787.585556][T12166]  sf_setstate+0x188/0x300
[  787.585584][T12166]  ip_mc_del_src+0x31b/0x480
[  787.585605][T12166]  ? refill_obj_stock+0x254/0x2e0
[  787.585648][T12166]  ip_mc_drop_socket+0x145/0x1e0
[  787.585677][T12166]  inet_release+0x31/0xf0
[  787.585709][T12166]  sock_close+0x6b/0x150
[  787.585732][T12166]  ? __pfx_sock_close+0x10/0x10
[  787.585825][T12166]  __fput+0x298/0x650
[  787.585856][T12166]  ____fput+0x1c/0x30
[  787.585885][T12166]  task_work_run+0x12e/0x1a0
[  787.585989][T12166]  exit_to_user_mode_loop+0xe4/0x100
[  787.586010][T12166]  do_syscall_64+0x1d6/0x200
[  787.586027][T12166]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  787.586065][T12166]  ? clear_bhb_loop+0x40/0x90
[  787.586088][T12166]  ? clear_bhb_loop+0x40/0x90
[  787.586111][T12166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  787.586133][T12166] RIP: 0033:0x7f06ca9de929
[  787.586148][T12166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  787.586208][T12166] RSP: 002b:00007f06c9047038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  787.586225][T12166] RAX: 0000000000000000 RBX: 00007f06cac05fa0 RCX: 00007f06ca9de929
[  787.586235][T12166] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000006
[  787.586247][T12166] RBP: 00007f06c9047090 R08: 0000000000000000 R09: 0000000000000000
[  787.586261][T12166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  787.586347][T12166] R13: 0000000000000000 R14: 00007f06cac05fa0 R15: 00007ffe0a0e80d8
[  787.586367][T12166]  </TASK>
[  787.912270][T12171] random: crng reseeded on system resumption
[  787.917120][T12171] Restarting kernel threads ...
[  787.931222][T12171] Done restarting kernel threads.
[  787.932237][T12171] SELinux: security_context_str_to_sid (s) failed with errno=-22
[  787.933860][T12171] vhci_hcd: invalid port number 96
[  787.933891][T12171] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  788.056459][T12184] bond7: entered promiscuous mode
[  788.056482][T12184] bond7: entered allmulticast mode
[  788.056775][T12184] 8021q: adding VLAN 0 to HW filter on device bond7
[  788.082176][T12184] bond7 (unregistering): Released all slaves
[  788.196721][T12196] netlink: 40 bytes leftover after parsing attributes in process `syz.1.13033'.
[  788.215405][T12193] siw: device registration error -23
[  788.372831][T12182] veth1_to_bond: entered allmulticast mode
[  788.384547][T12213] netlink: 'syz.5.13036': attribute type 1 has an invalid length.
[  788.402841][T12213] bond6: entered promiscuous mode
[  788.421989][T12213] 8021q: adding VLAN 0 to HW filter on device bond6
[  788.466208][T12182] veth1_to_bond: entered promiscuous mode
[  788.466336][T12182] veth1_to_bond: left promiscuous mode
[  788.466397][T12182] veth1_to_bond: left allmulticast mode
[  788.487623][T12215] bond6: (slave bridge1): making interface the new active one
[  788.487648][T12215] bridge1: entered promiscuous mode
[  788.492515][T12215] bond6: (slave bridge1): Enslaving as an active interface with an up link
[  788.915280][T12231] lo speed is unknown, defaulting to 1000
[  789.064234][T12233] vhci_hcd: invalid port number 96
[  789.069435][T12233] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  789.256481][T12229] veth1_to_bond: entered allmulticast mode
[  789.270275][T12229] veth1_to_bond: entered promiscuous mode
[  789.277090][T12229] veth1_to_bond: left promiscuous mode
[  789.282681][T12229] veth1_to_bond: left allmulticast mode
[  789.309587][T12242] netlink: 14 bytes leftover after parsing attributes in process `syz.5.13042'.
[  789.368332][T12244] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13047'.
[  789.557954][T12258] netlink: 40 bytes leftover after parsing attributes in process `syz.3.13052'.
[  789.569812][T12257] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13051'.
[  789.594431][T12261] netlink: 40 bytes leftover after parsing attributes in process `syz.4.13053'.
[  789.630508][T12264] lo speed is unknown, defaulting to 1000
[  789.815699][T12270] lo speed is unknown, defaulting to 1000
[  789.888838][T12266] veth1_to_bond: entered allmulticast mode
[  789.894901][T12266] veth1_to_bond: entered promiscuous mode
[  789.901486][T12266] veth1_to_bond: left promiscuous mode
[  789.907089][T12266] veth1_to_bond: left allmulticast mode
[  789.923361][T12275] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13058'.
[  790.080933][   T29] kauditd_printk_skb: 171 callbacks suppressed
[  790.080977][   T29] audit: type=1400 audit(2000000046.849:42728): avc:  denied  { mount } for  pid=12279 comm="syz.4.13059" name="/" dev="configfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[  790.110315][   T29] audit: type=1400 audit(2000000046.859:42729): avc:  denied  { search } for  pid=12279 comm="syz.4.13059" name="/" dev="configfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  790.132767][   T29] audit: type=1400 audit(2000000046.859:42730): avc:  denied  { search } for  pid=12279 comm="syz.4.13059" name="/" dev="configfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  790.155514][   T29] audit: type=1400 audit(2000000046.859:42731): avc:  denied  { read open } for  pid=12279 comm="syz.4.13059" path="/" dev="configfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[  790.220657][   T29] audit: type=1326 audit(2000000047.009:42732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12291 comm="syz.1.13063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  790.244447][   T29] audit: type=1326 audit(2000000047.009:42733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12291 comm="syz.1.13063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  790.272507][   T29] audit: type=1326 audit(2000000047.009:42734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12291 comm="syz.1.13063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  790.296332][   T29] audit: type=1326 audit(2000000047.039:42735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12291 comm="syz.1.13063" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  790.345432][T12294] lo speed is unknown, defaulting to 1000
[  790.483391][   T29] audit: type=1400 audit(2000000047.279:42736): avc:  denied  { nlmsg_write } for  pid=12295 comm="syz.1.13064" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1
[  790.670153][T12299] netlink: 14 bytes leftover after parsing attributes in process `syz.3.13065'.
[  790.703144][T12302] netlink: 40 bytes leftover after parsing attributes in process `syz.4.13066'.
[  790.836779][T12304] bond2: entered promiscuous mode
[  790.842007][T12304] bond2: entered allmulticast mode
[  790.859196][T12304] 8021q: adding VLAN 0 to HW filter on device bond2
[  790.935653][T12308] FAULT_INJECTION: forcing a failure.
[  790.935653][T12308] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  790.937383][T12304] bond2 (unregistering): Released all slaves
[  790.948749][T12308] CPU: 0 UID: 0 PID: 12308 Comm: syz.5.13068 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  790.948783][T12308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  790.948798][T12308] Call Trace:
[  790.948805][T12308]  <TASK>
[  790.948814][T12308]  __dump_stack+0x1d/0x30
[  790.948919][T12308]  dump_stack_lvl+0xe8/0x140
[  790.948948][T12308]  dump_stack+0x15/0x1b
[  790.948972][T12308]  should_fail_ex+0x265/0x280
[  790.949017][T12308]  should_fail+0xb/0x20
[  790.949074][T12308]  should_fail_usercopy+0x1a/0x20
[  790.949119][T12308]  _copy_from_user+0x1c/0xb0
[  790.949148][T12308]  do_handle_open+0x296/0x650
[  790.949220][T12308]  __x64_sys_open_by_handle_at+0x44/0x50
[  790.949248][T12308]  x64_sys_call+0xaa0/0x2fb0
[  790.949277][T12308]  do_syscall_64+0xd2/0x200
[  790.949303][T12308]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  790.949341][T12308]  ? clear_bhb_loop+0x40/0x90
[  790.949447][T12308]  ? clear_bhb_loop+0x40/0x90
[  790.949477][T12308]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  790.949505][T12308] RIP: 0033:0x7f13e41be929
[  790.949563][T12308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  790.949629][T12308] RSP: 002b:00007f13e2827038 EFLAGS: 00000246 ORIG_RAX: 0000000000000130
[  790.949653][T12308] RAX: ffffffffffffffda RBX: 00007f13e43e5fa0 RCX: 00007f13e41be929
[  790.949672][T12308] RDX: 0200000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  790.949753][T12308] RBP: 00007f13e2827090 R08: 0000000000000000 R09: 0000000000000000
[  790.949771][T12308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  790.949787][T12308] R13: 0000000000000000 R14: 00007f13e43e5fa0 R15: 00007ffddf6360b8
[  790.949813][T12308]  </TASK>
[  791.302140][   T29] audit: type=1326 audit(2000000048.099:42737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12321 comm="syz.3.13073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  791.372592][T12325] siw: device registration error -23
[  791.381491][T12320] lo speed is unknown, defaulting to 1000
[  791.412647][ T9189] ------------[ cut here ]------------
[  791.418250][ T9189] RTNL: assertion failed at ./include/net/netdev_lock.h (72)
[  791.426495][ T9189] WARNING: CPU: 1 PID: 9189 at ./include/net/netdev_lock.h:72 __linkwatch_sync_dev+0x1f0/0x200
[  791.437025][ T9189] Modules linked in:
[  791.441131][ T9189] CPU: 1 UID: 0 PID: 9189 Comm: kworker/u8:60 Not tainted 6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  791.453948][ T9189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  791.464068][ T9189] Workqueue: bond0 bond_mii_monitor
[  791.469326][ T9189] RIP: 0010:__linkwatch_sync_dev+0x1f0/0x200
[  791.475409][ T9189] Code: e8 9b d3 86 e8 a1 81 22 fd c6 05 82 58 84 02 01 90 48 c7 c7 e2 9e 5b 86 48 c7 c6 a5 ca 46 86 ba 48 00 00 00 e8 e1 59 d2 fc 90 <0f> 0b 90 90 e9 d6 fe ff ff 0f 1f 80 00 00 00 00 90 90 90 90 90 90
[  791.495181][ T9189] RSP: 0018:ffffc90002d1fb70 EFLAGS: 00010246
[  791.501313][ T9189] RAX: a1a4e3fdf5605a00 RBX: ffff888125dc6000 RCX: ffff888113a130c0
[  791.509316][ T9189] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[  791.517401][ T9189] RBP: 0000000000000000 R08: 0001c90002d1f9ef R09: 0000000000000000
[  791.525417][ T9189] R10: 00000000ffffffff R11: 0000000000000000 R12: 0000000000000000
[  791.533443][ T9189] R13: ffffffff859288c0 R14: ffffffff859288c0 R15: 0000000000000000
[  791.541463][ T9189] FS:  0000000000000000(0000) GS:ffff8882aef30000(0000) knlGS:0000000000000000
[  791.550425][ T9189] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  791.557065][ T9189] CR2: 00002000000004c0 CR3: 000000010f4f0000 CR4: 00000000003506f0
[  791.565103][ T9189] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  791.566158][T12328] netlink: 'syz.0.13076': attribute type 10 has an invalid length.
[  791.573143][ T9189] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
[  791.573162][ T9189] Call Trace:
[  791.573169][ T9189]  <TASK>
[  791.573219][ T9189]  ? __pfx_ethtool_op_get_link+0x10/0x10
[  791.601092][ T9189]  ethtool_op_get_link+0x15/0x50
[  791.606065][ T9189]  bond_check_dev_link+0x292/0x430
[  791.611301][ T9189]  bond_mii_monitor+0x2da/0x1770
[  791.616318][ T9189]  ? irq_work_queue+0x9a/0x100
[  791.621156][ T9189]  ? __rcu_read_unlock+0x4f/0x70
[  791.626183][ T9189]  ? sysvec_irq_work+0xe/0x80
[  791.630967][ T9189]  ? _raw_spin_unlock+0x14/0x50
[  791.635923][ T9189]  ? sized_strscpy+0x121/0x1a0
[  791.640908][ T9189]  process_scheduled_works+0x4ce/0x9d0
[  791.646632][ T9189]  worker_thread+0x582/0x770
[  791.651379][ T9189]  kthread+0x486/0x510
[  791.655662][ T9189]  ? finish_task_switch+0xad/0x2b0
[  791.660821][ T9189]  ? __pfx_worker_thread+0x10/0x10
[  791.666539][ T9189]  ? __pfx_kthread+0x10/0x10
[  791.671237][ T9189]  ret_from_fork+0xda/0x150
[  791.675806][ T9189]  ? __pfx_kthread+0x10/0x10
[  791.680419][ T9189]  ret_from_fork_asm+0x1a/0x30
[  791.685471][ T9189]  </TASK>
[  791.688512][ T9189] ---[ end trace 0000000000000000 ]---
[  791.717503][T12341] bond2: entered promiscuous mode
[  791.722850][T12341] bond2: entered allmulticast mode
[  791.728962][T12341] 8021q: adding VLAN 0 to HW filter on device bond2
[  791.739784][T12341] bond2 (unregistering): Released all slaves
[  791.818592][T12350] loop1: detected capacity change from 0 to 1024
[  791.884793][T12350] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  791.937797][T12350] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  792.003066][T12350] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  792.003602][T12370] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 4 with error 28
[  792.015330][T12350] EXT4-fs (loop1): This should not happen!! Data will be lost
[  792.015330][T12350] 
[  792.027663][T12370] EXT4-fs (loop1): This should not happen!! Data will be lost
[  792.027663][T12370] 
[  792.037319][T12350] EXT4-fs (loop1): Total free blocks count 0
[  792.037335][T12350] EXT4-fs (loop1): Free/Dirty block details
[  792.037347][T12350] EXT4-fs (loop1): free_blocks=68451041280
[  792.037361][T12350] EXT4-fs (loop1): dirty_blocks=80
[  792.047031][T12370] EXT4-fs (loop1): Total free blocks count 0
[  792.355558][T12390] bond2: entered promiscuous mode
[  792.360665][T12390] bond2: entered allmulticast mode
[  792.381026][T12390] 8021q: adding VLAN 0 to HW filter on device bond2
[  792.402724][T12390] bond2 (unregistering): Released all slaves
[  792.567844][T12409] __nla_validate_parse: 5 callbacks suppressed
[  792.567877][T12409] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13099'.
[  792.593257][T12411] netlink: 14 bytes leftover after parsing attributes in process `syz.5.13101'.
[  792.611128][T12412] netlink: 14 bytes leftover after parsing attributes in process `syz.3.13100'.
[  793.103261][T12427] lo speed is unknown, defaulting to 1000
[  793.628738][T12441] netlink: 28 bytes leftover after parsing attributes in process `syz.4.13107'.
[  793.724202][T12442] lo speed is unknown, defaulting to 1000
[  793.799938][T12444] netlink: 24 bytes leftover after parsing attributes in process `syz.0.13110'.
[  793.839381][T12449] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13113'.
[  793.844264][T12451] netlink: 40 bytes leftover after parsing attributes in process `syz.5.13114'.
[  793.910675][T12454] loop1: detected capacity change from 0 to 1024
[  793.921044][T12454] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  793.962345][T12460] netlink: 14 bytes leftover after parsing attributes in process `syz.0.13116'.
[  793.989058][T12454] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13111'.
[  794.072847][ T9568] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  794.173825][T12472] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13117'.
[  794.229618][T12481] siw: device registration error -23
[  794.289483][T12485] loop0: detected capacity change from 0 to 1024
[  794.416993][T12497] netlink: 'syz.1.13127': attribute type 21 has an invalid length.
[  794.436943][T12497] netlink: 'syz.1.13127': attribute type 1 has an invalid length.
[  794.482245][T12503] loop0: detected capacity change from 0 to 128
[  794.537431][T12511] siw: device registration error -23
[  794.745508][T12521] siw: device registration error -23
[  794.857015][T12529] loop0: detected capacity change from 0 to 1024
[  794.955640][T12542] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(11)
[  794.955667][T12542] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  794.955738][T12542] vhci_hcd vhci_hcd.0: Device attached
[  794.957620][T12542] loop1: detected capacity change from 0 to 164
[  795.098002][T12544] vhci_hcd: connection closed
[  795.098375][ T9186] vhci_hcd: stop threads
[  795.107517][ T9186] vhci_hcd: release socket
[  795.112071][ T9186] vhci_hcd: disconnect device
[  795.122865][T12564] siw: device registration error -23
[  795.130909][   T23] vhci_hcd: vhci_device speed not set
[  795.168565][T12574] FAULT_INJECTION: forcing a failure.
[  795.168565][T12574] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  795.181702][T12574] CPU: 0 UID: 0 PID: 12574 Comm: syz.4.13152 Tainted: G        W           6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  795.181737][T12574] Tainted: [W]=WARN
[  795.181745][T12574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  795.181768][T12574] Call Trace:
[  795.181776][T12574]  <TASK>
[  795.181784][T12574]  __dump_stack+0x1d/0x30
[  795.181809][T12574]  dump_stack_lvl+0xe8/0x140
[  795.181832][T12574]  dump_stack+0x15/0x1b
[  795.181853][T12574]  should_fail_ex+0x265/0x280
[  795.181892][T12574]  should_fail+0xb/0x20
[  795.181934][T12574]  should_fail_usercopy+0x1a/0x20
[  795.181969][T12574]  _copy_from_user+0x1c/0xb0
[  795.182016][T12574]  ___sys_sendmsg+0xc1/0x1d0
[  795.182073][T12574]  __x64_sys_sendmsg+0xd4/0x160
[  795.182120][T12574]  x64_sys_call+0x2999/0x2fb0
[  795.182177][T12574]  do_syscall_64+0xd2/0x200
[  795.182196][T12574]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  795.182277][T12574]  ? clear_bhb_loop+0x40/0x90
[  795.182298][T12574]  ? clear_bhb_loop+0x40/0x90
[  795.182431][T12574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  795.182458][T12574] RIP: 0033:0x7f271823e929
[  795.182477][T12574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  795.182498][T12574] RSP: 002b:00007f27168a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  795.182521][T12574] RAX: ffffffffffffffda RBX: 00007f2718465fa0 RCX: 00007f271823e929
[  795.182536][T12574] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  795.182551][T12574] RBP: 00007f27168a7090 R08: 0000000000000000 R09: 0000000000000000
[  795.182641][T12574] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  795.182699][T12574] R13: 0000000000000000 R14: 00007f2718465fa0 R15: 00007ffe434a0838
[  795.182723][T12574]  </TASK>
[  795.375945][T12573] siw: device registration error -23
[  795.412386][T12584] netlink: 'syz.5.13157': attribute type 2 has an invalid length.
[  795.412404][T12584] netlink: 'syz.5.13157': attribute type 11 has an invalid length.
[  795.706337][T12601] lo speed is unknown, defaulting to 1000
[  796.030404][T12581] veth1_to_bond: entered allmulticast mode
[  796.030492][T12581] veth1_to_bond: entered promiscuous mode
[  796.031529][T12581] veth1_to_bond: left promiscuous mode
[  796.048014][T12581] veth1_to_bond: left allmulticast mode
[  796.129559][T12613] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  796.139434][T12613] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  796.150683][T12616] siw: device registration error -23
[  796.208945][   T29] kauditd_printk_skb: 79 callbacks suppressed
[  796.208960][   T29] audit: type=1400 audit(2000000052.999:42817): avc:  denied  { getattr } for  pid=12619 comm="syz.3.13168" name="/" dev="pidfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  796.323548][T12622] siw: device registration error -23
[  796.343839][T12613] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  796.354679][T12622] loop1: detected capacity change from 0 to 1024
[  796.362485][T12613] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  796.440471][   T29] audit: type=1326 audit(2000000053.189:42818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12625 comm="syz.4.13170" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f271823e929 code=0x0
[  796.539910][T12632] netlink: 'syz.4.13170': attribute type 10 has an invalid length.
[  796.562825][T12632] ipvlan0: entered allmulticast mode
[  796.568323][T12632] veth0_vlan: entered allmulticast mode
[  796.577829][T12632] team0: Device ipvlan0 failed to register rx_handler
[  796.901282][T12637] lo speed is unknown, defaulting to 1000
[  797.232467][T12643] veth1_to_bond: entered allmulticast mode
[  797.244244][T12643] veth1_to_bond: entered promiscuous mode
[  797.252585][T12654] siw: device registration error -23
[  797.262285][T12643] veth1_to_bond: left promiscuous mode
[  797.268019][T12643] veth1_to_bond: left allmulticast mode
[  797.426304][T12666] siw: device registration error -23
[  797.468077][T12666] loop1: detected capacity change from 0 to 1024
[  797.562570][   T29] audit: type=1326 audit(2000000054.359:42819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12679 comm="syz.3.13186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5fa58758e7 code=0x7ffc0000
[  797.592699][   T29] audit: type=1326 audit(2000000054.359:42820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12679 comm="syz.3.13186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5fa581ab19 code=0x7ffc0000
[  797.616422][   T29] audit: type=1326 audit(2000000054.359:42821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12679 comm="syz.3.13186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5fa58758e7 code=0x7ffc0000
[  797.640315][   T29] audit: type=1326 audit(2000000054.359:42822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12679 comm="syz.3.13186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f5fa581ab19 code=0x7ffc0000
[  797.664106][   T29] audit: type=1326 audit(2000000054.359:42823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12679 comm="syz.3.13186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  797.687902][   T29] audit: type=1326 audit(2000000054.359:42824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12679 comm="syz.3.13186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  797.711624][   T29] audit: type=1326 audit(2000000054.359:42825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12679 comm="syz.3.13186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  797.711656][   T29] audit: type=1326 audit(2000000054.359:42826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12679 comm="syz.3.13186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f5fa58758e7 code=0x7ffc0000
[  797.763809][T12687] loop3: detected capacity change from 0 to 512
[  797.771195][T12687] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  797.864206][T12687] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  797.876868][T12660] veth1_to_bond: entered allmulticast mode
[  797.882932][T12687] ext4 filesystem being mounted at /254/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  797.904797][T12660] veth1_to_bond: entered promiscuous mode
[  797.914229][T12660] veth1_to_bond: left promiscuous mode
[  797.919860][T12660] veth1_to_bond: left allmulticast mode
[  797.925706][T12687] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  798.069674][T12697] lo speed is unknown, defaulting to 1000
[  798.188445][T12702] siw: device registration error -23
[  798.215712][T12702] loop1: detected capacity change from 0 to 1024
[  798.325287][T12695] veth1_to_bond: entered allmulticast mode
[  798.338204][T12695] veth1_to_bond: entered promiscuous mode
[  798.351421][T12695] veth1_to_bond: left promiscuous mode
[  798.357016][T12695] veth1_to_bond: left allmulticast mode
[  798.462440][T12717] __nla_validate_parse: 20 callbacks suppressed
[  798.462481][T12717] netlink: 24 bytes leftover after parsing attributes in process `syz.3.13197'.
[  798.558308][T12723] netlink: 14 bytes leftover after parsing attributes in process `syz.4.13199'.
[  798.697988][T12729] loop1: detected capacity change from 0 to 2048
[  798.732282][T12729] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  798.974091][T12726] veth1_to_bond: entered allmulticast mode
[  798.981346][T12726] veth1_to_bond: entered promiscuous mode
[  799.000977][T12726] veth1_to_bond: left promiscuous mode
[  799.006622][T12726] veth1_to_bond: left allmulticast mode
[  799.044680][T12741] veth1_to_bond: entered allmulticast mode
[  799.050798][T12741] veth1_to_bond: entered promiscuous mode
[  799.057443][T12741] veth1_to_bond: left promiscuous mode
[  799.063116][T12741] veth1_to_bond: left allmulticast mode
[  799.107315][T12744] bond7: entered promiscuous mode
[  799.112434][T12744] bond7: entered allmulticast mode
[  799.121879][T12744] 8021q: adding VLAN 0 to HW filter on device bond7
[  799.150754][T12744] bond7 (unregistering): Released all slaves
[  799.159065][T12747] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13205'.
[  799.312031][T12759] netlink: 'syz.3.13209': attribute type 1 has an invalid length.
[  799.359621][T12759] 8021q: adding VLAN 0 to HW filter on device bond2
[  799.487698][ T9568] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  799.539917][T12766] lo speed is unknown, defaulting to 1000
[  799.560438][T12770] netlink: 14 bytes leftover after parsing attributes in process `syz.1.13211'.
[  799.587058][T12769] netlink: 14 bytes leftover after parsing attributes in process `syz.3.13212'.
[  799.901411][T12778] veth1_to_bond: entered allmulticast mode
[  799.907662][T12778] veth1_to_bond: entered promiscuous mode
[  799.916716][T12778] veth1_to_bond: left promiscuous mode
[  799.922415][T12778] veth1_to_bond: left allmulticast mode
[  800.004346][T12788] bond1: entered promiscuous mode
[  800.009464][T12788] bond1: entered allmulticast mode
[  800.015049][T12788] 8021q: adding VLAN 0 to HW filter on device bond1
[  800.017417][T12792] loop3: detected capacity change from 0 to 1024
[  800.030012][T12788] bond1 (unregistering): Released all slaves
[  800.030400][T12792] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  800.070282][T12792] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13218'.
[  800.091761][ T8632] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  800.234908][T12808] netlink: 'syz.3.13222': attribute type 1 has an invalid length.
[  800.239264][T12809] netlink: 14 bytes leftover after parsing attributes in process `syz.4.13223'.
[  800.259202][T12808] 8021q: adding VLAN 0 to HW filter on device bond3
[  800.586055][T12821] netlink: 14 bytes leftover after parsing attributes in process `syz.4.13228'.
[  800.629581][T12823] netlink: 'syz.5.13227': attribute type 1 has an invalid length.
[  800.637773][T12823] netlink: 'syz.5.13227': attribute type 4 has an invalid length.
[  800.645797][T12823] netlink: 9462 bytes leftover after parsing attributes in process `syz.5.13227'.
[  800.677757][T12817] veth1_to_bond: entered allmulticast mode
[  800.683896][T12817] veth1_to_bond: entered promiscuous mode
[  800.690673][T12817] veth1_to_bond: left promiscuous mode
[  800.696306][T12817] veth1_to_bond: left allmulticast mode
[  800.761911][T12828] netlink: 40 bytes leftover after parsing attributes in process `syz.3.13229'.
[  800.953364][T12835] siw: device registration error -23
[  800.982360][T12835] loop3: detected capacity change from 0 to 1024
[  801.153802][T12848] netlink: 'syz.1.13236': attribute type 1 has an invalid length.
[  801.167077][T12848] 8021q: adding VLAN 0 to HW filter on device bond1
[  801.207850][T12845] lo speed is unknown, defaulting to 1000
[  801.216685][   T29] kauditd_printk_skb: 82 callbacks suppressed
[  801.216699][   T29] audit: type=1400 audit(2000000058.009:42909): avc:  denied  { ioctl } for  pid=12852 comm="syz.1.13238" path="socket:[152107]" dev="sockfs" ino=152107 ioctlcmd=0x7437 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  801.400796][T12858] veth1_to_bond: entered allmulticast mode
[  801.413316][T12858] veth1_to_bond: entered promiscuous mode
[  801.430200][T12858] veth1_to_bond: left promiscuous mode
[  801.435890][T12858] veth1_to_bond: left allmulticast mode
[  801.621278][T12878] siw: device registration error -23
[  801.636498][T12878] loop1: detected capacity change from 0 to 1024
[  801.777575][T12884] lo speed is unknown, defaulting to 1000
[  802.617070][T12894] veth1_to_bond: entered allmulticast mode
[  802.625469][T12894] veth1_to_bond: entered promiscuous mode
[  802.632541][T12894] veth1_to_bond: left promiscuous mode
[  802.638192][T12894] veth1_to_bond: left allmulticast mode
[  802.703153][T12911] loop3: detected capacity change from 0 to 1024
[  802.723009][T12911] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  802.746185][T12899] veth1_to_bond: entered allmulticast mode
[  802.766696][T12899] veth1_to_bond: entered promiscuous mode
[  802.779027][T12899] veth1_to_bond: left promiscuous mode
[  802.784723][T12899] veth1_to_bond: left allmulticast mode
[  802.848031][T12917] loop1: detected capacity change from 0 to 2048
[  802.860258][ T8632] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  802.898292][T12917] EXT4-fs (loop1): Invalid log block size: 524290
[  803.090216][T12945] lo speed is unknown, defaulting to 1000
[  803.211594][T12948] netlink: 'syz.0.13268': attribute type 1 has an invalid length.
[  803.236924][T12948] 8021q: adding VLAN 0 to HW filter on device bond7
[  803.249342][T12949] lo speed is unknown, defaulting to 1000
[  803.357258][T12952] lo speed is unknown, defaulting to 1000
[  803.915918][T12962] __nla_validate_parse: 8 callbacks suppressed
[  803.915939][T12962] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13271'.
[  803.981148][T12964] netlink: 14 bytes leftover after parsing attributes in process `syz.3.13272'.
[  804.183805][T12971] netlink: 40 bytes leftover after parsing attributes in process `syz.1.13275'.
[  804.259065][T12973] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13276'.
[  804.289110][T12977] netlink: 14 bytes leftover after parsing attributes in process `syz.0.13277'.
[  804.311397][T12966] veth1_to_bond: entered allmulticast mode
[  804.321333][T12966] veth1_to_bond: entered promiscuous mode
[  804.340482][T12966] veth1_to_bond: left promiscuous mode
[  804.346139][T12966] veth1_to_bond: left allmulticast mode
[  804.371756][   T29] audit: type=1326 audit(2000000061.159:42910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12982 comm="syz.4.13280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271823e929 code=0x7ffc0000
[  804.372050][T12980] siw: device registration error -23
[  804.395545][   T29] audit: type=1326 audit(2000000061.159:42911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12982 comm="syz.4.13280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271823e929 code=0x7ffc0000
[  804.424565][   T29] audit: type=1326 audit(2000000061.159:42912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12982 comm="syz.4.13280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f271823e929 code=0x7ffc0000
[  804.448356][   T29] audit: type=1326 audit(2000000061.159:42913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12982 comm="syz.4.13280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271823e929 code=0x7ffc0000
[  804.472132][   T29] audit: type=1326 audit(2000000061.159:42914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12982 comm="syz.4.13280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271823e929 code=0x7ffc0000
[  804.510715][T12980] loop1: detected capacity change from 0 to 1024
[  804.541886][T12995] loop3: detected capacity change from 0 to 1024
[  804.552097][T12998] netlink: 40 bytes leftover after parsing attributes in process `syz.5.13284'.
[  804.562180][T12995] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  804.619482][T12995] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13283'.
[  804.660299][ T8632] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  804.676750][T13007] netlink: 40 bytes leftover after parsing attributes in process `syz.5.13286'.
[  804.723523][T13012] netlink: 14 bytes leftover after parsing attributes in process `syz.5.13289'.
[  804.754450][T13009] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13288'.
[  804.826361][T13022] loop3: detected capacity change from 0 to 512
[  804.841335][T13022] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.13292: iget: bad i_size value: 38620345925642
[  804.841560][T13022] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.13292: couldn't read orphan inode 15 (err -117)
[  804.842275][T13022] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  804.895990][   T29] audit: type=1400 audit(2000000061.689:42915): avc:  denied  { ioctl } for  pid=13004 comm="syz.1.13287" path="socket:[153089]" dev="sockfs" ino=153089 ioctlcmd=0x940d scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  804.932137][T13015] ------------[ cut here ]------------
[  804.932149][T13015] WARNING: CPU: 0 PID: 13015 at kernel/events/core.c:7211 perf_pending_task+0x206/0x210
[  804.932199][T13015] Modules linked in:
[  804.932223][T13015] CPU: 0 UID: 0 PID: 13015 Comm: syz.5.13290 Tainted: G        W           6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  804.932267][T13015] Tainted: [W]=WARN
[  804.932336][T13015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  804.932357][T13015] RIP: 0010:perf_pending_task+0x206/0x210
[  804.932391][T13015] Code: 10 f0 fc ff 41 88 6c 1d 00 eb 05 e8 44 ec e2 ff 48 83 c4 08 5b 41 5c 41 5d 41 5e 41 5f 5d e9 41 f2 ee 03 cc e8 2b ec e2 ff 90 <0f> 0b 90 eb 86 0f 1f 44 00 00 90 90 90 90 90 90 90 90 90 90 90 90
[  804.932422][T13015] RSP: 0018:ffffc90002b47c30 EFLAGS: 00010293
[  804.932441][T13015] RAX: ffffffff8174d6a5 RBX: 0000000000000000 RCX: ffff88812dd98000
[  804.932454][T13015] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88810cc19388
[  804.932502][T13015] RBP: 000000007e8e3216 R08: 000188810cc1938f R09: 0000000000000000
[  804.932518][T13015] R10: 000188811188a530 R11: ffffffff8174d4a0 R12: ffff8881059746a0
[  804.932572][T13015] R13: ffff88812dd98000 R14: ffff8881059747e8 R15: ffff88810cc19300
[  804.932614][T13015] FS:  0000000000000000(0000) GS:ffff8882aee30000(0000) knlGS:0000000000000000
[  804.932634][T13015] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  804.932714][T13015] CR2: 000020000002e000 CR3: 0000000006834000 CR4: 00000000003506f0
[  804.932733][T13015] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  804.932747][T13015] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  804.932762][T13015] Call Trace:
[  804.932770][T13015]  <TASK>
[  804.932782][T13015]  task_work_run+0x12e/0x1a0
[  804.932813][T13015]  do_exit+0x483/0x1590
[  804.932869][T13015]  do_group_exit+0xff/0x140
[  805.110660][T13015]  ? get_signal+0xe51/0xf70
[  805.115238][T13015]  get_signal+0xe59/0xf70
[  805.115292][T13015]  arch_do_signal_or_restart+0x96/0x480
[  805.115422][T13015]  exit_to_user_mode_loop+0x7a/0x100
[  805.115454][T13015]  do_syscall_64+0x1d6/0x200
[  805.115479][T13015]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  805.115519][T13015]  ? clear_bhb_loop+0x40/0x90
[  805.115615][T13015]  ? clear_bhb_loop+0x40/0x90
[  805.115644][T13015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  805.115670][T13015] RIP: 0033:0x7f13e41be929
[  805.115689][T13015] Code: Unable to access opcode bytes at 0x7f13e41be8ff.
[  805.115701][T13015] RSP: 002b:00007f13e2827038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ce
[  805.115769][T13015] RAX: fffffffffffffff4 RBX: 00007f13e43e5fa0 RCX: 00007f13e41be929
[  805.115784][T13015] RDX: 0000000000000000 RSI: 0000200000000680 RDI: 0000000000002004
[  805.115800][T13015] RBP: 00007f13e4240b39 R08: 0000000000000000 R09: 0000000000000000
[  805.115816][T13015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  805.115832][T13015] R13: 0000000000000000 R14: 00007f13e43e5fa0 R15: 00007ffddf6360b8
[  805.115855][T13015]  </TASK>
[  805.115863][T13015] ---[ end trace 0000000000000000 ]---
[  805.231862][ T8632] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  805.397583][T13036] siw: device registration error -23
[  805.415569][T13030] veth1_to_bond: entered allmulticast mode
[  805.428040][T13030] veth1_to_bond: entered promiscuous mode
[  805.434499][T13030] veth1_to_bond: left promiscuous mode
[  805.440212][T13030] veth1_to_bond: left allmulticast mode
[  805.528085][T13056] netlink: 'syz.3.13304': attribute type 1 has an invalid length.
[  805.668511][T13056] 8021q: adding VLAN 0 to HW filter on device bond4
[  805.697960][T13069] lo speed is unknown, defaulting to 1000
[  805.789543][T13072] lo speed is unknown, defaulting to 1000
[  806.544441][T13087] lo speed is unknown, defaulting to 1000
[  806.942083][T13079] veth1_to_bond: entered allmulticast mode
[  806.952052][T13093] siw: device registration error -23
[  806.958018][T13079] veth1_to_bond: entered promiscuous mode
[  806.981206][T13079] veth1_to_bond: left promiscuous mode
[  806.986830][T13079] veth1_to_bond: left allmulticast mode
[  807.052620][T13086] veth1_to_bond: entered allmulticast mode
[  807.059118][T13086] veth1_to_bond: entered promiscuous mode
[  807.074022][T13086] veth1_to_bond: left promiscuous mode
[  807.079658][T13086] veth1_to_bond: left allmulticast mode
[  807.148893][T13103] siw: device registration error -23
[  807.185353][T13103] loop1: detected capacity change from 0 to 1024
[  807.440274][T13113] lo speed is unknown, defaulting to 1000
[  807.996546][T13101] veth1_to_bond: entered allmulticast mode
[  807.996709][T13101] veth1_to_bond: entered promiscuous mode
[  807.998802][T13101] veth1_to_bond: left promiscuous mode
[  807.998932][T13101] veth1_to_bond: left allmulticast mode
[  808.197498][T13124] lo speed is unknown, defaulting to 1000
[  808.355229][   T29] audit: type=1326 audit(2000000065.149:42916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13122 comm="syz.1.13325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  808.355625][   T29] audit: type=1326 audit(2000000065.149:42917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13122 comm="syz.1.13325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  808.355782][   T29] audit: type=1326 audit(2000000065.149:42918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13122 comm="syz.1.13325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  808.598188][T13131] siw: device registration error -23
[  808.848245][T13148] netlink: 'syz.1.13331': attribute type 1 has an invalid length.
[  808.856511][T13148] netlink: 'syz.1.13331': attribute type 4 has an invalid length.
[  808.885449][T13133] veth1_to_bond: entered allmulticast mode
[  808.892580][T13133] veth1_to_bond: entered promiscuous mode
[  808.898976][T13133] veth1_to_bond: left promiscuous mode
[  808.904579][T13133] veth1_to_bond: left allmulticast mode
[  808.996016][T13161] siw: device registration error -23
[  809.005618][T13166] loop0: detected capacity change from 0 to 512
[  809.016859][T13161] loop4: detected capacity change from 0 to 1024
[  809.033848][T13166] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.13342: iget: bad i_size value: 38620345925642
[  809.052846][   T29] audit: type=1326 audit(2000000065.849:42919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13155 comm="syz.5.13339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e41be929 code=0x7ffc0000
[  809.098446][   T29] audit: type=1326 audit(2000000065.869:42920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13155 comm="syz.5.13339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f13e41be929 code=0x7ffc0000
[  809.122289][   T29] audit: type=1326 audit(2000000065.869:42921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13155 comm="syz.5.13339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e41be929 code=0x7ffc0000
[  809.146006][   T29] audit: type=1326 audit(2000000065.869:42922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13155 comm="syz.5.13339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e41be929 code=0x7ffc0000
[  809.161206][T13166] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.13342: couldn't read orphan inode 15 (err -117)
[  809.169824][   T29] audit: type=1326 audit(2000000065.869:42923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13155 comm="syz.5.13339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13e41be929 code=0x7ffc0000
[  809.202915][T13166] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  809.205481][   T29] audit: type=1326 audit(2000000065.869:42924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13155 comm="syz.5.13339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e41be929 code=0x7ffc0000
[  809.241658][   T29] audit: type=1326 audit(2000000065.869:42925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13155 comm="syz.5.13339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e41be929 code=0x7ffc0000
[  809.286198][T13171] EXT4-fs error (device loop0): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  809.399781][T13173] lo speed is unknown, defaulting to 1000
[  809.779956][T13177] siw: device registration error -23
[  809.853136][ T7626] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  809.989570][T13183] __nla_validate_parse: 12 callbacks suppressed
[  809.989590][T13183] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13348'.
[  810.012994][T13185] netlink: 'syz.3.13349': attribute type 1 has an invalid length.
[  810.033598][T13185] 8021q: adding VLAN 0 to HW filter on device bond5
[  810.040757][T13181] tipc: Started in network mode
[  810.040829][T13181] tipc: Node identity 62cb472dc076, cluster identity 4711
[  810.040988][T13181] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  810.051501][T13178] tipc: Resetting bearer <eth:syzkaller0>
[  810.078876][T13178] tipc: Disabling bearer <eth:syzkaller0>
[  810.096046][T13188] loop1: detected capacity change from 0 to 1024
[  810.106262][T13188] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  810.162002][T13188] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13350'.
[  810.174348][T13194] netlink: 14 bytes leftover after parsing attributes in process `syz.3.13351'.
[  810.190911][ T9568] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  810.310589][T13200] loop0: detected capacity change from 0 to 1024
[  810.335569][T13202] siw: device registration error -23
[  810.345720][T13202] loop1: detected capacity change from 0 to 1024
[  810.506247][T13197] veth1_to_bond: entered allmulticast mode
[  810.506369][T13197] veth1_to_bond: entered promiscuous mode
[  810.507171][T13197] veth1_to_bond: left promiscuous mode
[  810.507317][T13197] veth1_to_bond: left allmulticast mode
[  810.699856][T13220] lo speed is unknown, defaulting to 1000
[  810.766526][T13228] netlink: 14 bytes leftover after parsing attributes in process `syz.3.13363'.
[  811.007312][T13234] lo speed is unknown, defaulting to 1000
[  811.339437][T13239] loop0: detected capacity change from 0 to 1024
[  811.504321][T13251] vhci_hcd: invalid port number 96
[  811.509611][T13251] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  811.549008][T13256] loop1: detected capacity change from 0 to 512
[  811.556710][T13256] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  811.566824][T13256] EXT4-fs error (device loop1): ext4_get_branch:178: inode #11: block 4294967295: comm syz.1.13375: invalid block
[  811.585292][T13256] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.13375: invalid indirect mapped block 4294967295 (level 1)
[  811.591012][T13252] lo speed is unknown, defaulting to 1000
[  811.600035][T13256] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.13375: invalid indirect mapped block 4294967295 (level 1)
[  811.619766][T13256] EXT4-fs (loop1): 2 truncates cleaned up
[  811.626190][T13256] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  811.672373][T13256] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.13375: bg 0: block 5: invalid block bitmap
[  811.705636][ T9568] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  811.758311][T13270] FAULT_INJECTION: forcing a failure.
[  811.758311][T13270] name failslab, interval 1, probability 0, space 0, times 0
[  811.771069][T13270] CPU: 0 UID: 0 PID: 13270 Comm: syz.3.13378 Tainted: G        W           6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  811.771164][T13270] Tainted: [W]=WARN
[  811.771193][T13270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  811.771210][T13270] Call Trace:
[  811.771218][T13270]  <TASK>
[  811.771296][T13270]  __dump_stack+0x1d/0x30
[  811.771322][T13270]  dump_stack_lvl+0xe8/0x140
[  811.771359][T13270]  dump_stack+0x15/0x1b
[  811.771444][T13270]  should_fail_ex+0x265/0x280
[  811.771483][T13270]  ? sf_setstate+0x188/0x300
[  811.771512][T13270]  should_failslab+0x8c/0xb0
[  811.771541][T13270]  __kmalloc_cache_noprof+0x4c/0x320
[  811.771641][T13270]  sf_setstate+0x188/0x300
[  811.771676][T13270]  ip_mc_del_src+0x31b/0x480
[  811.771750][T13270]  ? refill_obj_stock+0x254/0x2e0
[  811.771829][T13270]  ip_mc_drop_socket+0x145/0x1e0
[  811.771857][T13270]  inet_release+0x31/0xf0
[  811.771892][T13270]  sock_close+0x6b/0x150
[  811.771913][T13270]  ? __pfx_sock_close+0x10/0x10
[  811.771958][T13270]  __fput+0x298/0x650
[  811.771986][T13270]  ____fput+0x1c/0x30
[  811.772010][T13270]  task_work_run+0x12e/0x1a0
[  811.772115][T13270]  exit_to_user_mode_loop+0xe4/0x100
[  811.772145][T13270]  do_syscall_64+0x1d6/0x200
[  811.772163][T13270]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  811.772189][T13270]  ? clear_bhb_loop+0x40/0x90
[  811.772209][T13270]  ? clear_bhb_loop+0x40/0x90
[  811.772236][T13270]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  811.772307][T13270] RIP: 0033:0x7f5fa587e929
[  811.772351][T13270] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  811.772372][T13270] RSP: 002b:00007f5fa3ee7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  811.772455][T13270] RAX: 0000000000000000 RBX: 00007f5fa5aa5fa0 RCX: 00007f5fa587e929
[  811.772467][T13270] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000006
[  811.772479][T13270] RBP: 00007f5fa3ee7090 R08: 0000000000000000 R09: 0000000000000000
[  811.772490][T13270] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  811.772504][T13270] R13: 0000000000000000 R14: 00007f5fa5aa5fa0 R15: 00007ffe1da7a558
[  811.772569][T13270]  </TASK>
[  812.069061][T13276] siw: device registration error -23
[  812.094393][T13278] netlink: 'syz.1.13383': attribute type 1 has an invalid length.
[  812.110308][T13278] 8021q: adding VLAN 0 to HW filter on device bond2
[  812.167153][T13282] siw: device registration error -23
[  812.181441][T13280] lo speed is unknown, defaulting to 1000
[  812.197028][T13282] loop1: detected capacity change from 0 to 1024
[  812.306616][T13289] siw: device registration error -23
[  812.317006][T13289] loop5: detected capacity change from 0 to 1024
[  812.326649][T13287] vhci_hcd: invalid port number 96
[  812.331860][T13287] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  812.393450][T13293] loop4: detected capacity change from 0 to 512
[  812.400330][T13293] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  812.410942][T13293] EXT4-fs error (device loop4): ext4_get_branch:178: inode #11: block 4294967295: comm syz.4.13388: invalid block
[  812.423504][T13293] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.13388: invalid indirect mapped block 4294967295 (level 1)
[  812.438254][T13293] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.13388: invalid indirect mapped block 4294967295 (level 1)
[  812.467565][T13293] EXT4-fs (loop4): 2 truncates cleaned up
[  812.477776][T13293] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  812.510983][T13293] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.13388: bg 0: block 5: invalid block bitmap
[  812.532465][T13291] veth1_to_bond: entered allmulticast mode
[  812.539483][T13291] veth1_to_bond: entered promiscuous mode
[  812.554031][T13291] veth1_to_bond: left promiscuous mode
[  812.559711][T13291] veth1_to_bond: left allmulticast mode
[  812.570526][T10341] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  812.633056][T13314] siw: device registration error -23
[  812.655613][T13316] netlink: 'syz.1.13394': attribute type 1 has an invalid length.
[  812.674182][T13316] 8021q: adding VLAN 0 to HW filter on device bond3
[  812.684967][T13303] lo speed is unknown, defaulting to 1000
[  812.730229][T13323] netlink: 4 bytes leftover after parsing attributes in process `syz.4.13395'.
[  812.769201][T13325] siw: device registration error -23
[  812.783974][T13325] loop1: detected capacity change from 0 to 1024
[  812.801526][T13329] siw: device registration error -23
[  812.860729][T13331] lo speed is unknown, defaulting to 1000
[  812.908988][T13335] netlink: 40 bytes leftover after parsing attributes in process `syz.3.13399'.
[  813.229159][T13340] veth1_to_bond: entered allmulticast mode
[  813.236254][T13340] veth1_to_bond: entered promiscuous mode
[  813.236791][T13340] veth1_to_bond: left promiscuous mode
[  813.237006][T13340] veth1_to_bond: left allmulticast mode
[  813.293571][T13350] netlink: 'syz.3.13406': attribute type 1 has an invalid length.
[  813.305065][T13350] 8021q: adding VLAN 0 to HW filter on device bond6
[  813.510432][T13360] loop5: detected capacity change from 0 to 2048
[  813.581044][T13360] Alternate GPT is invalid, using primary GPT.
[  813.581242][T13360]  loop5: p2 p3 p7
[  813.581741][T13357] netlink: 'syz.3.13409': attribute type 10 has an invalid length.
[  813.581847][T13357] bridge0: port 1(bridge_slave_0) entered disabled state
[  813.609507][T13357] bridge0: port 1(bridge_slave_0) entered blocking state
[  813.609556][T13357] bridge0: port 1(bridge_slave_0) entered forwarding state
[  813.611554][T13357] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  813.642042][T13361] lo speed is unknown, defaulting to 1000
[  813.967625][T13370] lo speed is unknown, defaulting to 1000
[  814.212401][T13360] loop5: detected capacity change from 0 to 1024
[  814.219644][   T29] kauditd_printk_skb: 161 callbacks suppressed
[  814.219659][   T29] audit: type=1400 audit(2000000071.009:43087): avc:  denied  { mounton } for  pid=13354 comm="syz.5.13408" path="/dev/loop5p3" dev="devtmpfs" ino=4169 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=file permissive=1
[  814.264038][T13378] lo speed is unknown, defaulting to 1000
[  814.285044][T13360] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  814.312638][T13360] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  814.386227][T13385] netlink: 'syz.4.13417': attribute type 1 has an invalid length.
[  814.394294][T13385] netlink: 'syz.4.13417': attribute type 4 has an invalid length.
[  814.402289][T13385] netlink: 9462 bytes leftover after parsing attributes in process `syz.4.13417'.
[  814.613618][T13387] lo speed is unknown, defaulting to 1000
[  814.802770][T13390] netlink: 'syz.3.13419': attribute type 1 has an invalid length.
[  814.845000][T13390] 8021q: adding VLAN 0 to HW filter on device bond7
[  814.953953][T13399] netlink: 'syz.5.13421': attribute type 1 has an invalid length.
[  814.962067][T13399] netlink: 'syz.5.13421': attribute type 4 has an invalid length.
[  814.969937][T13399] netlink: 9462 bytes leftover after parsing attributes in process `syz.5.13421'.
[  815.079558][   T29] audit: type=1326 audit(2000000071.869:43088): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13401 comm="syz.3.13423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  815.136735][   T29] audit: type=1326 audit(2000000071.869:43089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13401 comm="syz.3.13423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  815.160629][   T29] audit: type=1326 audit(2000000071.899:43090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13401 comm="syz.3.13423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  815.184250][   T29] audit: type=1326 audit(2000000071.899:43091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13401 comm="syz.3.13423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  815.208063][   T29] audit: type=1326 audit(2000000071.899:43092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13401 comm="syz.3.13423" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  815.311058][T13406] netlink: 'syz.0.13425': attribute type 10 has an invalid length.
[  815.391960][T13410] loop3: detected capacity change from 0 to 1024
[  815.401574][T13410] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  815.414710][T13413] siw: device registration error -23
[  815.444584][T13413] loop4: detected capacity change from 0 to 1024
[  815.468747][T13410] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13427'.
[  815.498185][ T8632] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  815.538895][T13424] netlink: 14 bytes leftover after parsing attributes in process `syz.3.13431'.
[  815.585969][T13425] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.13432'.
[  815.731061][   T29] audit: type=1326 audit(2000000072.519:43093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13430 comm="syz.4.13434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271823e929 code=0x7ffc0000
[  815.754958][   T29] audit: type=1326 audit(2000000072.529:43094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13430 comm="syz.4.13434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f271823e929 code=0x7ffc0000
[  815.778596][   T29] audit: type=1326 audit(2000000072.529:43095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13430 comm="syz.4.13434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271823e929 code=0x7ffc0000
[  815.802345][   T29] audit: type=1326 audit(2000000072.529:43096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13430 comm="syz.4.13434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f271823e929 code=0x7ffc0000
[  815.990790][T13438] lo speed is unknown, defaulting to 1000
[  816.045046][T13437] veth1_to_bond: entered allmulticast mode
[  816.051591][T13437] veth1_to_bond: entered promiscuous mode
[  816.058115][T13437] veth1_to_bond: left promiscuous mode
[  816.063784][T13437] veth1_to_bond: left allmulticast mode
[  816.244264][T13451] loop1: detected capacity change from 0 to 1024
[  816.254323][T13451] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  816.313057][T13451] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13441'.
[  816.338422][T13455] lo speed is unknown, defaulting to 1000
[  816.369216][ T9568] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  816.462560][T13457] loop0: detected capacity change from 0 to 512
[  816.479798][T13457] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.13443: iget: bad i_size value: 38620345925642
[  816.506881][T13457] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.13443: couldn't read orphan inode 15 (err -117)
[  816.532909][T13457] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  816.549926][T13459] siw: device registration error -23
[  816.710195][ T7626] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  816.769861][T13469] siw: device registration error -23
[  816.828792][T13462] loop5: detected capacity change from 0 to 1024
[  816.830065][T13472] netlink: 14 bytes leftover after parsing attributes in process `syz.0.13447'.
[  816.923655][T13473] lo speed is unknown, defaulting to 1000
[  817.667706][T13481] lo speed is unknown, defaulting to 1000
[  817.983359][T13485] siw: device registration error -23
[  817.993599][T13490] loop0: detected capacity change from 0 to 1024
[  818.004845][T13485] loop1: detected capacity change from 0 to 1024
[  818.023433][T13493] validate_nla: 2 callbacks suppressed
[  818.023447][T13493] netlink: 'syz.3.13453': attribute type 10 has an invalid length.
[  818.037056][T13493] bridge0: port 1(bridge_slave_0) entered disabled state
[  818.056177][T13496] netlink: 'syz.4.13454': attribute type 1 has an invalid length.
[  818.064201][T13496] netlink: 'syz.4.13454': attribute type 4 has an invalid length.
[  818.064336][ T9142] bond0: (slave bridge0): link status definitely down, disabling slave
[  818.072073][T13496] netlink: 9462 bytes leftover after parsing attributes in process `syz.4.13454'.
[  818.192910][T13501] siw: device registration error -23
[  818.235962][T13506] netlink: 'syz.5.13458': attribute type 10 has an invalid length.
[  818.253363][T13502] lo speed is unknown, defaulting to 1000
[  818.311857][T13506] bridge0: port 1(bridge_slave_0) entered disabled state
[  818.321958][T13506] bridge0: port 1(bridge_slave_0) entered blocking state
[  818.329083][T13506] bridge0: port 1(bridge_slave_0) entered forwarding state
[  818.338830][T13506] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  818.372604][T13509] lo speed is unknown, defaulting to 1000
[  818.396396][T13511] loop5: detected capacity change from 0 to 764
[  818.409560][T13511] random: crng reseeded on system resumption
[  818.428652][T13511] Restarting kernel threads ...
[  818.429836][T13513] netlink: 'syz.1.13459': attribute type 1 has an invalid length.
[  818.434350][T13511] Done restarting kernel threads.
[  818.441576][T13513] netlink: 'syz.1.13459': attribute type 4 has an invalid length.
[  818.454484][T13513] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.13459'.
[  818.466037][T13511] vhci_hcd: invalid port number 96
[  818.471213][T13511] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  818.514801][T13517] netlink: 14 bytes leftover after parsing attributes in process `syz.5.13462'.
[  818.665855][T13521] lo speed is unknown, defaulting to 1000
[  818.766364][T13526] netlink: 'syz.5.13465': attribute type 10 has an invalid length.
[  818.774788][T13526] bridge0: port 1(bridge_slave_0) entered disabled state
[  818.801368][ T9172] bond0: (slave bridge0): link status definitely down, disabling slave
[  818.865113][T13531] netlink: 'syz.5.13466': attribute type 1 has an invalid length.
[  818.873277][T13531] netlink: 'syz.5.13466': attribute type 4 has an invalid length.
[  818.881219][T13531] netlink: 9462 bytes leftover after parsing attributes in process `syz.5.13466'.
[  819.102410][T13538] siw: device registration error -23
[  819.234247][   T29] kauditd_printk_skb: 40 callbacks suppressed
[  819.234263][   T29] audit: type=1326 audit(2000000076.029:43137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13543 comm="syz.1.13472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  819.264154][   T29] audit: type=1326 audit(2000000076.029:43138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13543 comm="syz.1.13472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  819.287943][   T29] audit: type=1326 audit(2000000076.029:43139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13543 comm="syz.1.13472" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  819.337632][T13548] netlink: 'syz.1.13474': attribute type 10 has an invalid length.
[  819.346802][T13548] bridge0: port 1(bridge_slave_0) entered disabled state
[  819.358199][T13548] bridge0: port 1(bridge_slave_0) entered blocking state
[  819.365303][T13548] bridge0: port 1(bridge_slave_0) entered forwarding state
[  819.375439][T13548] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  819.449066][T13551] lo speed is unknown, defaulting to 1000
[  819.579477][T13554] siw: device registration error -23
[  819.590756][T13554] loop1: detected capacity change from 0 to 1024
[  819.676155][T13558] netlink: 40 bytes leftover after parsing attributes in process `syz.1.13477'.
[  819.723858][T13562] siw: device registration error -23
[  819.734595][T13562] loop1: detected capacity change from 0 to 1024
[  819.761474][T13564] siw: device registration error -23
[  819.773613][T13564] loop4: detected capacity change from 0 to 1024
[  819.848819][T13565] lo speed is unknown, defaulting to 1000
[  819.966978][   T29] audit: type=1326 audit(2000000076.759:43140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13573 comm="syz.3.13484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  819.990946][   T29] audit: type=1326 audit(2000000076.759:43141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13573 comm="syz.3.13484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  820.014655][   T29] audit: type=1326 audit(2000000076.759:43142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13573 comm="syz.3.13484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  820.038383][   T29] audit: type=1326 audit(2000000076.759:43143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13573 comm="syz.3.13484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  820.062198][   T29] audit: type=1326 audit(2000000076.759:43144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13573 comm="syz.3.13484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fa587e929 code=0x7ffc0000
[  820.310638][T13585] siw: device registration error -23
[  820.321823][T13585] loop3: detected capacity change from 0 to 1024
[  820.598397][T13588] lo speed is unknown, defaulting to 1000
[  820.797255][T13595] __nla_validate_parse: 1 callbacks suppressed
[  820.797294][T13595] netlink: 40 bytes leftover after parsing attributes in process `syz.1.13490'.
[  820.846898][T13598] netlink: 9462 bytes leftover after parsing attributes in process `syz.4.13491'.
[  820.867283][T13597] siw: device registration error -23
[  820.890365][T13597] loop1: detected capacity change from 0 to 1024
[  820.901346][T13591] veth1_to_bond: entered allmulticast mode
[  820.907435][T13591] veth1_to_bond: entered promiscuous mode
[  820.914261][T13591] veth1_to_bond: left promiscuous mode
[  820.919903][T13591] veth1_to_bond: left allmulticast mode
[  820.930323][T13601] loop3: detected capacity change from 0 to 512
[  820.939713][T13601] EXT4-fs error (device loop3): ext4_orphan_get:1393: inode #15: comm syz.3.13493: iget: bad i_size value: 38620345925642
[  820.952823][T13601] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.13493: couldn't read orphan inode 15 (err -117)
[  820.967901][T13601] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  820.995288][T13606] siw: device registration error -23
[  821.006163][T13606] loop5: detected capacity change from 0 to 1024
[  821.062735][T13608] siw: device registration error -23
[  821.100131][ T8632] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  821.224019][T13622] netlink: 40 bytes leftover after parsing attributes in process `syz.5.13502'.
[  821.290576][T13632] netlink: 14 bytes leftover after parsing attributes in process `syz.5.13506'.
[  821.313490][T13626] lo speed is unknown, defaulting to 1000
[  821.432932][T13634] lo speed is unknown, defaulting to 1000
[  821.646055][T13641] loop5: detected capacity change from 0 to 764
[  821.656400][T13643] siw: device registration error -23
[  821.657762][   T29] audit: type=1326 audit(2000000078.449:43145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13640 comm="syz.5.13509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13e41be929 code=0x7ffc0000
[  821.685598][   T29] audit: type=1326 audit(2000000078.449:43146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13640 comm="syz.5.13509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f13e41be929 code=0x7ffc0000
[  821.713804][T13641] random: crng reseeded on system resumption
[  821.724340][T13641] Restarting kernel threads ...
[  821.729444][T13641] Done restarting kernel threads.
[  821.736550][T13641] vhci_hcd: invalid port number 96
[  821.741771][T13641] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  821.804634][T13651] netlink: 40 bytes leftover after parsing attributes in process `syz.5.13514'.
[  821.861200][T13660] netlink: 14 bytes leftover after parsing attributes in process `syz.5.13518'.
[  822.023523][T13663] lo speed is unknown, defaulting to 1000
[  822.058448][T13667] 8021q: adding VLAN 0 to HW filter on device bond7
[  822.096969][T13671] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.13520'.
[  822.166132][T13676] siw: device registration error -23
[  822.307971][T13684] netlink: 40 bytes leftover after parsing attributes in process `syz.0.13527'.
[  822.518955][T13691] lo speed is unknown, defaulting to 1000
[  822.736821][T13694] netlink: 14 bytes leftover after parsing attributes in process `syz.4.13531'.
[  822.896084][T13699] siw: device registration error -23
[  822.908532][T13699] loop1: detected capacity change from 0 to 1024
[  823.012982][T13711] netlink: 40 bytes leftover after parsing attributes in process `syz.5.13538'.
[  823.096605][T13715] loop5: detected capacity change from 0 to 764
[  823.113668][T13715] random: crng reseeded on system resumption
[  823.123798][T13715] Restarting kernel threads ...
[  823.128947][T13715] Done restarting kernel threads.
[  823.135329][T13715] vhci_hcd: invalid port number 96
[  823.140475][T13715] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  823.167847][T13716] lo speed is unknown, defaulting to 1000
[  823.269501][T13723] validate_nla: 12 callbacks suppressed
[  823.269518][T13723] netlink: 'syz.0.13543': attribute type 10 has an invalid length.
[  823.408629][T13732] siw: device registration error -23
[  823.419072][T13732] loop5: detected capacity change from 0 to 1024
[  823.595568][T13740] loop5: detected capacity change from 0 to 764
[  823.608228][T13740] random: crng reseeded on system resumption
[  823.618290][T13740] Restarting kernel threads ...
[  823.623478][T13740] Done restarting kernel threads.
[  823.629938][T13740] vhci_hcd: invalid port number 96
[  823.635152][T13740] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  823.798394][T13747] netlink: 'syz.3.13554': attribute type 10 has an invalid length.
[  823.907298][T13751] lo speed is unknown, defaulting to 1000
[  823.948111][T13752] lo speed is unknown, defaulting to 1000
[  824.301005][   T29] kauditd_printk_skb: 117 callbacks suppressed
[  824.301023][   T29] audit: type=1326 audit(2000000081.089:43264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13755 comm="syz.1.13557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  824.301091][   T29] audit: type=1326 audit(2000000081.089:43265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13755 comm="syz.1.13557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  824.301117][   T29] audit: type=1326 audit(2000000081.089:43266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13755 comm="syz.1.13557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f06ca9de929 code=0x7ffc0000
[  824.333476][ T8632] ==================================================================
[  824.333519][ T8632] BUG: KCSAN: data-race in shmem_getattr / shmem_recalc_inode
[  824.333551][ T8632] 
[  824.333557][ T8632] read-write to 0xffff88810592d180 of 8 bytes by task 13759 on cpu 1:
[  824.333573][ T8632]  shmem_recalc_inode+0x36/0x1c0
[  824.333606][ T8632]  shmem_get_folio_gfp+0x7a3/0xd60
[  824.333635][ T8632]  shmem_write_begin+0xa8/0x190
[  824.333664][ T8632]  generic_perform_write+0x184/0x490
[  824.333697][ T8632]  shmem_file_write_iter+0xc5/0xf0
[  824.333723][ T8632]  __kernel_write_iter+0x256/0x4c0
[  824.333761][ T8632]  dump_user_range+0x407/0x8c0
[  824.333798][ T8632]  elf_core_dump+0x1dc2/0x1f80
[  824.333822][ T8632]  do_coredump+0x1dfd/0x27b0
[  824.333850][ T8632]  get_signal+0xd85/0xf70
[  824.333879][ T8632]  arch_do_signal_or_restart+0x96/0x480
[  824.333899][ T8632]  irqentry_exit_to_user_mode+0x5e/0xa0
[  824.333936][ T8632]  irqentry_exit+0x12/0x50
[  824.333966][ T8632]  asm_exc_page_fault+0x26/0x30
[  824.333985][ T8632] 
[  824.333990][ T8632] read to 0xffff88810592d180 of 8 bytes by task 8632 on cpu 0:
[  824.334005][ T8632]  shmem_getattr+0x41/0x200
[  824.334021][ T8632]  vfs_getattr_nosec+0x143/0x1e0
[  824.334047][ T8632]  vfs_statx+0x113/0x390
[  824.334071][ T8632]  vfs_fstatat+0x115/0x170
[  824.334096][ T8632]  __se_sys_newfstatat+0x55/0x260
[  824.334125][ T8632]  __x64_sys_newfstatat+0x55/0x70
[  824.334154][ T8632]  x64_sys_call+0x2c22/0x2fb0
[  824.334180][ T8632]  do_syscall_64+0xd2/0x200
[  824.334197][ T8632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  824.334217][ T8632] 
[  824.334220][ T8632] value changed: 0x0000000000000016 -> 0x0000000000000018
[  824.334231][ T8632] 
[  824.334234][ T8632] Reported by Kernel Concurrency Sanitizer on:
[  824.334248][ T8632] CPU: 0 UID: 0 PID: 8632 Comm: syz-executor Tainted: G        W           6.16.0-rc3-syzkaller-00190-g67a993863163 #0 PREEMPT(voluntary) 
[  824.334282][ T8632] Tainted: [W]=WARN
[  824.334291][ T8632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  824.334306][ T8632] ==================================================================
[  824.372696][T13758] loop0: detected capacity change from 0 to 1024