last executing test programs:

4.664255969s ago: executing program 4 (id=2733):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x5f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x6, 0x1, 0xa0, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f00000002c0)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00'})
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x18)
r4 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, &(0x7f0000000f00)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x8)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000340)=ANY=[@ANYBLOB="1400fbc7af0f83d1bb23ff314d72565776a9be1001080000e4ff0000d2dd1e"], 0x14}, 0x1, 0x0, 0x0, 0x408c0}, 0x4000000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x286ca06bbee933dc, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
clock_nanosleep(0x9, 0x0, &(0x7f00000004c0)={0x0, 0x989680}, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e85000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r9, 0x0, 0x80, &(0x7f0000000d00)=@nat={'nat\x00', 0x19, 0x88, 0x90, [0x200000000c40, 0x0, 0x0, 0x200000000c70, 0x200000000ca0], 0x0, 0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00"/119]}, 0xef)
r10 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r10, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)

4.519098761s ago: executing program 4 (id=2737):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xc5fffffd)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
unshare(0x68040200)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)

3.807940372s ago: executing program 3 (id=2743):
pipe(&(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000400)=[{&(0x7f0000000100)="6e8000"/20, 0x14}, {&(0x7f0000000340)="b9d7d7057f0e84f0d7824db14f0f7ca046a0dff9dc46e7af27877ba9b8aae9e70e854f10", 0x24}], 0x2, 0x9)
r1 = socket$inet(0x2, 0x3, 0x7f)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r1, 0x0, 0x3, &(0x7f0000000080)=0xfffffffa, 0x4)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000000), 0x4)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0}, 0x18)
ioctl$EVIOCGRAB(r3, 0x40044590, 0x0)
ioctl$EVIOCGABS20(r3, 0x40044591, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs={0x0, 0x0, 0x10004e22}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r7}, 0x10)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)

2.926521305s ago: executing program 0 (id=2748):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000032500000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
nanosleep(&(0x7f0000000100)={0x0, 0x3938700}, 0x0)

2.834210106s ago: executing program 0 (id=2749):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = memfd_create(&(0x7f0000000c40)='\x00\x00\x1a\x00\x00\x00z\x9b\xb2\xe8t%\xfc\x02\x00\x00\x009\xa0\x8b\x14d\xa2\xa1\xa8!\xe8\xd1\xa0\x8a\xce0\x1c\xb7\xf1\xccm\xce\xd4\xdb\x99\xe5\x8f\xe2\xb6\xdc\n\xf5kWnr\x92G\xbd\b\x01\xd0\xf5\xbb}\xeb\x86P=\xe51\x9d,\xb7\xc3_M\xbe\x19\xea#\xffWj\xdc\xd4\xb1\xcc\\\xa8N\x8c)[\xd1\xc3\x9a\xa3\x1b\xf9\xe9\x1d \xce1\xc9\x9f\xb0\x14\xc2\xeb\xf9\xceE\xad\xa4\x92\f\xef\x87g\xb6\xabW\xac\rP\xf42\xb7\xc8\xaajn\xbfF}\xbd\x1c\xff\xff\xff\xff\xff\xff\xb5v*R?\xa0Y$\x95tO*\xf4\xae\xb8\xb8m\xbf\r\xd5\xbf*\xfd\xc7\x85\x1b\x8b\xe5\x97j`c\xe0\x88?\xe8\xd6\xae1\xc3\x9e\xec`\xf2\xd1BM\x10\xc6\xb4F\n\x10q\xde\v\xec\xa2\x92x\xe9\xf5\x1f\xc9hj\xc0\xe5\xce\xd1v\bez\"\xb1\xd3 \xbc\x9b\xe8\x86u\x0e\v\x17\x85\xb8\xdb2\x92\x00\x00\x00\x00\x00\x00\x00\x00\x80\x9c99\n|\xc1,\xd3\xedI\x11\xf9\xa6wN\xa3\xc9M\xe6\x92\xaf\xb2I\x16}\xae\xe8\xa8\xd7\xad\\\x84\v\fB\xe2d\x90\xdd\x90\x1e\x8c\xe4\xc70\x93\xc7\x8b\xec/a8\x95a\x8c?)\xa2\xf6~\xa7\xc3\xfc\x19\xa8\x98\x1f\x8d\x13\x00e;g]\x1c\x1d\xb0\xa0\x96\xac\x9f3\xe8\xa7R\x92\xe6\n\xdda\x86\xa8\x13\xf1\xccQa\xef\x94u\xed\x0fvq=|\xb0\xc2I/\\}\xf4\xb7\xda\xdds\xf3\xf9\f\xff\xcc\xf3\xa8\x02\xa9/\xfd\xcfn\x00\x84wa[,\xd8\xda\xd4h\xdd\xc4\x80\xb9_\x7f\xa1\x90H\x824Y\x89E', 0x7)
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1100)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket(0x26, 0x3, 0xc)
r3 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x2000)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x7, 0x4, 0x208, 0x21, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00'}, 0x18)
open_by_handle_at(r4, &(0x7f0000000200)=@shmem={0xc, 0x1, {0x3, 0xfff}}, 0x8000)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x56)
ioctl$SG_GET_VERSION_NUM(r3, 0x2284, &(0x7f0000000080))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00'}, 0x10)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xfffffffffffffffe}, 0x0, 0x4, 0x0, 0x0, 0x504}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000020000000007df600018000000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x41aa1000, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0))
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x68, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x38, 0x2, {{0xe, 0x200000, 0x0, 0x2, 0xffffffff, 0x8003}, [@TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x7fffffff, 0x0, 0xfffffffd, 0x100000}}]}]}}}]}, 0x68}}, 0x0)
sendmsg$ETHTOOL_MSG_DEBUG_GET(r2, &(0x7f0000000600)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000005c0)={&(0x7f0000000500)={0xac, 0x0, 0x1, 0x70bd2b, 0x25dfdbfc, {}, [@HEADER={0x44, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'erspan0\x00'}]}]}, 0xac}, 0x1, 0x0, 0x0, 0x41}, 0x4000001)
socketpair(0xf, 0x3, 0x80000001, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000002c0)=@generic={&(0x7f0000000280)='./file0\x00', 0x0, 0x8}, 0x18)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x6, 0x4, 0x6, 0x600, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

2.809417857s ago: executing program 2 (id=2750):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r0}, 0x10)
r1 = signalfd(r0, &(0x7f0000000000)={[0xfe53]}, 0x8)
ioctl$NS_GET_OWNER_UID(r1, 0xb704, &(0x7f0000000200)=<r2=>0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @ib_path={0x0, r3, 0x1, 0x2}}, 0x20)
stat(&(0x7f0000001c40)='./file0\x00', &(0x7f0000001c80)={0x0, 0x0, 0x0, 0x0, <r4=>0x0, <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x14)
r7 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r9, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x8001, 0x2400}, 0xa5, 0x4, 0x10100000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[], 0x50)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000300)={0x0, 0x12, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f0000fffffffffffffff000000000"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001d40)={&(0x7f0000000040)=@proc={0x10, 0x0, 0x25dfdbfd, 0x40}, 0xc, &(0x7f0000001b80)=[{&(0x7f00000003c0)=ANY=[@ANYRESHEX=r6], 0x14}, {0x0}, {0x0}, {&(0x7f0000001b40)=ANY=[@ANYBLOB], 0x24}], 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="1c000500000000000300000001000000", @ANYRES32, @ANYRES32=r5, @ANYRES32, @ANYBLOB="00000000000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r5, @ANYRES32, @ANYRES32=<r10=>0xffffffffffffffff, @ANYRES32], 0x50, 0x24040094}, 0x80)
lchown(&(0x7f0000000000)='./file0\x00', 0x0, r5)
r11 = getegid()
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYRESDEC, @ANYRES32=0x0, @ANYBLOB="02000400", @ANYBLOB="020002", @ANYRES32=0x0, @ANYRES32=r4, @ANYBLOB="02000600", @ANYRES64, @ANYRES8=r3, @ANYBLOB="02000300", @ANYRES64, @ANYBLOB="02000200", @ANYRES32=0xee00, @ANYRES8=r6, @ANYRES32=0x0, @ANYRESDEC=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="080006", @ANYRES32=r5, @ANYBLOB="08000300", @ANYRES32=r11, @ANYBLOB="08000400", @ANYRES32=r11, @ANYBLOB="10000400000000002000000000000000"], 0x94, 0x1)
fchownat(r1, &(0x7f0000000080)='./file0\x00', r2, r11, 0x800)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000380)=ANY=[@ANYRESHEX=r6, @ANYRES16=r10], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000180)='kfree\x00', r12, 0x0, 0x8}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
futex(0x0, 0x3, 0x0, &(0x7f0000fd7ff0)={0x77359400}, 0x0, 0xfffffffd)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x20000)
r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r14 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_mems\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r14, 0xc028660f, &(0x7f0000000080)={0x0, r13, 0x18})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})

2.661939359s ago: executing program 2 (id=2751):
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000200)='./file0\x00', 0x2000000, &(0x7f0000000340)=ANY=[@ANYBLOB="003531d0081634a844cb7924d87a8dceb5435bc7169424ca5d1a6c9ae88dce733292494dc2900e6759d69221ec8f827bc438bf6a983de5286b648195a809a18b941c6b3db22c92180d1746e9c5eae6b9c2992b32d495bffe226d2ad16124944e105e9d268dfafd74ca934a7dbef224c2293a4798904f162d126d1819febf57d3758306dadf1057fdf9eedcfe"], 0x1, 0x55a, &(0x7f0000000b80)="$eJzs2s9qE1EUB+CTP02LCGYtLgbcuCrVJzBICsWAEMlCceFA4yYjwmQzyaoP4hP4PD5JVt1F6oSkURGknUxtvg9CDvlNMucykHsX5+OTz5PzL9NPH75/jaOXSbQjonkZ0Y1mtKLUiI1GdOK6iwAA/jfDYdqruweqlee99OoMd/hbMvpWS0MAAAAAAAAAAADc2L/M/zfN/wPAvVDO/3fqboMK5Xkv7azOb9vM/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD1uVwuHy3/8qq7PwDg9tn/AWD/2P8BYP/Y/wFg/7x99/51bzDoD5PkKGJxUYyKUfle5qdng/5J8lN3861FUYxa6/x5mSfb+UE8WOUv/ph34tnTMr/KXr0Z/JIfxnn1ywcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACuOU7Wuo31p4uiGLXKfHNBN7bysjo9G/RPVhds5+143N7dOgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICbm87mkzTLxrmiiqIdETu41/HD8mkerJ7q7d8iolHRLyvuZlHffxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCv6Ww+SbNsnE/r7gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCums/kkzbJxXmFR9xoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYvR8BAAD//2/WhiY=")
ioctl$SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0)
r0 = socket(0x10, 0x3, 0x0)
r1 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x2}, 0x0, 0x0, 0x0)
add_key(&(0x7f0000000100)='asymmetric\x00', 0x0, &(0x7f0000000140)="1081", 0x5b, r1)
r2 = socket$unix(0x1, 0x5, 0x0)
listen(r2, 0x0)
r3 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000005c0)={'bond_slave_1\x00', 0x112})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r6, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r8 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$chown(0x4, r8, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='kfree\x00', r7}, 0x18)
close(r6)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f00000001c0)={'dummy0\x00', <r10=>0x0})
r11 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000030500000000fedbdf2500000000", @ANYRES32=0x0, @ANYRES8=r10, @ANYRES32=r10, @ANYBLOB="cc415e43c900c4da370b9b2ca742f527c123ac99c4bb3047a288f0d285984300010000c21523b07efd6e"], 0x44}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000540)='hrtimer_init\x00', r5}, 0x18)
sendmsg$nl_route(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
ioctl$BTRFS_IOC_SYNC(r0, 0x9408, 0x0)
fstatfs(r3, &(0x7f00000006c0)=""/23)
r12 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r12, 0x4b47, &(0x7f0000000580)={0x8, 0x8, 0xde0})

2.545802511s ago: executing program 4 (id=2752):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x0, 0x22110, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_config_ext={0xfffffffffffffffc, 0x800010000003}, 0x1100, 0x5dd8, 0x0, 0x5, 0x8, 0x20004, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
timer_create(0x2, 0x0, &(0x7f0000000100))
timer_settime(0x0, 0x1, &(0x7f00000006c0)={{}, {0x0, 0x9}}, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
r0 = socket$l2tp6(0xa, 0x2, 0x73)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001040)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000010000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd60ed490a733c76a152f7cbdb9cd38bdb2209c67deca8e0400000000000000c61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a76a0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c39100000000000000094d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b36db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece010000000100000010223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158ef4f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffff854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e92604e1026e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000a5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58f0225f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e20280e14700eb0000000000000008f9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efd7b65f04aa7e72588757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe3ae6f8bea755d8b7202c2bbae137dc1c3cf40db74a4c1c219d8ddec8f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435517faf93015b57417d84b8bc8662e097d5ba55d02d48e1000000b81b6790062e61cd000000acb1b33c38ddd302e28e8e30b5c180d38bb1cd770195799c541a7481f5d34ca75d74b3833d399371c8f09f6745d0e43d46f7c82ff1b7d6c04467d083fc708348f35ae9bb9b78f2984a0ee55647d4c4a63c4f438fdec726e7d8228eaff2374b2300b9be00000000000000ee114bb8a6c0ea6fc89a55fef6673013d7dd4597660865423e978dd6e41e201bb3a584d6fe6f24e290613b677271603c558ee2021be29c4a06a057b2acc5bfd34898afac0d839079bbcb3acd43532563367ac8ae6c4379fb5fdcdab5fe55e1a3a521284209871216817338073cbc4ec9903725b788a25b5a6003b579b8f0e20d78be3d885557292971e65f4f1daefad2c5ccbca608b46406ffff25610c3cbae9c3d6d47678f482e2c1f7cdfc5ce2a67c1545c1192f2ac3990f9c850788401469fbca801e73cd9efbcc6e44b2f414cdff5c49e706d699b5bfa75526f700c4e32611b826b2787f99532c02262a9c60e4b07a09377c38747c7f05e38b6db5d8cc625873af8fc5a7d362334c509f6bb4e36e1c9e08949679e0ed9f84e668588b9f1b21069bd5ffe263b191d1a7f5d4e85de1a2a46579d497d3f5d01ec00d289fcbf051498b21619da363cd09dea96879c145ff4ddf55d09aea84d900b0e1a05cdeee05fea7c91eb34a0737f31525ff48a1215b5197f76123c4322773a9c55a15dcaf3838402de97192a312a9eea90cdd8c8e393458b25464443a5468abff66292d2f167a00f11a56b0bd6f4e81c45e2a119cef7989c8dec70d72e86fba7e79233b15b681ac2b9d71e8bb09042b29d2442058ba451d409b007e982fab76eefa811c873fbc7cbaca5e2f9947d278af1cc012be9e75e77efe1dd86b0cb136bc9cc4c646d7d2270aa53288e55e899491d927a7f1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0xfe, 0x60000000, 0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0x1, 0x700}, 0x50)
connect$l2tp6(r0, &(0x7f0000000100)={0xa, 0x0, 0xa, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x10, 0x3}, 0x20)
unshare(0x2c020400)
ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000580)={{0x1, 0x100, 0x4, 0x1, 0x81, 0x9}, 0x97, [0x4, 0x4, 0x3, 0xe9f5, 0x7, 0xfff, 0x40, 0x3ff, 0x7, 0xfa44, 0x1, 0x6, 0x6, 0xec, 0x7fffffff, 0x168, 0x4, 0x100, 0xb, 0x0, 0x9, 0x7, 0xad2a, 0x3, 0x2, 0x2b0, 0x80, 0xfff, 0x10000, 0xf, 0x1000, 0x7, 0x46e0, 0x5, 0x8, 0x6, 0x6, 0xffffff2b, 0x4, 0x10000, 0x8, 0xb7, 0x3, 0x4, 0x1, 0x9, 0x6, 0x10000, 0x2, 0xff, 0x6, 0xc, 0x3, 0x0, 0x8, 0x6dab, 0x1, 0x6, 0x1, 0x9, 0x2, 0x4, 0x1, 0x947, 0x1, 0x1, 0x1, 0xfffffff9, 0x8, 0x9, 0x7ff, 0xf3, 0x2, 0xdd5, 0x562, 0x61, 0x74720e6a, 0x0, 0x7, 0x5, 0xfffffffe, 0x7, 0xde8, 0x2c, 0x101, 0x4, 0x9, 0x8, 0xc3bf, 0x7fffffff, 0x5, 0xd, 0x8000, 0x2f63, 0x4, 0x6, 0x1, 0x1, 0x2, 0x80000000, 0xffff4104, 0xfff, 0x5, 0xff, 0x0, 0x10000, 0x9, 0x3ff, 0x7, 0x7, 0x8, 0x8000, 0x3, 0x6, 0xf, 0x8, 0xfffffffc, 0x100, 0x8, 0x8, 0x400, 0x2, 0x6, 0x6, 0x4, 0x0, 0x4c5, 0xb794, 0x7, 0x4, 0x4f42, 0x4, 0x8c4, 0x2, 0xa, 0x710, 0x6, 0x80000001, 0x8, 0x5, 0x8001, 0x2, 0x7b, 0x64, 0x9, 0x6, 0xf5f0, 0x4, 0x5, 0x100, 0x1, 0x8, 0x8, 0x200, 0x5, 0x2, 0x115, 0x8000, 0x80000000, 0x8, 0x6, 0x7, 0x4, 0x4, 0x80000000, 0x36f, 0x6, 0x7, 0x9, 0x10, 0x5, 0x7, 0x401, 0x6, 0x601, 0x6, 0x5, 0x3, 0x9, 0x60, 0x8, 0x7, 0x0, 0x6, 0x8, 0x0, 0x1ff, 0x6, 0x0, 0xc70, 0x7b, 0x3, 0x7, 0x6, 0x5, 0x3, 0x4, 0x80000001, 0x7, 0xa, 0x9, 0x123a00, 0x6, 0x0, 0x200, 0x80000000, 0x1, 0x81, 0x8001, 0x61c00000, 0xb7, 0x0, 0x6, 0x7f, 0x1000, 0x3, 0x40, 0x80000001, 0x7fffffff, 0x2, 0x18, 0x8, 0x2, 0x5, 0x4, 0x3, 0x9, 0x9, 0x1, 0x5, 0x9, 0xfff, 0x6, 0x7, 0x6, 0x3, 0x8, 0x2, 0x10000, 0x3, 0x6, 0x80000001, 0xfffffc00, 0x3, 0x5, 0x401, 0x800, 0x6, 0x8, 0x400, 0x9, 0x2fa, 0x200, 0x7, 0x8, 0xa9, 0x5, 0x90e, 0xfffffffd, 0x1, 0x0, 0x5c3, 0x40a7c427, 0x8001, 0x45d1, 0x1ff, 0x6, 0x2f, 0x5, 0x56c4, 0x6, 0x7, 0xfdce, 0x9, 0x3, 0x5, 0x4, 0xffffffff, 0x1, 0x0, 0x4, 0x80, 0x8, 0x1d, 0xb, 0x40, 0x400, 0xcd93, 0xfffffffe, 0x6, 0x36, 0xe, 0x9, 0xfffffffb, 0x4, 0x7fff, 0x8, 0x9, 0xff, 0x8000, 0x36, 0x4, 0x68, 0x0, 0xfffffffe, 0x77466976, 0xe, 0x0, 0x1, 0x9, 0x7ff, 0x5, 0xec, 0x6, 0x8, 0x2, 0x8, 0x9, 0x17f5, 0x3, 0x6e, 0x5, 0x6, 0x4, 0x8001, 0x608, 0x4, 0x9e, 0x1, 0x6, 0x5, 0x8, 0x7f, 0x100, 0x81, 0x5, 0x5, 0x4, 0x9, 0x0, 0x52b, 0x1, 0x8, 0x1, 0x9, 0x4, 0x2, 0x4, 0x100, 0x5, 0x2, 0x4, 0x40, 0x40, 0x0, 0xb, 0x9, 0xb, 0x0, 0x4, 0x2, 0xec2, 0xa, 0x7ff, 0x9, 0x7fff, 0x2e32, 0x7ff, 0xb3, 0x22, 0xfeb9, 0x8, 0x3, 0x0, 0x19, 0x83, 0x0, 0xffffffff, 0x4698d2d7, 0x5, 0x0, 0x7, 0x3, 0x0, 0x0, 0x4, 0x6, 0x401, 0x1, 0x200, 0x8, 0x7ff, 0x8, 0x9, 0x8, 0x10, 0xfffffffa, 0x1, 0x8, 0x66e, 0x10001, 0x3, 0x4, 0x5, 0x8, 0x4, 0x40d7, 0x5, 0x0, 0x0, 0xfc, 0xd800, 0x1, 0x9, 0x5, 0x2, 0x9, 0x9, 0x6, 0xff, 0x7, 0x2, 0x400, 0xfffffffb, 0x0, 0x3, 0x1, 0x4, 0x0, 0x6c9e, 0x6, 0xfff, 0x0, 0x6, 0xb, 0x1, 0x4, 0x2, 0x4, 0x8, 0x77, 0x7, 0x101, 0x4, 0xffffffff, 0x4, 0xfffffbdd, 0x0, 0x1, 0x10, 0x3ff, 0x0, 0x6, 0x3f0, 0x1000, 0x5, 0x4, 0x5, 0x4, 0x8bc, 0x1, 0xfffffffd, 0x81, 0x9, 0x0, 0xb2, 0x3, 0x31, 0xfffffff8, 0x5, 0x8000, 0x7, 0x100, 0x3, 0x3, 0x5, 0xfffff001, 0x4, 0x7f, 0x3c, 0x0, 0x3, 0x0, 0x3f6e, 0xaec, 0x0, 0x31ec, 0x4, 0xfffffab3, 0x8a7, 0x7ff, 0x7, 0x2, 0x1, 0x1, 0x7fe, 0xb, 0x6, 0xd, 0x0, 0x44, 0x9, 0x6, 0x8, 0x8001, 0x1, 0x3ff, 0x9, 0xa, 0x6, 0x2, 0x2, 0x9, 0xe, 0xd26, 0x4, 0xfffff2f8, 0x6, 0x6, 0x80, 0x4, 0x7e6bee85, 0x7ff, 0x7fff, 0x5, 0x9, 0x482, 0x7, 0x80000000, 0x1, 0x4, 0xfffffffa, 0x7, 0x8, 0x2, 0x3, 0x698d, 0x0, 0x122, 0xffff6f36, 0x3, 0xffff, 0x4, 0x6, 0x10001, 0xfffffffd, 0x6, 0x7, 0x2, 0x9, 0x0, 0xfff, 0x8, 0x9, 0x400, 0x4, 0x9, 0x3ff, 0x4, 0x0, 0x9, 0x6, 0x5, 0x8, 0x45, 0x2, 0x6, 0x7, 0x3ff, 0x8a8, 0x401, 0x4, 0x0, 0x1ff, 0x5, 0xbf, 0xfffffff8, 0x6, 0x2, 0xe32f, 0x0, 0xffffffff, 0x7, 0x0, 0x4, 0x4, 0x6, 0x8, 0x8, 0x0, 0x8000, 0x9, 0x9, 0x7, 0x7, 0x3, 0x7fffffff, 0x3, 0xfffffff5, 0x6, 0x8001, 0x81, 0x7, 0x3, 0x8000, 0x1, 0xfffffff8, 0x92, 0x7, 0xc, 0xa, 0x4, 0x0, 0x8000, 0xe5, 0x1, 0x6, 0x6, 0x3, 0x9, 0x1, 0x4, 0x5, 0x8, 0x9, 0x252, 0x5, 0x6, 0x1, 0xf204, 0x2, 0x1, 0x5, 0x8001, 0x7, 0x5, 0x5, 0x1, 0x1, 0x5, 0x9, 0xfffffff8, 0x4, 0x7fffffff, 0x6, 0x6, 0x1, 0x9, 0x9, 0x0, 0xc39f, 0x6, 0x3, 0x9, 0x3, 0x7, 0x800, 0xd, 0x5, 0xdc4b, 0x6, 0x9, 0x4fb, 0x5, 0x5, 0x0, 0x4, 0x4, 0x7f, 0x6, 0x5, 0x1000, 0xf, 0x3, 0xb8, 0xffff, 0x0, 0xffffffff, 0x86f, 0x3, 0x2, 0x7fffffff, 0x5, 0x3, 0x4, 0xff, 0x5, 0x0, 0x226c5e59, 0x4, 0x7, 0x3, 0x5, 0x3, 0x1, 0x3, 0x3, 0x50, 0x8858, 0x6, 0x8000, 0xe, 0x6, 0x9, 0x6, 0xffffb3cd, 0x4, 0x3a1a, 0xa4, 0x6, 0x9, 0x44a, 0x5, 0xb1b, 0x3, 0x92be, 0x10, 0x7fffffff, 0xd6b6, 0x7, 0xd7, 0x3, 0x90, 0x0, 0x9, 0x6, 0x2, 0xb95b, 0x5, 0x7, 0x482d, 0x1, 0x3ff, 0x8, 0x8, 0x1ff, 0x20000, 0x9, 0x280, 0x0, 0x64a5c8f, 0x0, 0x3, 0xffffffff, 0x7, 0x100, 0x9, 0x3, 0x8, 0x5, 0xfb31, 0x4, 0x7ff, 0x3, 0x1, 0x2, 0x6363fcbf, 0xbd, 0x0, 0x3ff, 0x40, 0x4, 0x0, 0x5, 0x8, 0x5, 0x5e3, 0xd82, 0x1, 0xfffff001, 0x1, 0x1000, 0x4, 0x0, 0x72, 0x7fffffff, 0x94d, 0x8, 0x4, 0xf, 0x6, 0x2, 0x3ff, 0xa, 0x80, 0xb, 0x5, 0x0, 0x9, 0x9, 0x8001, 0x284, 0x8000, 0x6, 0xffffb6ab, 0x2, 0x1, 0x7, 0x80000000, 0xffffffff, 0x2, 0x3, 0x6, 0x3fbfd950, 0xfffffff7, 0x0, 0x1, 0x4, 0x2, 0x2, 0x5, 0x5, 0x8, 0x0, 0x6, 0x3, 0x7fffffff, 0x7, 0x702, 0x99, 0x2, 0x9, 0x58d, 0x8, 0x2, 0x2, 0x5, 0x1, 0x3c21, 0xd53c, 0xf, 0x5, 0x8, 0x8, 0x3, 0x9, 0x5, 0x7fff, 0x2, 0x2, 0x1, 0x8, 0xfffffffc, 0x4, 0x10, 0x2, 0x2, 0xfff, 0x8, 0x4, 0x51c, 0x4bd50, 0x0, 0x1, 0x57b, 0xffffffaf, 0x9, 0x9, 0x1, 0x2, 0x7f, 0xfcd, 0x10000, 0x6, 0xa0, 0x1, 0x3, 0xfffffff8, 0x4, 0x9, 0x1, 0x7, 0x9, 0xfff, 0x5, 0x8, 0x8, 0xc, 0xfa, 0x1, 0xf287, 0x6d8, 0x81, 0xd, 0x5730, 0x0, 0x0, 0x1, 0xfffffffd, 0x0, 0x9, 0xe64, 0x8000, 0x3, 0x6, 0x1000, 0x4, 0x1, 0x10000, 0x800, 0x10, 0xf, 0x3d7, 0x0, 0x4, 0x1, 0x2a, 0x4, 0xf7cd, 0x68, 0xfffffff9, 0x1, 0x81, 0x7, 0x1000, 0x9403, 0x6, 0x7, 0x401, 0xe, 0xfffffffc, 0x7, 0x1, 0x1, 0xd, 0x3, 0x3, 0x40, 0x4, 0x1, 0xffff701c, 0x3, 0xcc, 0x3, 0x7, 0x9, 0x9, 0x1, 0x0, 0x6, 0x8, 0xc686, 0x56a3, 0x9, 0xdf, 0x1, 0x4, 0x8, 0xc, 0x5, 0x6, 0x7, 0xfff, 0xd, 0xfff, 0x3, 0x1ff, 0xc42, 0x40, 0x5, 0x1, 0x8, 0xbb, 0x2, 0x3, 0x2, 0xfffff801, 0x4c, 0x5, 0x7, 0x10, 0x2, 0x8, 0x101, 0x1, 0x2, 0xfffffff9, 0x3, 0x4, 0x80000, 0xc0000000, 0x0, 0x0, 0x1, 0x1, 0xffff, 0x1, 0x2, 0x9, 0x7fff, 0x81, 0x1, 0x0, 0x5, 0x1, 0x1a, 0x3, 0xfffff7d4, 0x4, 0x28f4, 0x9, 0xfffffe01, 0x6, 0x6, 0x0, 0x18, 0x3, 0x1ff, 0x6, 0x2, 0x9, 0x1, 0xffff2653, 0xfffffff9, 0x3f9e, 0x6, 0x3, 0x400, 0x8, 0x3, 0xe, 0x10, 0x8, 0xffffff81]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r5, &(0x7f0000006bc0)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x80, @local, 0x4}, 0x1c, &(0x7f0000000340)=[{&(0x7f00000002c0)="18", 0x1}], 0x1}}], 0x1, 0x110)
shutdown(r5, 0x1)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r5, 0x84, 0x10, &(0x7f0000000040)=@sack_info={0x0, 0x0, 0x1}, &(0x7f0000000080)=0xc)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001cc0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000002, 0x200000005c832, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = socket$inet6(0xa, 0x3, 0x84)
setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f0000000080)={{{@in=@multicast2, @in=@local, 0x0, 0x0, 0x4e20, 0x0, 0x2}, {0xffffffffffffffff, 0x0, 0x800, 0x2, 0x1}, {0x0, 0x0, 0x2000}, 0x0, 0x80001, 0x1, 0x0, 0x0, 0x2}, {{@in=@empty, 0x4d6, 0x3c}, 0x2, @in6=@loopback, 0x0, 0x0, 0x1, 0x0, 0xffff, 0xfffffffc}}, 0xe8)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)

2.470214552s ago: executing program 4 (id=2753):
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r1}, 0x18)
r2 = inotify_init1(0x0)
inotify_add_watch(r2, &(0x7f0000000400)='.\x00', 0xa4000522)
read(r2, 0x0, 0x0)
close(r2)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)

2.449675572s ago: executing program 2 (id=2754):
r0 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000880)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x24008040)
sendmsg$L2TP_CMD_SESSION_DELETE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="01002cbd70008400006206000000080009000200000008000c00a80a00000c001600fed0000000000000060001000400000008000b"], 0x40}}, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a5000000"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$tipc(r5, &(0x7f0000000700)={&(0x7f0000000200)=@id={0x1e, 0x3, 0x1, {0x4e24, 0x1}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x80}, 0x4010)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x159d0682f53ea167, 0x2, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r7, 0xc08c5332, &(0x7f0000000280)={0xa027, 0xce, 0x0, 'queue1\x00', 0x3})
poll(&(0x7f0000000080)=[{r7}, {r7, 0x2}], 0x2, 0x9d)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r8)
r9 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r8, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r9, 0x0)
setsockopt$SO_BINDTODEVICE(r9, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x4a, &(0x7f0000000e00)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x4e23, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f00000001c0)={@local, @empty, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)
write$sndseq(r7, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600]}}], 0xffc8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000004c0)='kfree\x00', r6, 0x0, 0x6}, 0x18)
r10 = socket$netlink(0x10, 0x3, 0x4)
write(r10, &(0x7f0000000040)="2700000014000707030e0000120f0a0011fe0100f5fe009d2fb112ff000000008a151f75080039", 0x27)
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x4}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

2.360959694s ago: executing program 4 (id=2755):
r0 = syz_open_dev$vcsa(&(0x7f0000000380), 0x7b95b611, 0x802)
writev(r0, &(0x7f0000000200)=[{&(0x7f0000000000)='x', 0x1}, {&(0x7f00000001c0)='\x00\x00\x00\x00', 0x4}, {&(0x7f0000000240)="09f089", 0x3}], 0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x8, &(0x7f00000038c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x5, 0x0, 0x0, 0x41100, 0x25, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000000, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000af3000/0x3000)=nil, 0x3000, 0x300000a, 0x10, 0xffffffffffffffff, 0xdf791000)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000001000/0x4000)=nil)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000280)={r1}, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x4000000, 0x0, 0x0)
r2 = syz_open_dev$usbfs(&(0x7f0000000180), 0xc, 0x2c0682)
clock_nanosleep(0x7, 0x0, &(0x7f0000000300)={0x77359400}, &(0x7f00000003c0))
ioctl$USBDEVFS_DROP_PRIVILEGES(r2, 0x4004551e, &(0x7f0000000000)=0x401)
r3 = epoll_create1(0x80000)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f00000000c0)={0xe000001a})
epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r4, &(0x7f0000000000)={0x2008})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
fsetxattr(r5, &(0x7f0000000080)=@known='trusted.overlay.upper\x00', 0x0, 0x0, 0x0)

2.233118895s ago: executing program 2 (id=2756):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0xfffffffc, 0xff, 0x80000000}, 0x1c)
r1 = socket(0x11, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r3=>0x0})
bind$packet(r1, &(0x7f0000000180)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @dev}, 0x14)
r4 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/netstat\x00')
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001680)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffc01, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001c80)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
pread64(r4, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={0xffffffffffffffff, 0x0, 0x7, 0x0, &(0x7f0000000440)="c2e9ec9971f13c", 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd6317ce22000000000000000000000000000000007fffffff0001000000000071273fa79d93014b8e3381b6"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r6, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r1, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="02011400012918000e3580009f0001142901002f0600ac141430e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0aba61f6304a80500ffffca88faca"], 0xdd12}], 0x1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7, 0x0, 0x100}, 0x18)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
socket$nl_route(0x10, 0x3, 0x0)
close(r8)

2.017831429s ago: executing program 0 (id=2758):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000d00)='sched_switch\x00', r0}, 0x10)
r1 = signalfd(r0, &(0x7f0000000000)={[0xfe53]}, 0x8)
ioctl$NS_GET_OWNER_UID(r1, 0xb704, &(0x7f0000000200)=<r2=>0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @ib_path={0x0, r3, 0x1, 0x2}}, 0x20)
stat(&(0x7f0000001c40)='./file0\x00', &(0x7f0000001c80)={0x0, 0x0, 0x0, 0x0, <r4=>0x0, <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x14)
r7 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'lo\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r9, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x1, 0x8001, 0x2400}, 0xa5, 0x4, 0x10100000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}}, 0x44080)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1e00000000000000ffffffff4000000044220400", @ANYRES32, @ANYBLOB="620000000000000000000000008200000000000000e37a", @ANYRES32=r9, @ANYRES32], 0x50)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, &(0x7f0000000300)={0x0, 0x12, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f0000fffffffffffffff000000000"], 0xffaf}, 0x1, 0x0, 0x0, 0x854}, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001d40)={&(0x7f0000000040)=@proc={0x10, 0x0, 0x25dfdbfd, 0x40}, 0xc, &(0x7f0000001b80)=[{&(0x7f00000003c0)=ANY=[@ANYRESHEX=r6], 0x14}, {0x0}, {0x0}, {&(0x7f0000001b40)=ANY=[@ANYBLOB], 0x24}], 0x4, &(0x7f0000000400)=ANY=[@ANYBLOB="1c000500000000000300000001000000", @ANYRES32, @ANYRES32=r5, @ANYRES32, @ANYBLOB="00000000000001000000", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r5, @ANYRES32, @ANYRES32=<r10=>0xffffffffffffffff, @ANYRES32], 0x50, 0x24040094}, 0x80)
lchown(&(0x7f0000000000)='./file0\x00', 0x0, r5)
r11 = getegid()
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000840)=ANY=[@ANYRESDEC, @ANYRES32=0x0, @ANYBLOB="02000400", @ANYBLOB="020002", @ANYRES32=0x0, @ANYRES32=r4, @ANYBLOB="02000600", @ANYRES64, @ANYRES8=r3, @ANYBLOB="02000300", @ANYRES64, @ANYBLOB="02000200", @ANYRES32=0xee00, @ANYRES8=r6, @ANYRES32=0x0, @ANYRESDEC=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="080006", @ANYRES32=r5, @ANYBLOB="08000300", @ANYRES32=r11, @ANYBLOB="08000400", @ANYRES32=r11, @ANYBLOB="10000400000000002000000000000000"], 0x94, 0x1)
fchownat(r1, &(0x7f0000000080)='./file0\x00', r2, r11, 0x800)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000380)=ANY=[@ANYRESHEX=r6, @ANYRES16=r10], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000180)='kfree\x00', r12, 0x0, 0x8}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
futex(0x0, 0x3, 0x0, &(0x7f0000fd7ff0)={0x77359400}, 0x0, 0xfffffffd)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x20000)
r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r14 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuset.effective_mems\x00', 0x275a, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r14, 0xc028660f, &(0x7f0000000080)={0x0, r13, 0x18})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})

1.95694494s ago: executing program 3 (id=2759):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000032500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
nanosleep(&(0x7f0000000100)={0x0, 0x3938700}, 0x0)

1.880219701s ago: executing program 0 (id=2760):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x5f, 0x1, 0x0, 0x0, 0x0, 0x7, 0x0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x6, 0x1, 0xa0, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f00000002c0)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00'})
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x18)
r4 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_IPV6_RTHDR(r4, 0x29, 0x39, &(0x7f0000000f00)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x8)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x9, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000340)=ANY=[@ANYBLOB="1400fbc7af0f83d1bb23ff314d72565776a9be1001080000e4ff0000d2dd1e"], 0x14}, 0x1, 0x0, 0x0, 0x408c0}, 0x4000000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x286ca06bbee933dc, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
clock_nanosleep(0x9, 0x0, &(0x7f00000004c0)={0x0, 0x989680}, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e85000000010000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r9, 0x0, 0x80, &(0x7f0000000d00)=@nat={'nat\x00', 0x19, 0x88, 0x90, [0x200000000c40, 0x0, 0x0, 0x200000000c70, 0x200000000ca0], 0x0, 0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff00"/119]}, 0xef)
r10 = socket(0x840000000002, 0x3, 0xff)
setsockopt$SO_BINDTODEVICE(r10, 0x1, 0x19, &(0x7f0000000040)='gre0\x00', 0x10)

1.825390932s ago: executing program 3 (id=2761):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xc5fffffd)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x25, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000000, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)

1.645686425s ago: executing program 0 (id=2762):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000080)={&(0x7f0000000180)="35a70f51bc", &(0x7f0000000040)=""/12, &(0x7f0000000f80), &(0x7f00000005c0), 0x4, r0}, 0x38)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000080008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000400000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x1}]}, 0x10)
r4 = socket$packet(0x11, 0x2, 0x300)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x4, 0x0, 0x7ffc0005}]})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800"/15, @ANYRES32, @ANYBLOB="0000000000000000b703000000020000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18)
semop(0x0, 0x0, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r6 = gettid()
r7 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
read$ptp(r7, 0x0, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)=<r8=>0x0)
timer_settime(r8, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', <r9=>0x0})
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=r9, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x8004)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.29252751s ago: executing program 1 (id=2763):
r0 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x3, 0x14}, &(0x7f0000001fee)='R\t\xff\x7fst\xe3c*sgrVid:\x00e', 0x0)
io_uring_setup(0x67bb, &(0x7f0000000140)={0x0, 0xfffffffe, 0x3000, 0x0, 0xfffffffc, 0x0, r0})
connect$qrtr(r0, &(0x7f0000000100)={0x2a, 0xfffffffffffffffe, 0x8000}, 0xc)
getpgrp(0xffffffffffffffff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
perf_event_open$cgroup(&(0x7f0000000180)={0x5, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x0, 0x0, 0x3}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3, <r4=>0xffffffffffffffff}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r7}, 0x10)
shmctl$IPC_STAT(0x0, 0x2, 0x0)
close(0x3)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x5, r2}, 0x38)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xd, &(0x7f0000000240)=ANY=[], &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa4c, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r8, 0x0, 0x3}, 0x18)
r9 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r9, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r9, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
sendto$inet(r9, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[], 0x18}}, 0x0)
getsockopt(r9, 0x200000000114, 0x271e, &(0x7f0000000580)=""/102393, &(0x7f0000000040)=0x18ff9)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r10 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000880), r1)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r1, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000019580)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010029bd7000ffdbdf252500000005002b00000000000a0001007770616e3000000006000600ffff0000a8463eba2fab98ccf8aa933ad5b03496bf61b8dc84fe29215af14368a7964be58a012f61676532c3017781ad0b453d041a25e1c68998f5f898fba5733a00eaef53910fed11211898eb7d89c0c7a247e2a0ee94368e71c82f7eaa987e88acc2aeca9d8aa439ef1a9acd73d127e6828f03ffdbaf9c37f70840f6f33e84d9f32312161f40600443def510f5abe15dff9f40c8817dea847949dd38bf7eaf5cc84f39d908d30a51ddbfaa57b940728e74175642e083a03dc206491cd7b1c6ae3ab3e235da0db5ffc64e96a0101c45d915a8358642fd75ddebef4d454618841f9e68fb56fa5fa88f18b4c751f1d2a6126c1552658dbf7c47f5a7a9ec4056f14c2e67d756c1b40c1f1a1c0f61129be104f0b755b893276ed100e7cb809c8e0e"], 0x30}, 0x1, 0x0, 0x0, 0x4008020}, 0x40010)

1.26862366s ago: executing program 4 (id=2764):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x0, 0x22110, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2, @perf_config_ext={0xfffffffffffffffc, 0x800010000003}, 0x1100, 0x5dd8, 0x0, 0x5, 0x8, 0x20004, 0xfffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
timer_create(0x2, 0x0, &(0x7f0000000100))
timer_settime(0x0, 0x1, &(0x7f00000006c0)={{}, {0x0, 0x9}}, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
r0 = socket$l2tp6(0xa, 0x2, 0x73)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001040)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000010000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd60ed490a733c76a152f7cbdb9cd38bdb2209c67deca8e0400000000000000c61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a76a0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c39100000000000000094d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b36db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece010000000100000010223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b2c2f56411e48455b5a8b90dfae158ef4f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffff854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e92604e1026e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000a5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58f0225f3390343c12aa51810134d3dfbf71f6516737be55c06d9cdcfb1e20280e14700eb0000000000000008f9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff17320adda5867947257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a927de6f4c09f4b742e037381c85d2ec7bb2a8152f0d6a99a0370e0cbd65744eb2efd7b65f04aa7e72588757b9612bb4253a63bb303c0c68a07f115d104f2007237a4f771416741bfd63fdfe3ae6f8bea755d8b7202c2bbae137dc1c3cf40db74a4c1c219d8ddec8f91dae2cdea1353fe062830fa1d233296ec9d8317872257e154665485e7f31cdbfbf435517faf93015b57417d84b8bc8662e097d5ba55d02d48e1000000b81b6790062e61cd000000acb1b33c38ddd302e28e8e30b5c180d38bb1cd770195799c541a7481f5d34ca75d74b3833d399371c8f09f6745d0e43d46f7c82ff1b7d6c04467d083fc708348f35ae9bb9b78f2984a0ee55647d4c4a63c4f438fdec726e7d8228eaff2374b2300b9be00000000000000ee114bb8a6c0ea6fc89a55fef6673013d7dd4597660865423e978dd6e41e201bb3a584d6fe6f24e290613b677271603c558ee2021be29c4a06a057b2acc5bfd34898afac0d839079bbcb3acd43532563367ac8ae6c4379fb5fdcdab5fe55e1a3a521284209871216817338073cbc4ec9903725b788a25b5a6003b579b8f0e20d78be3d885557292971e65f4f1daefad2c5ccbca608b46406ffff25610c3cbae9c3d6d47678f482e2c1f7cdfc5ce2a67c1545c1192f2ac3990f9c850788401469fbca801e73cd9efbcc6e44b2f414cdff5c49e706d699b5bfa75526f700c4e32611b826b2787f99532c02262a9c60e4b07a09377c38747c7f05e38b6db5d8cc625873af8fc5a7d362334c509f6bb4e36e1c9e08949679e0ed9f84e668588b9f1b21069bd5ffe263b191d1a7f5d4e85de1a2a46579d497d3f5d01ec00d289fcbf051498b21619da363cd09dea96879c145ff4ddf55d09aea84d900b0e1a05cdeee05fea7c91eb34a0737f31525ff48a1215b5197f76123c4322773a9c55a15dcaf3838402de97192a312a9eea90cdd8c8e393458b25464443a5468abff66292d2f167a00f11a56b0bd6f4e81c45e2a119cef7989c8dec70d72e86fba7e79233b15b681ac2b9d71e8bb09042b29d2442058ba451d409b007e982fab76eefa811c873fbc7cbaca5e2f9947d278af1cc012be9e75e77efe1dd86b0cb136bc9cc4c646d7d2270aa53288e55e899491d927a7f1"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0xfe, 0x60000000, 0x0, 0x0, &(0x7f0000000000), &(0x7f0000000000), 0x1, 0x700}, 0x50)
connect$l2tp6(r0, &(0x7f0000000100)={0xa, 0x0, 0xa, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x10, 0x3}, 0x20)
unshare(0x2c020400)
ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000580)={{0x1, 0x100, 0x4, 0x1, 0x81, 0x9}, 0x97, [0x4, 0x4, 0x3, 0xe9f5, 0x7, 0xfff, 0x40, 0x3ff, 0x7, 0xfa44, 0x1, 0x6, 0x6, 0xec, 0x7fffffff, 0x168, 0x4, 0x100, 0xb, 0x0, 0x9, 0x7, 0xad2a, 0x3, 0x2, 0x2b0, 0x80, 0xfff, 0x10000, 0xf, 0x1000, 0x7, 0x46e0, 0x5, 0x8, 0x6, 0x6, 0xffffff2b, 0x4, 0x10000, 0x8, 0xb7, 0x3, 0x4, 0x1, 0x9, 0x6, 0x10000, 0x2, 0xff, 0x6, 0xc, 0x3, 0x0, 0x8, 0x6dab, 0x1, 0x6, 0x1, 0x9, 0x2, 0x4, 0x1, 0x947, 0x1, 0x1, 0x1, 0xfffffff9, 0x8, 0x9, 0x7ff, 0xf3, 0x2, 0xdd5, 0x562, 0x61, 0x74720e6a, 0x0, 0x7, 0x5, 0xfffffffe, 0x7, 0xde8, 0x2c, 0x101, 0x4, 0x9, 0x8, 0xc3bf, 0x7fffffff, 0x5, 0xd, 0x8000, 0x2f63, 0x4, 0x6, 0x1, 0x1, 0x2, 0x80000000, 0xffff4104, 0xfff, 0x5, 0xff, 0x0, 0x10000, 0x9, 0x3ff, 0x7, 0x7, 0x8, 0x8000, 0x3, 0x6, 0xf, 0x8, 0xfffffffc, 0x100, 0x8, 0x8, 0x400, 0x2, 0x6, 0x6, 0x4, 0x0, 0x4c5, 0xb794, 0x7, 0x4, 0x4f42, 0x4, 0x8c4, 0x2, 0xa, 0x710, 0x6, 0x80000001, 0x8, 0x5, 0x8001, 0x2, 0x7b, 0x64, 0x9, 0x6, 0xf5f0, 0x4, 0x5, 0x100, 0x1, 0x8, 0x8, 0x200, 0x5, 0x2, 0x115, 0x8000, 0x80000000, 0x8, 0x6, 0x7, 0x4, 0x4, 0x80000000, 0x36f, 0x6, 0x7, 0x9, 0x10, 0x5, 0x7, 0x401, 0x6, 0x601, 0x6, 0x5, 0x3, 0x9, 0x60, 0x8, 0x7, 0x0, 0x6, 0x8, 0x0, 0x1ff, 0x6, 0x0, 0xc70, 0x7b, 0x3, 0x7, 0x6, 0x5, 0x3, 0x4, 0x80000001, 0x7, 0xa, 0x9, 0x123a00, 0x6, 0x0, 0x200, 0x80000000, 0x1, 0x81, 0x8001, 0x61c00000, 0xb7, 0x0, 0x6, 0x7f, 0x1000, 0x3, 0x40, 0x80000001, 0x7fffffff, 0x2, 0x18, 0x8, 0x2, 0x5, 0x4, 0x3, 0x9, 0x9, 0x1, 0x5, 0x9, 0xfff, 0x6, 0x7, 0x6, 0x3, 0x8, 0x2, 0x10000, 0x3, 0x6, 0x80000001, 0xfffffc00, 0x3, 0x5, 0x401, 0x800, 0x6, 0x8, 0x400, 0x9, 0x2fa, 0x200, 0x7, 0x8, 0xa9, 0x5, 0x90e, 0xfffffffd, 0x1, 0x0, 0x5c3, 0x40a7c427, 0x8001, 0x45d1, 0x1ff, 0x6, 0x2f, 0x5, 0x56c4, 0x6, 0x7, 0xfdce, 0x9, 0x3, 0x5, 0x4, 0xffffffff, 0x1, 0x0, 0x4, 0x80, 0x8, 0x1d, 0xb, 0x40, 0x400, 0xcd93, 0xfffffffe, 0x6, 0x36, 0xe, 0x9, 0xfffffffb, 0x4, 0x7fff, 0x8, 0x9, 0xff, 0x8000, 0x36, 0x4, 0x68, 0x0, 0xfffffffe, 0x77466976, 0xe, 0x0, 0x1, 0x9, 0x7ff, 0x5, 0xec, 0x6, 0x8, 0x2, 0x8, 0x9, 0x17f5, 0x3, 0x6e, 0x5, 0x6, 0x4, 0x8001, 0x608, 0x4, 0x9e, 0x1, 0x6, 0x5, 0x8, 0x7f, 0x100, 0x81, 0x5, 0x5, 0x4, 0x9, 0x0, 0x52b, 0x1, 0x8, 0x1, 0x9, 0x4, 0x2, 0x4, 0x100, 0x5, 0x2, 0x4, 0x40, 0x40, 0x0, 0xb, 0x9, 0xb, 0x0, 0x4, 0x2, 0xec2, 0xa, 0x7ff, 0x9, 0x7fff, 0x2e32, 0x7ff, 0xb3, 0x22, 0xfeb9, 0x8, 0x3, 0x0, 0x19, 0x83, 0x0, 0xffffffff, 0x4698d2d7, 0x5, 0x0, 0x7, 0x3, 0x0, 0x0, 0x4, 0x6, 0x401, 0x1, 0x200, 0x8, 0x7ff, 0x8, 0x9, 0x8, 0x10, 0xfffffffa, 0x1, 0x8, 0x66e, 0x10001, 0x3, 0x4, 0x5, 0x8, 0x4, 0x40d7, 0x5, 0x0, 0x0, 0xfc, 0xd800, 0x1, 0x9, 0x5, 0x2, 0x9, 0x9, 0x6, 0xff, 0x7, 0x2, 0x400, 0xfffffffb, 0x0, 0x3, 0x1, 0x4, 0x0, 0x6c9e, 0x6, 0xfff, 0x0, 0x6, 0xb, 0x1, 0x4, 0x2, 0x4, 0x8, 0x77, 0x7, 0x101, 0x4, 0xffffffff, 0x4, 0xfffffbdd, 0x0, 0x1, 0x10, 0x3ff, 0x0, 0x6, 0x3f0, 0x1000, 0x5, 0x4, 0x5, 0x4, 0x8bc, 0x1, 0xfffffffd, 0x81, 0x9, 0x0, 0xb2, 0x3, 0x31, 0xfffffff8, 0x5, 0x8000, 0x7, 0x100, 0x3, 0x3, 0x5, 0xfffff001, 0x4, 0x7f, 0x3c, 0x0, 0x3, 0x0, 0x3f6e, 0xaec, 0x0, 0x31ec, 0x4, 0xfffffab3, 0x8a7, 0x7ff, 0x7, 0x2, 0x1, 0x1, 0x7fe, 0xb, 0x6, 0xd, 0x0, 0x44, 0x9, 0x6, 0x8, 0x8001, 0x1, 0x3ff, 0x9, 0xa, 0x6, 0x2, 0x2, 0x9, 0xe, 0xd26, 0x4, 0xfffff2f8, 0x6, 0x6, 0x80, 0x4, 0x7e6bee85, 0x7ff, 0x7fff, 0x5, 0x9, 0x482, 0x7, 0x80000000, 0x1, 0x4, 0xfffffffa, 0x7, 0x8, 0x2, 0x3, 0x698d, 0x0, 0x122, 0xffff6f36, 0x3, 0xffff, 0x4, 0x6, 0x10001, 0xfffffffd, 0x6, 0x7, 0x2, 0x9, 0x0, 0xfff, 0x8, 0x9, 0x400, 0x4, 0x9, 0x3ff, 0x4, 0x0, 0x9, 0x6, 0x5, 0x8, 0x45, 0x2, 0x6, 0x7, 0x3ff, 0x8a8, 0x401, 0x4, 0x0, 0x1ff, 0x5, 0xbf, 0xfffffff8, 0x6, 0x2, 0xe32f, 0x0, 0xffffffff, 0x7, 0x0, 0x4, 0x4, 0x6, 0x8, 0x8, 0x0, 0x8000, 0x9, 0x9, 0x7, 0x7, 0x3, 0x7fffffff, 0x3, 0xfffffff5, 0x6, 0x8001, 0x81, 0x7, 0x3, 0x8000, 0x1, 0xfffffff8, 0x92, 0x7, 0xc, 0xa, 0x4, 0x0, 0x8000, 0xe5, 0x1, 0x6, 0x6, 0x3, 0x9, 0x1, 0x4, 0x5, 0x8, 0x9, 0x252, 0x5, 0x6, 0x1, 0xf204, 0x2, 0x1, 0x5, 0x8001, 0x7, 0x5, 0x5, 0x1, 0x1, 0x5, 0x9, 0xfffffff8, 0x4, 0x7fffffff, 0x6, 0x6, 0x1, 0x9, 0x9, 0x0, 0xc39f, 0x6, 0x3, 0x9, 0x3, 0x7, 0x800, 0xd, 0x5, 0xdc4b, 0x6, 0x9, 0x4fb, 0x5, 0x5, 0x0, 0x4, 0x4, 0x7f, 0x6, 0x5, 0x1000, 0xf, 0x3, 0xb8, 0xffff, 0x0, 0xffffffff, 0x86f, 0x3, 0x2, 0x7fffffff, 0x5, 0x3, 0x4, 0xff, 0x5, 0x0, 0x226c5e59, 0x4, 0x7, 0x3, 0x5, 0x3, 0x1, 0x3, 0x3, 0x50, 0x8858, 0x6, 0x8000, 0xe, 0x6, 0x9, 0x6, 0xffffb3cd, 0x4, 0x3a1a, 0xa4, 0x6, 0x9, 0x44a, 0x5, 0xb1b, 0x3, 0x92be, 0x10, 0x7fffffff, 0xd6b6, 0x7, 0xd7, 0x3, 0x90, 0x0, 0x9, 0x6, 0x2, 0xb95b, 0x5, 0x7, 0x482d, 0x1, 0x3ff, 0x8, 0x8, 0x1ff, 0x20000, 0x9, 0x280, 0x0, 0x64a5c8f, 0x0, 0x3, 0xffffffff, 0x7, 0x100, 0x9, 0x3, 0x8, 0x5, 0xfb31, 0x4, 0x7ff, 0x3, 0x1, 0x2, 0x6363fcbf, 0xbd, 0x0, 0x3ff, 0x40, 0x4, 0x0, 0x5, 0x8, 0x5, 0x5e3, 0xd82, 0x1, 0xfffff001, 0x1, 0x1000, 0x4, 0x0, 0x72, 0x7fffffff, 0x94d, 0x8, 0x4, 0xf, 0x6, 0x2, 0x3ff, 0xa, 0x80, 0xb, 0x5, 0x0, 0x9, 0x9, 0x8001, 0x284, 0x8000, 0x6, 0xffffb6ab, 0x2, 0x1, 0x7, 0x80000000, 0xffffffff, 0x2, 0x3, 0x6, 0x3fbfd950, 0xfffffff7, 0x0, 0x1, 0x4, 0x2, 0x2, 0x5, 0x5, 0x8, 0x0, 0x6, 0x3, 0x7fffffff, 0x7, 0x702, 0x99, 0x2, 0x9, 0x58d, 0x8, 0x2, 0x2, 0x5, 0x1, 0x3c21, 0xd53c, 0xf, 0x5, 0x8, 0x8, 0x3, 0x9, 0x5, 0x7fff, 0x2, 0x2, 0x1, 0x8, 0xfffffffc, 0x4, 0x10, 0x2, 0x2, 0xfff, 0x8, 0x4, 0x51c, 0x4bd50, 0x0, 0x1, 0x57b, 0xffffffaf, 0x9, 0x9, 0x1, 0x2, 0x7f, 0xfcd, 0x10000, 0x6, 0xa0, 0x1, 0x3, 0xfffffff8, 0x4, 0x9, 0x1, 0x7, 0x9, 0xfff, 0x5, 0x8, 0x8, 0xc, 0xfa, 0x1, 0xf287, 0x6d8, 0x81, 0xd, 0x5730, 0x0, 0x0, 0x1, 0xfffffffd, 0x0, 0x9, 0xe64, 0x8000, 0x3, 0x6, 0x1000, 0x4, 0x1, 0x10000, 0x800, 0x10, 0xf, 0x3d7, 0x0, 0x4, 0x1, 0x2a, 0x4, 0xf7cd, 0x68, 0xfffffff9, 0x1, 0x81, 0x7, 0x1000, 0x9403, 0x6, 0x7, 0x401, 0xe, 0xfffffffc, 0x7, 0x1, 0x1, 0xd, 0x3, 0x3, 0x40, 0x4, 0x1, 0xffff701c, 0x3, 0xcc, 0x3, 0x7, 0x9, 0x9, 0x1, 0x0, 0x6, 0x8, 0xc686, 0x56a3, 0x9, 0xdf, 0x1, 0x4, 0x8, 0xc, 0x5, 0x6, 0x7, 0xfff, 0xd, 0xfff, 0x3, 0x1ff, 0xc42, 0x40, 0x5, 0x1, 0x8, 0xbb, 0x2, 0x3, 0x2, 0xfffff801, 0x4c, 0x5, 0x7, 0x10, 0x2, 0x8, 0x101, 0x1, 0x2, 0xfffffff9, 0x3, 0x4, 0x80000, 0xc0000000, 0x0, 0x0, 0x1, 0x1, 0xffff, 0x1, 0x2, 0x9, 0x7fff, 0x81, 0x1, 0x0, 0x5, 0x1, 0x1a, 0x3, 0xfffff7d4, 0x4, 0x28f4, 0x9, 0xfffffe01, 0x6, 0x6, 0x0, 0x18, 0x3, 0x1ff, 0x6, 0x2, 0x9, 0x1, 0xffff2653, 0xfffffff9, 0x3f9e, 0x6, 0x3, 0x400, 0x8, 0x3, 0xe, 0x10, 0x8, 0xffffff81]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000002c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r5, &(0x7f0000006bc0)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x80, @local, 0x4}, 0x1c, &(0x7f0000000340)=[{&(0x7f00000002c0)="18", 0x1}], 0x1}}], 0x1, 0x110)
shutdown(r5, 0x1)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r5, 0x84, 0x10, &(0x7f0000000040)=@sack_info={0x0, 0x0, 0x1}, &(0x7f0000000080)=0xc)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001cc0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000002, 0x200000005c832, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = socket$inet6(0xa, 0x3, 0x84)
setsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f0000000080)={{{@in=@multicast2, @in=@local, 0x0, 0x0, 0x4e20, 0x0, 0x2}, {0xffffffffffffffff, 0x0, 0x800, 0x2, 0x1}, {0x0, 0x0, 0x2000}, 0x0, 0x80001, 0x1, 0x0, 0x0, 0x2}, {{@in=@empty, 0x4d6, 0x3c}, 0x2, @in6=@loopback, 0x0, 0x0, 0x1, 0x0, 0xffff, 0xfffffffc}}, 0xe8)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)

1.174482752s ago: executing program 1 (id=2765):
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400000bb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r1}, 0x18)
r2 = inotify_init1(0x0)
inotify_add_watch(r2, &(0x7f0000000400)='.\x00', 0xa4000522)
read(r2, 0x0, 0x0)
close(r2)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)

1.151085482s ago: executing program 2 (id=2766):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000080008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000400000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x33, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x1}]}, 0x10)
r3 = socket$packet(0x11, 0x2, 0x300)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x4, 0x0, 0x7ffc0005}]})
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b703000000020000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
semop(0x0, 0x0, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r5 = gettid()
r6 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
read$ptp(r6, 0x0, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)=<r7=>0x0)
timer_settime(r7, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', <r8=>0x0})
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000300)={0x0, 0xef, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r8, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x8004)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7fff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3ff, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.132807653s ago: executing program 1 (id=2768):
r0 = socket(0x200000000000011, 0x2, 0x1)
bind$packet(r0, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x8000}, 0x4)
syz_emit_ethernet(0x6a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa424e1aa2e0d4080045000014"], 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

953.716075ms ago: executing program 3 (id=2769):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x2}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)

933.972575ms ago: executing program 1 (id=2770):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x2, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x0, 0xffd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x2}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000200)={r2, r0}, 0xc)

894.965916ms ago: executing program 1 (id=2771):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000032500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
nanosleep(&(0x7f0000000100)={0x0, 0x3938700}, 0x0)

894.032736ms ago: executing program 3 (id=2772):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002a20702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r0)
socket(0x1e, 0x4, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001280)=ANY=[@ANYBLOB="0f0000000400000004000000120000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000246e529f1d7e9d4fb70978e3b51ecc6d3e5a9bfc39995a76d66e60904a89a3f7d48377a347f9161d00000000080000008e56a1f2a31c00c95ee036e40e38bccfa9e440a7f9af73420e35da5c6efe4cae709a91cd7817efdcbbf728613e4fa8d4d96786521e84b8f2795df86a4c547703fb04cc50ea95b2b53a17614852000bd4261a6af280cd457f38d1ce1722ec63a4e193de61e65c79719b2e237e88a3574265405d9b7c5c24b4409e6276f0a9a591987b08d70c4ca9d2a0f2e788a01ce4054b9b6d346e1a63e4378ed7c99e36295643670f04d98a35a38246621eee1e5f6462e11ed2fe1309c4c5e97ab223747e23b8ebcd6ad876a628fbf6c65c67b3a5b3e70e76f83344b8c3c68a5246291ee513b8bd8384796ed58f3f9e11a83d4e37836aa8bbffaf893765c6b6c57d9fb4808cb603335001579b961d236d460b4eeb838fb7d2fc1e49c2f6e9f287062732711872e9c8459b2f8a2986da045fb073f3fd4af8a544ac565f"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r1}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4001, @remote}, 0x10)
syz_clone(0x222000, &(0x7f0000000080)="5917c5405bca6091ba858c3e36eb14244efe146986604c3a0ecf82ca574b2977950e32ddad15ae884af278f7249be0f7cc", 0x31, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)="84bccccc5b0496710fb21133b4fa36f2436bb3dfbe4e1f47b77bb6940b7cfd4c42319659206fd46c77fe07cc0484d032d0c22af5cdf4dd30c9c1409983d4d73f9ac31c92f72b6c1b4beed8d1fb95038a391267cc254d0f0071ddee075a5146afba66b402da7cc0014e82b9591e0c1bc3ec28e528be8a55841eef2a600495884634c80d52ded296b7e361264b6abcb42a1445c8ef128d46d96b14cd3152267a81a2811aa0bf2df4f3aeeac896b2299899847ff2c463e02b00430f986d76ad78c8b073e3782391389eb6fe20fec7328e6aeab68db5b28bd2c072ec59b49effd488a7bbfbcfc86b36defcc0b3235a99634122571072c7a3c9c95901c5f979ac2da490d86dfaa07014a7e479910e5940090bff68af7ac7abf94e9bc75bc3f2a0055869a32100ab9995e1ce238e24ded4fdd58ebcd02fbba6e0c8c6558bd1cc798bc9fa981781f6e0ef0372d8207ce554313bcd16fbcb9229176d9041b4209617a62b3207ad0a5b6002443ff3b711f008f02133f92fd3ce23519568897f6d9eae0c410c285f33a4d4be05aa8fcc1aa83c22fc7e5c2da6d4ea5c13a1bb2d056d0a6ed53e105fa32401093a793b61e03124ab87c9fa8e9574bdf9c22c8e035d5cd5c8e3f84e0641b3482526b023ecdd47c72357d61bfcb57c3dc1571c5434fa541e470525717a481d65d3b2fd4945aae8da059ff0f611f3ed0fbc20937cb42148557a8698b965c2b42e3874c08fb8a1767b23424ef8b9f1c98099ee75f2b51c9d77b6bc6e23f32d837caf4e80f4df21044e6a66e92329ad3fe184a9051c22a38e65354a109d8b53fa13f10a3f5b63bdae798f3a51458a8f781a7cd0fa3e85cbeb738db6f899e256d0289a261fa274681acc0ae997e6e66b597ba8b9c0f688c38ded553253ca535042a28fc9946f5683f26fe1dd03361e2c27810488c7ea2950ee7f7cbcbf9bef25d24106a8017a8c299b7194a7e7a5dd84f133027b186843bc3177d466ed7dfd681235bf4844e6e7226a7798b40cdd76c5cb08cd4416da84f172cf0e5820e46ddb8812f4a4b843a09fb709495b4aee618dd5643f3fc7cb7b97d1635ba7210b97d120e1026a0a5c13674ae1efff068b7ec8a2df2f7b8458fd2f4fee43d4b63170dd83021e4fed95f07c4e2ce1a172fcd8a5b9553d223adaa97d20d9d61121e5f3f11875c08169b83f7c3cf1a657a1200f52f6c3dc4a0b0554dd6adc1d2012be3f2b008dc2604a8b4dde0bf57e8d1ea713aa02c97736ee7b6666091f24738cb8e69205ee5c76dd4f1b67978bc3e4ee23f90ff6236a551e1f4123fd7d38db751bb8140d17857760e7670ea420bb49d2bb67824ee9ae97e9b69a2340419dc6ae95b039e4f378416fcf7933c52198075f1d51cb8b63cb27d2c45385d076b9a5dd6b111b998a0d77d3e2f52d2e95cc8db54d8b42c5e425965fe5490da925df876caa91868edf9eb87b28abacbc7cea24a2afa00c8e1aa42ff90eba6f3c13c4e74d0dcc3111c806df9f713644f773461af0b2e7ec1a44593ba42190459b96310612ed44f60b8d083a6c7f8592582678c60832d8e000d59554fe1dda88d2b7783e1107e3c3812e389cdac4a6ca598e1f6b18ccb009ab997c3852ffa7eb55c2b1ecb012d59626b218f72bcd9c6ab473860e97b56625748a986292fff2a9ccccd5d3817977f322e82eaab182ddef9d8cb7892000aa312f89e77fb5e5b2528231d7b3e3b41237abe810ce395d1eb4ef4b2a34ac95010ab48cad3938f79207211a54ecd1b26d946e1b2d5f96294846f5b253bcdcfb98399d9e12d462fc32e4acaa518c28a4725d84cc8c2610ec0fe47f3dcdc62d492e82b9915bb721bee5dc2390e2d8a2a017b2414d63e816e03024e7d5c8d0c4c4d29839de0c1cba2462a91405cb67ff5e8d6ffe0fe8127e44c0474fe5f27cf4737a1a5a4acdcf06e71756f5b4cd99d19f03f9c20340a0b01185256ac1b77eca8fcf86a3b0aabdf5d8f4f5b99c62d59d88a9340bcae969cd437bf617376324e889b88fec64d453d1d54abd438b85a7f38aa77f9b340b011ad27c2f9a732477f491cc6db7ff333aaf055f48ccbbacca48602babbef1ea310b03c3bd4801bff55af65e1501221efe499fc428d414beb7ed932706f811028b88535f2a92e5ff4210cbc164b8d9714b7fd74c45c32d8dc8d79410a550221572bbca0bd60467f323489026c147326375ddaa0f4f251c047b5cde82137632d2cb879af2abfdbc9742f5f46ba3160c7536ad6a66019ba07aa63bd6df6c224756e0ffaf51913ee09281b48aa1535424a548f8c8526a6d2e6d5e2786fa09f9f90348f8b194d3d3dfd9704972ac9214663239ae6a81c1392ea8058c96c1e04eaa904a2e2b1ceb6800b753878575c47965068d8a5e88178d493d76112d80c31df59e41d35667a3e3bb518edacb6aa75430890a1ff55b4fe713b2357ed8544d9cf09c0eff55d0b8d6eb27c596f869d7453a293d30b3ee1980f9ee7008308d85c71a194acbe60a799c5a22556d53b99c919173958a7afc2bf768b981bc87bee44ce78322ce5cc7e9d27bb6aec882c53f2f38a2cb586e1d8e08dc1ad7d85ac8d1a957009cd3fc5eff9b5050b1115de8379f246b0bc31aa113c551a869f56289d9bf436c0c5ff5b05bb3ef5d57a2d40f7c0b351cb9dd3294fd3b8f6dbb2527e8251fe04bb53407acd1a83af59ba85508b39a55b02406de8eb763b5b77b106024ede0774f4819df8f699601ff6dc95e2ffabf5bc74a6e91d531f03467b7b115f574d3617785d24ba5d8fd7fc632ea8c47da0eeac4a528eaac5c57b155232edec52caa95d0391ca41ac5109e927cc54e5ef8fe46ad91e6f34b895539c0c44d402c75a22ea4f780acaa0650e31dd6f9c0c07ae99c6deb1f16a34d04210116df14d254d09d928e6807aa979e1cdfae1288f476e3802132282ea594a57f45fe0ef42d84301969adcf1c2c658fc8d175cd376fcaf3c8554a3c9724321359073d453964e148a2aff35e224434f9c594b834b6c641b3308febe4ac3a738841b834ebb279609f20a8d783e90998652fb3b54b4ce930588256285f4357d1eeacb6517a2b687fe66d2037bff8898b74fbf8ad707b043afa55adfcb380e02a0911a83b43a9cb5242153bc6fabf23131182b51b4252684a9878aa6f4d24b613066bdeedb8e49540d41132bd56bcbe7f3c31219e95da71d992ddce7fa49e6653f4b9a31e13862fada28e91dcbd03deb4890d8c484ac304a5daa8bc2f5509c4374f8e592f047a83dd6f88dd404186b9870956b0dce24abc278559a7b283c35691aa50525e8666d691667f8e2188f8e67c7fcc44dbf778cc73be5a569a61be36ac5f7d38daa65bbc37e40d1220304611c08c36af7491fed5f572bc383a6e5b4d3c9db2465140f39a132836535d48ab950dee3ff081b7b1f1a89841ec0045a077127580068b0f131d9287591f2924bd43f2213e5dc7ae626208a35178e351610c4fdd1d65ed10f955c37d66620df163db941a66684a0f5326d6875ece19f98ebd5fa27e3edb432b77882ae42dde76f9f65e4dfb078642c19730958436399be4742135f4ad32ffbac85151e126e85e3307fd55f3266c7d4281ee0969d8ff6e9234cfe9f0c43d5d4037d707522d8f7afbe1c1b716c143bb4b5491c8332d062beee311385e79debaa77767bc5593c3579e89672f3dcc17ade45fd4d813117515d4813cb54090921b24ee6ea26351d7470cc4878f7d54329a66d5a6d351f83237d39415e28e4d8e896353a692054aa04118f2ec597c6158da34697e944a697b8bed403b8c343dfe75e53522c102efbc1c710507da47f6d4c27fde115bdda35cc148f0574b297ca3001344abab5345d7059695061472d699a4d63b08f40c5246b92cd764d5d29b54fc89b4c6f62f3651020327238e553389282c5bcf0b810c8c22cecbe40a034d81b1ab417e9db6bcf5322470e91d2da11dad04f4c2a7ffded9683e5e100efd2e6a164895c4044430d3be91a646529f0c0690c68ad04fb1c17bb3300ee82d95037927518c29a3faf084c2e96e20425afd0fb82b800a448ad43761bdf17d20d25bdf9edd92016269f0ce78f3880b4a4288db5520c9c8165e92a7e00b441415e9ac58ac1d43442fb1923ab8f15b9d6c926b2fd9458bd9003ab8ce6498a99d3cabdbe7bfb0c6cffd236cf2737269bf07d11035774158f47d189d507a531e648412219c307fb6c21f6efed3a3d2097d8dfa9e0da1d608b767e38db33252d333b95ac3168d3eea633f476a9af24f39c6a3c5535305ee314d07e3307bf279159ca395e1439d46bfe3282bab314a65c0ed2368cbfbe414b3e5cf16990e563f734e06821bb21603c77229090ccf3c43d2787777473ebd3d1e1c22d35e29617cf048c5907a5031074fb5b47d903874aa8f5be4341c463bbf8122aed9348c69370ba415ef8cfcc9807dd1ec6a73336b69ba4670463fd92220cb9b6a3b685e61adc371fc0f80e61b8df7d11a44ee0da2c2cdfb2ad72d68a401af0c785db7be299c0293fce57025d650ac472e93fe0f6cedffd9da09c389cc1e859ee30e9881c6f5af1f0098632b5965b0fa57ceefe45c3edaaee1d945bb030525891418a035a737e8eb0cdb892771f57c9bbcb284cecc253f2cb01ab39e4bf6bc7faea9c2f587328ac6fae1c4c9383a10f34ff69f4dedf781efe39a6aa4c27b571bc0cc886c793bbc0c169f0bcc0f28bf5e3815ee9ea5ec4588c1dd1cbf88510cbc7f7b50c5fb14a7a84a13cc43c77203154c5824602c889f7f9ef91aa27d8dd75a36c109b206408e995f31b5cef17c3d1fd86ace66b0da2028d2b70d3a00be4325d1ca43db71ca7ac9449fb05621b7e4d0e09b0e27f007f31510091610ada65d4683dcbfa23eb1abfa912e5054b9302a520669e17aa797bd45eef9f52951575af1d203cb60cc5d6b1fab36e961665e1fe807d3dd11754e01f9618873b84b232ec659e976d0efa053f0978e32f1d8474a553aa752592602d5547d770a636dfcce7cd67580e96776c37bd78b01724e11c6baa21a9b3668f1f291970a163c0b912e8d0ced4619a00b5c050204369a23783e7789be9f2b3f82b84a06b4adada217e02742c5c920f1781ffee285f4a9fe73b54c03ea16421535da4b6e9e66d132f9bf0af97cd416da42254215803cb8e83d700086e1f25418c72db1022a2d99e2a5610d35717925a5242927abed69243dc8316d2fdd99801f4442f1418bde6e9340d406a33ec470a3e050b9a58b594718fd5b12c31415344ccd0c902eae748c143a53d82b3bf54bb1b23cd2357af6bfaacf29465b453636c986a4db66eb0f0c8232f98a236f323ebf38c0fd08e26f8f4643f4490b48f71893bd9c7dc7c4f6d6f38853c3b2f2657bf52996d23aed9ce1b41a44fd0fd484edd7664f9d859a15cd90d4afa9c83b9c622c1710f229fb366fa2bb8c865cfbd1a3587ab93edf48bf3aa04902528f2af44763276ec52590dc1ea21eb39dd9c794954630a5cf1996233f9fbaf364f5c6df9e759ffcd42c33679f0c42ec0f0198c9c10e5b3208dc7f24ff34405830cc0e4e6c90d5d343510ef63cc2a204992224101e11ebacea05c7acf2764a84b1e97fa39594c7ed8d050dcfa5e09755205fc89ff1f84260efb2c02ed7d5f05892d3cdc71c74db676bc1e47c6608525a2c43faa1a625d2db0e8942b4f77eeef4fa119f21a800434fe97b164131c36602d92532972246b24dd0061ef31d35a3897826caea35c93fb72dab1819b0071eda5a2d946c0c13b26f84cb3017ee380e0b1701db34504b4286fbd36f")
r3 = msgget$private(0x0, 0x790)
msgsnd(r3, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0)
msgrcv(r3, 0x0, 0x0, 0x1, 0x3000)
msgsnd(r3, &(0x7f0000000040)=ANY=[@ANYRESDEC], 0x401, 0x0)
r4 = msgget(0x2, 0xa)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0})
setsockopt$sock_timeval(r6, 0x1, 0x15, &(0x7f0000001240)={0x77359400}, 0x10)
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0xf00, &(0x7f0000000240)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0x3fe3aa0262d8c783, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x3, 0x0, 0x7ff, 0x1}, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x1e, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0xfffffffc}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
fstat(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000440)={[{@noblock_validity}, {@stripe={'stripe', 0x3d, 0x2}}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x71d}}, {@abort}], [{@uid_lt={'uid<', r8}}, {@smackfsroot={'smackfsroot', 0x3d, '\x00'}}, {@measure}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}, {@mask={'mask', 0x3d, '^MAY_EXEC'}}]}, 0x1, 0x610, &(0x7f0000000a40)="$eJzs3c9rFGcfAPDvTH6avO+bKC+8rz3UQCkKrYmJWqQUau5F7I9/IDVRxGgkSaFRwQjtsfTSQ6GnHmr/i1borfTQaw+9F0FK8VCL1C2zOxs3m93Nz/3h7ucDa+aZmczznTXfPM88eWY2gJ41kf2TRhyNiJtJxFjFtv7IN06U9nv8x51L2SuJQuH935O4czdZrzxWkn8dzb/577FIfk4jjvRtrXdl7da1ucXFheW8PLV6/ebUytqtk1evz11ZuLJwY+aNmXNnz5w9N31qX+c3UGPdN189Taa//fVCEufjWR5bdl7V+w3tq+bsPZuIQsmTyvXZ+3pun8fuFH+OlX9OnkuqV9CxLud5m+XJ/2Is+ir+N8fi03fbGhzQVIUkym0U0HOSOvn/42yj3wzDTYsHaJVyP6B8bV/rOnirtMm9EqAVHs2WBqRKuT8QEeX87y+NDcZwcWxg5HGyaZwniYj9jcyVZHX89MOFT7JX1BmHA5pj/V55lLu6/U+KuTkew8XSyON0c/6vFwpp3hPI1r+3x/onqsryH1pn/V5E/D9v/wdjx/mf5rlbzv8P91i//AcAAAAAAICD82A2Il6vNf8v3Zj/M1hj/s9oRJw/gPq3//tf+jBfSKp2HTyA6qGnPZqNeKvm/N+NOb7jfXnp38X5ALeTy1cXF05FxH8i4kQMDGXl6arjVs4QPvnZkS/r1V85/y97ZfWX5wLmR3rYX3Uj7vzc6tx+zxuIeHQv4qXi/N9j+ZrN83+y9j+p0f5n+X1zh3UcefX+xXrbts9/oFkKX0ccr9n+P+9uJ42fzzFV7A9MlXsFW718+/Pv6tVfnf9NOEWgjqz9H2mc/0NJ5fN6VnZ3/Owi/fRaf6He9r32/weTD/qiYhDg47nV1eXpiMHkna3rZ3YXM3SrPB+ORZ4vWf6feKXx+N9G/78iDw9FxPoO6hveZrv+P7RPlv/zjdv/8c3t/+4XZu6Pf1+v/os7av/PFNv0E/ka439QaevzOHaaoG0JFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABecGlE/CuSdHJjOU0nJyNGI+K/MZIuLq2svnZ56aMb89m2iPEYSMuf9DtWKiflz/8fryjPVJVPR8ThiPii71CxPHlpaXG+3ScPAAAAAAAAAAAAAAAAAAAAHWK0eM9/Yaj6/v/Mb33tjg5ouv78q3yH3tO/5+8sDB1oIEDL7T3/gRdYds2/i/wfaGYsQBvUz/8nTwtFLQ0HaCH9f+hde8x/fy6ALqD9h161wzG94WbHAbSD9h8AAAAAALrK4WMPfkkiYv3NQ8VXZjDfZrI/dLe03QEAbWMOL/Su/qV2RwC0i2t8INlY+qvmzf71Z/8nzQkIAAAAAAAAAAAAANji+FH3/0Ovanz/v7n90M0a3P9fK/k9LgC6SP2P/tD2Q7dzjQ9s19q7/x8AAAAAAAAAAAAAOsDwrWtzi4sLyytrL97C250Rxu4W1uc6IoxdLBTuRjTe51lzah+IiE55E5ZXsmhaVVf5ERxtPOU2/14CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2/BMAAP//cdEbCg==")
msgctl$IPC_RMID(r4, 0x0)
mount$tmpfs(0x0, &(0x7f0000000280)='.\x00', &(0x7f00000002c0), 0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="687567653d6164766973652c0071d62bdc0ab12a83c61d981391174b7dd59fbe9ca3f95551f5df7a52d8a820ebf95896f6abf98e8776f258fd9c9c6a15b6102b78cde420f007d890c12dc506e0248dd93495ac2ea8df0eb880af51b23fd21a78eebf2dab0b0c394f7de7e421875fe5e092e4a576d0118d764569d6a33d8104e6e575a58d81d3227547b3142ff141cbbcf72d56a10080c6ebd23f3803e68beba3d78146fc42613fc235e926468b"])
sendto$inet(r2, &(0x7f0000000040)="e5", 0xffffffe4, 0x0, 0x0, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
close(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000002d0000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

821.284907ms ago: executing program 1 (id=2773):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xc5fffffd)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
unshare(0x68040200)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x25, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000000, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r7 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x800)
ioctl$SG_GET_VERSION_NUM(r7, 0x2284, &(0x7f0000000080))
ftruncate(0xffffffffffffffff, 0x2007ffc)
ioctl$sock_SIOCBRADDBR(r2, 0x89a0, &(0x7f0000000000)='ip6erspan0\x00')
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000005c0)={{r0}, 0x0, 0x0}, 0x20)
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x0, &(0x7f00000021c0), 0x1, 0x789, &(0x7f0000001240)="$eJzs3M9rG2caAOB3JlacH96VF/awe8kuJJBAiGzHl+RU91J6CQQCvabGHhvjsRUsObXdQJzeCoU0vrSlUNp7j70WQvoH9FYCLfTWQ6G0qXtoe1GRLCuJIylKYkeJ+zww1veNvpn3fWfkzzPgUQB/W/+v/0gihiLiYkQUm+vTiDjYaB2KWN8at3nv2lR9SaJWu/RzUt8sNmvF1r6S5uvRaGwS/4mIO4WI0+88GreyujY/mefZUrM/Ul24MlJZXTsztzA5m81mi2Pj50fPjY+fGx3ftVpPvHH+8K2vX9vY+OaL6s1jA2eSmGjUHc3adi3QA7aOSSEmdqxf3ItgfZT0MGbgOeQBAEB39ev8A81rs0IU40C3qzQXcAAAAPBSqg3WevVHzyMBAACAF0wS/c4AAAAA2Fvb/wew/WzvXj0H28lPr0bEcLv4A41niCMORSEijmwmDz1+kGxtBs9k/UZE3J5o8/nr5Ynm7kbvNw/vzh7Zbbfr889Eu/knbc0/0Wb+Gdj+7oRn1Hn+ux//QIf572KPMb785L+FjvFvVFbePdYuftKKn3SI/2aP8W9uvHer03u1zyJOtv37kzwUq8v3Q4zMzOXtfrVa6d7589TdzvVHHHkkfpI0oibd67/SY/1vb/46v94l/qnj3c//VvzBh7arfybeb+aRRsSt5mu9v7EjxvGFb796NHKyvh1/usPxb3/+X2/V/2mP9X//+eBKj0MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgIY2IoUjSUqudpqVSxNGI+HccSfNypXp6pry8OF1/L2I4CunMXJ6NRkRxq5/U+2ON9v3+2R398Yj413eHt4LO5VlpqpxP97t4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAWo5GxFAkaSki0oj4rZimpVK/swIAAAB23XC/EwAAAAD2nPt/AAAA2P+e9v4/2eU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH3t4oUL9aW2ee/aVL0/fXV1eb589cx0VpkvLSxPlabKS1dKs+XybJ6VpsoLj9tfGhFj52N5ZaSaVaojldW1ywvl5cXq5bmFydnsclZ4LlUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwpIYaS5KWIiJttNO0VIr4R0QMRyGZmcuz0Yj4Z0TcLRYG6/2xficNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArqusrs1P5nm29HI3avurnJ4bkUS8AGl0aHzUPCvdxiTrEXn2Q3Nkn1JNm+GfZT9Plvz1xxyWfjf+14e5CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/qusrs1P5nm2VOl3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPRX+mMSEfXlZPHE0M53Dya/FxuvEfHWx5c+WJmsVpfG6ut/aa2vfthcf/aBDa8/zxoAAABg33vlSQZv36dv38cDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0qrK6Nj+Z59nSHjbiRr+rBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnsZfAQAA//9bFLc7")
chdir(&(0x7f0000000240)='./file0\x00')

764.241958ms ago: executing program 0 (id=2774):
r0 = syz_open_procfs(0xffffffffffffffff, 0x0)
fchdir(r0)
setxattr$incfs_metadata(0x0, 0x0, 0x0, 0x0, 0x1)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f00000004000000040000001200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000001c0)=ANY=[@ANYRES32=r5, @ANYRES32=r4, @ANYBLOB='&\x00'/11, @ANYRES32], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r5}, &(0x7f0000000000), &(0x7f0000000080)=r1}, 0x20)
recvmsg$unix(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)=""/179, 0x33fe0}], 0x1}, 0x0)
sendmsg$inet(r3, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x0)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x40)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
getgid()
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r6}, 0x18)
execve(0x0, 0x0, 0x0)
removexattr(0x0, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRESOCT=r0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x1, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r8, 0x0, 0x178}, 0x18)
mknod$loop(0x0, 0x100000000000600d, 0x1)

220.842526ms ago: executing program 2 (id=2775):
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000000200)='./file0\x00', 0x2000000, &(0x7f0000000340)=ANY=[@ANYBLOB="003531d0081634a844cb7924d87a8dceb5435bc7169424ca5d1a6c9ae88dce733292494dc2900e6759d69221ec8f827bc438bf6a983de5286b648195a809a18b941c6b3db22c92180d1746e9c5eae6b9c2992b32d495bffe226d2ad16124944e105e9d268dfafd74ca934a7dbef224c2293a4798904f162d126d1819febf57d3758306dadf1057fdf9eedcfe"], 0x1, 0x55a, &(0x7f0000000b80)="$eJzs2s9qE1EUB+CTP02LCGYtLgbcuCrVJzBICsWAEMlCceFA4yYjwmQzyaoP4hP4PD5JVt1F6oSkURGknUxtvg9CDvlNMucykHsX5+OTz5PzL9NPH75/jaOXSbQjonkZ0Y1mtKLUiI1GdOK6iwAA/jfDYdqruweqlee99OoMd/hbMvpWS0MAAAAAAAAAAADc2L/M/zfN/wPAvVDO/3fqboMK5Xkv7azOb9vM/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD1uVwuHy3/8qq7PwDg9tn/AWD/2P8BYP/Y/wFg/7x99/51bzDoD5PkKGJxUYyKUfle5qdng/5J8lN3861FUYxa6/x5mSfb+UE8WOUv/ph34tnTMr/KXr0Z/JIfxnn1ywcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACuOU7Wuo31p4uiGLXKfHNBN7bysjo9G/RPVhds5+143N7dOgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICbm87mkzTLxrmiiqIdETu41/HD8mkerJ7q7d8iolHRLyvuZlHffxIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCv6Ww+SbNsnE/r7gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuCums/kkzbJxXmFR9xoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYvR8BAAD//2/WhiY=")
ioctl$SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0)
r0 = socket(0x10, 0x3, 0x0)
r1 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x2}, 0x0, 0x0, 0x0)
add_key(&(0x7f0000000100)='asymmetric\x00', 0x0, &(0x7f0000000140)="1081", 0x5b, r1)
r2 = socket$unix(0x1, 0x5, 0x0)
listen(r2, 0x0)
r3 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000005c0)={'bond_slave_1\x00', 0x112})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r6, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r8 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000180)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$chown(0x4, r8, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='kfree\x00', r7}, 0x18)
close(r6)
r9 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f00000001c0)={'dummy0\x00', <r10=>0x0})
r11 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="440000001000030500000000fedbdf2500000000", @ANYRES32=0x0, @ANYRES8=r10, @ANYRES32=r10, @ANYBLOB="cc415e43c900c4da370b9b2ca742f527c123ac99c4bb3047a288f0d285984300010000c21523b07efd6e"], 0x44}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000540)='hrtimer_init\x00', r5}, 0x18)
sendmsg$nl_route(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
ioctl$BTRFS_IOC_SYNC(r0, 0x9408, 0x0)
fstatfs(r3, &(0x7f00000006c0)=""/23)
r12 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r12, 0x4b47, &(0x7f0000000580)={0x8, 0x8, 0xde0})

0s ago: executing program 3 (id=2776):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="1b00f300000341c3cd54bb9000c37089bcc3231e365ccdff49b3a068c2742b4f3e871e58801bb23a6d5de8ba6e52b4459b47b66cf64f67479252ac5a610e0d558d72f3035b36ea7d0ec5948294fcb93d943e0e64c6f125ab05be252c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1, 0x0, 0x8000000000}, 0xd)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)
set_mempolicy(0x2, &(0x7f0000000200), 0x55f)
r2 = memfd_secret(0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r2, 0x0)
ioctl$BLKDISCARD(r2, 0x1277, &(0x7f0000000040)=0x5)
socket$packet(0x11, 0x2, 0x300)
ioctl$SIOCGETMIFCNT_IN6(0xffffffffffffffff, 0x89e0, &(0x7f0000002100)={0xffffffffffffffff})

kernel console output (not intermixed with test programs):

m_t pid=9952 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  212.092272][   T29] audit: type=1326 audit(2000000144.968:27878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9952 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  212.115384][   T29] audit: type=1326 audit(2000000144.968:27879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9952 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  212.138485][   T29] audit: type=1326 audit(2000000144.968:27880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9952 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  212.161569][   T29] audit: type=1326 audit(2000000144.968:27881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9952 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  212.243485][ T9960] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  212.262038][ T9963] futex_wake_op: syz.0.2183 tries to shift op by -1; fix this program
[  212.529037][ T9922] lo speed is unknown, defaulting to 1000
[  212.568060][ T9969] loop0: detected capacity change from 0 to 2048
[  212.639491][ T9969] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  212.651742][ T9969] ext4 filesystem being mounted at /427/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  212.953857][ T9982] IPv4: Oversized IP packet from 127.202.26.0
[  212.983481][ T9984] futex_wake_op: syz.3.2190 tries to shift op by -1; fix this program
[  213.148236][ T9960] siw: device registration error -23
[  213.192097][ T9988] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  213.309697][ T9990] loop3: detected capacity change from 0 to 2048
[  213.320418][ T9968] lo speed is unknown, defaulting to 1000
[  213.479960][ T9989] lo speed is unknown, defaulting to 1000
[  213.639158][ T9990] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  213.651644][ T9990] ext4 filesystem being mounted at /438/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  213.770892][ T9996] futex_wake_op: syz.2.2193 tries to shift op by -1; fix this program
[  213.926867][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.064286][ T9999] lo speed is unknown, defaulting to 1000
[  214.209947][T10002] loop1: detected capacity change from 0 to 128
[  214.348951][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.349052][T10002] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  214.371949][T10002] ext4 filesystem being mounted at /393/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  214.411647][T10004] loop3: detected capacity change from 0 to 764
[  214.419297][T10004] iso9660: Unknown parameter ''
[  214.489236][ T3315] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  214.568011][T10016] IPv4: Oversized IP packet from 127.202.26.0
[  214.683202][T10018] __nla_validate_parse: 1 callbacks suppressed
[  214.683219][T10018] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  214.733326][T10025] loop2: detected capacity change from 0 to 764
[  214.740458][T10025] iso9660: Unknown parameter ''
[  214.785257][T10028] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  215.042598][T10037] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  215.197015][T10039] lo speed is unknown, defaulting to 1000
[  215.519109][T10042] futex_wake_op: syz.1.2209 tries to shift op by -1; fix this program
[  215.618042][T10048] IPv4: Oversized IP packet from 127.202.26.0
[  215.642107][T10051] loop0: detected capacity change from 0 to 128
[  215.651304][T10051] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  215.664285][T10051] ext4 filesystem being mounted at /432/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  215.667292][T10055] futex_wake_op: syz.4.2214 tries to shift op by -1; fix this program
[  216.705338][T10057] loop1: detected capacity change from 0 to 2048
[  216.750207][ T3309] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  217.462242][   T29] kauditd_printk_skb: 722 callbacks suppressed
[  217.462260][   T29] audit: type=1326 audit(2000000150.468:28604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10062 comm="syz.3.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  217.552999][T10056] lo speed is unknown, defaulting to 1000
[  217.578833][   T29] audit: type=1326 audit(2000000150.498:28605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10062 comm="syz.3.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  217.602572][   T29] audit: type=1326 audit(2000000150.498:28606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10062 comm="syz.3.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  217.626647][   T29] audit: type=1326 audit(2000000150.498:28607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10062 comm="syz.3.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  217.650294][   T29] audit: type=1326 audit(2000000150.508:28608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10062 comm="syz.3.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  217.674462][   T29] audit: type=1326 audit(2000000150.508:28609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10062 comm="syz.3.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  217.698265][   T29] audit: type=1326 audit(2000000150.508:28610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10062 comm="syz.3.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  217.722169][   T29] audit: type=1326 audit(2000000150.508:28611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10062 comm="syz.3.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  217.745815][   T29] audit: type=1326 audit(2000000150.508:28612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10062 comm="syz.3.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  217.769558][   T29] audit: type=1326 audit(2000000150.508:28613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10062 comm="syz.3.2217" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  217.806378][T10057] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  217.818599][T10057] ext4 filesystem being mounted at /396/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  217.884963][T10076] sd 0:0:1:0: device reset
[  217.981683][T10066] lo speed is unknown, defaulting to 1000
[  218.014103][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.392146][T10092] loop2: detected capacity change from 0 to 512
[  218.456123][T10092] EXT4-fs: Ignoring removed mblk_io_submit option
[  218.473141][T10092] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  218.486070][T10092] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec119, mo2=0002]
[  218.494298][T10092] System zones: 1-12
[  218.501523][T10092] EXT4-fs (loop2): orphan cleanup on readonly fs
[  218.518373][T10092] EXT4-fs (loop2): 1 truncate cleaned up
[  218.522595][T10097] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  218.545723][T10092] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  218.592286][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.615841][T10102] loop2: detected capacity change from 0 to 512
[  218.637506][T10102] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  218.656781][T10102] ext4 filesystem being mounted at /477/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  218.773571][T10109] netlink: 'syz.2.2229': attribute type 1 has an invalid length.
[  218.781410][T10109] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2229'.
[  218.900593][T10076] lo speed is unknown, defaulting to 1000
[  219.075959][T10111] loop1: detected capacity change from 0 to 764
[  219.127130][T10111] iso9660: Unknown parameter ''
[  219.654719][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.665883][T10125] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  219.674402][T10125] siw: device registration error -23
[  219.775457][T10134] futex_wake_op: syz.0.2240 tries to shift op by -1; fix this program
[  219.876620][T10139] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  219.940125][T10144] futex_wake_op: syz.2.2244 tries to shift op by -1; fix this program
[  220.121142][T10146] lo speed is unknown, defaulting to 1000
[  221.769338][T10160] loop0: detected capacity change from 0 to 764
[  221.809494][T10160] iso9660: Unknown parameter ''
[  221.871395][T10170] sd 0:0:1:0: device reset
[  222.009334][T10177] loop4: detected capacity change from 0 to 1024
[  222.024108][T10173] vlan2: entered allmulticast mode
[  222.040507][T10177] ext4: Unknown parameter 'uid<00000000000000000000'
[  222.097826][T10184] netlink: 8 bytes leftover after parsing attributes in process `+}[@'.
[  222.119256][T10177] tmpfs: Unsupported parameter 'huge'
[  222.179217][T10179] lo speed is unknown, defaulting to 1000
[  222.469956][   T29] kauditd_printk_skb: 973 callbacks suppressed
[  222.469972][   T29] audit: type=1326 audit(2000000155.478:29587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10183 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1d4e4a58e7 code=0x7ffc0000
[  222.499416][   T29] audit: type=1326 audit(2000000155.478:29588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10183 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1d4e44ab19 code=0x7ffc0000
[  222.574146][   T29] audit: type=1326 audit(2000000155.478:29589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10183 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f1d4e4ae929 code=0x7ffc0000
[  222.597513][   T29] audit: type=1326 audit(2000000155.488:29590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10183 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1d4e4a58e7 code=0x7ffc0000
[  222.620838][   T29] audit: type=1326 audit(2000000155.488:29591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10183 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1d4e44ab19 code=0x7ffc0000
[  222.644076][   T29] audit: type=1326 audit(2000000155.488:29592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10183 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f1d4e4ae929 code=0x7ffc0000
[  222.667503][   T29] audit: type=1326 audit(2000000155.488:29593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10183 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1d4e4a58e7 code=0x7ffc0000
[  222.690641][   T29] audit: type=1326 audit(2000000155.488:29594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10183 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1d4e44ab19 code=0x7ffc0000
[  222.713815][   T29] audit: type=1326 audit(2000000155.488:29595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10183 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7f1d4e4ae929 code=0x7ffc0000
[  222.737115][   T29] audit: type=1326 audit(2000000155.518:29596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10183 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1d4e4a58e7 code=0x7ffc0000
[  222.835597][T10192] loop2: detected capacity change from 0 to 764
[  222.842199][T10192] iso9660: Unknown parameter ''
[  222.880697][T10195] futex_wake_op: syz.3.2261 tries to shift op by -1; fix this program
[  223.005431][T10202] futex_wake_op: syz.1.2263 tries to shift op by -1; fix this program
[  223.159043][T10203] lo speed is unknown, defaulting to 1000
[  223.963403][T10207] loop4: detected capacity change from 0 to 1024
[  223.977875][T10207] ext4: Unknown parameter 'uid<00000000000000000000'
[  224.293059][T10207] tmpfs: Unsupported parameter 'huge'
[  224.869544][T10203] loop3: detected capacity change from 0 to 2048
[  224.889777][T10209] futex_wake_op: syz.0.2262 tries to shift op by -1; fix this program
[  224.909848][T10203] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.922151][T10203] ext4 filesystem being mounted at /451/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  225.038865][T10219] loop2: detected capacity change from 0 to 764
[  225.097051][T10219] iso9660: Unknown parameter ''
[  225.179151][T10222] lo speed is unknown, defaulting to 1000
[  225.364977][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.609545][T10231] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2267'.
[  225.635928][T10231] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2267'.
[  225.714610][T10238] loop0: detected capacity change from 0 to 764
[  225.721442][T10238] iso9660: Unknown parameter ''
[  226.017062][T10243] loop4: detected capacity change from 0 to 1024
[  226.098512][T10243] ext4: Unknown parameter 'uid<00000000000000000000'
[  226.226792][T10243] tmpfs: Unsupported parameter 'huge'
[  226.262089][T10259] futex_wake_op: syz.1.2280 tries to shift op by -1; fix this program
[  227.300736][T10263] lo speed is unknown, defaulting to 1000
[  227.352036][T10256] lo speed is unknown, defaulting to 1000
[  227.467126][T10266] lo speed is unknown, defaulting to 1000
[  227.518479][T10268] loop2: detected capacity change from 0 to 764
[  227.525436][T10268] iso9660: Unknown parameter ''
[  227.630032][T10274] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2284'.
[  227.676176][   T29] kauditd_printk_skb: 330 callbacks suppressed
[  227.676193][   T29] audit: type=1400 audit(2000000160.689:29927): avc:  denied  { relabelfrom } for  pid=10276 comm="syz.0.2286" name="UDP" dev="sockfs" ino=29354 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  227.707185][T10277] SELinux:  Context system_u:object_r:unconfined_execmem_exec_t:s0 is not valid (left unmapped).
[  227.721037][T10274] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2284'.
[  227.744877][   T29] audit: type=1400 audit(2000000160.739:29928): avc:  denied  { relabelto } for  pid=10276 comm="syz.0.2286" name="UDP" dev="sockfs" ino=29354 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=udp_socket permissive=1 trawcon="system_u:object_r:unconfined_execmem_exec_t:s0"
[  227.826950][T10282] futex_wake_op: syz.3.2288 tries to shift op by -1; fix this program
[  228.090731][T10292] loop3: detected capacity change from 0 to 2048
[  228.466527][T10292] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  228.478840][T10292] ext4 filesystem being mounted at /455/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  228.544002][T10305] loop2: detected capacity change from 0 to 1024
[  228.591760][T10305] ext4: Unknown parameter 'uid<00000000000000000000'
[  228.624725][T10305] tmpfs: Unsupported parameter 'huge'
[  228.657714][T10307] loop0: detected capacity change from 0 to 764
[  228.712030][T10307] iso9660: Unknown parameter ''
[  228.817073][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.972529][T10312] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  229.115392][   T29] audit: type=1326 audit(2000000162.079:29929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10313 comm="syz.0.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d4e4ae929 code=0x7ffc0000
[  229.139646][   T29] audit: type=1326 audit(2000000162.079:29930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10313 comm="syz.0.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d4e4ae929 code=0x7ffc0000
[  229.163423][   T29] audit: type=1326 audit(2000000162.079:29931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10313 comm="syz.0.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d4e4ae929 code=0x7ffc0000
[  229.187202][   T29] audit: type=1326 audit(2000000162.079:29932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10313 comm="syz.0.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1d4e4ae929 code=0x7ffc0000
[  229.210928][   T29] audit: type=1326 audit(2000000162.079:29933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10313 comm="syz.0.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d4e4ae929 code=0x7ffc0000
[  229.234615][   T29] audit: type=1326 audit(2000000162.079:29934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10313 comm="syz.0.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f1d4e4ae929 code=0x7ffc0000
[  229.258784][   T29] audit: type=1326 audit(2000000162.089:29935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10313 comm="syz.0.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d4e4ae929 code=0x7ffc0000
[  229.282533][   T29] audit: type=1326 audit(2000000162.089:29936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10313 comm="syz.0.2297" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d4e4ae929 code=0x7ffc0000
[  229.350776][T10316] lo speed is unknown, defaulting to 1000
[  229.677835][T10328] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2300'.
[  229.696659][T10327] loop0: detected capacity change from 0 to 764
[  229.703372][T10327] iso9660: Unknown parameter ''
[  229.746892][T10328] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2300'.
[  229.935751][T10341] FAULT_INJECTION: forcing a failure.
[  229.935751][T10341] name failslab, interval 1, probability 0, space 0, times 0
[  229.948487][T10341] CPU: 0 UID: 0 PID: 10341 Comm: syz.4.2305 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  229.948519][T10341] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  229.948535][T10341] Call Trace:
[  229.948544][T10341]  <TASK>
[  229.948612][T10341]  __dump_stack+0x1d/0x30
[  229.948634][T10341]  dump_stack_lvl+0xe8/0x140
[  229.948661][T10341]  dump_stack+0x15/0x1b
[  229.948681][T10341]  should_fail_ex+0x265/0x280
[  229.948721][T10341]  should_failslab+0x8c/0xb0
[  229.948780][T10341]  __kmalloc_cache_node_noprof+0x54/0x320
[  229.948811][T10341]  ? page_pool_create_percpu+0x4d/0x630
[  229.948920][T10341]  page_pool_create_percpu+0x4d/0x630
[  229.948947][T10341]  ? bpf_test_run_xdp_live+0x114/0xfe0
[  229.948999][T10341]  page_pool_create+0x1a/0x30
[  229.949030][T10341]  bpf_test_run_xdp_live+0x12e/0xfe0
[  229.949155][T10341]  ? __pfx_autoremove_wake_function+0x10/0x10
[  229.949216][T10341]  ? 0xffffffffa0205480
[  229.949230][T10341]  ? synchronize_rcu+0x45/0x320
[  229.949268][T10341]  ? 0xffffffffa0205480
[  229.949315][T10341]  ? 0xffffffffa0205480
[  229.949333][T10341]  ? bpf_dispatcher_change_prog+0x6ec/0x7f0
[  229.949369][T10341]  ? 0xffffffffa02017d8
[  229.949401][T10341]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  229.949438][T10341]  bpf_prog_test_run_xdp+0x4f5/0x910
[  229.949513][T10341]  ? __rcu_read_unlock+0x4f/0x70
[  229.949637][T10341]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  229.949758][T10341]  bpf_prog_test_run+0x22a/0x390
[  229.949788][T10341]  __sys_bpf+0x3dc/0x790
[  229.949933][T10341]  __x64_sys_bpf+0x41/0x50
[  229.949967][T10341]  x64_sys_call+0x2478/0x2fb0
[  229.949994][T10341]  do_syscall_64+0xd2/0x200
[  229.950085][T10341]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  229.950120][T10341]  ? clear_bhb_loop+0x40/0x90
[  229.950147][T10341]  ? clear_bhb_loop+0x40/0x90
[  229.950174][T10341]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.950203][T10341] RIP: 0033:0x7f6e8f85e929
[  229.950217][T10341] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  229.950234][T10341] RSP: 002b:00007f6e8dec7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  229.950254][T10341] RAX: ffffffffffffffda RBX: 00007f6e8fa85fa0 RCX: 00007f6e8f85e929
[  229.950270][T10341] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  229.950362][T10341] RBP: 00007f6e8dec7090 R08: 0000000000000000 R09: 0000000000000000
[  229.950373][T10341] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  229.950422][T10341] R13: 0000000000000000 R14: 00007f6e8fa85fa0 R15: 00007ffd8dd2acb8
[  229.950452][T10341]  </TASK>
[  229.968784][T10332] lo speed is unknown, defaulting to 1000
[  230.366211][T10357] loop0: detected capacity change from 0 to 1024
[  230.373134][T10357] ext4: Unknown parameter 'uid<00000000000000000000'
[  230.383013][T10357] tmpfs: Unsupported parameter 'huge'
[  230.489544][T10356] vlan2: entered allmulticast mode
[  230.601512][T10367] FAULT_INJECTION: forcing a failure.
[  230.601512][T10367] name failslab, interval 1, probability 0, space 0, times 0
[  230.614421][T10367] CPU: 0 UID: 0 PID: 10367 Comm: syz.4.2314 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  230.614457][T10367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  230.614476][T10367] Call Trace:
[  230.614485][T10367]  <TASK>
[  230.614494][T10367]  __dump_stack+0x1d/0x30
[  230.614518][T10367]  dump_stack_lvl+0xe8/0x140
[  230.614606][T10367]  dump_stack+0x15/0x1b
[  230.614626][T10367]  should_fail_ex+0x265/0x280
[  230.614727][T10367]  should_failslab+0x8c/0xb0
[  230.614778][T10367]  kmem_cache_alloc_node_noprof+0x57/0x320
[  230.614806][T10367]  ? __alloc_skb+0x101/0x320
[  230.614853][T10367]  __alloc_skb+0x101/0x320
[  230.614916][T10367]  netlink_ack+0xfd/0x500
[  230.614956][T10367]  ? __pfx_ieee802154_start_req+0x10/0x10
[  230.614983][T10367]  netlink_rcv_skb+0x192/0x220
[  230.615073][T10367]  ? __pfx_genl_rcv_msg+0x10/0x10
[  230.615181][T10367]  genl_rcv+0x28/0x40
[  230.615203][T10367]  netlink_unicast+0x59e/0x670
[  230.615234][T10367]  netlink_sendmsg+0x58b/0x6b0
[  230.615259][T10367]  ? __pfx_netlink_sendmsg+0x10/0x10
[  230.615319][T10367]  __sock_sendmsg+0x142/0x180
[  230.615350][T10367]  ____sys_sendmsg+0x31e/0x4e0
[  230.615389][T10367]  ___sys_sendmsg+0x17b/0x1d0
[  230.615505][T10367]  __x64_sys_sendmsg+0xd4/0x160
[  230.615545][T10367]  x64_sys_call+0x2999/0x2fb0
[  230.615572][T10367]  do_syscall_64+0xd2/0x200
[  230.615590][T10367]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  230.615633][T10367]  ? clear_bhb_loop+0x40/0x90
[  230.615653][T10367]  ? clear_bhb_loop+0x40/0x90
[  230.615674][T10367]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  230.615698][T10367] RIP: 0033:0x7f6e8f85e929
[  230.615718][T10367] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  230.615779][T10367] RSP: 002b:00007f6e8dec7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  230.615797][T10367] RAX: ffffffffffffffda RBX: 00007f6e8fa85fa0 RCX: 00007f6e8f85e929
[  230.615813][T10367] RDX: 0000000000000000 RSI: 0000200000001100 RDI: 0000000000000004
[  230.615828][T10367] RBP: 00007f6e8dec7090 R08: 0000000000000000 R09: 0000000000000000
[  230.615850][T10367] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  230.615864][T10367] R13: 0000000000000000 R14: 00007f6e8fa85fa0 R15: 00007ffd8dd2acb8
[  230.615931][T10367]  </TASK>
[  230.996724][T10378] futex_wake_op: syz.3.2318 tries to shift op by -1; fix this program
[  231.178182][T10383] loop0: detected capacity change from 0 to 512
[  231.486097][T10383] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.554818][T10383] ext4 filesystem being mounted at /455/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  231.694570][T10396] netlink: 'syz.0.2320': attribute type 1 has an invalid length.
[  231.702497][T10396] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2320'.
[  231.894051][T10400] FAULT_INJECTION: forcing a failure.
[  231.894051][T10400] name failslab, interval 1, probability 0, space 0, times 0
[  231.906814][T10400] CPU: 0 UID: 0 PID: 10400 Comm: syz.4.2325 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  231.906852][T10400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  231.906927][T10400] Call Trace:
[  231.906934][T10400]  <TASK>
[  231.906943][T10400]  __dump_stack+0x1d/0x30
[  231.906968][T10400]  dump_stack_lvl+0xe8/0x140
[  231.906992][T10400]  dump_stack+0x15/0x1b
[  231.907013][T10400]  should_fail_ex+0x265/0x280
[  231.907071][T10400]  should_failslab+0x8c/0xb0
[  231.907097][T10400]  kmem_cache_alloc_noprof+0x50/0x310
[  231.907169][T10400]  ? getname_flags+0x80/0x3b0
[  231.907199][T10400]  getname_flags+0x80/0x3b0
[  231.907229][T10400]  __se_sys_acct+0x3d/0x490
[  231.907320][T10400]  __x64_sys_acct+0x1f/0x30
[  231.907389][T10400]  x64_sys_call+0x18cf/0x2fb0
[  231.907431][T10400]  do_syscall_64+0xd2/0x200
[  231.907449][T10400]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  231.907574][T10400]  ? clear_bhb_loop+0x40/0x90
[  231.907602][T10400]  ? clear_bhb_loop+0x40/0x90
[  231.907701][T10400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.907721][T10400] RIP: 0033:0x7f6e8f85e929
[  231.907813][T10400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.907832][T10400] RSP: 002b:00007f6e8dec7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3
[  231.907851][T10400] RAX: ffffffffffffffda RBX: 00007f6e8fa85fa0 RCX: 00007f6e8f85e929
[  231.907970][T10400] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000002180
[  231.907982][T10400] RBP: 00007f6e8dec7090 R08: 0000000000000000 R09: 0000000000000000
[  231.907996][T10400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  231.908008][T10400] R13: 0000000000000000 R14: 00007f6e8fa85fa0 R15: 00007ffd8dd2acb8
[  231.908092][T10400]  </TASK>
[  232.182261][T10406] futex_wake_op: syz.3.2327 tries to shift op by -1; fix this program
[  232.308358][T10409] futex_wake_op: syz.4.2328 tries to shift op by -1; fix this program
[  232.487520][T10410] lo speed is unknown, defaulting to 1000
[  233.274433][   T29] kauditd_printk_skb: 290 callbacks suppressed
[  233.274460][   T29] audit: type=1326 audit(2000000166.149:30227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10405 comm="syz.3.2327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  233.304473][   T29] audit: type=1326 audit(2000000166.149:30228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10405 comm="syz.3.2327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  233.649174][T10413] lo speed is unknown, defaulting to 1000
[  233.871147][T10410] loop3: detected capacity change from 0 to 2048
[  234.213322][T10413] loop4: detected capacity change from 0 to 2048
[  234.221225][   T29] audit: type=1326 audit(2000000166.369:30229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10405 comm="syz.3.2327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcd7b8cd290 code=0x7ffc0000
[  234.244956][   T29] audit: type=1326 audit(2000000166.369:30230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10405 comm="syz.3.2327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  234.268673][   T29] audit: type=1326 audit(2000000166.369:30231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10405 comm="syz.3.2327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  234.292327][   T29] audit: type=1326 audit(2000000166.499:30232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10405 comm="syz.3.2327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  234.315931][   T29] audit: type=1326 audit(2000000166.499:30233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10405 comm="syz.3.2327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  234.339629][   T29] audit: type=1326 audit(2000000166.499:30234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10405 comm="syz.3.2327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  234.363298][   T29] audit: type=1326 audit(2000000166.719:30235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10405 comm="syz.3.2327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  234.386973][   T29] audit: type=1326 audit(2000000166.719:30236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10405 comm="syz.3.2327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  234.420077][T10413] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.432286][T10413] ext4 filesystem being mounted at /489/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  234.449393][T10410] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.461990][T10410] ext4 filesystem being mounted at /460/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  234.547978][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.640348][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.670179][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.698089][T10426] loop2: detected capacity change from 0 to 1024
[  234.724700][T10426] ext4: Unknown parameter 'uid<00000000000000000000'
[  234.751672][T10426] tmpfs: Unsupported parameter 'huge'
[  234.783902][T10433] futex_wake_op: syz.4.2333 tries to shift op by -1; fix this program
[  234.914528][T10424] lo speed is unknown, defaulting to 1000
[  234.945910][T10437] futex_wake_op: syz.3.2334 tries to shift op by -1; fix this program
[  235.249841][T10438] lo speed is unknown, defaulting to 1000
[  235.347149][T10442] loop3: detected capacity change from 0 to 2048
[  235.397010][T10438] loop4: detected capacity change from 0 to 2048
[  236.375727][T10442] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.387987][T10442] ext4 filesystem being mounted at /462/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  236.399855][T10438] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.412131][T10438] ext4 filesystem being mounted at /490/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  236.584594][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.626996][T10448] futex_wake_op: syz.2.2335 tries to shift op by -1; fix this program
[  236.709770][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.766383][T10457] futex_wake_op: syz.1.2339 tries to shift op by -1; fix this program
[  237.659097][T10472] futex_wake_op: syz.0.2343 tries to shift op by -1; fix this program
[  237.981200][T10475] loop0: detected capacity change from 0 to 2048
[  238.061117][T10465] lo speed is unknown, defaulting to 1000
[  238.273701][T10470] loop3: detected capacity change from 0 to 764
[  238.286246][T10474] lo speed is unknown, defaulting to 1000
[  238.287491][T10475] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  238.304252][T10475] ext4 filesystem being mounted at /458/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  238.322037][   T29] kauditd_printk_skb: 73 callbacks suppressed
[  238.322054][   T29] audit: type=1326 audit(2000000171.329:30310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10471 comm="syz.0.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1d4e4ad290 code=0x7ffc0000
[  238.347531][T10470] iso9660: Unknown parameter ''
[  238.351981][   T29] audit: type=1326 audit(2000000171.329:30311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10471 comm="syz.0.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f1d4e4ad677 code=0x7ffc0000
[  238.380526][   T29] audit: type=1326 audit(2000000171.329:30312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10471 comm="syz.0.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1d4e4ad290 code=0x7ffc0000
[  238.404289][   T29] audit: type=1326 audit(2000000171.329:30313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10471 comm="syz.0.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d4e4ae929 code=0x7ffc0000
[  238.428043][   T29] audit: type=1326 audit(2000000171.329:30314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10471 comm="syz.0.2343" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d4e4ae929 code=0x7ffc0000
[  238.484129][   T29] audit: type=1326 audit(2000000171.479:30315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10478 comm="syz.1.2344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f596cbde929 code=0x7ffc0000
[  238.507993][   T29] audit: type=1326 audit(2000000171.479:30316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10478 comm="syz.1.2344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f596cbde929 code=0x7ffc0000
[  238.533393][   T29] audit: type=1326 audit(2000000171.479:30317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10478 comm="syz.1.2344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f596cbde929 code=0x7ffc0000
[  238.557273][   T29] audit: type=1326 audit(2000000171.479:30318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10478 comm="syz.1.2344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f596cbde929 code=0x7ffc0000
[  238.581027][   T29] audit: type=1326 audit(2000000171.479:30319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10478 comm="syz.1.2344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f596cbde929 code=0x7ffc0000
[  238.621697][T10486] loop4: detected capacity change from 0 to 1024
[  238.656671][T10486] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  238.681985][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.780228][T10486] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2345'.
[  238.811234][T10486] hsr_slave_0 (unregistering): left promiscuous mode
[  238.918869][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.982192][T10502] loop0: detected capacity change from 0 to 1024
[  238.989517][T10502] ext4: Unknown parameter 'uid<00000000000000000000'
[  239.036336][T10502] tmpfs: Unsupported parameter 'huge'
[  239.271287][T10509] lo speed is unknown, defaulting to 1000
[  239.363279][T10511] lo speed is unknown, defaulting to 1000
[  239.771506][T10521] futex_wake_op: syz.3.2354 tries to shift op by -1; fix this program
[  240.039861][T10526] lo speed is unknown, defaulting to 1000
[  240.231524][T10528] lo speed is unknown, defaulting to 1000
[  240.483436][T10525] loop2: detected capacity change from 0 to 764
[  240.539880][T10525] iso9660: Unknown parameter ''
[  240.551308][T10534] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[  240.723854][T10540] futex_wake_op: syz.0.2361 tries to shift op by -1; fix this program
[  240.960208][T10545] loop0: detected capacity change from 0 to 2048
[  241.046773][T10547] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2363'.
[  241.347192][T10545] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.359432][T10545] ext4 filesystem being mounted at /461/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  241.427398][T10553] lo speed is unknown, defaulting to 1000
[  241.607568][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.725604][T10561] loop1: detected capacity change from 0 to 1024
[  241.770961][T10561] ext4: Unknown parameter 'uid<00000000000000000000'
[  241.800565][T10561] tmpfs: Unsupported parameter 'huge'
[  241.922653][T10570] loop3: detected capacity change from 0 to 512
[  241.957014][T10570] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  241.968195][T10566] lo speed is unknown, defaulting to 1000
[  241.969690][T10570] ext4 filesystem being mounted at /470/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  242.113000][T10578] futex_wake_op: syz.0.2371 tries to shift op by -1; fix this program
[  242.186311][T10579] netlink: 'syz.3.2369': attribute type 1 has an invalid length.
[  242.194153][T10579] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2369'.
[  242.403230][T10586] lo speed is unknown, defaulting to 1000
[  242.548527][T10586] loop0: detected capacity change from 0 to 2048
[  242.652739][T10584] loop2: detected capacity change from 0 to 128
[  242.678470][T10584] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  242.695105][T10586] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  242.707365][T10586] ext4 filesystem being mounted at /464/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  242.742346][T10584] ext4 filesystem being mounted at /504/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  242.908352][ T3308] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  242.991429][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.028011][T10598] loop2: detected capacity change from 0 to 764
[  243.034130][T10600] futex_wake_op: syz.0.2377 tries to shift op by -1; fix this program
[  243.037385][T10598] iso9660: Unknown parameter ''
[  243.195244][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.306661][T10611] loop0: detected capacity change from 0 to 2048
[  243.325640][T10612] futex_wake_op: syz.2.2380 tries to shift op by -1; fix this program
[  243.399901][T10611] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  243.539793][T10611] ext4 filesystem being mounted at /465/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  243.592100][   T29] kauditd_printk_skb: 663 callbacks suppressed
[  243.592134][   T29] audit: type=1400 audit(2000000176.599:30983): avc:  denied  { read } for  pid=10617 comm="syz.4.2381" path="socket:[30540]" dev="sockfs" ino=30540 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  243.838622][T10620] sd 0:0:1:0: device reset
[  243.867193][T10620] loop2: detected capacity change from 0 to 2048
[  244.068921][   T29] audit: type=1326 audit(2000000176.849:30984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10608 comm="syz.2.2380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  244.092920][   T29] audit: type=1326 audit(2000000176.849:30985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10608 comm="syz.2.2380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  244.116643][   T29] audit: type=1326 audit(2000000176.849:30986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10608 comm="syz.2.2380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb7f7dad290 code=0x7ffc0000
[  244.140581][   T29] audit: type=1326 audit(2000000176.849:30987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10608 comm="syz.2.2380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  244.164410][   T29] audit: type=1326 audit(2000000176.849:30988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10608 comm="syz.2.2380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  244.188989][   T29] audit: type=1326 audit(2000000176.849:30989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10608 comm="syz.2.2380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  244.213095][   T29] audit: type=1326 audit(2000000176.849:30990): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10608 comm="syz.2.2380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  244.236848][   T29] audit: type=1326 audit(2000000176.849:30991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10608 comm="syz.2.2380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  244.260479][   T29] audit: type=1326 audit(2000000176.859:30992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10608 comm="syz.2.2380" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  244.291585][T10609] lo speed is unknown, defaulting to 1000
[  244.300442][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.304013][T10623] FAULT_INJECTION: forcing a failure.
[  244.304013][T10623] name failslab, interval 1, probability 0, space 0, times 0
[  244.322118][T10623] CPU: 1 UID: 0 PID: 10623 Comm: syz.4.2382 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  244.322153][T10623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  244.322180][T10623] Call Trace:
[  244.322196][T10623]  <TASK>
[  244.322206][T10623]  __dump_stack+0x1d/0x30
[  244.322231][T10623]  dump_stack_lvl+0xe8/0x140
[  244.322251][T10623]  dump_stack+0x15/0x1b
[  244.322346][T10623]  should_fail_ex+0x265/0x280
[  244.322404][T10623]  should_failslab+0x8c/0xb0
[  244.322452][T10623]  kmem_cache_alloc_node_noprof+0x57/0x320
[  244.322488][T10623]  ? __alloc_skb+0x101/0x320
[  244.322573][T10623]  __alloc_skb+0x101/0x320
[  244.322610][T10623]  netlink_ack+0xfd/0x500
[  244.322650][T10623]  netlink_rcv_skb+0x192/0x220
[  244.322685][T10623]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  244.322735][T10623]  xfrm_netlink_rcv+0x48/0x60
[  244.322766][T10623]  netlink_unicast+0x59e/0x670
[  244.322880][T10623]  netlink_sendmsg+0x58b/0x6b0
[  244.322901][T10623]  ? __pfx_netlink_sendmsg+0x10/0x10
[  244.322925][T10623]  __sock_sendmsg+0x142/0x180
[  244.322958][T10623]  ____sys_sendmsg+0x31e/0x4e0
[  244.323004][T10623]  ___sys_sendmsg+0x17b/0x1d0
[  244.323043][T10623]  __x64_sys_sendmsg+0xd4/0x160
[  244.323088][T10623]  x64_sys_call+0x2999/0x2fb0
[  244.323112][T10623]  do_syscall_64+0xd2/0x200
[  244.323164][T10623]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  244.323193][T10623]  ? clear_bhb_loop+0x40/0x90
[  244.323212][T10623]  ? clear_bhb_loop+0x40/0x90
[  244.323275][T10623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  244.323295][T10623] RIP: 0033:0x7f6e8f85e929
[  244.323313][T10623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  244.323349][T10623] RSP: 002b:00007f6e8dec7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  244.323366][T10623] RAX: ffffffffffffffda RBX: 00007f6e8fa85fa0 RCX: 00007f6e8f85e929
[  244.323382][T10623] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000003
[  244.323397][T10623] RBP: 00007f6e8dec7090 R08: 0000000000000000 R09: 0000000000000000
[  244.323411][T10623] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  244.323555][T10623] R13: 0000000000000000 R14: 00007f6e8fa85fa0 R15: 00007ffd8dd2acb8
[  244.323577][T10623]  </TASK>
[  244.588970][T10620] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.601173][T10620] ext4 filesystem being mounted at /506/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  244.641091][T10632] futex_wake_op: syz.1.2388 tries to shift op by -1; fix this program
[  244.672296][T10634] loop3: detected capacity change from 0 to 764
[  244.680336][T10634] iso9660: Unknown parameter ''
[  244.699523][T10637] loop0: detected capacity change from 0 to 764
[  244.707240][T10637] iso9660: Unknown parameter ''
[  244.928337][T10642] lo speed is unknown, defaulting to 1000
[  245.071923][T10642] loop1: detected capacity change from 0 to 2048
[  245.207037][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.235002][T10642] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  245.247191][T10642] ext4 filesystem being mounted at /437/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  245.516974][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.526241][T10663] loop0: detected capacity change from 0 to 1024
[  245.533219][T10663] ext4: Unknown parameter 'uid<00000000000000000000'
[  245.543528][T10663] tmpfs: Unsupported parameter 'huge'
[  245.565672][T10665] netlink: 'syz.4.2397': attribute type 1 has an invalid length.
[  245.577038][T10665] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2397'.
[  245.625053][T10670] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2399'.
[  245.710534][T10677] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  245.828892][T10684] loop4: detected capacity change from 0 to 764
[  245.835916][T10684] iso9660: Unknown parameter ''
[  245.968392][T10688] siw: device registration error -23
[  246.050787][T10697] loop4: detected capacity change from 0 to 512
[  246.065258][T10697] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  246.079002][T10697] ext4 filesystem being mounted at /512/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  246.150715][T10700] netlink: 'syz.4.2410': attribute type 1 has an invalid length.
[  246.158624][T10700] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2410'.
[  246.477983][T10717] vlan2: entered allmulticast mode
[  246.511910][T10708] vlan2: entered allmulticast mode
[  246.589573][T10723] siw: device registration error -23
[  246.771450][T10729] loop0: detected capacity change from 0 to 764
[  246.779625][T10729] iso9660: Unknown parameter ''
[  246.854234][ T3321] syz-executor invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0
[  246.865385][ T3321] CPU: 1 UID: 0 PID: 3321 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  246.865461][ T3321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  246.865476][ T3321] Call Trace:
[  246.865520][ T3321]  <TASK>
[  246.865527][ T3321]  __dump_stack+0x1d/0x30
[  246.865551][ T3321]  dump_stack_lvl+0xe8/0x140
[  246.865582][ T3321]  dump_stack+0x15/0x1b
[  246.865604][ T3321]  dump_header+0x81/0x220
[  246.865672][ T3321]  oom_kill_process+0x334/0x3f0
[  246.865708][ T3321]  out_of_memory+0x979/0xb80
[  246.865750][ T3321]  try_charge_memcg+0x5e6/0x9e0
[  246.865868][ T3321]  charge_memcg+0x51/0xc0
[  246.865909][ T3321]  mem_cgroup_swapin_charge_folio+0xcc/0x150
[  246.866018][ T3321]  __read_swap_cache_async+0x1df/0x350
[  246.866060][ T3321]  swap_cluster_readahead+0x277/0x3e0
[  246.866167][ T3321]  swapin_readahead+0xde/0x6f0
[  246.866203][ T3321]  ? __filemap_get_folio+0x4f7/0x6b0
[  246.866237][ T3321]  ? swap_cache_get_folio+0x77/0x200
[  246.866267][ T3321]  do_swap_page+0x301/0x2430
[  246.866320][ T3321]  ? finish_task_switch+0xad/0x2b0
[  246.866408][ T3321]  ? __pfx_default_wake_function+0x10/0x10
[  246.866440][ T3321]  handle_mm_fault+0x9a5/0x2be0
[  246.866463][ T3321]  ? mas_walk+0xf2/0x120
[  246.866615][ T3321]  do_user_addr_fault+0x636/0x1090
[  246.866656][ T3321]  ? fpregs_restore_userregs+0xe2/0x1d0
[  246.866740][ T3321]  ? switch_fpu_return+0xe/0x20
[  246.866775][ T3321]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  246.866805][ T3321]  exc_page_fault+0x62/0xa0
[  246.866834][ T3321]  asm_exc_page_fault+0x26/0x30
[  246.866877][ T3321] RIP: 0033:0x7f6e8f8911a5
[  246.866897][ T3321] Code: 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d 9e 43 1c 00 00 74 14 b8 e6 00 00 00 0f 05 f7 d8 <c3> 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 89 74
[  246.866948][ T3321] RSP: 002b:00007ffd8dd2aff8 EFLAGS: 00010246
[  246.866964][ T3321] RAX: 0000000000000000 RBX: 0000000000000553 RCX: 00007f6e8f8911a3
[  246.866976][ T3321] RDX: 00007ffd8dd2b010 RSI: 0000000000000000 RDI: 0000000000000000
[  246.866987][ T3321] RBP: 00007ffd8dd2b07c R08: 000000002fc61f7f R09: 0000000000000000
[  246.867013][ T3321] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000001388
[  246.867029][ T3321] R13: 00000000000927c0 R14: 000000000003c1a2 R15: 00007ffd8dd2b0d0
[  246.867051][ T3321]  </TASK>
[  246.867110][ T3321] memory: usage 307200kB, limit 307200kB, failcnt 213
[  246.895291][T10732] FAULT_INJECTION: forcing a failure.
[  246.895291][T10732] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  246.896420][ T3321] memory+swap: usage 307664kB, limit 9007199254740988kB, failcnt 0
[  246.900758][T10732] CPU: 0 UID: 0 PID: 10732 Comm: syz.1.2422 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  246.900827][T10732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  246.900847][T10732] Call Trace:
[  246.900854][T10732]  <TASK>
[  246.900867][T10732]  __dump_stack+0x1d/0x30
[  246.900898][T10732]  dump_stack_lvl+0xe8/0x140
[  246.900926][T10732]  dump_stack+0x15/0x1b
[  246.900992][T10732]  should_fail_ex+0x265/0x280
[  246.901038][T10732]  should_fail+0xb/0x20
[  246.901099][T10732]  should_fail_usercopy+0x1a/0x20
[  246.901145][T10732]  _copy_from_user+0x1c/0xb0
[  246.901176][T10732]  bpf_test_init+0xdf/0x160
[  246.901292][T10732]  bpf_prog_test_run_xdp+0x274/0x910
[  246.901338][T10732]  ? kstrtouint+0x76/0xc0
[  246.901377][T10732]  ? __rcu_read_unlock+0x4f/0x70
[  246.901417][T10732]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  246.901520][T10732]  bpf_prog_test_run+0x22a/0x390
[  246.901550][T10732]  __sys_bpf+0x3dc/0x790
[  246.901606][T10732]  __x64_sys_bpf+0x41/0x50
[  246.901694][T10732]  x64_sys_call+0x2478/0x2fb0
[  246.901771][T10732]  do_syscall_64+0xd2/0x200
[  246.901797][T10732]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  246.901862][T10732]  ? clear_bhb_loop+0x40/0x90
[  246.901967][T10732]  ? clear_bhb_loop+0x40/0x90
[  246.902025][T10732]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  246.902054][T10732] RIP: 0033:0x7f596cbde929
[  246.902130][T10732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  246.902156][T10732] RSP: 002b:00007f596b247038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  246.902183][T10732] RAX: ffffffffffffffda RBX: 00007f596ce05fa0 RCX: 00007f596cbde929
[  246.902201][T10732] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  246.902220][T10732] RBP: 00007f596b247090 R08: 0000000000000000 R09: 0000000000000000
[  246.902238][T10732] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  246.902324][T10732] R13: 0000000000000000 R14: 00007f596ce05fa0 R15: 00007ffd202a4b08
[  246.902352][T10732]  </TASK>
[  247.328919][ T3321] kmem: usage 307156kB, limit 9007199254740988kB, failcnt 0
[  247.328938][ T3321] Memory cgroup stats for /syz4:
[  247.329152][ T3321] cache 28672
[  247.329165][ T3321] rss 0
[  247.329173][ T3321] shmem 0
[  247.329180][ T3321] mapped_file 0
[  247.329189][ T3321] dirty 0
[  247.329196][ T3321] writeback 0
[  247.329204][ T3321] workingset_refault_anon 149
[  247.329214][ T3321] workingset_refault_file 2778
[  247.329230][ T3321] swap 475136
[  247.329236][ T3321] swapcached 8192
[  247.329308][ T3321] pgpgin 321142
[  247.329316][ T3321] pgpgout 321131
[  247.329324][ T3321] pgfault 264901
[  247.329387][ T3321] pgmajfault 55
[  247.329395][ T3321] inactive_anon 8192
[  247.329403][ T3321] active_anon 0
[  247.329410][ T3321] inactive_file 24576
[  247.329418][ T3321] active_file 12288
[  247.329471][ T3321] unevictable 0
[  247.329481][ T3321] hierarchical_memory_limit 314572800
[  247.329492][ T3321] hierarchical_memsw_limit 9223372036854771712
[  247.329503][ T3321] total_cache 28672
[  247.329512][ T3321] total_rss 0
[  247.329520][ T3321] total_shmem 0
[  247.329528][ T3321] total_mapped_file 0
[  247.329537][ T3321] total_dirty 0
[  247.329587][ T3321] total_writeback 0
[  247.329596][ T3321] total_workingset_refault_anon 149
[  247.329606][ T3321] total_workingset_refault_file 2778
[  247.329640][ T3321] total_swap 475136
[  247.329647][ T3321] total_swapcached 8192
[  247.329654][ T3321] total_pgpgin 321142
[  247.329660][ T3321] total_pgpgout 321131
[  247.329667][ T3321] total_pgfault 264901
[  247.329675][ T3321] total_pgmajfault 55
[  247.329684][ T3321] total_inactive_anon 8192
[  247.329693][ T3321] total_active_anon 0
[  247.329702][ T3321] total_inactive_file 24576
[  247.329712][ T3321] total_active_file 12288
[  247.329721][ T3321] total_unevictable 0
[  247.329730][ T3321] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz4,task_memcg=/syz4,task=syz.4.2410,pid=10696,uid=0
[  247.329878][ T3321] Memory cgroup out of memory: Killed process 10696 (syz.4.2410) total-vm:95800kB, anon-rss:1064kB, file-rss:22584kB, shmem-rss:0kB, UID:0 pgtables:128kB oom_score_adj:1000
[  247.686784][T10745] lo speed is unknown, defaulting to 1000
[  247.895439][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.015893][T10750] futex_wake_op: syz.4.2426 tries to shift op by -1; fix this program
[  248.269154][T10761] loop4: detected capacity change from 0 to 2048
[  248.428470][T10761] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  248.441210][T10761] ext4 filesystem being mounted at /513/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  248.476826][T10763] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  248.518855][T10768] futex_wake_op: syz.3.2433 tries to shift op by -1; fix this program
[  248.660041][   T29] kauditd_printk_skb: 478 callbacks suppressed
[  248.660059][   T29] audit: type=1326 audit(2000000181.670:31471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10762 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  248.689528][   T29] audit: type=1326 audit(2000000181.670:31472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10762 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  248.712782][   T29] audit: type=1326 audit(2000000181.670:31473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10762 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  248.736024][   T29] audit: type=1326 audit(2000000181.670:31474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10762 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  248.759280][   T29] audit: type=1326 audit(2000000181.670:31475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10762 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  248.782442][   T29] audit: type=1326 audit(2000000181.670:31476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10762 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  248.805556][   T29] audit: type=1326 audit(2000000181.670:31477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10762 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  248.828678][   T29] audit: type=1326 audit(2000000181.670:31478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10762 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  248.851850][   T29] audit: type=1326 audit(2000000181.670:31479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10762 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  248.875128][   T29] audit: type=1326 audit(2000000181.670:31480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10762 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  248.946239][T10770] lo speed is unknown, defaulting to 1000
[  249.106267][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.346691][T10775] loop4: detected capacity change from 0 to 764
[  249.377504][T10775] iso9660: Unknown parameter ''
[  249.438105][T10783] futex_wake_op: syz.3.2437 tries to shift op by -1; fix this program
[  249.527597][T10787] futex_wake_op: syz.0.2438 tries to shift op by -1; fix this program
[  249.607391][T10793] loop1: detected capacity change from 0 to 1024
[  249.631181][T10793] ext4: Unknown parameter 'uid<00000000000000000000'
[  249.661066][T10789] lo speed is unknown, defaulting to 1000
[  249.736852][T10793] tmpfs: Unsupported parameter 'huge'
[  249.745055][T10798] futex_wake_op: syz.2.2442 tries to shift op by -1; fix this program
[  250.060681][T10805] lo speed is unknown, defaulting to 1000
[  250.492024][T10810] FAULT_INJECTION: forcing a failure.
[  250.492024][T10810] name failslab, interval 1, probability 0, space 0, times 0
[  250.504856][T10810] CPU: 0 UID: 0 PID: 10810 Comm: syz.0.2444 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  250.504921][T10810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  250.504937][T10810] Call Trace:
[  250.504945][T10810]  <TASK>
[  250.504954][T10810]  __dump_stack+0x1d/0x30
[  250.504981][T10810]  dump_stack_lvl+0xe8/0x140
[  250.505045][T10810]  dump_stack+0x15/0x1b
[  250.505064][T10810]  should_fail_ex+0x265/0x280
[  250.505102][T10810]  should_failslab+0x8c/0xb0
[  250.505131][T10810]  __kmalloc_cache_node_noprof+0x54/0x320
[  250.505181][T10810]  ? page_pool_create_percpu+0x4d/0x630
[  250.505310][T10810]  page_pool_create_percpu+0x4d/0x630
[  250.505335][T10810]  ? bpf_test_run_xdp_live+0x114/0xfe0
[  250.505417][T10810]  page_pool_create+0x1a/0x30
[  250.505440][T10810]  bpf_test_run_xdp_live+0x12e/0xfe0
[  250.505540][T10810]  ? __pfx_wait_rcu_exp_gp+0x10/0x10
[  250.505577][T10810]  ? 0xffffffffa0205480
[  250.505622][T10810]  ? synchronize_rcu+0x45/0x320
[  250.505670][T10810]  ? 0xffffffffa0205480
[  250.505682][T10810]  ? 0xffffffffa0205480
[  250.505694][T10810]  ? bpf_dispatcher_change_prog+0x6ec/0x7f0
[  250.505781][T10810]  ? 0xffffffffa020164c
[  250.505807][T10810]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  250.505853][T10810]  bpf_prog_test_run_xdp+0x4f5/0x910
[  250.505897][T10810]  ? __rcu_read_unlock+0x4f/0x70
[  250.505928][T10810]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  250.505965][T10810]  bpf_prog_test_run+0x22a/0x390
[  250.505985][T10810]  __sys_bpf+0x3dc/0x790
[  250.506031][T10810]  __x64_sys_bpf+0x41/0x50
[  250.506066][T10810]  x64_sys_call+0x2478/0x2fb0
[  250.506118][T10810]  do_syscall_64+0xd2/0x200
[  250.506136][T10810]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  250.506160][T10810]  ? clear_bhb_loop+0x40/0x90
[  250.506180][T10810]  ? clear_bhb_loop+0x40/0x90
[  250.506276][T10810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.506320][T10810] RIP: 0033:0x7f1d4e4ae929
[  250.506338][T10810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.506356][T10810] RSP: 002b:00007f1d4cb17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  250.506379][T10810] RAX: ffffffffffffffda RBX: 00007f1d4e6d5fa0 RCX: 00007f1d4e4ae929
[  250.506393][T10810] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  250.506408][T10810] RBP: 00007f1d4cb17090 R08: 0000000000000000 R09: 0000000000000000
[  250.506423][T10810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  250.506439][T10810] R13: 0000000000000000 R14: 00007f1d4e6d5fa0 R15: 00007ffceabf0d68
[  250.506460][T10810]  </TASK>
[  251.067336][T10812] lo speed is unknown, defaulting to 1000
[  251.290689][T10819] futex_wake_op: syz.4.2447 tries to shift op by -1; fix this program
[  251.582586][T10825] lo speed is unknown, defaulting to 1000
[  251.933894][T10823] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2446'.
[  251.954208][T10828] loop1: detected capacity change from 0 to 512
[  251.961050][T10828] EXT4-fs: Ignoring removed oldalloc option
[  251.989496][T10828] EXT4-fs: Ignoring removed orlov option
[  251.996731][T10828] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  251.998535][T10823] vlan2: entered allmulticast mode
[  252.026503][T10828] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  252.043402][T10828] EXT4-fs (loop1): orphan cleanup on readonly fs
[  252.053537][T10828] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.2449: bg 0: block 248: padding at end of block bitmap is not set
[  252.099141][T10828] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.2449: Failed to acquire dquot type 1
[  252.186821][T10814] lo speed is unknown, defaulting to 1000
[  252.209793][T10828] EXT4-fs (loop1): 1 truncate cleaned up
[  252.262926][T10828] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  252.298115][T10834] loop4: detected capacity change from 0 to 764
[  252.304752][T10834] iso9660: Unknown parameter ''
[  252.382188][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.470979][T10845] futex_wake_op: syz.1.2453 tries to shift op by -1; fix this program
[  252.507082][T10848] loop2: detected capacity change from 0 to 512
[  252.559410][T10848] EXT4-fs error (device loop2): ext4_orphan_get:1393: inode #15: comm syz.2.2456: iget: bad i_size value: 38620345925642
[  252.620306][T10853] loop0: detected capacity change from 0 to 1024
[  252.644279][T10853] ext4: Unknown parameter 'uid<00000000000000000000'
[  252.655166][T10848] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.2456: couldn't read orphan inode 15 (err -117)
[  252.707991][T10848] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  252.738234][T10854] lo speed is unknown, defaulting to 1000
[  252.828451][T10853] tmpfs: Unsupported parameter 'huge'
[  253.056380][ T9756] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm kworker/u8:30: bg 0: block 5: invalid block bitmap
[  253.071245][ T9756] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 33 with error 28
[  253.083770][ T9756] EXT4-fs (loop2): This should not happen!! Data will be lost
[  253.083770][ T9756] 
[  253.093479][ T9756] EXT4-fs (loop2): Total free blocks count 0
[  253.099526][ T9756] EXT4-fs (loop2): Free/Dirty block details
[  253.105604][ T9756] EXT4-fs (loop2): free_blocks=0
[  253.110634][ T9756] EXT4-fs (loop2): dirty_blocks=33
[  253.115847][ T9756] EXT4-fs (loop2): Block reservation details
[  253.121847][ T9756] EXT4-fs (loop2): i_reserved_data_blocks=33
[  253.129489][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.148489][T10863] loop4: detected capacity change from 0 to 512
[  253.166440][T10863] EXT4-fs warning (device loop4): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  253.182578][T10865] sd 0:0:1:0: device reset
[  253.205983][T10863] EXT4-fs (loop4): mount failed
[  253.456332][T10881] loop1: detected capacity change from 0 to 512
[  253.464724][T10881] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  253.502359][T10881] EXT4-fs (loop1): 1 truncate cleaned up
[  253.525209][T10881] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.549489][T10886] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2462'.
[  253.582891][T10886] vlan2: entered allmulticast mode
[  253.645480][T10881] vhci_hcd: invalid port number 96
[  253.650653][T10881] vhci_hcd: default hub control req: 000e vfffc i0060 l0
[  253.664329][T10881] EXT4-fs error (device loop1): ext4_generic_delete_entry:2668: inode #2: block 13: comm syz.1.2464: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  253.664446][   T29] kauditd_printk_skb: 353 callbacks suppressed
[  253.664508][   T29] audit: type=1400 audit(2000000186.680:31831): avc:  denied  { rename } for  pid=10877 comm="syz.1.2464" name="file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  253.692903][T10881] EXT4-fs (loop1): Remounting filesystem read-only
[  253.713478][   T29] audit: type=1400 audit(2000000186.680:31832): avc:  denied  { reparent } for  pid=10877 comm="syz.1.2464" name="file0" dev="loop1" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  253.720020][T10881] EXT4-fs warning (device loop1): ext4_rename_delete:3726: inode #2: comm syz.1.2464: Deleting old file: nlink 5, error=-117
[  253.742640][   T29] audit: type=1400 audit(2000000186.680:31833): avc:  denied  { add_name } for  pid=10877 comm="syz.1.2464" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  253.777585][   T29] audit: type=1326 audit(2000000186.790:31834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10873 comm="syz.4.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6e8f8558e7 code=0x7ffc0000
[  253.801326][   T29] audit: type=1326 audit(2000000186.790:31835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10873 comm="syz.4.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6e8f7fab19 code=0x7ffc0000
[  253.824962][   T29] audit: type=1326 audit(2000000186.790:31836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10873 comm="syz.4.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  253.848616][   T29] audit: type=1326 audit(2000000186.790:31837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10873 comm="syz.4.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6e8f8558e7 code=0x7ffc0000
[  253.872266][   T29] audit: type=1326 audit(2000000186.790:31838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10873 comm="syz.4.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f6e8f7fab19 code=0x7ffc0000
[  253.895986][   T29] audit: type=1326 audit(2000000186.790:31839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10873 comm="syz.4.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  253.959076][   T29] audit: type=1326 audit(2000000186.910:31840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10873 comm="syz.4.2462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6e8f8558e7 code=0x7ffc0000
[  254.015140][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.056736][T10892] futex_wake_op: syz.1.2467 tries to shift op by -1; fix this program
[  254.346711][T10895] loop1: detected capacity change from 0 to 2048
[  254.397305][T10895] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.409515][T10895] ext4 filesystem being mounted at /451/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  254.619794][T10890] lo speed is unknown, defaulting to 1000
[  254.804237][T10894] lo speed is unknown, defaulting to 1000
[  254.812354][T10889] lo speed is unknown, defaulting to 1000
[  255.028381][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.164493][T10911] futex_wake_op: syz.1.2473 tries to shift op by -1; fix this program
[  255.342728][T10907] lo speed is unknown, defaulting to 1000
[  255.495892][T10914] loop1: detected capacity change from 0 to 2048
[  255.546708][T10914] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.559059][T10914] ext4 filesystem being mounted at /453/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  255.663070][T10913] lo speed is unknown, defaulting to 1000
[  255.896511][T10921] futex_wake_op: syz.4.2475 tries to shift op by -1; fix this program
[  256.445737][T10927] loop2: detected capacity change from 0 to 128
[  256.481290][T10923] lo speed is unknown, defaulting to 1000
[  256.516196][T10924] lo speed is unknown, defaulting to 1000
[  256.565481][T10927] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  256.578824][T10927] ext4 filesystem being mounted at /520/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  256.579869][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.638318][ T3308] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  256.816219][T10939] loop3: detected capacity change from 0 to 512
[  256.874990][T10939] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  256.914181][T10939] ext4 filesystem being mounted at /490/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.064133][T10952] netlink: 'syz.3.2481': attribute type 1 has an invalid length.
[  257.071934][T10952] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2481'.
[  257.155977][T10933] lo speed is unknown, defaulting to 1000
[  257.212176][T10958] loop4: detected capacity change from 0 to 764
[  257.253468][T10958] iso9660: Unknown parameter ''
[  257.648434][T10971] futex_wake_op: syz.1.2491 tries to shift op by -1; fix this program
[  257.752772][T10966] lo speed is unknown, defaulting to 1000
[  257.921271][T10973] lo speed is unknown, defaulting to 1000
[  257.978031][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.988984][T10981] loop2: detected capacity change from 0 to 128
[  258.005514][T10981] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  258.095044][T10989] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  258.103726][T10989] FAT-fs (loop2): Filesystem has been set read-only
[  258.164647][T10990] loop0: detected capacity change from 0 to 1024
[  258.171582][T10990] ext4: Unknown parameter 'uid<00000000000000000000'
[  258.180603][T10990] tmpfs: Unsupported parameter 'huge'
[  258.356965][T10995] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2499'.
[  258.366241][T10995] netlink: 204 bytes leftover after parsing attributes in process `syz.4.2499'.
[  258.378789][T10995] netlink: 'syz.4.2499': attribute type 21 has an invalid length.
[  258.388506][T10995] netlink: 156 bytes leftover after parsing attributes in process `syz.4.2499'.
[  258.397661][T10995] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2499'.
[  258.480922][T10997] futex_wake_op: syz.4.2500 tries to shift op by -1; fix this program
[  258.607526][T11000] loop1: detected capacity change from 0 to 512
[  258.614876][T11000] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  258.625023][T11000] EXT4-fs (loop1): invalid journal inode
[  258.630725][T11000] EXT4-fs (loop1): can't get journal size
[  258.637271][T11000] EXT4-fs (loop1): 1 truncate cleaned up
[  258.643711][T11000] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.666179][T10998] loop4: detected capacity change from 0 to 2048
[  258.666938][T10993] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2498'.
[  258.707336][T10998] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.719494][T10998] ext4 filesystem being mounted at /533/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  258.744604][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.842276][   T29] kauditd_printk_skb: 230 callbacks suppressed
[  258.842293][   T29] audit: type=1326 audit(2000000191.850:32071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11010 comm="syz.2.2505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  258.844387][T11013] loop0: detected capacity change from 0 to 512
[  258.850921][   T29] audit: type=1326 audit(2000000191.860:32072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11010 comm="syz.2.2505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  258.902747][   T29] audit: type=1326 audit(2000000191.860:32073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11010 comm="syz.2.2505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  258.907022][T11011] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  258.964847][T11013] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  258.977523][   T29] audit: type=1326 audit(2000000191.890:32074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11010 comm="syz.2.2505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  259.001369][   T29] audit: type=1326 audit(2000000191.890:32075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11010 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  259.024449][   T29] audit: type=1326 audit(2000000191.890:32076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11010 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  259.047633][   T29] audit: type=1326 audit(2000000191.920:32077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11010 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  259.070731][   T29] audit: type=1326 audit(2000000191.920:32078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11010 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  259.093894][   T29] audit: type=1326 audit(2000000191.920:32079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11010 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  259.116942][   T29] audit: type=1326 audit(2000000191.920:32080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11010 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  259.139244][T11021] loop1: detected capacity change from 0 to 1024
[  259.152991][T11013] ext4 filesystem being mounted at /488/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  259.177800][T11021] ext4: Unknown parameter 'uid<00000000000000000000'
[  259.189876][T11020] tmpfs: Unsupported parameter 'huge'
[  259.251815][T11022] netlink: 'syz.0.2506': attribute type 1 has an invalid length.
[  259.259768][T11022] netlink: 224 bytes leftover after parsing attributes in process `syz.0.2506'.
[  259.360315][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.453555][T11026] lo speed is unknown, defaulting to 1000
[  259.583129][T11024] futex_wake_op: syz.3.2508 tries to shift op by -1; fix this program
[  259.889535][T11034] lo speed is unknown, defaulting to 1000
[  260.094994][T11033] loop2: detected capacity change from 0 to 512
[  260.102180][T11033] EXT4-fs: Ignoring removed bh option
[  260.213257][T11033] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13
[  260.233408][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.257130][T11033] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.2510: attempt to clear invalid blocks 2 len 1
[  260.296518][T11033] EXT4-fs (loop2): Remounting filesystem read-only
[  260.326966][T11033] EXT4-fs (loop2): 1 truncate cleaned up
[  260.351083][T11033] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  260.426516][T11049] FAULT_INJECTION: forcing a failure.
[  260.426516][T11049] name failslab, interval 1, probability 0, space 0, times 0
[  260.439271][T11049] CPU: 1 UID: 0 PID: 11049 Comm: syz.2.2510 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  260.439299][T11049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  260.439391][T11049] Call Trace:
[  260.439400][T11049]  <TASK>
[  260.439410][T11049]  __dump_stack+0x1d/0x30
[  260.439437][T11049]  dump_stack_lvl+0xe8/0x140
[  260.439459][T11049]  dump_stack+0x15/0x1b
[  260.439474][T11049]  should_fail_ex+0x265/0x280
[  260.439583][T11049]  should_failslab+0x8c/0xb0
[  260.439613][T11049]  kmem_cache_alloc_noprof+0x50/0x310
[  260.439668][T11049]  ? alloc_empty_file+0x76/0x200
[  260.439692][T11049]  ? mntput+0x4b/0x80
[  260.439723][T11049]  alloc_empty_file+0x76/0x200
[  260.439749][T11049]  path_openat+0x68/0x2170
[  260.439786][T11049]  ? _parse_integer_limit+0x170/0x190
[  260.439870][T11049]  ? kstrtoull+0x111/0x140
[  260.439899][T11049]  ? kstrtouint+0x76/0xc0
[  260.439927][T11049]  do_filp_open+0x109/0x230
[  260.440075][T11049]  do_sys_openat2+0xa6/0x110
[  260.440105][T11049]  __x64_sys_openat+0xf2/0x120
[  260.440135][T11049]  x64_sys_call+0x1af/0x2fb0
[  260.440167][T11049]  do_syscall_64+0xd2/0x200
[  260.440189][T11049]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  260.440222][T11049]  ? clear_bhb_loop+0x40/0x90
[  260.440250][T11049]  ? clear_bhb_loop+0x40/0x90
[  260.440278][T11049]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.440306][T11049] RIP: 0033:0x7fb7f7dae929
[  260.440324][T11049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.440348][T11049] RSP: 002b:00007fb7f63f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  260.440372][T11049] RAX: ffffffffffffffda RBX: 00007fb7f7fd6080 RCX: 00007fb7f7dae929
[  260.440401][T11049] RDX: 0000000000008000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[  260.440438][T11049] RBP: 00007fb7f63f6090 R08: 0000000000000000 R09: 0000000000000000
[  260.440505][T11049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  260.440517][T11049] R13: 0000000000000000 R14: 00007fb7f7fd6080 R15: 00007fff437c5f58
[  260.440536][T11049]  </TASK>
[  260.864028][T11058] lo speed is unknown, defaulting to 1000
[  260.985962][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.151141][T11066] sd 0:0:1:0: device reset
[  261.180363][T11062] loop1: detected capacity change from 0 to 1024
[  261.313366][T11062] ext4: Unknown parameter 'uid<00000000000000000000'
[  261.524620][T11062] tmpfs: Unsupported parameter 'huge'
[  261.673013][T11081] loop2: detected capacity change from 0 to 512
[  261.698522][T11081] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.722928][T11081] ext4 filesystem being mounted at /530/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  261.828144][T11085] netlink: 'syz.2.2522': attribute type 1 has an invalid length.
[  261.836154][T11085] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2522'.
[  261.866035][T11086] futex_wake_op: syz.4.2523 tries to shift op by -1; fix this program
[  261.930415][T11078] lo speed is unknown, defaulting to 1000
[  262.085638][T11092] sd 0:0:1:0: device reset
[  262.117235][T11092] loop4: detected capacity change from 0 to 2048
[  262.255395][T11092] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  262.267842][T11092] ext4 filesystem being mounted at /539/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  262.301897][T11063] lo speed is unknown, defaulting to 1000
[  262.729262][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.745936][T11091] vlan2: entered allmulticast mode
[  262.918599][T11099] loop4: detected capacity change from 0 to 764
[  262.964078][T11099] iso9660: Unknown parameter ''
[  262.979649][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.076153][T11106] loop4: detected capacity change from 0 to 128
[  263.086795][T11109] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  263.115985][T11106] bio_check_eod: 104 callbacks suppressed
[  263.116003][T11106] syz.4.2529: attempt to access beyond end of device
[  263.116003][T11106] loop4: rw=2049, sector=140, nr_sectors = 8 limit=128
[  263.149421][T11106] syz.4.2529: attempt to access beyond end of device
[  263.149421][T11106] loop4: rw=2049, sector=156, nr_sectors = 1 limit=128
[  263.163021][T11106] Buffer I/O error on dev loop4, logical block 156, lost async page write
[  263.193245][T11106] syz.4.2529: attempt to access beyond end of device
[  263.193245][T11106] loop4: rw=2049, sector=157, nr_sectors = 1 limit=128
[  263.207075][T11106] Buffer I/O error on dev loop4, logical block 157, lost async page write
[  263.230141][T11106] syz.4.2529: attempt to access beyond end of device
[  263.230141][T11106] loop4: rw=2049, sector=158, nr_sectors = 1 limit=128
[  263.243698][T11106] Buffer I/O error on dev loop4, logical block 158, lost async page write
[  263.276564][T11106] syz.4.2529: attempt to access beyond end of device
[  263.276564][T11106] loop4: rw=2049, sector=159, nr_sectors = 1 limit=128
[  263.290360][T11106] Buffer I/O error on dev loop4, logical block 159, lost async page write
[  263.302873][T11106] syz.4.2529: attempt to access beyond end of device
[  263.302873][T11106] loop4: rw=2049, sector=160, nr_sectors = 1 limit=128
[  263.316559][T11106] Buffer I/O error on dev loop4, logical block 160, lost async page write
[  263.325873][T11112] sd 0:0:1:0: device reset
[  263.363638][T11106] syz.4.2529: attempt to access beyond end of device
[  263.363638][T11106] loop4: rw=2049, sector=161, nr_sectors = 1 limit=128
[  263.377284][T11106] Buffer I/O error on dev loop4, logical block 161, lost async page write
[  263.445181][T11106] syz.4.2529: attempt to access beyond end of device
[  263.445181][T11106] loop4: rw=2049, sector=134, nr_sectors = 1 limit=128
[  263.458736][T11106] Buffer I/O error on dev loop4, logical block 134, lost async page write
[  263.603981][T11106] syz.4.2529: attempt to access beyond end of device
[  263.603981][T11106] loop4: rw=2049, sector=135, nr_sectors = 1 limit=128
[  263.617806][T11106] Buffer I/O error on dev loop4, logical block 135, lost async page write
[  263.636306][T11106] syz.4.2529: attempt to access beyond end of device
[  263.636306][T11106] loop4: rw=2049, sector=136, nr_sectors = 1 limit=128
[  263.649836][T11106] Buffer I/O error on dev loop4, logical block 136, lost async page write
[  263.658599][T11106] Buffer I/O error on dev loop4, logical block 137, lost async page write
[  263.675664][T11127] loop1: detected capacity change from 0 to 1024
[  263.682505][T11127] ext4: Unknown parameter 'uid<00000000000000000000'
[  263.720862][T11127] tmpfs: Unsupported parameter 'huge'
[  263.799885][T11130] kernel read not supported for file /policy (pid: 11130 comm: syz.4.2535)
[  263.868303][   T29] kauditd_printk_skb: 287 callbacks suppressed
[  263.868319][   T29] audit: type=1326 audit(2000000196.881:32368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11131 comm="syz.4.2536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  264.162304][   T29] audit: type=1326 audit(2000000196.881:32369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11131 comm="syz.4.2536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  264.186197][   T29] audit: type=1326 audit(2000000196.921:32370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11131 comm="syz.4.2536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  264.209903][   T29] audit: type=1326 audit(2000000196.921:32371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11131 comm="syz.4.2536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  264.233554][   T29] audit: type=1326 audit(2000000196.921:32372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11131 comm="syz.4.2536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  264.257316][   T29] audit: type=1326 audit(2000000196.921:32373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11131 comm="syz.4.2536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  264.281200][   T29] audit: type=1326 audit(2000000196.921:32374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11131 comm="syz.4.2536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  264.305104][   T29] audit: type=1326 audit(2000000196.921:32375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11131 comm="syz.4.2536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  264.328648][   T29] audit: type=1326 audit(2000000196.921:32376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11131 comm="syz.4.2536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  264.352632][   T29] audit: type=1326 audit(2000000196.921:32377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11131 comm="syz.4.2536" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  264.433538][T11138] loop2: detected capacity change from 0 to 512
[  264.476856][T11138] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.494781][T11145] unsupported nla_type 52263
[  264.502950][T11138] ext4 filesystem being mounted at /534/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  264.589997][T11149] netlink: 'syz.2.2538': attribute type 1 has an invalid length.
[  264.597940][T11149] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2538'.
[  264.631730][T11152] sd 0:0:1:0: device reset
[  264.876913][T11164] 9pnet: Could not find request transport: fd0x000000000000000a
[  265.029692][T11112] lo speed is unknown, defaulting to 1000
[  265.132358][T11152] lo speed is unknown, defaulting to 1000
[  265.300078][T11171] random: crng reseeded on system resumption
[  265.369444][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.402131][T11173] netlink: 'syz.4.2549': attribute type 1 has an invalid length.
[  265.410755][T11173] netlink: 'syz.4.2549': attribute type 1 has an invalid length.
[  265.428161][T11173] bond3: entered promiscuous mode
[  265.433393][T11173] bond3: entered allmulticast mode
[  265.450273][T11173] geneve2: entered allmulticast mode
[  265.457511][T11173] bond3: (slave geneve2): making interface the new active one
[  265.465119][T11173] geneve2: entered promiscuous mode
[  265.471448][T11173] bond3: (slave geneve2): Enslaving as an active interface with an up link
[  265.549754][T11180] loop4: detected capacity change from 0 to 2048
[  265.591550][T11180] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2551'.
[  265.645317][T11156] siw: device registration error -23
[  265.675648][T11185] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2553'.
[  265.721909][T11183] loop4: detected capacity change from 0 to 764
[  265.738368][T11183] iso9660: Unknown parameter ''
[  265.867397][T11190] vlan2: entered allmulticast mode
[  266.503715][T11204] loop2: detected capacity change from 0 to 512
[  266.515096][T11204] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.528104][T11204] ext4 filesystem being mounted at /539/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  266.602672][T11208] netlink: 'syz.2.2559': attribute type 1 has an invalid length.
[  266.610561][T11208] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2559'.
[  267.057950][T11216] lo speed is unknown, defaulting to 1000
[  267.102586][T11223] siw: device registration error -23
[  267.195044][T11234] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  267.320000][T11236] loop4: detected capacity change from 0 to 764
[  267.342995][T11236] iso9660: Unknown parameter ''
[  267.560919][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  267.897572][T11252] lo speed is unknown, defaulting to 1000
[  268.032019][T11256] futex_wake_op: syz.0.2574 tries to shift op by -1; fix this program
[  268.305383][T11254] loop2: detected capacity change from 0 to 1024
[  268.321738][T11254] ext4: Unknown parameter 'uid<00000000000000000000'
[  268.342058][T11254] tmpfs: Unsupported parameter 'huge'
[  268.361898][T11262] netlink: 'syz.1.2577': attribute type 1 has an invalid length.
[  268.384794][T11262] netlink: 'syz.1.2577': attribute type 1 has an invalid length.
[  268.414077][T11262] bond7: entered promiscuous mode
[  268.419202][T11262] bond7: entered allmulticast mode
[  268.491623][T11262] geneve2: entered allmulticast mode
[  268.540252][T11262] bond7: (slave geneve2): making interface the new active one
[  268.547892][T11262] geneve2: entered promiscuous mode
[  268.590529][T11262] bond7: (slave geneve2): Enslaving as an active interface with an up link
[  268.601865][T11273] sch_tbf: burst 0 is lower than device lo mtu (18) !
[  268.614515][T11273] siw: device registration error -23
[  268.661101][T11277] futex_wake_op: syz.4.2583 tries to shift op by -1; fix this program
[  268.674531][T11275] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2582'.
[  268.683528][T11275] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2582'.
[  268.708506][T11275] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2582'.
[  268.776729][T11275] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2582'.
[  268.785749][T11275] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2582'.
[  268.785861][T11277] loop4: detected capacity change from 0 to 2048
[  268.801785][T11275] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2582'.
[  268.822770][T11277] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  268.835069][T11277] ext4 filesystem being mounted at /561/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  268.922884][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.030150][T11294] loop0: detected capacity change from 0 to 1024
[  269.071458][T11294] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.271568][   T29] kauditd_printk_skb: 826 callbacks suppressed
[  269.271582][   T29] audit: type=1326 audit(2000000202.281:33204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11313 comm="syz.4.2593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  269.376799][   T29] audit: type=1326 audit(2000000202.321:33205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11313 comm="syz.4.2593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  269.400524][   T29] audit: type=1326 audit(2000000202.321:33206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11313 comm="syz.4.2593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  269.424246][   T29] audit: type=1326 audit(2000000202.321:33207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11313 comm="syz.4.2593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  269.447871][   T29] audit: type=1326 audit(2000000202.321:33208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11313 comm="syz.4.2593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  269.471581][   T29] audit: type=1326 audit(2000000202.321:33209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11313 comm="syz.4.2593" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  269.495348][   T29] audit: type=1326 audit(2000000202.321:33210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11313 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  269.518818][   T29] audit: type=1326 audit(2000000202.321:33211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11313 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  269.541995][   T29] audit: type=1326 audit(2000000202.321:33212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11313 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  269.565032][   T29] audit: type=1326 audit(2000000202.321:33213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11313 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6e8f85e929 code=0x7ffc0000
[  269.590926][T11318] kernel read not supported for file /policy (pid: 11318 comm: syz.0.2587)
[  269.760043][T11296] lo speed is unknown, defaulting to 1000
[  269.800590][T11324] loop1: detected capacity change from 0 to 764
[  269.814837][T11324] iso9660: Unknown parameter ''
[  269.892033][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.934495][T11326] loop0: detected capacity change from 0 to 512
[  269.955476][T11326] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  269.993621][T11326] ext4 filesystem being mounted at /499/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  270.009566][T11330] futex_wake_op: syz.1.2597 tries to shift op by -1; fix this program
[  270.031983][T11326] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.2596: corrupted inode contents
[  270.135888][T11326] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.2596: mark_inode_dirty error
[  270.162070][T11326] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.2596: corrupted inode contents
[  270.205473][T11326] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.2596: mark_inode_dirty error
[  270.404489][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.546989][T11340] lo speed is unknown, defaulting to 1000
[  271.160618][T11365] loop2: detected capacity change from 0 to 512
[  271.183043][T11365] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  271.232892][T11365] ext4 filesystem being mounted at /545/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  271.321271][T11370] lo speed is unknown, defaulting to 1000
[  271.338772][T11371] netlink: 'syz.2.2610': attribute type 1 has an invalid length.
[  271.346610][T11371] __nla_validate_parse: 4 callbacks suppressed
[  271.346630][T11371] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2610'.
[  271.887928][T11387] futex_wake_op: syz.4.2617 tries to shift op by -1; fix this program
[  272.189940][T11393] loop0: detected capacity change from 0 to 764
[  272.203369][T11393] iso9660: Unknown parameter ''
[  272.220130][ T3308] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.329616][T11403] futex_wake_op: syz.0.2623 tries to shift op by -1; fix this program
[  272.348899][T11403] loop0: detected capacity change from 0 to 2048
[  272.363965][T11403] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  272.376271][T11403] ext4 filesystem being mounted at /504/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  272.397647][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.419274][T11408] loop2: detected capacity change from 0 to 1024
[  272.439030][T11408] ext4: Unknown parameter 'uid<00000000000000000000'
[  272.447267][T11409] loop1: detected capacity change from 0 to 1024
[  272.461965][T11409] ext4: Unknown parameter 'uid<00000000000000000000'
[  272.477245][T11408] tmpfs: Unsupported parameter 'huge'
[  272.820772][T11415] loop0: detected capacity change from 0 to 1024
[  272.870194][T11415] ext4: Unknown parameter 'uid<00000000000000000000'
[  272.895871][T11420] loop4: detected capacity change from 0 to 512
[  272.913644][T11420] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  272.918075][T11415] tmpfs: Unsupported parameter 'huge'
[  272.952954][T11420] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  272.992172][T11420] System zones: 0-2, 18-18, 34-34
[  273.011605][T11420] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  273.075289][T11420] ext4 filesystem being mounted at /577/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  273.473349][T11432] netlink: 340 bytes leftover after parsing attributes in process `syz.1.2630'.
[  273.538825][T11432] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2630'.
[  273.746979][T11439] lo speed is unknown, defaulting to 1000
[  274.051141][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.063910][T11444] futex_wake_op: syz.2.2635 tries to shift op by -1; fix this program
[  274.527870][T11461] lo speed is unknown, defaulting to 1000
[  274.882412][T11467] futex_wake_op: syz.3.2642 tries to shift op by -1; fix this program
[  274.890960][T11465] loop0: detected capacity change from 0 to 764
[  274.898532][T11465] iso9660: Unknown parameter ''
[  275.110973][T11470] lo speed is unknown, defaulting to 1000
[  275.125156][   T29] kauditd_printk_skb: 209 callbacks suppressed
[  275.125169][   T29] audit: type=1326 audit(2000000208.141:33423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11466 comm="syz.3.2642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  275.155305][   T29] audit: type=1326 audit(2000000208.141:33424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11466 comm="syz.3.2642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  275.179058][   T29] audit: type=1326 audit(2000000208.141:33425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11466 comm="syz.3.2642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcd7b8cd290 code=0x7ffc0000
[  275.202755][   T29] audit: type=1326 audit(2000000208.141:33426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11466 comm="syz.3.2642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  275.226584][   T29] audit: type=1326 audit(2000000208.141:33427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11466 comm="syz.3.2642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  275.250298][   T29] audit: type=1326 audit(2000000208.141:33428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11466 comm="syz.3.2642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  275.274044][   T29] audit: type=1326 audit(2000000208.141:33429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11466 comm="syz.3.2642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  275.297664][   T29] audit: type=1326 audit(2000000208.141:33430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11466 comm="syz.3.2642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd7b8ce929 code=0x7ffc0000
[  275.344281][T11478] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  275.428110][   T29] audit: type=1326 audit(2000000208.431:33431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11486 comm="syz.2.2650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  275.452176][   T29] audit: type=1326 audit(2000000208.431:33432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11486 comm="syz.2.2650" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  275.508954][T11490] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2650'.
[  275.617738][T11500] futex_wake_op: syz.4.2653 tries to shift op by -1; fix this program
[  275.781534][T11502] loop0: detected capacity change from 0 to 1024
[  275.790341][T11502] ext4: Unknown parameter 'uid<00000000000000000000'
[  275.799896][T11504] FAULT_INJECTION: forcing a failure.
[  275.799896][T11504] name failslab, interval 1, probability 0, space 0, times 0
[  275.812653][T11504] CPU: 0 UID: 0 PID: 11504 Comm: syz.3.2654 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  275.812689][T11504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  275.812705][T11504] Call Trace:
[  275.812711][T11504]  <TASK>
[  275.812783][T11504]  __dump_stack+0x1d/0x30
[  275.812863][T11504]  dump_stack_lvl+0xe8/0x140
[  275.812887][T11504]  dump_stack+0x15/0x1b
[  275.812905][T11504]  should_fail_ex+0x265/0x280
[  275.813007][T11504]  should_failslab+0x8c/0xb0
[  275.813033][T11504]  kmem_cache_alloc_noprof+0x50/0x310
[  275.813130][T11504]  ? sctp_get_port_local+0x420/0xab0
[  275.813161][T11504]  sctp_get_port_local+0x420/0xab0
[  275.813192][T11504]  ? __rcu_read_unlock+0x4f/0x70
[  275.813291][T11504]  sctp_do_bind+0x398/0x4b0
[  275.813325][T11504]  sctp_setsockopt_bindx+0x1c9/0x2c0
[  275.813366][T11504]  sctp_setsockopt+0x79f/0xe30
[  275.813400][T11504]  sock_common_setsockopt+0x66/0x80
[  275.813447][T11504]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  275.813476][T11504]  __sys_setsockopt+0x181/0x200
[  275.813508][T11504]  __x64_sys_setsockopt+0x64/0x80
[  275.813583][T11504]  x64_sys_call+0x2bd5/0x2fb0
[  275.813610][T11504]  do_syscall_64+0xd2/0x200
[  275.813663][T11504]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  275.813689][T11504]  ? clear_bhb_loop+0x40/0x90
[  275.813715][T11504]  ? clear_bhb_loop+0x40/0x90
[  275.813742][T11504]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.813804][T11504] RIP: 0033:0x7fcd7b8ce929
[  275.813818][T11504] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  275.813836][T11504] RSP: 002b:00007fcd79f37038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  275.813868][T11504] RAX: ffffffffffffffda RBX: 00007fcd7baf5fa0 RCX: 00007fcd7b8ce929
[  275.813882][T11504] RDX: 0000000000000064 RSI: 0000000000000084 RDI: 0000000000000003
[  275.813943][T11504] RBP: 00007fcd79f37090 R08: 0000000000000038 R09: 0000000000000000
[  275.813997][T11504] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  275.814008][T11504] R13: 0000000000000000 R14: 00007fcd7baf5fa0 R15: 00007ffcacbd3238
[  275.814027][T11504]  </TASK>
[  276.067714][T11505] loop4: detected capacity change from 0 to 2048
[  276.086490][T11502] tmpfs: Unsupported parameter 'huge'
[  276.115772][T11505] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  276.128202][T11505] ext4 filesystem being mounted at /583/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  276.360846][T11511] loop3: detected capacity change from 0 to 764
[  276.383444][T11511] iso9660: Unknown parameter ''
[  276.402965][T11513] loop2: detected capacity change from 0 to 2048
[  276.424309][T11513] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2656'.
[  276.529148][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.635371][T11528] futex_wake_op: syz.3.2663 tries to shift op by -1; fix this program
[  276.685494][T11528] lo speed is unknown, defaulting to 1000
[  276.705409][T11532] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  276.726421][T11526] siw: device registration error -23
[  276.800314][T11535] netlink: 'syz.2.2665': attribute type 1 has an invalid length.
[  276.812278][T11535] netlink: 'syz.2.2665': attribute type 1 has an invalid length.
[  276.826961][T11540] futex_wake_op: syz.4.2667 tries to shift op by -1; fix this program
[  276.924127][T11535] bond0: entered promiscuous mode
[  276.929245][T11535] bond0: entered allmulticast mode
[  276.949386][T11542] geneve2: entered allmulticast mode
[  276.972635][T11542] bond0: (slave geneve2): making interface the new active one
[  276.980269][T11542] geneve2: entered promiscuous mode
[  277.001377][T11542] bond0: (slave geneve2): Enslaving as an active interface with an up link
[  277.021880][T11545] loop3: detected capacity change from 0 to 764
[  277.030177][T11545] iso9660: Unknown parameter ''
[  277.073073][T11549] loop4: detected capacity change from 0 to 2048
[  277.100400][T11548] loop0: detected capacity change from 0 to 764
[  277.113180][T11549] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  277.126791][T11549] ext4 filesystem being mounted at /586/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  277.127116][T11548] iso9660: Unknown parameter ''
[  277.184449][T11556] FAULT_INJECTION: forcing a failure.
[  277.184449][T11556] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  277.197883][T11556] CPU: 0 UID: 0 PID: 11556 Comm: syz.2.2671 Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  277.197971][T11556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  277.197987][T11556] Call Trace:
[  277.197996][T11556]  <TASK>
[  277.198006][T11556]  __dump_stack+0x1d/0x30
[  277.198029][T11556]  dump_stack_lvl+0xe8/0x140
[  277.198048][T11556]  dump_stack+0x15/0x1b
[  277.198063][T11556]  should_fail_ex+0x265/0x280
[  277.198159][T11556]  should_fail+0xb/0x20
[  277.198258][T11556]  should_fail_usercopy+0x1a/0x20
[  277.198298][T11556]  _copy_to_user+0x20/0xa0
[  277.198319][T11556]  simple_read_from_buffer+0xb5/0x130
[  277.198354][T11556]  proc_fail_nth_read+0x100/0x140
[  277.198380][T11556]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  277.198434][T11556]  vfs_read+0x1a0/0x6f0
[  277.198472][T11556]  ? __rcu_read_unlock+0x4f/0x70
[  277.198554][T11556]  ? __rcu_read_unlock+0x4f/0x70
[  277.198581][T11556]  ? __fget_files+0x184/0x1c0
[  277.198606][T11556]  ksys_read+0xda/0x1a0
[  277.198637][T11556]  __x64_sys_read+0x40/0x50
[  277.198737][T11556]  x64_sys_call+0x2d77/0x2fb0
[  277.198759][T11556]  do_syscall_64+0xd2/0x200
[  277.198781][T11556]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  277.198818][T11556]  ? clear_bhb_loop+0x40/0x90
[  277.198854][T11556]  ? clear_bhb_loop+0x40/0x90
[  277.198882][T11556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.198907][T11556] RIP: 0033:0x7fb7f7dad33c
[  277.198927][T11556] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  277.198980][T11556] RSP: 002b:00007fb7f6417030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  277.198998][T11556] RAX: ffffffffffffffda RBX: 00007fb7f7fd5fa0 RCX: 00007fb7f7dad33c
[  277.199010][T11556] RDX: 000000000000000f RSI: 00007fb7f64170a0 RDI: 0000000000000003
[  277.199043][T11556] RBP: 00007fb7f6417090 R08: 0000000000000000 R09: 0000000000000000
[  277.199059][T11556] R10: 0000200000000740 R11: 0000000000000246 R12: 0000000000000001
[  277.199083][T11556] R13: 0000000000000000 R14: 00007fb7f7fd5fa0 R15: 00007fff437c5f58
[  277.199103][T11556]  </TASK>
[  277.483358][T11563] loop3: detected capacity change from 0 to 512
[  277.508887][T11563] loop3: detected capacity change from 0 to 1024
[  277.525036][T11563] EXT4-fs: Ignoring removed nobh option
[  277.527312][T11565] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  277.530669][T11563] EXT4-fs: Ignoring removed bh option
[  277.569611][T11565] siw: device registration error -23
[  277.588678][T11567] futex_wake_op: syz.0.2676 tries to shift op by -1; fix this program
[  277.670266][T11567] lo speed is unknown, defaulting to 1000
[  277.773865][T11563] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  277.837218][T11563] EXT4-fs error (device loop3): mb_free_blocks:1948: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  277.898324][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.917208][T11583] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2682'.
[  277.988046][T11586] loop2: detected capacity change from 0 to 764
[  278.003794][T11586] iso9660: Unknown parameter ''
[  278.108032][T11595] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2687'.
[  278.128419][T11595] 8021q: adding VLAN 0 to HW filter on device bond4
[  278.164958][ T3321] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.197109][T11598] futex_wake_op: syz.4.2688 tries to shift op by -1; fix this program
[  278.207106][T11599] SELinux: failed to load policy
[  278.290418][T11602] futex_wake_op: syz.3.2689 tries to shift op by -1; fix this program
[  278.343202][T11602] lo speed is unknown, defaulting to 1000
[  278.667919][T11618] futex_wake_op: syz.0.2695 tries to shift op by -1; fix this program
[  278.987939][T11626] lo speed is unknown, defaulting to 1000
[  279.206459][T11626] sd 0:0:1:0: device reset
[  279.239414][T11626] loop0: detected capacity change from 0 to 2048
[  279.296682][T11626] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  279.309031][T11626] ext4 filesystem being mounted at /516/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  279.393281][T11631] loop1: detected capacity change from 0 to 764
[  279.420990][T11631] iso9660: Unknown parameter ''
[  279.585261][ T3309] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.601418][T11636] futex_wake_op: syz.3.2699 tries to shift op by -1; fix this program
[  279.613535][T11638] futex_wake_op: syz.4.2701 tries to shift op by -1; fix this program
[  279.836354][T11645] loop3: detected capacity change from 0 to 2048
[  279.875663][T11645] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  279.940051][T11647] lo speed is unknown, defaulting to 1000
[  279.956705][T11645] ext4 filesystem being mounted at /531/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  280.045617][T11653] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 345: padding at end of block bitmap is not set
[  280.084654][T11660] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2706'.
[  280.761309][T11673] loop2: detected capacity change from 0 to 2048
[  280.790310][T11667] loop0: detected capacity change from 0 to 512
[  280.797413][   T29] kauditd_printk_skb: 418 callbacks suppressed
[  280.797428][   T29] audit: type=1400 audit(2000000213.811:33851): avc:  denied  { mounton } for  pid=11665 comm="syz.0.2708" path="/syzcgroup/cpu/syz0/cgroup.procs" dev="cgroup" ino=151 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=file permissive=1
[  280.806328][T11673] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2710'.
[  280.840551][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.853988][T11677] futex_wake_op: syz.1.2711 tries to shift op by -1; fix this program
[  280.873255][T11667] EXT4-fs (loop0): 1 orphan inode deleted
[  280.879393][T11667] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  280.892760][ T9768] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  280.902614][ T9768] EXT4-fs error (device loop0): ext4_release_dquot:6969: comm kworker/u8:40: Failed to release dquot type 1
[  280.932964][T11667] ext4 filesystem being mounted at /syzcgroup/cpu/syz0/cgroup.procs supports timestamps until 2038-01-19 (0x7fffffff)
[  280.955377][T11667] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.963796][T11682] loop3: detected capacity change from 0 to 2048
[  281.004701][T11682] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2712'.
[  281.062711][   T29] audit: type=1326 audit(2000000214.071:33852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11685 comm="syz.0.2714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d4e4ae929 code=0x7ffc0000
[  281.107291][   T29] audit: type=1326 audit(2000000214.101:33853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11683 comm="syz.2.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  281.131108][   T29] audit: type=1326 audit(2000000214.101:33854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11683 comm="syz.2.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  281.155056][   T29] audit: type=1326 audit(2000000214.101:33855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11683 comm="syz.2.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  281.178890][   T29] audit: type=1326 audit(2000000214.101:33856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11683 comm="syz.2.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  281.202710][   T29] audit: type=1326 audit(2000000214.101:33857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11683 comm="syz.2.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  281.219402][T11688] loop3: detected capacity change from 0 to 764
[  281.226342][   T29] audit: type=1326 audit(2000000214.101:33858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11683 comm="syz.2.2713" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fb7f7dae929 code=0x7ffc0000
[  281.239162][T11688] iso9660: Unknown parameter ''
[  281.256229][   T29] audit: type=1326 audit(2000000214.111:33859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11685 comm="syz.0.2714" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1d4e4ae929 code=0x7ffc0000
[  281.353766][T11694] loop3: detected capacity change from 0 to 1024
[  281.374170][T11694] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  281.424089][ T3312] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.444360][T11701] futex_wake_op: syz.3.2719 tries to shift op by -1; fix this program
[  281.737028][T11707] lo speed is unknown, defaulting to 1000
[  281.933977][T11714] loop1: detected capacity change from 0 to 1024
[  281.940845][T11714] ext4: Unknown parameter 'uid<00000000000000000000'
[  281.974051][T11714] tmpfs: Unsupported parameter 'huge'
[  282.600621][T11734] loop2: detected capacity change from 0 to 764
[  282.616977][T11737] netlink: 'syz.4.2731': attribute type 1 has an invalid length.
[  282.618802][T11734] iso9660: Unknown parameter ''
[  282.627184][T11737] netlink: 'syz.4.2731': attribute type 1 has an invalid length.
[  282.660571][T11737] bond4: entered promiscuous mode
[  282.665747][T11737] bond4: entered allmulticast mode
[  282.769182][T11743] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  282.919052][T11750] futex_wake_op: syz.4.2737 tries to shift op by -1; fix this program
[  283.293892][T11758] lo speed is unknown, defaulting to 1000
[  283.634438][T11760] lo speed is unknown, defaulting to 1000
[  283.887571][T11776] netlink: 'syz.0.2744': attribute type 1 has an invalid length.
[  283.921823][T11776] netlink: 'syz.0.2744': attribute type 1 has an invalid length.
[  284.042646][T11776] bond4: entered promiscuous mode
[  284.047973][T11776] bond4: entered allmulticast mode
[  284.109989][T11781] geneve2: entered allmulticast mode
[  284.142622][T11781] bond4: (slave geneve2): making interface the new active one
[  284.150172][T11781] geneve2: entered promiscuous mode
[  284.190861][T11781] bond4: (slave geneve2): Enslaving as an active interface with an up link
[  284.272515][T11778] lo speed is unknown, defaulting to 1000
[  284.296521][T11783] 9pnet_fd: Insufficient options for proto=fd
[  284.643114][T11794] sd 0:0:1:0: device reset
[  284.661864][T11797] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  284.700697][T11797] siw: device registration error -23
[  284.784710][T11802] loop2: detected capacity change from 0 to 2048
[  284.857904][T11800] lo speed is unknown, defaulting to 1000
[  284.895583][T11802] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2751'.
[  285.480985][T11826] siw: device registration error -23
[  285.489400][T11823] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  285.559445][T11830] futex_wake_op: syz.3.2761 tries to shift op by -1; fix this program
[  285.844166][   T29] kauditd_printk_skb: 340 callbacks suppressed
[  285.844184][   T29] audit: type=1326 audit(2000000218.862:34200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11832 comm="syz.0.2762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1d4e4a58e7 code=0x7ffc0000
[  285.874287][   T29] audit: type=1326 audit(2000000218.862:34201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11832 comm="syz.0.2762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1d4e44ab19 code=0x7ffc0000
[  285.897979][   T29] audit: type=1326 audit(2000000218.862:34202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11832 comm="syz.0.2762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f1d4e4ae929 code=0x7ffc0000
[  285.958473][   T29] audit: type=1326 audit(2000000218.912:34203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11832 comm="syz.0.2762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1d4e4a58e7 code=0x7ffc0000
[  285.965423][T11834] netlink: 148 bytes leftover after parsing attributes in process `syz.0.2762'.
[  285.982100][   T29] audit: type=1326 audit(2000000218.912:34204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11832 comm="syz.0.2762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1d4e44ab19 code=0x7ffc0000
[  286.014701][   T29] audit: type=1326 audit(2000000218.912:34205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11832 comm="syz.0.2762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f1d4e4ae929 code=0x7ffc0000
[  286.038285][   T29] audit: type=1326 audit(2000000218.942:34206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11832 comm="syz.0.2762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1d4e4a58e7 code=0x7ffc0000
[  286.061909][   T29] audit: type=1326 audit(2000000218.942:34207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11832 comm="syz.0.2762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1d4e44ab19 code=0x7ffc0000
[  286.085736][   T29] audit: type=1326 audit(2000000218.942:34208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11832 comm="syz.0.2762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f1d4e4ae929 code=0x7ffc0000
[  286.109502][   T29] audit: type=1326 audit(2000000218.952:34209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11832 comm="syz.0.2762" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1d4e4a58e7 code=0x7ffc0000
[  286.437582][T11850] vlan2: entered allmulticast mode
[  286.551901][T11848] lo speed is unknown, defaulting to 1000
[  286.608462][T11870] futex_wake_op: syz.1.2773 tries to shift op by -1; fix this program
[  286.783215][T11875] loop3: detected capacity change from 0 to 1024
[  286.797314][T11848] chnl_net:caif_netlink_parms(): no params data found
[  286.913997][T11880] sd 0:0:1:0: device reset
[  286.952825][T11875] ext4: Unknown parameter 'uid<00000000000000000000'
[  286.992754][T11881] loop1: detected capacity change from 0 to 2048
[  287.044637][T11881] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  287.056850][T11881] ext4 filesystem being mounted at /509/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  287.079665][T11871] tmpfs: Unsupported parameter 'huge'
[  287.275989][T11886] loop2: detected capacity change from 0 to 2048
[  287.350243][T11879] lo speed is unknown, defaulting to 1000
[  287.364709][T11886] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2775'.
[  287.427340][ T3312] ==================================================================
[  287.435512][ T3312] BUG: KCSAN: data-race in generic_fillattr / inode_add_bytes
[  287.443027][ T3312] 
[  287.445380][ T3312] read-write to 0xffff888124a0c9c0 of 8 bytes by task 11867 on cpu 0:
[  287.453573][ T3312]  inode_add_bytes+0x47/0xe0
[  287.458211][ T3312]  __dquot_alloc_space+0x180/0x8a0
[  287.463895][ T3312]  shmem_inode_acct_blocks+0x129/0x240
[  287.469414][ T3312]  shmem_get_folio_gfp+0x5a7/0xd60
[  287.474606][ T3312]  shmem_write_begin+0xa8/0x190
[  287.479516][ T3312]  generic_perform_write+0x184/0x490
[  287.484847][ T3312]  shmem_file_write_iter+0xc5/0xf0
[  287.489997][ T3312]  __kernel_write_iter+0x256/0x4c0
[  287.495164][ T3312]  dump_user_range+0x407/0x8c0
[  287.499981][ T3312]  elf_core_dump+0x1dc2/0x1f80
[  287.504804][ T3312]  do_coredump+0x1dfa/0x27b0
[  287.509438][ T3312]  get_signal+0xd85/0xf70
[  287.513820][ T3312]  arch_do_signal_or_restart+0x96/0x480
[  287.519423][ T3312]  irqentry_exit_to_user_mode+0x5e/0xa0
[  287.525033][ T3312]  irqentry_exit+0x12/0x50
[  287.529506][ T3312]  asm_exc_page_fault+0x26/0x30
[  287.534400][ T3312] 
[  287.536758][ T3312] read to 0xffff888124a0c9c0 of 8 bytes by task 3312 on cpu 1:
[  287.544428][ T3312]  generic_fillattr+0x27d/0x340
[  287.549332][ T3312]  shmem_getattr+0x181/0x200
[  287.553980][ T3312]  vfs_getattr_nosec+0x146/0x1e0
[  287.558951][ T3312]  vfs_statx+0x113/0x390
[  287.563254][ T3312]  vfs_fstatat+0x115/0x170
[  287.567714][ T3312]  __se_sys_newfstatat+0x55/0x260
[  287.572781][ T3312]  __x64_sys_newfstatat+0x55/0x70
[  287.577838][ T3312]  x64_sys_call+0x2c22/0x2fb0
[  287.582549][ T3312]  do_syscall_64+0xd2/0x200
[  287.587090][ T3312]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.593011][ T3312] 
[  287.595347][ T3312] value changed: 0x0000000000014400 -> 0x0000000000014418
[  287.602474][ T3312] 
[  287.604817][ T3312] Reported by Kernel Concurrency Sanitizer on:
[  287.610982][ T3312] CPU: 1 UID: 0 PID: 3312 Comm: syz-executor Not tainted 6.16.0-rc1-syzkaller-00239-g08215f5486ec #0 PREEMPT(voluntary) 
[  287.623598][ T3312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  287.633679][ T3312] ==================================================================
[  287.741439][T11848] bridge0: port 1(bridge_slave_0) entered blocking state
[  287.748581][T11848] bridge0: port 1(bridge_slave_0) entered disabled state
[  287.768301][T11848] bridge_slave_0: entered allmulticast mode
[  287.774775][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  287.775541][T11848] bridge_slave_0: entered promiscuous mode
[  287.790761][T11848] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.798286][T11848] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.807985][T11848] bridge_slave_1: entered allmulticast mode
[  287.814960][T11848] bridge_slave_1: entered promiscuous mode
[  287.852359][T11848] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  287.882517][T11848] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  287.916808][T11848] team0: Port device team_slave_0 added
[  287.925928][T11848] team0: Port device team_slave_1 added
[  287.951982][T11848] batman_adv: batadv0: Adding interface: batadv_slave_0
[  287.958995][T11848] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  287.985630][T11848] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  287.997645][T11848] batman_adv: batadv0: Adding interface: batadv_slave_1
[  288.004945][T11848] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  288.031002][T11848] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  288.049509][ T9775] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.083553][T11848] hsr_slave_0: entered promiscuous mode
[  288.089676][T11848] hsr_slave_1: entered promiscuous mode
[  288.095532][T11848] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  288.103173][T11848] Cannot create hsr debugfs directory
[  288.135993][ T9775] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.223847][ T9775] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.284473][ T9775] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  288.384429][ T9775] bond3 (unregistering): (slave geneve2): Releasing active interface
[  288.392616][ T9775] geneve2 (unregistering): left promiscuous mode
[  288.803561][ T9775] bond0 (unregistering): Released all slaves
[  288.812364][ T9775] bond1 (unregistering): Released all slaves
[  288.821162][ T9775] bond2 (unregistering): Released all slaves
[  288.829765][ T9775] bond3 (unregistering): Released all slaves
[  288.838725][ T9775] bond4 (unregistering): Released all slaves
[  288.909639][ T9775] hsr_slave_1: left promiscuous mode
[  288.922626][ T9775] veth1_macvtap: left promiscuous mode
[  288.928158][ T9775] veth0_macvtap: left promiscuous mode
[  288.934729][ T9775] veth1_vlan: left promiscuous mode
[  288.939983][ T9775] veth0_vlan: left promiscuous mode
[  289.023480][ T9775] team0 (unregistering): Port device dummy0 removed
[  289.036068][   T10] infiniband : ib_query_port failed (-19)
[  289.256396][T11848] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  289.265327][T11848] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  289.274338][T11848] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  289.283752][T11848] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  289.317941][T11848] 8021q: adding VLAN 0 to HW filter on device bond0
[  289.330435][T11848] 8021q: adding VLAN 0 to HW filter on device team0
[  289.339656][ T9800] bridge0: port 1(bridge_slave_0) entered blocking state
[  289.346919][ T9800] bridge0: port 1(bridge_slave_0) entered forwarding state
[  289.359219][ T9800] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.366396][ T9800] bridge0: port 2(bridge_slave_1) entered forwarding state
[  289.428995][T11848] 8021q: adding VLAN 0 to HW filter on device batadv0
[  289.535303][T11848] veth0_vlan: entered promiscuous mode
[  289.542917][T11848] veth1_vlan: entered promiscuous mode
[  289.558946][T11848] veth0_macvtap: entered promiscuous mode
[  289.566158][T11848] veth1_macvtap: entered promiscuous mode
[  289.578141][T11848] batman_adv: batadv0: Interface activated: batadv_slave_0
[  289.588019][T11848] batman_adv: batadv0: Interface activated: batadv_slave_1
[  289.599394][T11848] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  289.608257][T11848] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  289.617118][T11848] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  289.625890][T11848] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0