last executing test programs:

7.688882724s ago: executing program 1 (id=905):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xe)
r1 = memfd_create(&(0x7f0000000600)='prodM\xb0\xea\a\x06\xbe\xaen/\xce4\xb7\xc1\xef\xba!\x9d\rSt\xa24\t\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1dz\xd05\xe2e,\xb1\x84\xea\x91^%A\xe5\x9e\x13TdT\xc6^p\xb0#R\x04\x06\xae\xebA;X\x14\x97\xabh\xd1/\x84\x8a\x91$GY\xeb\x8f\xec\xb4\xf9\x17\xb7\x04\xc2\xc0\xc6\xb4\v\xff\xfc\x88\x90\xabC\x02\x00\xf04\x03\x88\xae9\'>R^P{Vr!\xe2\x02\x00\x00\x00\x00\x00\x00\x006\x96\xffZ\\A@\x00\x00\x00\xc9\xf3Y\xb8\x89#\xa1\xb1)Dk\xeb\xa1\t\x00{u[\xbd\x9d\xf4\xbf\\\xce\x02P\xf2MY\x05^\xffj\x9c\x14\xb7\xb6v\x1d*1>\x00 \x00\x00\x00\x00\x14C?]\x8c\xb4Y\xcf\x80\x85\xd6\x036\xc8~\xa8\f\x00\x00\xb5M\x9a\x9dc\xaaAU\xec\xe06\xed\xe4\xfb\xdf\a\xd0lg\x13\xf9\x8b:s>\xd7s\xef\xb3\x9f#\x15)\xf9\xe10\xc7\xb262<k\xa8\x88\x01\x00fhD\xe7\xb6\x17\x80\x95\xa8\x1e\t\xb01KF\xcb\x00\x1e\x7fE\x7f\x02\x00\x00\x00y<nGR\x94\x99\xb8\x89\x9b\x8f\xd5\xe6\x02\xb5C\xad\"u\xf4>\x00\x00\x00\x00\x00\x00\x00\x00Nz\x0eu\x8f\x01\x00\x00\x00\x00\x00\x00\xdd\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc3\xa7/\x0f\x9b`\xa5\x98\x81a\xeev\x00\x00\x00\x00\a\x10\x00m2\xf2\xd8,\x17\xf8\x8e\xae\xc8\xad\xed<\"\x8e\n\x9d\xb13\x8d\xef\x96\xd2I\"8=tg\xdfU\xd0q\x95/f\xec\xdc\xa3\xe1[\xc0\xaa\xefz\xc9\xf4[\x00\x00\x00Q\xff}5\x94\x88\xa1\xdc\xa1g\xe0q\xc5:\xe4\xdf\x80\xb3,\xb9\xb2\xdc\x81\x9f6\x0f\x84WY\xbfSY`\xb8\a\x19\xb1\x058\xa4\xc3\xbb\xf8aB:\x84\x02?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3o-GU\xb0\x00F\xb3o(aI[\xd6\x9fG\xaeI\x83\x93\x8cC\xc0#\xe0q\xd0Ex|\xdb\xa8\x16\xfe>:\t0\xfd\x8a\xc7\x84\xb5\xc7M-0A\xf0\x94\xf3\xcc\x8d\xbb3\\\"\x882\xb3\xa84\xac\x00\xdd}Ft\xc6\xcc\f}1X#\xe4\xe1\x94i\xce\xa1\xff\x95\x80\xb4T\x9c\x01\xf3\x1cLB\x94m(m\f\xbc\xebY\xa0\xf7\xf0\x9d\x10\xbd\x86\x1by\xe6\xdf\xc0\xc5\xb9\xb9\xbf\xdf~9\nC\xe9\xc5\x0e\xda\x9c(\x9b\"\xc7\x97\xfc\b\xd9\xc2T\xa7*}]\xc8\xb3 .\x9b\x89\x0f\xf8$\xdd>lU\x13EG\xbb1] \xda\x19\xc5\x9b\x15\x95\xc4\xfcw\xbb\x92\x91\xc4\xa6\x907XK\xfc\x17]\xfa\xff\'\xef\x92\x1c\xb8\x1fK\xb2o \xd1\xbd\xb2\x11+\xa3R\xefQ\xc2\xbdW\x05\xec\xb3=@\x03\xc6^\xa2\x15%\xb0\'D#\xb6Q\x8f\x82?S>\x0fP\x9cE\x92{d\xe6\x9cj1\x87\xb3\x01\xde\xe8\x89#;a\x94\"\xd1U\xff\xe8v\xd3\x84d\xf4\x134\x00\x00\x00\x00h\xaa\x15\x9a\xf7\x03\x00%\x88p\x90\xbb\x9dt\xa3\xe1\r\x8d\x94\"\x19\x8b\x17)\xea\xd5\x17\xeb\xe4\x1b\x0fBZ1\xbe\xee\xfa\x1c\xf9\xa6\x11\x94\x06\\P:\xaf\xcex\xc2\x82\x9a\x16\xfc\xa1\xf9q\x12\xe3\x1a\xdc\xb7\x12\xbba\b\xbb\xed\xb2\xd1W\xe2\x8b\x8d8}\x10W\xbd\xa60A\xc3\x03\xfa\x890\x86#\bQ\xcb)\x00]\x9e\x14\xd2\xea\x82\xa8\xb7ZG\x15r\xf1\t\x00\x00\x00 \xc1\xaf\x19?\x00\\\x91\x13\x1b8\xe1\xc3\xa4\v\x94\xbfJ\xb5\xde\x95\x82\x00]B|\xe2[%\xe3\xf0\x04\xba\xed\xdb\xf5\x7f\x9d\xfe>\xf6m$M&\x7fq]\xe4\xf6\x82\xc3\x00\xb1zg}\x99E\xa4\x19\xe9\x1a4a\xd75D-k\x84\xa6\x12+\xebk\xa1\xfek\x89\xef\x18\xc1)6\xa65\xe2D\xbe\xe1\xdfq\xdd68\xf37g\xab9m\xe7\xddO\v?\xe0\xbe}\xa9U\xc7{\xd3\x16W\xbb\xe5\xd2\x93\xfe\xa4\x9d\r$\xe91c8`\x86\xbc)\xc6\x12\x8c_x\xa8\xfa\xb5K\x03\x85\x93k\xe1\x8e\x1f)\".\xcc\'\v\xa6\x1bj\\\n\xe98yA\xd8T\x85\x80A\xcbo\x99\x99\xeb)r\x1a\xce\x18(\x185LL\xbcOeO\'\xe2\x86&\xe4\xe2\xe7~\x92\xa2\xb2\x9b\xc3\x00\x85\xce\xad7\x87\xa0\xfcc\xf5\xf8\xaf\v,q\xd4\x18\xbdM\x1a\xde\xba*L\x05m6\xecH\xd0T\xb8m\xdb\b\xa6\x02\xfb\x13\xac\x91\x8a\x8d\x94\x93\x8d=\xb1\x84\x9c\x9b\xe5\xc7\xa6\xc9Q\xc1eUc\xcc\x180^\x00\x00\x00\x00\x00\x00\x00\x00\xe7]6+\\\x00\x00\x00\x00?#C.\x1dj\xd9\xc3\xdd&\x80g:N\xec\x06[\x8f\x92\xe2\xb01\xb0\xef\x10,\xde\xf3\x86D\x8b\xf7\xf1>AH\xef\\\xf9\x8b\a\xe0\xb2\xcb\xf0\x97\b\r\xd5`\xb9\xd6\xa4\x1e\xbe\x12-}\xc5\x84\xde@\x18\x87\f\x01O\xedS\x8f\x9en,\xbce\xb2\xe4\x82v\x1c\xed\x84-s\xab\x06b\x9c\xba\xec\xa5\xc9A\x84\xd0\xe0 S\xc8\xa2\xaf\x85\v\xad\xa5\x88\xcf\xb6}`\x14\'\xea\xbfN\xac)\xa1\xe8\xb2\x9f\x112TJ\x16\x8c9\xe9\xf5\x18\x15Dd\x8a%>\x91\x93\x88\xe9\x18\x82]\x9e&\xfa\xaa\xfa8Z2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\xb35\x00\xfb\xac8wAph\xb4\x9d\x14\xf6\xec+f\'\xa3\xb9\xaf\x87X\xec\x13\x9c\xc5\x84\xde\x1b\x11\xe8\\}\xf81\xe6U3\xf9~\xdfD[\x1a\x02\x1f\xd2\x1as-\x9c\x01\x86\xa7\xb8\xc5\xeeOg\x99j\xedu\xafO@\x8e\xf24w\xad\x130Z&\xcb\x81\xfc', 0xe)
setresuid(0x0, 0xee00, 0x0)
fchmod(r1, 0x180)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
write$sndseq(r2, &(0x7f00000001c0)=[{0xff, 0xb, 0x0, 0xfd, @tick=0x6dd, {0x0, 0x1}, {0x81}, @result}], 0x1c)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000340), 0xa00200, 0x0)
ioctl$PPPIOCATTCHAN(r3, 0x40047438, &(0x7f0000000180)=0x3)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r4, 0x0, 0x41, &(0x7f0000000000)=ANY=[@ANYBLOB="6d6167676c6500000000000000000000000000000000000000000000000000000300"/47], 0x58)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/11], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00'}, 0x10)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x65, 0xfc, 0x5, 0x0, 0x0, 0x3, 0x8900c, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc46, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x6, 0x7ffffffc, 0x1, 0x1, 0x0, 0x0, 0x0, 0x100, 0x0, 0x3}, 0x0, 0x6, 0xffffffffffffffff, 0x2)
shmctl$SHM_UNLOCK(0x0, 0xc)

7.624616295s ago: executing program 1 (id=906):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = syz_open_dev$loop(&(0x7f0000000180), 0x8, 0x400800)
ioctl$BLKTRACESTART(r2, 0x1274, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)=@newqdisc={0x54, 0x24, 0xf0b, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xc}, {0xffff, 0xffff}, {0x1, 0x9}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x24, 0x2, {{0x0, 0x0, 0x6c, 0x0, 0x0, 0x1ff}, [@TCA_NETEM_ECN={0x8, 0x7, 0x2}]}}}]}, 0x54}, 0x1, 0x0, 0x0, 0x2004c0c4}, 0x4010)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000001880)={'bond_slave_0\x00', <r6=>0x0})
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r7, &(0x7f0000001d80)='.\x00', 0x0, &(0x7f0000000080)={0xb}, 0x20)
sendmsg$nl_route_sched(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newqdisc={0xa4, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0x0, 0x6}, {0xffff, 0xffff}, {0xc, 0x2}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x3, 0x1, 0x0, 0x2, 0x4}, 0x101, 0x0, 0x8, 0x6, 0x0, 0x0, 0xb, 0xe, 0x3, 0x9, {0x10001, 0x7, 0x2, 0x7, 0x2, 0x7fffffff}}}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x6, 0x9, 0x7, 0xa9, 0x0, 0x1}}, {0x4}}]}, @TCA_RATE={0x6, 0x5, {0x9, 0x3}}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4c840}, 0x800)

7.588678336s ago: executing program 1 (id=908):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000015c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000740)={{r3, <r4=>0xffffffffffffffff}, &(0x7f00000006c0), &(0x7f0000000700)=r2}, 0x20)
recvmsg$unix(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000002380)=[{&(0x7f0000002480)=""/195, 0xc3}], 0x1}, 0x2000)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000100)={{r4}, &(0x7f0000000000), &(0x7f00000000c0)=r1}, 0x20)
shutdown(r1, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r6=>r0, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
r7 = fsopen(&(0x7f00000004c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r7, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYRESHEX=r0, @ANYRES32=r6], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r10}, 0x10)
mount$9p_rdma(&(0x7f0000000000), &(0x7f0000000180)='.\x00', &(0x7f0000000200), 0x800, &(0x7f0000000b80)=ANY=[@ANYBLOB='trans=rdma'])
openat(r8, &(0x7f0000000100)='./file0\x00', 0x600880, 0x144)
symlinkat(&(0x7f0000000000)='.\x00', r8, &(0x7f0000000140)='./file0\x00')

7.225410801s ago: executing program 1 (id=912):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYRESDEC=0x0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = memfd_secret(0x80000)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000", @ANYRES32=<r1=>0xffffffffffffffff, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x80000, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00', <r3=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8936, &(0x7f0000000000)={@dev, 0x40, r3})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYRES32=r2, @ANYRES16, @ANYRES32=0x0, @ANYRESOCT=r1, @ANYRES32=r5], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x47, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6, 0x0, 0x3}, 0x18)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f00000005c0)={[{@errors_remount}, {}]}, 0x4, 0x4f3, &(0x7f00000012c0)="$eJzs3c9vVEUcAPDvbru0lEJBOahRQUTRELY/gIZwES4aQ0iMxJMHqO3SNN1lm26JtHIoR+8kknjSP8GbBxNOHrx505sXPJigEg018bDmvV3apb+1P9Z2P5/k9b2ZWfY702Vm9g3sTgAt62hEzEbEnoi4FhE99fxM/YgLtSN53ONHt4fnHt0ezkS1euW3TFqe5EXDn0nsqz9nZ0S8/07ER5mlcSvTM+NDxWJhsp7unSpN9FamZ06NZes5A4P9g33nTp8d2LS2Hil99fDtsUsffPP1Sw++n33zk6Ra3Z/uT8sa27GZak3PRXdDXntEXNqKYE3SXv/7w86T9LZnIuJY2v97oi19NQGA3axa7YlqT2MaANjtkvv/7shk8/W1gO7IZvP52hre4ejKFsuVqZM95Zs3RiJdwzoYuez1sWKhr75WeDBymSTdn14vpAeeSt8tnI6IQxFxt2NvWp4fLhdHmvnGBwBa2L5F8/+fHbX5HwDY5TqbXQEAYNuZ/wGg9Zj/AaD1/Iv536cDAWCXcP8PAK3H/A8ArWfN+f/O9tQDANgW712+nBzVudr3Xz/5pu5TI4XKeL50czg/XJ6cyI+Wy6PFQn64Wl3r+Yrl8kT/mflkZXrmaql888bU1bHS0GjhaiG3lY0BANbl0JH7PyaT/uz5vekRDXs5mKthd8s2uwJA07Q1uwJA0/g8D7SuddzjWwaAXW6ZLXqfsuJ/Ebpn81fYqU48b/0fWtVG1v+tHcDO9t/W/9/a9HoA288cDq2rWs3Y8x8AWow1fmBD//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALao7PTLZfLoX+GzyM5vPR+yPiIORy1wfKxb6IuJARPzQketI0v3NrjQAsEHZXzL1/b9O9BzvXly6J/NXR3qOiI8/v/LZraGpqcn+JP/3+fype/X8gT3NaAAA0OjC0qzaPF0/N9zIP350e/jJsZ1VfHixtrloEneuftRK2qM9PXdGLiK6/sjU0zXJ+5W2TYg/eycinlto/62GCN3pGkht59PF8ZPY+7cg/sLvf3H87FPxs2lZcs6lv4tnN6Eu0GruX6yNk/W+l3Sxev/LxtH0vHz/70xHqI1Lxr9kLJlbMv5l58e/tiXxM2mfPzqfXr0mD898++6SzGpPrexOxAvty8XPzMfPLD/+5o6vs40/vfjysZXKql9EnFi2/U92pC6lw2zvVGmitzI9c2qsNDRaGC3cGBgY7B/sO3f67EBvukZd+/ndcjF+PX/ywErxk/Z3rRC/c/X2x2vrbP+Xf1/78JVV4r/x6vKv/+FV4idz4uvrjD/UdWHF7buT+CMrtH+N1z9OrjP+g59nRtb5UABgG1SmZ8aHisXC5BoXyXvNtR7jYmdexGzEZj1huigREf+HdrnYyEWzRyZgqy10+mbXBAAAAAAAAAAAAAAAWEllema8Y4s/rdXsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB7/RMAAP//TwTJNg==")
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000800)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000840)={0xffffffffffffffff, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20009})
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x38, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000000200)={@remote, <r7=>0x0}, &(0x7f00000004c0)=0x14)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000500)={0x1, 0x1, 0x5, r7, 0x8}, 0xc)
r8 = gettid()
r9 = syz_clone(0x2000, 0x0, 0x0, 0x0, 0x0, 0x0)
r10 = syz_pidfd_open(r9, 0x0)
r11 = epoll_create1(0x0)
epoll_pwait(r11, &(0x7f00008c9fc4)=[{}], 0x1, 0xfffffff3, 0x0, 0x0)
dup3(r10, r11, 0x0)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r8}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

6.808453447s ago: executing program 1 (id=928):
socket$packet(0x11, 0x3, 0x300)
faccessat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
r7 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r7, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f00000004c0)="1ed8b7f9d457", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000740)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@noquota}, {@auto_da_alloc}, {@noload}, {@nodiscard}]}, 0x64, 0x50a, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")

6.361571954s ago: executing program 1 (id=931):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
tkill(0x0, 0x7)
preadv(0xffffffffffffffff, &(0x7f0000000480)=[{&(0x7f00000000c0)=""/148, 0x94}], 0x1, 0xfffffffd, 0x0)

6.361312534s ago: executing program 32 (id=931):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000001afc180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
tkill(0x0, 0x7)
preadv(0xffffffffffffffff, &(0x7f0000000480)=[{&(0x7f00000000c0)=""/148, 0x94}], 0x1, 0xfffffffd, 0x0)

3.425206178s ago: executing program 4 (id=1001):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100020, 0x0, 0x0, 0x6, 0x3, 0x0, 0xfff7, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r1)
execveat(r0, &(0x7f0000000180)='./file1\x00', 0x0, 0x0, 0x0)
pipe(&(0x7f0000005880)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000000340)={'syztnl0\x00', &(0x7f00000002c0)={'ip6tnl0\x00', <r4=>0x0, 0x2f, 0x7, 0x1, 0xffffffc0, 0x8, @private0={0xfc, 0x0, '\x00', 0x1}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7800, 0x1, 0x2, 0x8}})
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x18, 0x8, 0x1, 0x6, 0x20, 0xffffffffffffffff, 0xfb4, '\x00', r4, r3, 0x0, 0x0, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
write$RDMA_USER_CM_CMD_QUERY(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r7}, 0x10)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r6, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
writev(r6, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000380)=ANY=[], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r8, 0x0)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x5, 0xa74, 0x1, 0x956, 0x0, 0x1cf, 0xf}, &(0x7f0000000280)={0xfffffffffffff9d4, 0x5, 0x0, 0x800, 0xfffffffffffffff7, 0x9863, 0x24, 0x9}, &(0x7f00000002c0)={0x5, 0xfffffffffffffff7, 0x5, 0x8000000000000000, 0xe, 0x4, 0x36bd36b1, 0x9}, &(0x7f0000000300), &(0x7f0000000380)={&(0x7f0000000340)={[0x1]}, 0x8})
connect$inet(r6, &(0x7f0000000100)={0x2, 0x200, @dev={0xac, 0x14, 0x14, 0x36}}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000240)={&(0x7f00000000c0)={0x160, r5, 0x300, 0x70bd28, 0x37, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_FRAME={0x30, 0x33, @disassoc={{{}, {0x1}, @device_a, @device_b, @from_mac, {0xf, 0x5}}, 0x1, @val={0x8c, 0x10, {0xe99, "66d5d553747d", @short="d6def4a15b30107d"}}}}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}, @NL80211_ATTR_FRAME={0xf4, 0x33, @assoc_req={{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, {0x7}, @device_a, @device_b, @random="a27f928cad93", {0x3, 0x53}, @value=@ver_80211n={0x0, 0x312, 0x3, 0x3, 0x0, 0x1}}, 0x4218, 0x7, {0x0, 0xe, @random="f16e974bb18eb28ee8654e90218d"}, @val={0x1, 0x1, [{0x2}]}, @val={0x2d, 0x1a, {0x2, 0x2, 0x6, 0x0, {0x40, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x800, 0x2}}, [{0xdd, 0x64, "b3f06f76756fe9a25b9d32e29037552cdef0ee288ec4eb20325b2ff48aa51743987813ad0841c668f2a6a88182b6c81b95461008f808fba200761fd1bc146771d37cb42b6bb8715c4585f9e9f3ea652b22670daa0cb863cb1389542a9ef91cfae5d22060"}, {0xdd, 0x39, "8357eb0f92fcd6b86433ac1d281cac24172b0c098c21c1680a35116d78b61f40ab7e72d32c547c082f1f00d07513fe3101e259d75e6c71e31a"}]}}, @NL80211_ATTR_DURATION={0x8, 0x57, 0xc4}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x81}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2ef}], @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x160}, 0x1, 0x0, 0x0, 0x20040000}, 0x10)

3.31238944s ago: executing program 4 (id=1003):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x880}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="140000001000010000000000000000000020000a3c000000120a09080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a"], 0x64}}, 0x4040080)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000080008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0xfffffffffffffffe}, 0x18)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000840)=@mangle={'mangle\x00', 0x1f, 0x6, 0x3b8, 0x1f0, 0x98, 0x130, 0x0, 0x130, 0x368, 0x368, 0x368, 0x368, 0x368, 0x6, &(0x7f0000000200), {[{{@uncond, 0x0, 0x70, 0x98}, @TTL={0x28, 'TTL\x00', 0x0, {0x1, 0x3}}}, {{@uncond, 0x0, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x10, 0x7}}}, {{@ip={@private=0xa010100, @dev={0xac, 0x14, 0x14, 0x2d}, 0xff, 0xffffff00, 'ip_vti0\x00', 'nicvf0\x00', {0xff}, {0xff}, 0x0, 0x2, 0x30}, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x4}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x3, 0x5, 0x6}, {0xffffffffffffffff, 0x3, 0x6}}}}, {{@ip={@private=0xa010101, @private=0xa010102, 0xffffffff, 0xff000000, 'gre0\x00', 'wg0\x00', {}, {}, 0xc, 0x2, 0x40}, 0x0, 0x70, 0x98}, @inet=@TOS={0x28, 'TOS\x00', 0x0, {0x6, 0x48}}}, {{@ip={@local, @loopback, 0xffffffff, 0xff000000, 'veth0\x00', 'veth0\x00', {0xff}, {}, 0x88, 0x1}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x418)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r7, 0x5)
r8 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r8, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000017c0)=ANY=[@ANYBLOB="3801000010000100000000000000000000000000000000000000001d00000001e00000010000000000000000000000000000000000000000000020000c000000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000033000000fc010000000000000000000000000000feffffffffffffff000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000004000000000000000500000000000000000000000000000000000000080000000000000000000000000000002abd7000000000000a000200000000000000000048000100736861323536"], 0x138}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000040000000c"], 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x880}, 0x0) (async)
sendmsg$NFT_BATCH(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0) (async)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="140000001000010000000000000000000020000a3c000000120a09080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a"], 0x64}}, 0x4040080) (async)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000080008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4, 0x0, 0xfffffffffffffffe}, 0x18) (async)
socket$nl_xfrm(0x10, 0x3, 0x6) (async)
socket$inet_udp(0x2, 0x2, 0x0) (async)
bind$inet(r6, 0x0, 0x0) (async)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x0, 0x40, &(0x7f0000000840)=@mangle={'mangle\x00', 0x1f, 0x6, 0x3b8, 0x1f0, 0x98, 0x130, 0x0, 0x130, 0x368, 0x368, 0x368, 0x368, 0x368, 0x6, &(0x7f0000000200), {[{{@uncond, 0x0, 0x70, 0x98}, @TTL={0x28, 'TTL\x00', 0x0, {0x1, 0x3}}}, {{@uncond, 0x0, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x10, 0x7}}}, {{@ip={@private=0xa010100, @dev={0xac, 0x14, 0x14, 0x2d}, 0xff, 0xffffff00, 'ip_vti0\x00', 'nicvf0\x00', {0xff}, {0xff}, 0x0, 0x2, 0x30}, 0x0, 0x98, 0xc0, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x4}}]}, @common=@inet=@SET1={0x28, 'SET\x00', 0x1, {{0x3, 0x5, 0x6}, {0xffffffffffffffff, 0x3, 0x6}}}}, {{@ip={@private=0xa010101, @private=0xa010102, 0xffffffff, 0xff000000, 'gre0\x00', 'wg0\x00', {}, {}, 0xc, 0x2, 0x40}, 0x0, 0x70, 0x98}, @inet=@TOS={0x28, 'TOS\x00', 0x0, {0x6, 0x48}}}, {{@ip={@local, @loopback, 0xffffffff, 0xff000000, 'veth0\x00', 'veth0\x00', {0xff}, {}, 0x88, 0x1}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x418) (async)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0) (async)
flock(r7, 0x5) (async)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0) (async)
flock(r8, 0x6) (async)
sendmsg$nl_xfrm(r5, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000017c0)=ANY=[@ANYBLOB="3801000010000100000000000000000000000000000000000000001d00000001e00000010000000000000000000000000000000000000000000020000c000000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000033000000fc010000000000000000000000000000feffffffffffffff000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000004000000000000000500000000000000000000000000000000000000080000000000000000000000000000002abd7000000000000a000200000000000000000048000100736861323536"], 0x138}}, 0x0) (async)

3.243168701s ago: executing program 3 (id=1005):
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000001280), 0x24100, 0x0)
r1 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x8c01, 0x0)
ioctl$IMADDTIMER(r1, 0x80044940, &(0x7f0000000280)=0x14)
read(r1, &(0x7f00000019c0)=""/4097, 0x1001)
r2 = openat$cgroup(r0, &(0x7f0000000100)='syz0\x00', 0x200002, 0x0)
r3 = perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x81, 0x3, 0x4, 0x6, 0x0, 0xfffffffffffffffe, 0xa8980, 0x1d, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x2, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0xf, 0x4, @perf_bp={&(0x7f0000000140), 0x8}, 0x11420, 0xb, 0x1, 0x2, 0x6, 0x4, 0x40, 0x0, 0x1000, 0x0, 0x5}, 0x0, 0xffffffffffffffff, r0, 0x1)
r4 = semget$private(0x0, 0x4000000009, 0x42a)
semop(r4, &(0x7f00000002c0)=[{0x0, 0xff}, {0x0, 0x1f}, {0x4, 0x202}, {0x0, 0x8, 0x1000}, {0x0, 0xfff}], 0x26)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f0000000040)='ip_vti0\x00', 0x10)
connect$inet(r5, &(0x7f0000000280)={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
sendmmsg$inet(r5, &(0x7f0000004d00)=[{{0x0, 0x300, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00)
semop(r4, &(0x7f0000000200), 0x53)
semctl$GETNCNT(r4, 0x0, 0xe, 0x0)
perf_event_open$cgroup(&(0x7f0000000080)={0x3, 0x80, 0x3, 0x9, 0xa, 0x6, 0x0, 0xfffffffffffffffc, 0x90902, 0x4, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10, 0x1, @perf_bp={&(0x7f0000000040)}, 0x0, 0xa, 0x5, 0x3, 0x80000001, 0xca, 0xf68e, 0x0, 0xfffffff9, 0x0, 0x7}, r2, 0xf, r3, 0x4)

3.188163361s ago: executing program 4 (id=1006):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000340)='GPL\x00', 0x4, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000100000000000000008000008500000087000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = socket(0x1e, 0x2, 0x0)
r3 = epoll_create1(0x0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000000)={0xe000202b})
epoll_pwait(r4, &(0x7f00008c9fc4)=[{}], 0x1, 0xfffffff3, 0x0, 0x0)
r5 = dup3(r2, r4, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r5, &(0x7f0000000300)={0x200f})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000020b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = socket$inet6_sctp(0xa, 0x0, 0x84)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r7, 0x84, 0x77, &(0x7f00000007c0)={0x0, 0xac4, 0x1, [0x494b]}, 0xa)
r8 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000240)={0xffffffffffffffff, 0xb, 0x10}, 0xc)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="090000fa00000000009500"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="04000000040000000300"/28], 0x50)
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0xfffffff8, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r11 = socket(0xa, 0x2, 0x0)
getsockopt$inet_int(r11, 0x0, 0x16, 0x0, &(0x7f00000000c0)=0x9)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r12}, 0x18)
perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x22a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001e40)=ANY=[@ANYBLOB="b702000026000000bfa300000000000005000000000000007a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643c4e8d41cdb7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67d5b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b0a341a2d7cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6659f28d9961b626c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a08060000000200000000000000334d83239dd27080e71113610e10d858e8327ef01fb6c86acac1223331f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3964663e88535c133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacee403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007976699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f74b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f553573c48104d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cf2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ec8faf3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c095162b3b5fb3832ee68e2b53d44bd84bf6770157e96bbb96b5e1f165c87e7a9a7d53c281d88ebb175a4dbb82130e6870982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8988d833e71943fe2c1c65a3cf36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3df3572a7d9ef5f6103997f1f9e4b0c3970bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a6c238e545b28211a92000000001501aed80000010000000000e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea04220423f52ad8178b9f"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r13, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000000)="76389e147583ddd0569ba56a888e55", 0x0, 0xff, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0x15, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xec09}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@call={0x85, 0x0, 0x0, 0xa3}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r6}}, @alu={0x7, 0x0, 0x3, 0x4, 0x4, 0xfffffffffffffff0}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='GPL\x00', 0x401, 0x21, &(0x7f0000000100)=""/33, 0x40f00, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000140)={0x2, 0x7, 0xffffffff, 0x7fff}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000000280)=[r8, r9, r10], &(0x7f00000006c0)=[{0x0, 0x2, 0x10, 0x7}, {0x5, 0x5, 0x0, 0x5}, {0x3, 0x2, 0x8, 0x5}, {0x3, 0x2, 0x8, 0x1}], 0x10, 0x2, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000040)="2b1c52ac82e71ea05b0c5e43ede4", 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r14 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r14, 0x29, 0x40, &(0x7f0000000c80)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x2e0, 0x940c, 0x3002, 0x2e0, 0x2c0, 0x3f0, 0x3d8, 0x3d8, 0x3f0, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0x298, 0x2e0, 0x4001, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x4001, 0x1, 0x3, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@loopback, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x110, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x1, 0xbe, {0x565159d7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)

2.799065437s ago: executing program 4 (id=1016):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000880)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r2, 0x5)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r3, 0x2)
dup3(r3, r2, 0x0)

2.684930859s ago: executing program 4 (id=1018):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$lock(r3, 0x6, &(0x7f0000002000)={0x1})
fcntl$lock(r3, 0x26, &(0x7f00000031c0)={0x1})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000020000000400e20005000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r4}, &(0x7f0000000b00), &(0x7f0000000300)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000080000000500000000000000", @ANYRES32, @ANYBLOB="0000007dac"], 0x48)
fcntl$lock(r3, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x3})
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, 0x0, 0x0)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000080)=ANY=[@ANYRES64=r6], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x12, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r8, @ANYBLOB="000000000000001fa797340016000000b70300000000fff48500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$vsock_stream(0x28, 0x1, 0x0)
pipe(&(0x7f0000000040))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = socket(0xa, 0x2400000001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r9, 0x29, 0x2a, &(0x7f0000000300)={0x0, {{0xa, 0x0, 0x0, @mcast1, 0x10000008}}}, 0x88)

2.272560245s ago: executing program 3 (id=1020):
perf_event_open(&(0x7f0000000800)={0x2, 0x80, 0xa4, 0x0, 0x0, 0x0, 0x0, 0x6, 0xc000, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffe}, [@call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00'}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280), 0x14000, 0x0)
ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f0000000100)=<r4=>0x0)
syz_open_procfs(r4, &(0x7f0000000200)='net/anycast6\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
r5 = socket$kcm(0x10, 0x3, 0x10)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0x10}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001300)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0x8002, {0x0, 0x0, 0x0, r9, {0x0, 0x7}, {}, {0xa}}, [@filter_kind_options=@f_flow={{0x9}, {0xc, 0x2, [@TCA_FLOW_KEYS={0x8, 0x1, 0x9200}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4c005}, 0x20000000)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803003a000b12d25a80648c2594f90224fc60100c034002dd0100053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

1.989084469s ago: executing program 2 (id=1022):
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0xb)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000100000024000180060005004e230000060001000200000008000300ac1414aa0800060001"], 0x38}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000880)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0xd)

1.880756741s ago: executing program 2 (id=1023):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
dup2(r0, r0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000002c0)={'vcan0\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000340)=@gcm_256={{0x304}, '\x00', "376a31a11e8e279cec092f071cc80f218d360356a936a7e3971a8c35c47e5804", '\x00', "fffffffffffffffd"}, 0x38)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000140)=@gcm_256={{0x304}, "6a655069ade22ce4", "0d35db0d4af1cbcce779bbc24b53fc4988c215118dd14cb837de56339a336a19", 'FY\\;', "8891ea13f18ef0be"}, 0x38)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000cc0)=@mangle={'mangle\x00', 0x1f, 0x6, 0x638, 0x0, 0xd0, 0xd0, 0x428, 0x1f8, 0x568, 0x568, 0x568, 0x568, 0x568, 0x6, &(0x7f0000000000), {[{{@uncond, 0x0, 0xa8, 0xd0}, @unspec=@CHECKSUM={0x28}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private0={0xfc, 0x0, '\x00', 0x1}, [0x0, 0xff000000, 0xffffffff, 0xff], [0xff000000, 0xff000000, 0x0, 0xff], 'pim6reg\x00', 'ip6erspan0\x00', {}, {0xff}, 0x2e, 0x40, 0x2, 0x44}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@ah={{0x30}, {[0x4d6, 0x4d2], 0xffffffff, 0x6, 0x2}}, @common=@ipv6header={{0x28}, {0x25, 0x8e}}]}, @unspec=@CHECKSUM={0x28}}, {{@ipv6={@local, @mcast1, [0xffffffff, 0xa5b3abc4c1fc1311, 0x0, 0xff], [0x0, 0x0, 0xffffffff], 'dvmrp0\x00', 'erspan0\x00', {0xff}, {}, 0x2b, 0x80, 0x7, 0xa}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@inet=@tos={{0x28}, {0x1, 0x9}}]}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@private1, @ipv4=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x6, 0x0, 0x4259}}}, {{@ipv6={@empty, @empty, [0xff000000, 0x0, 0xffffffff], [0xff, 0xffffff00, 0xffffffff, 0xff000000], 'bond_slave_0\x00', 'geneve1\x00', {}, {}, 0x6, 0x50, 0x1, 0x8}, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xd}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@local, @ipv4=@local, 0x11, 0x3, 0xb}}}, {{@uncond, 0x0, 0xf8, 0x140, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x1}}, @inet=@rpfilter={{0x28}, {0xd}}]}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv4=@broadcast, @ipv4=@dev={0xac, 0x14, 0x14, 0x36}, 0x2c, 0xf, 0x400}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x698)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="6400000002060500000000000001000000000000120003006269746d61703a69702c6d616300000005000400000000000900020073797a3100000000180007800c00018008000140ac1414bb080008000000000005000500020000000500010006000000"], 0x64}, 0x1, 0x0, 0x0, 0x4810}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
io_destroy(0x0)
mount$nfs(&(0x7f0000000100)='...', &(0x7f0000000140)='./file0\x00', 0x0, 0x2000, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000040)={{{@in=@loopback, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x4e24, 0x2, 0x4e22, 0x0, 0x2, 0x20, 0x20, 0x84, r1}, {0x5, 0xfffffffffffffffd, 0xc2, 0x2, 0x2, 0x412f9854, 0x56, 0x7fffffffffffffff}, {0x645, 0x100000004, 0xd0a, 0x5}, 0x5, 0x6e6bbf, 0x1, 0x1, 0x1, 0x2}, {{@in=@dev={0xac, 0x14, 0x14, 0x31}, 0x4d3, 0xd64b16feccd625c2}, 0x2, @in6=@private0, 0x3504, 0x1, 0x2, 0xf2, 0x7e, 0xfffffff9, 0x4}}, 0xe8)
mount$9p_fd(0x0, 0x0, 0x0, 0x200000, &(0x7f0000000000)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[], [], 0x6b}})

1.845644562s ago: executing program 2 (id=1026):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async)
unshare(0x40020000) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x7, 0x128031, 0xffffffffffffffff, 0xffffe000)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GET(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="3fab00000000000000002e0000000e0001006e657464653673696d0000000f0002"], 0x50}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000780)=ANY=[@ANYRESDEC=r1, @ANYRES32=r4, @ANYRES64=r2, @ANYBLOB="cbb08b66735d21aaa283e9b1e87069ff752ad81ce9a320a47ba62e12b8aa0d7d5900b02f3b697b84383c76b6cbd851af3bb5ebe2246af1593b1d3fce530a0496d1bb1d2132a6eae8a6c519a80ddacab4eea12884374e4609dc80", @ANYRESOCT=r3, @ANYRESHEX=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r6, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c) (async)
sendmmsg$inet6(r6, &(0x7f0000002b00)=[{{0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f00000002c0)=';', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f00000000c0)="05", 0x1}], 0x1}}], 0x2, 0x10) (async)
setsockopt$inet6_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000100)='htcp\x00', 0x5) (async)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)=ANY=[], 0x48) (async)
r8 = socket$nl_route(0x10, 0x3, 0x0) (async)
perf_event_open(&(0x7f0000000540)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000, 0x1, @perf_bp={0x0, 0xc}, 0x115428, 0x0, 0x0, 0x7, 0x5f4b, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000700)=ANY=[@ANYBLOB="640000000206010800000000000000000000000014000780080012400003000008001140000000000500010006000000050005000a00000005000400000000000900020073797a310000000015000300686173683a69702c706f72742c6e6574"], 0x64}}, 0x0) (async)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', <r11=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="4c00000010003b1500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c00128008000100736974002000028008000100", @ANYRES32=r11, @ANYBLOB="14000b00ecb805837041afdfffffffffffffff01"], 0x4c}}, 0x0) (async)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000140), 0x8) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB, @ANYRES32=r7, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r11, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1b, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x80) (async)
shutdown(r6, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)

1.800433543s ago: executing program 3 (id=1027):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000007c0), 0x1, 0x73e, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvbJOmb9vXpODBimCgBwulu3ZbSwWRih6kWCnqzUO73d2Gkt1uyW5KEypaUQRPIsWzP07e/AdEEfTmUfDsSQpFSr0IQmS2s3Hb7KabNJtV9/OBCc8zM5tnvjszz/Mkz8NMAGNrNv2Ri9gfER8lEdPZ+iQiJtupiYiTd/e7c/taOV2SWFl5/bekvU+aj67PpPZkmcci4rv3Iw7l1pbbXFqeL9Vq1YUsX2jVLxeaS8uHL9ZLc9W56qXi8WePFk8UnzlR3LJY/3jv1fOnvnrpixvv/vjLa2+dejKJk7E329Ydx1aZjdnsO5lMv8J7vLjVhY1YMuoDYFPSW3PH3bs89sd07GinAID/srcjYgUAGDOJ9h8Axkzn/wCdsb1hjIP9k916ISJ29Yp/Ihuz29UeB919J7lnZCSJiJktKH82Iq6++cHX6RJDGocE6OWd6xFxbmZ2bf2XrJmzsFFPD7DP7H159R9sn2/T/s+JXv2f3Gr/J3r0f6Z63Lub8eD7P3dzC4rpK+3/Pdez/7s6aW1mR5b7f7vPN5lcuFirpnXbIxFxMCan0vyRdco49vHzP/Tb1t3/S5e0/E5fMDuOmxNT936mUmqVHibmbreuRzw+0Sv+ZPX8J336v2cGLKP1/ROf99v24PiHa+WziKd6nv+/Z7Ql689PLLSvh0Lnqlgr/+H0vn7ljzr+9PzvXj/+maR7vmZz42X89MmfL/fbttnrf2fyRju9M1t3tdRqLRyJ2Jm8snZ91xTSTr6zfxr/wQPr13+9rv/0b8JzA8Y//+mX5zcf/3Cl8Vc2dP43njjw8zd94xns/B9rpw5mawap/wY9wIf57gAAAAAAAAAAAAAAAAAAAAAAAABgULmI2BtJLr+azuXy+bvv8H40dudqjWbr0IXG4qVKtN+VPROTuc6TLqe7nod6JHsefidfvC9/NCL2RcSNqf+18/lyo1YZdfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkNnT5/3/qV+nRn10AMDQ7Br1AQAA2077DwDjR/sPAONH+w8A40f7DwDjR/sPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAkJ05fTpdVn6/fa2c5itXlhbnG1cOV6rN+Xx9sZwvNxYu5+cajblaNV9u1B/0+2qNxuXi8Vi8WmhVm61Cc2n5bL2xeKl19mK9NFc9W53clqgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGOaS8vzpVqtuiAhISGxmhh1zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw7/BXAAAA///R4B8B")
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100020, 0x0, 0x0, 0x6, 0x3, 0x0, 0xa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x2c, r3, 0x6a98047402e98331, 0x0, 0x0, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8040}, 0x4886)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r4, &(0x7f0000000600), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r5 = creat(&(0x7f0000000340)='./file0\x00', 0x0)
close(r5)
r6 = getpid()
socket$inet_mptcp(0x2, 0x1, 0x106)
r7 = syz_pidfd_open(r6, 0x0)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r7}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r8 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r9 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r9, 0x0)
write$selinux_load(r8, &(0x7f0000000000)=ANY=[], 0x6000) (fail_nth: 1)
unshare(0x20040600)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000380)=@framed, &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff0000, @void, @value}, 0x94)

1.748275743s ago: executing program 0 (id=1029):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xe)
r1 = memfd_create(&(0x7f0000000600)='prodM\xb0\xea\a\x06\xbe\xaen/\xce4\xb7\xc1\xef\xba!\x9d\rSt\xa24\t\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1dz\xd05\xe2e,\xb1\x84\xea\x91^%A\xe5\x9e\x13TdT\xc6^p\xb0#R\x04\x06\xae\xebA;X\x14\x97\xabh\xd1/\x84\x8a\x91$GY\xeb\x8f\xec\xb4\xf9\x17\xb7\x04\xc2\xc0\xc6\xb4\v\xff\xfc\x88\x90\xabC\x02\x00\xf04\x03\x88\xae9\'>R^P{Vr!\xe2\x02\x00\x00\x00\x00\x00\x00\x006\x96\xffZ\\A@\x00\x00\x00\xc9\xf3Y\xb8\x89#\xa1\xb1)Dk\xeb\xa1\t\x00{u[\xbd\x9d\xf4\xbf\\\xce\x02P\xf2MY\x05^\xffj\x9c\x14\xb7\xb6v\x1d*1>\x00 \x00\x00\x00\x00\x14C?]\x8c\xb4Y\xcf\x80\x85\xd6\x036\xc8~\xa8\f\x00\x00\xb5M\x9a\x9dc\xaaAU\xec\xe06\xed\xe4\xfb\xdf\a\xd0lg\x13\xf9\x8b:s>\xd7s\xef\xb3\x9f#\x15)\xf9\xe10\xc7\xb262<k\xa8\x88\x01\x00fhD\xe7\xb6\x17\x80\x95\xa8\x1e\t\xb01KF\xcb\x00\x1e\x7fE\x7f\x02\x00\x00\x00y<nGR\x94\x99\xb8\x89\x9b\x8f\xd5\xe6\x02\xb5C\xad\"u\xf4>\x00\x00\x00\x00\x00\x00\x00\x00Nz\x0eu\x8f\x01\x00\x00\x00\x00\x00\x00\xdd\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc3\xa7/\x0f\x9b`\xa5\x98\x81a\xeev\x00\x00\x00\x00\a\x10\x00m2\xf2\xd8,\x17\xf8\x8e\xae\xc8\xad\xed<\"\x8e\n\x9d\xb13\x8d\xef\x96\xd2I\"8=tg\xdfU\xd0q\x95/f\xec\xdc\xa3\xe1[\xc0\xaa\xefz\xc9\xf4[\x00\x00\x00Q\xff}5\x94\x88\xa1\xdc\xa1g\xe0q\xc5:\xe4\xdf\x80\xb3,\xb9\xb2\xdc\x81\x9f6\x0f\x84WY\xbfSY`\xb8\a\x19\xb1\x058\xa4\xc3\xbb\xf8aB:\x84\x02?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3o-GU\xb0\x00F\xb3o(aI[\xd6\x9fG\xaeI\x83\x93\x8cC\xc0#\xe0q\xd0Ex|\xdb\xa8\x16\xfe>:\t0\xfd\x8a\xc7\x84\xb5\xc7M-0A\xf0\x94\xf3\xcc\x8d\xbb3\\\"\x882\xb3\xa84\xac\x00\xdd}Ft\xc6\xcc\f}1X#\xe4\xe1\x94i\xce\xa1\xff\x95\x80\xb4T\x9c\x01\xf3\x1cLB\x94m(m\f\xbc\xebY\xa0\xf7\xf0\x9d\x10\xbd\x86\x1by\xe6\xdf\xc0\xc5\xb9\xb9\xbf\xdf~9\nC\xe9\xc5\x0e\xda\x9c(\x9b\"\xc7\x97\xfc\b\xd9\xc2T\xa7*}]\xc8\xb3 .\x9b\x89\x0f\xf8$\xdd>lU\x13EG\xbb1] \xda\x19\xc5\x9b\x15\x95\xc4\xfcw\xbb\x92\x91\xc4\xa6\x907XK\xfc\x17]\xfa\xff\'\xef\x92\x1c\xb8\x1fK\xb2o \xd1\xbd\xb2\x11+\xa3R\xefQ\xc2\xbdW\x05\xec\xb3=@\x03\xc6^\xa2\x15%\xb0\'D#\xb6Q\x8f\x82?S>\x0fP\x9cE\x92{d\xe6\x9cj1\x87\xb3\x01\xde\xe8\x89#;a\x94\"\xd1U\xff\xe8v\xd3\x84d\xf4\x134\x00\x00\x00\x00h\xaa\x15\x9a\xf7\x03\x00%\x88p\x90\xbb\x9dt\xa3\xe1\r\x8d\x94\"\x19\x8b\x17)\xea\xd5\x17\xeb\xe4\x1b\x0fBZ1\xbe\xee\xfa\x1c\xf9\xa6\x11\x94\x06\\P:\xaf\xcex\xc2\x82\x9a\x16\xfc\xa1\xf9q\x12\xe3\x1a\xdc\xb7\x12\xbba\b\xbb\xed\xb2\xd1W\xe2\x8b\x8d8}\x10W\xbd\xa60A\xc3\x03\xfa\x890\x86#\bQ\xcb)\x00]\x9e\x14\xd2\xea\x82\xa8\xb7ZG\x15r\xf1\t\x00\x00\x00 \xc1\xaf\x19?\x00\\\x91\x13\x1b8\xe1\xc3\xa4\v\x94\xbfJ\xb5\xde\x95\x82\x00]B|\xe2[%\xe3\xf0\x04\xba\xed\xdb\xf5\x7f\x9d\xfe>\xf6m$M&\x7fq]\xe4\xf6\x82\xc3\x00\xb1zg}\x99E\xa4\x19\xe9\x1a4a\xd75D-k\x84\xa6\x12+\xebk\xa1\xfek\x89\xef\x18\xc1)6\xa65\xe2D\xbe\xe1\xdfq\xdd68\xf37g\xab9m\xe7\xddO\v?\xe0\xbe}\xa9U\xc7{\xd3\x16W\xbb\xe5\xd2\x93\xfe\xa4\x9d\r$\xe91c8`\x86\xbc)\xc6\x12\x8c_x\xa8\xfa\xb5K\x03\x85\x93k\xe1\x8e\x1f)\".\xcc\'\v\xa6\x1bj\\\n\xe98yA\xd8T\x85\x80A\xcbo\x99\x99\xeb)r\x1a\xce\x18(\x185LL\xbcOeO\'\xe2\x86&\xe4\xe2\xe7~\x92\xa2\xb2\x9b\xc3\x00\x85\xce\xad7\x87\xa0\xfcc\xf5\xf8\xaf\v,q\xd4\x18\xbdM\x1a\xde\xba*L\x05m6\xecH\xd0T\xb8m\xdb\b\xa6\x02\xfb\x13\xac\x91\x8a\x8d\x94\x93\x8d=\xb1\x84\x9c\x9b\xe5\xc7\xa6\xc9Q\xc1eUc\xcc\x180^\x00\x00\x00\x00\x00\x00\x00\x00\xe7]6+\\\x00\x00\x00\x00?#C.\x1dj\xd9\xc3\xdd&\x80g:N\xec\x06[\x8f\x92\xe2\xb01\xb0\xef\x10,\xde\xf3\x86D\x8b\xf7\xf1>AH\xef\\\xf9\x8b\a\xe0\xb2\xcb\xf0\x97\b\r\xd5`\xb9\xd6\xa4\x1e\xbe\x12-}\xc5\x84\xde@\x18\x87\f\x01O\xedS\x8f\x9en,\xbce\xb2\xe4\x82v\x1c\xed\x84-s\xab\x06b\x9c\xba\xec\xa5\xc9A\x84\xd0\xe0 S\xc8\xa2\xaf\x85\v\xad\xa5\x88\xcf\xb6}`\x14\'\xea\xbfN\xac)\xa1\xe8\xb2\x9f\x112TJ\x16\x8c9\xe9\xf5\x18\x15Dd\x8a%>\x91\x93\x88\xe9\x18\x82]\x9e&\xfa\xaa\xfa8Z2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\xb35\x00\xfb\xac8wAph\xb4\x9d\x14\xf6\xec+f\'\xa3\xb9\xaf\x87X\xec\x13\x9c\xc5\x84\xde\x1b\x11\xe8\\}\xf81\xe6U3\xf9~\xdfD[\x1a\x02\x1f\xd2\x1as-\x9c\x01\x86\xa7\xb8\xc5\xeeOg\x99j\xedu\xafO@\x8e\xf24w\xad\x130Z&\xcb\x81\xfc', 0xe)
setresuid(0x0, 0xee00, 0x0)
fchmod(r1, 0x180)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
write$sndseq(r2, &(0x7f00000001c0)=[{0xff, 0xb, 0x0, 0xfd, @tick=0x6dd, {0x0, 0x1}, {0x81}, @result}], 0x1c)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000340), 0xa00200, 0x0)
ioctl$PPPIOCATTCHAN(r3, 0x40047438, &(0x7f0000000180)=0x3)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r4, 0x0, 0x41, &(0x7f0000000000)=ANY=[@ANYBLOB="6d6167676c6500000000000000000000000000000000000000000000000000000300"/47], 0x58)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x65, 0xfc, 0x5, 0x0, 0x0, 0x3, 0x8900c, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc46, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x6, 0x7ffffffc, 0x1, 0x1, 0x0, 0x0, 0x0, 0x100, 0x0, 0x3}, 0x0, 0x6, 0xffffffffffffffff, 0x2)
shmctl$SHM_UNLOCK(0x0, 0xc)

1.711079894s ago: executing program 0 (id=1030):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r2, 0x4c80, 0x7000000)

1.710557243s ago: executing program 4 (id=1031):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000f6000000006debff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
fadvise64(0xffffffffffffffff, 0x5, 0x7, 0x4)
accept$unix(0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000140)=0x6e)
r1 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
poll(&(0x7f0000b2c000)=[{r3}], 0x2c, 0xffffffffffbffff8)
fcntl$setown(r2, 0x8, r1)
tkill(r1, 0x13)

1.680790354s ago: executing program 0 (id=1032):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x10, 0x0, &(0x7f0000000640)="b9ff03076844268cb89e14f088f747e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x50)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='freezer.self_freezing\x00', 0x275a, 0x0)
r2 = creat(&(0x7f0000000140)='./file0\x00', 0x0)
fallocate(r2, 0x0, 0x0, 0x5)
fallocate(r1, 0x0, 0x0, 0x10fff9)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0xc, r2, 0x8, 0x0, 0x2})

1.612614935s ago: executing program 2 (id=1034):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f00000001c0)=""/66}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
ioctl$TUNGETVNETLE(0xffffffffffffffff, 0x4010744d, &(0x7f0000000180))
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r2, 0x4c80, 0x7000000)

1.586603405s ago: executing program 5 (id=1035):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000007c0), 0x1, 0x73e, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvbJOmb9vXpODBimCgBwulu3ZbSwWRih6kWCnqzUO73d2Gkt1uyW5KEypaUQRPIsWzP07e/AdEEfTmUfDsSQpFSr0IQmS2s3Hb7KabNJtV9/OBCc8zM5tnvjszz/Mkz8NMAGNrNv2Ri9gfER8lEdPZ+iQiJtupiYiTd/e7c/taOV2SWFl5/bekvU+aj67PpPZkmcci4rv3Iw7l1pbbXFqeL9Vq1YUsX2jVLxeaS8uHL9ZLc9W56qXi8WePFk8UnzlR3LJY/3jv1fOnvnrpixvv/vjLa2+dejKJk7E329Ydx1aZjdnsO5lMv8J7vLjVhY1YMuoDYFPSW3PH3bs89sd07GinAID/srcjYgUAGDOJ9h8Axkzn/wCdsb1hjIP9k916ISJ29Yp/Ihuz29UeB919J7lnZCSJiJktKH82Iq6++cHX6RJDGocE6OWd6xFxbmZ2bf2XrJmzsFFPD7DP7H159R9sn2/T/s+JXv2f3Gr/J3r0f6Z63Lub8eD7P3dzC4rpK+3/Pdez/7s6aW1mR5b7f7vPN5lcuFirpnXbIxFxMCan0vyRdco49vHzP/Tb1t3/S5e0/E5fMDuOmxNT936mUmqVHibmbreuRzw+0Sv+ZPX8J336v2cGLKP1/ROf99v24PiHa+WziKd6nv+/Z7Ql689PLLSvh0Lnqlgr/+H0vn7ljzr+9PzvXj/+maR7vmZz42X89MmfL/fbttnrf2fyRju9M1t3tdRqLRyJ2Jm8snZ91xTSTr6zfxr/wQPr13+9rv/0b8JzA8Y//+mX5zcf/3Cl8Vc2dP43njjw8zd94xns/B9rpw5mawap/wY9wIf57gAAAAAAAAAAAAAAAAAAAAAAAABgULmI2BtJLr+azuXy+bvv8H40dudqjWbr0IXG4qVKtN+VPROTuc6TLqe7nod6JHsefidfvC9/NCL2RcSNqf+18/lyo1YZdfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkNnT5/3/qV+nRn10AMDQ7Br1AQAA2077DwDjR/sPAONH+w8A40f7DwDjR/sPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAkJ05fTpdVn6/fa2c5itXlhbnG1cOV6rN+Xx9sZwvNxYu5+cajblaNV9u1B/0+2qNxuXi8Vi8WmhVm61Cc2n5bL2xeKl19mK9NFc9W53clqgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGOaS8vzpVqtuiAhISGxmhh1zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw7/BXAAAA///R4B8B")
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100020, 0x0, 0x0, 0x6, 0x3, 0x0, 0xa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x2c, r3, 0x6a98047402e98331, 0x0, 0x0, {}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8040}, 0x4886)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r4, &(0x7f0000000600), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r5 = creat(&(0x7f0000000340)='./file0\x00', 0x0)
close(r5)
r6 = getpid()
socket$inet_mptcp(0x2, 0x1, 0x106)
r7 = syz_pidfd_open(r6, 0x0)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r7}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r8 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r9 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r9, 0x0)
write$selinux_load(r8, &(0x7f0000000000)=ANY=[], 0x6000)
unshare(0x20040600)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000380)=@framed, &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff0000, @void, @value}, 0x94)

1.437389118s ago: executing program 0 (id=1036):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000003980)=@newtaction={0x14dc, 0x30, 0x9, 0x70bd2c, 0x0, {}, [{0x14c8, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{0x0, 0x0, 0x7}, {}, {0x3}, {0x0, 0x7}, {0x8, 0x5}, {}, {0x6}]}, @TCA_ACT_BPF_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0xfffffff7}}]}, {0x4}, {0xc}, {0xc}}}, @m_csum={0x158, 0x4, 0x0, 0x0, {{0x9}, {0x3c, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x0, 0x9, 0xffffffffffffffff, 0x0, 0x6}, 0x5}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x5, 0x5, 0x7, 0x5, 0x9}, 0x17}}]}, {0xf1, 0x6, "33b50371c03116ad368766b06617868c436452283f878c4ae3a5763100bb405d7f1076fff7878c88b6d0ddb1e88fd12a229f989c0c2854982a75bc56352186b2ec00788e75e27fafb33314d47cbdaeee5544fade98b714ab727f3226425609d5a9faa1e074cd3c4cd61d977f9085d4e0e2b1fef211dc0bcd0d8b4a9625baef9ce049f5bc2725ee69b58c7e901ece8647e5602c1c4b2a2b0ba188604ecb26184585c0ec71dffa5f95552940b4527aedf0b073c372038d1928a8fa9150f35ecfd4154cdbe0d7a51b3e7c9ce8f52310559564efa43294bff9d0c01f7429977a78a613e320fd60e77971cd21f12b13"}, {0xc, 0x7, {0x1, 0x1}}, {0xc}}}, @m_tunnel_key={0x114, 0x4, 0x0, 0x0, {{0xf}, {0x6c, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x7fffffff}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @private2}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @rand_addr=' \x01\x00'}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x7, 0x4, 0x10000000, 0x9}, 0x1}}, @TCA_TUNNEL_KEY_NO_CSUM={0x5, 0xa, 0x1}]}, {0x7c, 0x6, "cb6c7713a4df5ba1aed358802ec44078db7b48ab98764f70c2e8470a624ab8bea7b71f0b34752622afc08f2d2474b9b3f55bf3cc2e5a111e22747fa0237f442d7adbbc89d0acbdece35fa72d0ec1f7cfdf88d05a5032a0a2e732c4e9792433c29af635ab6eab6ff7ea9cb0d6c1c7ff2208d953c9e628b08d"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_vlan={0x130, 0x19, 0x0, 0x0, {{0x9}, {0x4c, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x5}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x2}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x8100}, @TCA_VLAN_PUSH_VLAN_PRIORITY={0x5, 0x6, 0x7}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x67a}, @TCA_VLAN_PUSH_VLAN_ID={0x6, 0x3, 0x72d}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x6, 0x4, 0x88a8}]}, {0xbb, 0x6, "5bb91a105b5cef31d890a4c337006803ff7b7527370093126aaafbe6c4e6fc504a80f0cc5c4336737c2d9d032e95750ba700422f8edbd062d5e51d5ddce58e872f0802d20042ed355128b0a26c9d1bd5a678e7b13128bc13a79a7816459ea5c34236b94194b1d939901fb7832647f742085564b8cf5baa8bca731bdc7ec5035d171eccbaa4315e1320cb55288d3efb521e2355bab7e54bbe2e96ff1b5221a05c23ae95111a11417656c258eb16912425f05bbf638c7615"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1}}}}, @m_pedit={0xf88, 0x20, 0x0, 0x0, {{0xa}, {0xe6c, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe68, 0x2, {{{0x1, 0xe, 0x10000000, 0x3, 0x7}, 0x1, 0xf7, [{0x2, 0x9, 0x34, 0x3, 0x10001, 0x4}, {0x3d1, 0xfffffff2, 0x1, 0x6, 0x40, 0x1}, {0x1, 0x0, 0x401, 0x2, 0x8000, 0x7}]}, [{0x9, 0xfffff801, 0xffffffff, 0xc0000000, 0x7, 0x6c9}, {0xc3, 0xd, 0x7, 0x21c40483, 0x8, 0xd}, {0x6, 0x99f, 0xfffffff8, 0x200, 0x7fff, 0x7}, {0x0, 0xfffffff6, 0x672, 0xfff, 0x5, 0x2}, {0x100, 0x6, 0xcba, 0x5, 0x4, 0x6}, {0x5, 0x5, 0x9ce, 0x640, 0xfffffff8, 0xa}, {0x7f, 0xfff, 0x4, 0x4, 0x8}, {0x27, 0x0, 0xc0b0, 0x81, 0xffff8001, 0xff59}, {0xc860, 0x0, 0x8, 0x7, 0x88, 0x7ff}, {0x0, 0x2, 0x4, 0x4, 0x8, 0xc}, {0x10001, 0x1, 0x1, 0x9, 0xffffff81, 0x9}, {0xfffffbff, 0x800, 0xb, 0x2, 0x101, 0x3}, {0x1, 0x4, 0x6, 0x9, 0x1, 0x8dd}, {0x7, 0x7, 0x8, 0x9, 0x1ff, 0x200}, {0xfffffffe, 0x5, 0xe, 0x6, 0x4}, {0x5, 0x8b, 0xa, 0x8, 0x3, 0x5}, {0x7, 0x35, 0x4, 0x5, 0x7, 0x677d78d2}, {0xe066, 0x10000, 0x7b, 0xff, 0x10001, 0xf}, {0x4, 0x39, 0xf5bd, 0xfffffffd, 0x9, 0x6}, {0xf17, 0x8000, 0x7ff, 0xffff, 0x3, 0x67800}, {0x1ff, 0x6, 0x7, 0x0, 0x9, 0x8}, {0xf967, 0x3, 0x2, 0xe, 0x4, 0x3}, {0xe6, 0x6, 0x8, 0xa, 0x4, 0x1}, {0x9, 0x2, 0x49, 0x3, 0x9, 0x1}, {0x92, 0x6, 0x7, 0x4b7, 0x80, 0x7}, {0xa, 0x2, 0x10000, 0x101, 0xae43, 0xa5}, {0xf118, 0x80000000, 0xe, 0x4, 0x4, 0x17dd}, {0x3ba8, 0xd, 0xffffff01, 0xfffffffe, 0x8000, 0x1}, {0x2, 0x8, 0x5, 0x100, 0x1, 0xb}, {0x7, 0x8, 0x0, 0x9, 0xed3, 0x4}, {0x10001, 0x26ecc80d, 0x4800, 0x263, 0x8, 0x1}, {0xffffffd6, 0x8, 0x9, 0x7, 0x9, 0x2}, {0x85f7, 0x4, 0x9, 0x21b5f59, 0x1, 0xab52}, {0x7, 0x48, 0x7fffffff, 0x3, 0x9b21, 0xf}, {0x361, 0x9, 0xe0, 0x689, 0x2, 0xffffffff}, {0x3, 0x5, 0x7fff, 0xb0, 0xffffffc0, 0x7ff}, {0x0, 0xd47, 0x6, 0x800, 0x3, 0x2}, {0x8001, 0x99b, 0xe, 0x8, 0x6, 0x36}, {0x4, 0x5, 0x8000, 0x6, 0x7, 0x8}, {0x6, 0x7, 0x15f8, 0x4, 0x2166, 0x5}, {0xe2c8, 0x5, 0xe6a, 0x8, 0xffff, 0x24f}, {0x80, 0xffffffff, 0x9, 0x8, 0x4, 0x80}, {0x80, 0x1, 0xd5b, 0x0, 0x7, 0x2}, {0x400, 0x7, 0x77d8d1c1, 0x7, 0x6, 0xcf348414}, {0x6, 0x5, 0x6, 0x401, 0x9, 0x5}, {0x3, 0x0, 0x7f, 0x2, 0x9, 0xd}, {0x23fb, 0x4, 0xdb73, 0x1, 0x400, 0xb}, {0x5, 0x9bce, 0x4, 0xf, 0x6, 0x8}, {0x10000, 0x7fffffff, 0xffffff71, 0xfff, 0x8, 0x5}, {0x10, 0x3, 0x100009, 0x3, 0x3, 0xc3b1}, {0x3, 0x1, 0x80000001, 0x4, 0xfffffff7, 0xfffffffb}, {0x2, 0x8, 0xcd08, 0x4, 0x96, 0x97ef}, {0x9, 0x3, 0x9, 0x4, 0xffffffff, 0x2}, {0x6, 0x7, 0x0, 0x9, 0xf}, {0x5, 0x8, 0x8, 0xa6, 0xfffffff8, 0x7}, {0x4, 0x3, 0x200, 0x4, 0x9, 0x8}, {0x4, 0x6bb, 0x742f6ed1, 0x9, 0xfffff0d1, 0xfffffffb}, {0x101, 0x5, 0x1da, 0xdf, 0x6, 0x5}, {0xfffff121, 0x91, 0xfffffff8, 0x3ff, 0x6d, 0x1}, {0x3, 0xd5c, 0x4, 0x401, 0x7, 0x7}, {0x5, 0x5, 0x7fffffff, 0x3a06, 0x8001, 0x8001}, {0x200, 0x1, 0x80000000, 0xc, 0x9, 0x8}, {0x7f, 0x1, 0x2, 0xfffffffa, 0x8, 0x7}, {0x1, 0x1, 0x67c7, 0x6, 0x2b1, 0x9}, {0xc30, 0xfffffffb, 0x643, 0x6, 0x5, 0x4}, {0x3, 0xfffffff7, 0x6, 0x8, 0xf, 0xc69}, {0xa, 0x2, 0x5, 0x8, 0x3, 0x1}, {0x6, 0x8, 0x9cf, 0x6, 0x4, 0x7}, {0x932e, 0x3, 0x8adf, 0x5, 0x0, 0x6}, {0x1, 0xfffffffd, 0xe44, 0xb, 0x8001, 0x4}, {0x8, 0x0, 0x9, 0xe, 0xffffffff, 0x51}, {0x10001, 0x5, 0xffff, 0x8, 0x6, 0x4}, {0xd, 0x1, 0xfffffe01, 0x77, 0xc, 0x132755ea}, {0x1, 0x3b3, 0x10000, 0x1, 0x0, 0x7}, {0xffffffff, 0xfffffff9, 0x4, 0x7, 0x5, 0xfffffff8}, {0x8, 0x0, 0x1, 0x3, 0x9, 0x2}, {0x8001, 0xb, 0x6, 0x25, 0x1, 0xf99}, {0x3, 0x7, 0x5, 0x7, 0x8ee0973, 0xad}, {0xb, 0x1, 0x9c13, 0x3c2d, 0x175, 0x2}, {0x4, 0x4, 0x6, 0x6, 0xf4, 0x401}, {0x4, 0xfffffffd, 0xfff, 0x2, 0xffffffa4, 0x1}, {0x2, 0xfffff001, 0x5, 0x4, 0x800, 0xa}, {0x8, 0x401, 0x6, 0x96, 0xfffffffa, 0x31a1}, {0xcacc, 0x4, 0x10, 0xa7, 0x7, 0x7}, {0xac1, 0x8, 0x553d, 0x2, 0x1, 0x401}, {0x9, 0x7ff, 0xfb, 0x10000, 0x248, 0x8}, {0x12000000, 0x5, 0x2000, 0x1, 0xb, 0x3}, {0x0, 0x7, 0x9e86, 0x3, 0x48fa, 0x5}, {0x58d2, 0xa7e7c12, 0x0, 0x1000, 0x186a, 0x7}, {0x3, 0x4, 0x10001, 0x5, 0x4, 0xffffffff}, {0x4, 0x0, 0x0, 0x0, 0xfffffffd, 0x800}, {0x2, 0x7f, 0x4, 0x37, 0x9, 0x1}, {0x1, 0x4, 0x8001, 0x6d8, 0x4, 0x6}, {0x9, 0x9, 0x8, 0x80000000, 0x6, 0x6}, {0x4, 0x3, 0x1, 0x7, 0x1, 0x51}, {0x100, 0x9, 0x3, 0x2b, 0x9, 0x6}, {0x8001, 0x3, 0xe1a, 0x0, 0xf, 0x4}, {0x401, 0x8, 0x8, 0xd4, 0x1, 0x6}, {0x200, 0x40, 0x3, 0x8, 0xffffffff, 0x3}, {0x9, 0x80, 0x1, 0x6, 0x99, 0x69aeff7b}, {0x401, 0x101, 0x2, 0xd866, 0x5, 0x6}, {0xe, 0x569, 0x71, 0x0, 0x7, 0x4}, {0x4, 0x3, 0xde7, 0x1, 0x2, 0x936}, {0x5, 0x2, 0x6, 0x2ed, 0xf, 0x4}, {0x3, 0x96, 0x3, 0x1, 0x40}, {0x9, 0x9, 0x0, 0x4, 0xa940, 0x6}, {0x5, 0x10001, 0x0, 0x6, 0xc000, 0x7fff}, {0x6, 0x6, 0x800, 0xffffffde, 0x8, 0x7ff}, {0x2, 0x4, 0x9, 0x0, 0x5, 0x1}, {0x7, 0xebea, 0xb8, 0x41, 0x9, 0x5}, {0x8, 0x115, 0x3ff, 0x7, 0x30b}, {0xbe, 0x946, 0x71b1, 0xb, 0xfffffffd, 0x7f}, {0x11c9, 0x8, 0x0, 0x6, 0xfffff000, 0x4}, {0x32d, 0xa, 0x401, 0x4, 0x5, 0x4}, {0x4800, 0x5e5, 0x3, 0x9, 0x4, 0xb95}, {0x3, 0xfffff9cc, 0x1, 0x1}, {0x3f80, 0x8, 0x8, 0x4, 0x3, 0x7}, {0xa, 0x7, 0x28000, 0x80000001, 0x44d3e511, 0x3}, {0x8, 0x2, 0xcc85, 0x0, 0x7, 0x10001000}, {0x1, 0x4, 0x6, 0x0, 0x7dd}, {0x9, 0x4, 0x0, 0x7, 0x0, 0xd}, {0x9, 0x6, 0x7, 0x7, 0x6, 0x3b}, {0xe, 0x1, 0x2, 0x2, 0x7, 0xffff1866}, {0x7, 0x1000, 0x1, 0x1, 0x7, 0x7}, {0x9, 0x7, 0xfff, 0x1, 0x4, 0x7}, {0x1, 0x10001, 0x7, 0x3, 0x7fffffff, 0xb6b8}, {0x80000000, 0x9, 0x2, 0x6, 0x1, 0x8b}, {0x5, 0x80000000, 0x80000001, 0x1, 0xc0f, 0x8}], [{0x0, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x2, 0x1}, {0x1, 0x1}, {0x1}, {0x3}, {0x4, 0xa3ad7356280f2f6}, {0x3, 0x1}, {0x5}, {0x1, 0x1}, {0x2}, {0x0, 0x1}, {0x1}, {0x3}, {0x1, 0x3550e9d28b42fbca}, {0x0, 0x1}, {0x3, 0x1}, {0x0, 0x1}, {0x4}, {0x1}, {}, {0x2}, {0x0, 0x1}, {}, {}, {0x0, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x1, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x4, 0x1}, {0x3}, {}, {0x1}, {}, {0x3}, {0x2, 0x1}, {0x2}, {0x2}, {0x4, 0x1}, {0x4, 0x1}, {0x0, 0x1}, {0x4, 0x1}, {0x5}, {0x3, 0x1}, {0x2}, {0x0, 0x1}, {0x4, 0x1}, {0x4}, {0x5}, {0x1, 0x1}, {0x3}, {0x1, 0x1}, {0x1}, {0x1}, {0x5}, {0x3, 0x1}, {0x1, 0x1}, {0x0, 0x1}, {0x3}, {0x0, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x3, 0x1}, {0x1}, {0x1}, {0x5}, {0x4, 0x1}, {0x1, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {}, {0x0, 0x1}, {0x0, 0x1}, {0x5}, {0x5, 0x70fdb70b52decf54}, {0x5}, {}, {0x5}, {0x3}, {0x3, 0x1}, {0x1}, {0x5}, {0x0, 0x1}, {0x2}, {0x3}, {0x5}, {0x3}, {0x5, 0x1}, {0x6, 0x22ef0986a3e0c86b}, {0x2, 0x1}, {0x3, 0x1}, {0x5, 0x1}, {0x3}, {0x2}, {0x4}, {0x4}, {0x5, 0x1}, {0x0, 0xc12c90abe993bcd4}, {}, {0x0, 0x1}, {0x1, 0x1}, {0x3, 0x1}, {0x1}, {}, {0x5}, {0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x5}, {0x4}, {0x2, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {}, {0x1, 0x1}, {0x2}, {0x4, 0x1}, {0x1}, {0x4, 0x1}, {0x1, 0x1}, {0x7cf921f9919c58f7}]}}]}, {0xf2, 0x6, "c2826ca9568dca6552a39015842966f45be20624457cc84ce85ecf57a86b0be12073691d617507974a6d035bcb97898a1ec5c73e5435803f1b06d0de8317b7b1804b47784b12443459fdcd27e7e643d4fd2f4c98b44e476d51d5476efcbc68d7859de707e0425cae75429852679075bdb20bcc0c878b76d273c66172c3f432f3ca18fe6fb7d8bc0969c2bc60533d8a10f15dc6465ca5672c08c6c9dc29d73f05abb60cf4442d97d3a2f9742703f74ae6e38f215a8fce65262118707bd5176980878857b17d2fb3e314c4dab9e857afdea820fd93346d18852b960e80f6553ec16ddd6ea76e3c851591f607454886"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_skbmod={0x118, 0x9, 0x0, 0x0, {{0xb}, {0x18, 0x2, 0x0, 0x1, [@TCA_SKBMOD_ETYPE={0x6, 0x5, 0xdae1}, @TCA_SKBMOD_SMAC={0xa, 0x4, @multicast}]}, {0xd6, 0x6, "996303092541f7dfd2ab05f9b44e6d0f47555c39befec2ae340425274fbc5b889b0f19b92d430c18ac4a8bdd6d7e19ddc19d02d144498961e19179133b48a0d7f4cab64fe53a5fa3081112e426a8f0d41197e16683dc083cccfe5896272862741ebf9d1352514f8edf8e319a9799d620d4eeda634e2be1c0e3d9f6af5be5ea133440119d90d167ef1296298ee0d9abed33afa34f4a3fc85114631963d3dd7a2d937de644d5f97463c073d25ebce84bc525633cbf421b7906467d9354ddb177c5102ec36082ec96d33051758b7be360e7f4f3"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0x14dc}, 0x1, 0x0, 0x0, 0x24000004}, 0x0)

1.436458688s ago: executing program 2 (id=1037):
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x68, 0x0, 0x0, 0x0, 0x0, 0xeb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0}, 0x32a0, 0x0, 0x800000, 0x0, 0x9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
syz_open_dev$sg(0x0, 0x0, 0x401)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x65, 0xff, 0x5, 0xa, 0x0, 0x3, 0x8b008, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x1, @perf_config_ext={0x2}, 0x1a, 0x7, 0x800, 0x4, 0x8, 0x2}, 0x0, 0x4000000001, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r2, 0x0, 0x3}, 0x18)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000dc0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000000600000085000000070000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$UHID_CREATE(r3, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f00000000c0)=""/43, 0x2b}}, 0x120)
write$UHID_DESTROY(r3, &(0x7f0000000080), 0x4)
r4 = fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r5, <r6=>0xffffffffffffffff}, &(0x7f0000005680), &(0x7f00000056c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='itimer_state\x00', r7}, 0x10)
setitimer(0x2, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000001800)='\xd0\x9e^\xa0\xee\xc8\x17T\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fBy\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\fU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sa\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^\v\xfbO\xf3\xff\x1bf\xedC\xbd\xd1\xf1#\xb3\xe5\t\x9a\xddk\x95\xd5N\xf3\x98\x1a\xa3\xca%N\xf8\xc6\xbcJw\xd8\x99f\xf1\xb5\x93^x|\x05\x00\x00\x00o*\xd3\xab\x05$<\xa3KQm\x00\xd3M\xb2\xd0,\xeeP\x1a\xd0 yI!\x17\x9b\xe7\xef\t\xba\xa0]\xf4\xb7\x00_g/\r\xd2\x06\xc5\x15\x1d\xcc\x0eB\x87\xe9 \x81P\"\xea\xd5#\xa4\xe5\xa1\x19Wp\x83\xf8tC\x10\xbe\xe3\xa9H\xc7\x89\x0eN\xd3\xc1\xd7\x99\xd8\x88\x1dZ\x91\r\xd1\x1c\xac\xe26b\x04\xecB[\xf3Lp\xfcQ\xf8\xec\xa0\x8f\xd3\xde\x8bo\xd2\xbb~;\x8d\xc2\xf1\tP\xdfB\"VD\v\x90\xfb`\x8b\xfbr\x87B\xc3\x1c\x99\xe1ft\xd1\xdb\x0e\x86\xa3\xfc;y\x9d\xe6\xe25\x9f9\nj\x8a\xba\xb5\xc7\x92`\xed\x89\xf4\xbd\xc3\xe7l\xa9\xda\xde\xe0\xcf\xeaM\xb2~\x159\x92\xf60\x0e\xa0\xc2\x17\x8aC\xa5\xcf\xcd\x16\xdb\xa3v\xe8\xf1\x82\xe2\xa5\xf0\xc7K\xe4?|\xc9\xdfx\xf0\xb1', &(0x7f0000001600)='\xb8\x8b\xadTd\xdcJ\x03\xf7\n\x11x\xf5\x93Q#\xfe\xb4\xeb\xd9/\x90\xad\xc5\xd0\a\xef\x06$*\xf0\v7>\xa8`\xf1)\xec\xba\xb7\x85\a\x92I\xbb\xfe2\xa0\xc1\xb3\x13p\xa2l', 0x0)
close(r4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x4404, &(0x7f0000000d00)=ANY=[@ANYBLOB="75746638006d61703d6f983c756661703d6e6f726d616c2c6909000000f2ff00003dda5de4d586f0df206d65656b416d6f64653d7063303030303010303071303030303030302c73657373696f6e3d307830faffffff30303030303030f459574b50be30c8486470722677b93165cfe6f62127553b2017754598752d977369672c7063723d303030303030303030303030303030303030332c64566e745f6d6561737572652c00000000000000006bbf4d6406b59dbc529c00000000000000fada265ab14119997600a2299d2c35a2efc1bf037787a0d801e26d335ef2ba9ac2423a358ccbb776b21e1d3b5ee4e0f21a4c775145ef26c98b4af40babc3b18cc5635b6da7c4d1b0fbb8f271016ecf316158c2be5a4bef251c82b85bbc335cae0a2920ce36f206f449fbf64a47e05bd4cf8312774a4e61", @ANYRESDEC=0x0, @ANYRESHEX], 0xfe, 0x668, &(0x7f0000000e80)="$eJzs3Utv29gZxvGHsnwtMC3aYhAEmfGZpAM4aKpI8sQDI12UpSibU0kUSLqwV4N0Yg+CyJk2SYHGm6k3vQDtF+huNrPohyjQddf9Al0WGLS7At2oICnqSlm+J23/PyPREfmS56XI6A0t8VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECWUyuXK5YaXmtn10zn1AK/ecL8dG3zups27s7sV7LiP1pa0o100o1vD2a/Hf91W7fSZ7e0FD8s6ehrb3/j4beKhWz5ExI6D511hS9eHT191OnsPz9fb13rPMtdiYlMVDjFUltuywt9r2lvucYLfbO5sVG+v10PTd1ruOFeGLlN4wRuIfIDs+bcNZXNzXXjlvb8ndZWzT50s4kffq9aLm+YjxZ7u//+R6XQ2fYaDa+1lcTEs+OYxf4R4tpNYw6edPbXZyUZB1VOE1SdFVQtV6uVSrVa2Xiw+eDDcrk4MaE8RhMRg4P2zdn5uE6X9M4NXFwhrv9/s6SGltTSjnZlcn8c1RTIV3PK/J6s/r9/3z2x3+H6n1X5G4PZN5XU/3fTZ+9Oq/9TcjEyyQJ5c6wp08/380KvdKSneqSOOtrX82mRXz/TelcvL8Or/dmSipKnUL48NWVrS65Mb4rRpja0obI+1rbqCmVUl6eGXIXaU6hIrprJPgnkylYkX4GM1uTorowq2tSm1mXkqqQ9+dpRS1uqyda/ut3ugZ4kr/v6CTkqC6qcJqjYPwYng6bV/598ni5xtvqP/z39Y+cUMcBr1+2d/083lzdx9eoyAgAAAAAAl81KfvtuJZ/dvyOpq7rXcMuvOy0AAAAAAHCJkk/+b8UP83HrHVlTzv+7158bAAAAAAC4HFZyjZ0laSX5Ur81uBLqNF8CyL04AAAAAAAAvFmSz/+LC1I3GVptVdaZzv8BAAAAAMB/gd8MjbFfzMbY7WYf6xckhe1F60//WFQwbx23d79jHdrxHPuwFzPxDYCoftMqKh2oNxmvd0FS8sxxb1m98YF7g2Ba6cC+0lcHs8b6t4KxBBbmsl9f5CTw1tFQAhvF3jP9Tu+lMe/1+n18VFAyJ+1lpe413JLjNx5WZNtvFSJ3N/r5sye/kIL+dh486eyXPvms8zjJ5TiedHwY5/H5SDqFWbm8TMZbSK65yNviZdWzLn/baq5YSb/lbPvnZB8Whjs63fb/SrfTmNsr6ePKUbYHZP2y16iUkl022PpkdAhrkEVlfMvzdsSULJaSLO6kMXfW7qQPWX7pXlj67pxULU3ug2A4i+pwFrNfC+ufE6/FjCziY2E9zuLP8YqmZLF+tiwm9ggAvC4HgyqUDGI+Ocb+eN09z7vc7Or+g9FeXv6hm15wOCcVe59NpBchTqsrit/R19KwhXQU9+LNnHf0cq+uLGnKO3r5AtUt7uuPg3sg9dLuzSn2s/h3t9t9WEn6/f1YVf0iXuCLqf2Gjepc/BLef3n402QA/Nin+5/uP6tW1zfKH5TLD6qaTzaj90DtAQDkmH2PndGIpUE969fuD/pn1Y///n7aGqm73+x/paCkT/SZOnqse9ktBFbz+10Z+hrCvcmz1jh2WRqPreje1LO6pJYOxVb7sfPKFhn9/8Igdv2qdwMAANfq9ow6PF7/887d72Xn3Ws3c8+7R2v5+B2Ch2PnR2o5AAC4Gm7wlbUS/doKAq/9cWVzs2JH264JfOdHJvBqW67xWpEbONt2a8s17cCPfMdvmHagRa/mhibcabf9IDJ1PzBtP/R2kzu/m96t30O3abcizwnbDdcOXeP4rch2IlPzQse0d37Y8MJtN0gWDtuu49U9x448v2VCf1mOWzImdN2hQK/mtiKv7sXNlmkHXtMO9syP/cZO0zU1N3QCrx356QqzvrxW3Q+ayWpL6p50o0MAAP5vvHh19PRRp7P//ITGsdJG9n20E4IX8lb4mjcRAACMoUoDAAAAAAAAAAAAAAAAAAAAAPDmO831fyc2sosCsynzygmW+lN+9tap1mxpMOXLv14ow3M0CuNTeiPtdmcv/pe0UcyLWY4bC5I62cs/HHN8qVuxeqpgpY3i5b+Gy1LekXBlje8fjB6HEzHxzNxZi/19Ubz4P4e8xrMvp8yafUQtjr6GCydt4GijKOn5wgV2wfW/FwG4Xv8JAAD//6TAPYc=")
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ipvs(&(0x7f0000001380), r8)
sendmsg$IPVS_CMD_SET_CONFIG(r8, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000001580)={&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="0100000000000000000010"], 0x24}}, 0x0)

432.474133ms ago: executing program 3 (id=1038):
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000007c0), 0x1, 0x73e, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvbJOmb9vXpODBimCgBwulu3ZbSwWRih6kWCnqzUO73d2Gkt1uyW5KEypaUQRPIsWzP07e/AdEEfTmUfDsSQpFSr0IQmS2s3Hb7KabNJtV9/OBCc8zM5tnvjszz/Mkz8NMAGNrNv2Ri9gfER8lEdPZ+iQiJtupiYiTd/e7c/taOV2SWFl5/bekvU+aj67PpPZkmcci4rv3Iw7l1pbbXFqeL9Vq1YUsX2jVLxeaS8uHL9ZLc9W56qXi8WePFk8UnzlR3LJY/3jv1fOnvnrpixvv/vjLa2+dejKJk7E329Ydx1aZjdnsO5lMv8J7vLjVhY1YMuoDYFPSW3PH3bs89sd07GinAID/srcjYgUAGDOJ9h8Axkzn/wCdsb1hjIP9k916ISJ29Yp/Ihuz29UeB919J7lnZCSJiJktKH82Iq6++cHX6RJDGocE6OWd6xFxbmZ2bf2XrJmzsFFPD7DP7H159R9sn2/T/s+JXv2f3Gr/J3r0f6Z63Lub8eD7P3dzC4rpK+3/Pdez/7s6aW1mR5b7f7vPN5lcuFirpnXbIxFxMCan0vyRdco49vHzP/Tb1t3/S5e0/E5fMDuOmxNT936mUmqVHibmbreuRzw+0Sv+ZPX8J336v2cGLKP1/ROf99v24PiHa+WziKd6nv+/Z7Ql689PLLSvh0Lnqlgr/+H0vn7ljzr+9PzvXj/+maR7vmZz42X89MmfL/fbttnrf2fyRju9M1t3tdRqLRyJ2Jm8snZ91xTSTr6zfxr/wQPr13+9rv/0b8JzA8Y//+mX5zcf/3Cl8Vc2dP43njjw8zd94xns/B9rpw5mawap/wY9wIf57gAAAAAAAAAAAAAAAAAAAAAAAABgULmI2BtJLr+azuXy+bvv8H40dudqjWbr0IXG4qVKtN+VPROTuc6TLqe7nod6JHsefidfvC9/NCL2RcSNqf+18/lyo1YZdfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkNnT5/3/qV+nRn10AMDQ7Br1AQAA2077DwDjR/sPAONH+w8A40f7DwDjR/sPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAkJ05fTpdVn6/fa2c5itXlhbnG1cOV6rN+Xx9sZwvNxYu5+cajblaNV9u1B/0+2qNxuXi8Vi8WmhVm61Cc2n5bL2xeKl19mK9NFc9W53clqgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGOaS8vzpVqtuiAhISGxmhh1zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw7/BXAAAA///R4B8B")
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100020, 0x0, 0x0, 0x6, 0x3, 0x0, 0xa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="2c000000a42488374c8508de915427f9bebc84ba27b36acb78d600fc6a6c5036be59596c59a3a2a472af764fae1d3cab3793dc48153a159507f940d6cb543e351700811665e76c657a7663a16427d29d652b4b", @ANYRES16=r3, @ANYBLOB="31830000000000000000190000001800018014000200766574683000"/38], 0x2c}, 0x1, 0x0, 0x0, 0x8040}, 0x4886)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r4, &(0x7f0000000600), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r5 = creat(&(0x7f0000000340)='./file0\x00', 0x0)
close(r5)
r6 = getpid()
socket$inet_mptcp(0x2, 0x1, 0x106)
r7 = syz_pidfd_open(r6, 0x0)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r7}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='timer_start\x00'}, 0x18)
r8 = openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r9 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r9, 0x0)
write$selinux_load(r8, &(0x7f0000000000)=ANY=[], 0x6000)
unshare(0x20040600)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000380)=@framed, &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff0000, @void, @value}, 0x94)

420.563313ms ago: executing program 0 (id=1039):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x34, r1, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x34}}, 0x0)
sendmsg$SMC_PNETID_DEL(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x14, r1, 0xe27, 0x0, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e000000080000000000180003801400038010"], 0x44}}, 0x0)

350.207424ms ago: executing program 5 (id=1040):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0xe)
r1 = memfd_create(&(0x7f0000000600)='prodM\xb0\xea\a\x06\xbe\xaen/\xce4\xb7\xc1\xef\xba!\x9d\rSt\xa24\t\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x1dz\xd05\xe2e,\xb1\x84\xea\x91^%A\xe5\x9e\x13TdT\xc6^p\xb0#R\x04\x06\xae\xebA;X\x14\x97\xabh\xd1/\x84\x8a\x91$GY\xeb\x8f\xec\xb4\xf9\x17\xb7\x04\xc2\xc0\xc6\xb4\v\xff\xfc\x88\x90\xabC\x02\x00\xf04\x03\x88\xae9\'>R^P{Vr!\xe2\x02\x00\x00\x00\x00\x00\x00\x006\x96\xffZ\\A@\x00\x00\x00\xc9\xf3Y\xb8\x89#\xa1\xb1)Dk\xeb\xa1\t\x00{u[\xbd\x9d\xf4\xbf\\\xce\x02P\xf2MY\x05^\xffj\x9c\x14\xb7\xb6v\x1d*1>\x00 \x00\x00\x00\x00\x14C?]\x8c\xb4Y\xcf\x80\x85\xd6\x036\xc8~\xa8\f\x00\x00\xb5M\x9a\x9dc\xaaAU\xec\xe06\xed\xe4\xfb\xdf\a\xd0lg\x13\xf9\x8b:s>\xd7s\xef\xb3\x9f#\x15)\xf9\xe10\xc7\xb262<k\xa8\x88\x01\x00fhD\xe7\xb6\x17\x80\x95\xa8\x1e\t\xb01KF\xcb\x00\x1e\x7fE\x7f\x02\x00\x00\x00y<nGR\x94\x99\xb8\x89\x9b\x8f\xd5\xe6\x02\xb5C\xad\"u\xf4>\x00\x00\x00\x00\x00\x00\x00\x00Nz\x0eu\x8f\x01\x00\x00\x00\x00\x00\x00\xdd\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc3\xa7/\x0f\x9b`\xa5\x98\x81a\xeev\x00\x00\x00\x00\a\x10\x00m2\xf2\xd8,\x17\xf8\x8e\xae\xc8\xad\xed<\"\x8e\n\x9d\xb13\x8d\xef\x96\xd2I\"8=tg\xdfU\xd0q\x95/f\xec\xdc\xa3\xe1[\xc0\xaa\xefz\xc9\xf4[\x00\x00\x00Q\xff}5\x94\x88\xa1\xdc\xa1g\xe0q\xc5:\xe4\xdf\x80\xb3,\xb9\xb2\xdc\x81\x9f6\x0f\x84WY\xbfSY`\xb8\a\x19\xb1\x058\xa4\xc3\xbb\xf8aB:\x84\x02?\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3o-GU\xb0\x00F\xb3o(aI[\xd6\x9fG\xaeI\x83\x93\x8cC\xc0#\xe0q\xd0Ex|\xdb\xa8\x16\xfe>:\t0\xfd\x8a\xc7\x84\xb5\xc7M-0A\xf0\x94\xf3\xcc\x8d\xbb3\\\"\x882\xb3\xa84\xac\x00\xdd}Ft\xc6\xcc\f}1X#\xe4\xe1\x94i\xce\xa1\xff\x95\x80\xb4T\x9c\x01\xf3\x1cLB\x94m(m\f\xbc\xebY\xa0\xf7\xf0\x9d\x10\xbd\x86\x1by\xe6\xdf\xc0\xc5\xb9\xb9\xbf\xdf~9\nC\xe9\xc5\x0e\xda\x9c(\x9b\"\xc7\x97\xfc\b\xd9\xc2T\xa7*}]\xc8\xb3 .\x9b\x89\x0f\xf8$\xdd>lU\x13EG\xbb1] \xda\x19\xc5\x9b\x15\x95\xc4\xfcw\xbb\x92\x91\xc4\xa6\x907XK\xfc\x17]\xfa\xff\'\xef\x92\x1c\xb8\x1fK\xb2o \xd1\xbd\xb2\x11+\xa3R\xefQ\xc2\xbdW\x05\xec\xb3=@\x03\xc6^\xa2\x15%\xb0\'D#\xb6Q\x8f\x82?S>\x0fP\x9cE\x92{d\xe6\x9cj1\x87\xb3\x01\xde\xe8\x89#;a\x94\"\xd1U\xff\xe8v\xd3\x84d\xf4\x134\x00\x00\x00\x00h\xaa\x15\x9a\xf7\x03\x00%\x88p\x90\xbb\x9dt\xa3\xe1\r\x8d\x94\"\x19\x8b\x17)\xea\xd5\x17\xeb\xe4\x1b\x0fBZ1\xbe\xee\xfa\x1c\xf9\xa6\x11\x94\x06\\P:\xaf\xcex\xc2\x82\x9a\x16\xfc\xa1\xf9q\x12\xe3\x1a\xdc\xb7\x12\xbba\b\xbb\xed\xb2\xd1W\xe2\x8b\x8d8}\x10W\xbd\xa60A\xc3\x03\xfa\x890\x86#\bQ\xcb)\x00]\x9e\x14\xd2\xea\x82\xa8\xb7ZG\x15r\xf1\t\x00\x00\x00 \xc1\xaf\x19?\x00\\\x91\x13\x1b8\xe1\xc3\xa4\v\x94\xbfJ\xb5\xde\x95\x82\x00]B|\xe2[%\xe3\xf0\x04\xba\xed\xdb\xf5\x7f\x9d\xfe>\xf6m$M&\x7fq]\xe4\xf6\x82\xc3\x00\xb1zg}\x99E\xa4\x19\xe9\x1a4a\xd75D-k\x84\xa6\x12+\xebk\xa1\xfek\x89\xef\x18\xc1)6\xa65\xe2D\xbe\xe1\xdfq\xdd68\xf37g\xab9m\xe7\xddO\v?\xe0\xbe}\xa9U\xc7{\xd3\x16W\xbb\xe5\xd2\x93\xfe\xa4\x9d\r$\xe91c8`\x86\xbc)\xc6\x12\x8c_x\xa8\xfa\xb5K\x03\x85\x93k\xe1\x8e\x1f)\".\xcc\'\v\xa6\x1bj\\\n\xe98yA\xd8T\x85\x80A\xcbo\x99\x99\xeb)r\x1a\xce\x18(\x185LL\xbcOeO\'\xe2\x86&\xe4\xe2\xe7~\x92\xa2\xb2\x9b\xc3\x00\x85\xce\xad7\x87\xa0\xfcc\xf5\xf8\xaf\v,q\xd4\x18\xbdM\x1a\xde\xba*L\x05m6\xecH\xd0T\xb8m\xdb\b\xa6\x02\xfb\x13\xac\x91\x8a\x8d\x94\x93\x8d=\xb1\x84\x9c\x9b\xe5\xc7\xa6\xc9Q\xc1eUc\xcc\x180^\x00\x00\x00\x00\x00\x00\x00\x00\xe7]6+\\\x00\x00\x00\x00?#C.\x1dj\xd9\xc3\xdd&\x80g:N\xec\x06[\x8f\x92\xe2\xb01\xb0\xef\x10,\xde\xf3\x86D\x8b\xf7\xf1>AH\xef\\\xf9\x8b\a\xe0\xb2\xcb\xf0\x97\b\r\xd5`\xb9\xd6\xa4\x1e\xbe\x12-}\xc5\x84\xde@\x18\x87\f\x01O\xedS\x8f\x9en,\xbce\xb2\xe4\x82v\x1c\xed\x84-s\xab\x06b\x9c\xba\xec\xa5\xc9A\x84\xd0\xe0 S\xc8\xa2\xaf\x85\v\xad\xa5\x88\xcf\xb6}`\x14\'\xea\xbfN\xac)\xa1\xe8\xb2\x9f\x112TJ\x16\x8c9\xe9\xf5\x18\x15Dd\x8a%>\x91\x93\x88\xe9\x18\x82]\x9e&\xfa\xaa\xfa8Z2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\xb35\x00\xfb\xac8wAph\xb4\x9d\x14\xf6\xec+f\'\xa3\xb9\xaf\x87X\xec\x13\x9c\xc5\x84\xde\x1b\x11\xe8\\}\xf81\xe6U3\xf9~\xdfD[\x1a\x02\x1f\xd2\x1as-\x9c\x01\x86\xa7\xb8\xc5\xeeOg\x99j\xedu\xafO@\x8e\xf24w\xad\x130Z&\xcb\x81\xfc', 0xe)
setresuid(0x0, 0xee00, 0x0)
fchmod(r1, 0x180)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
write$sndseq(r2, &(0x7f00000001c0)=[{0xff, 0xb, 0x0, 0xfd, @tick=0x6dd, {0x0, 0x1}, {0x81}, @result}], 0x1c)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000340), 0xa00200, 0x0)
ioctl$PPPIOCATTCHAN(r3, 0x40047438, &(0x7f0000000180)=0x3)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r4, 0x0, 0x41, &(0x7f0000000000)=ANY=[@ANYBLOB="6d6167676c6500000000000000000000000000000000000000000000000000000300"/47], 0x58)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x65, 0xfc, 0x5, 0x0, 0x0, 0x3, 0x8900c, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc46, 0x0, @perf_bp={0x0, 0x1}, 0x0, 0x6, 0x7ffffffc, 0x1, 0x1, 0x0, 0x0, 0x0, 0x100, 0x0, 0x3}, 0x0, 0x6, 0xffffffffffffffff, 0x2)
shmctl$SHM_UNLOCK(0x0, 0xc)

349.759754ms ago: executing program 0 (id=1041):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x3, 0xb, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000400000018b574d55620782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000620000009500000000000000"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="9feb0100180000000000000024000000240000000800000004000000000000070000000003000000000000080100000000000000000000020200000000002e2e5f"], 0x0, 0x44, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0xfffffffffffffffd}, 0x18)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000000)={<r3=>0xffffffffffffffff}, 0x2, 0xc}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000280)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x0, @empty, 0x1}, {0xa, 0x4e20, 0x1ff, @private0, 0x9}, r3, 0x7}}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r5}, 0x10)
r6 = open(&(0x7f0000000200)='./file0\x00', 0x4008040, 0x0)
fcntl$setlease(r6, 0x400, 0x0)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)
r8 = openat$cgroup_freezer_state(r0, &(0x7f0000000140), 0x2, 0x0)
r9 = syz_open_dev$usbfs(&(0x7f00000001c0), 0x7, 0xba80)
syz_emit_ethernet(0x36, &(0x7f0000000680)=ANY=[@ANYBLOB="ff000000000800450000280000000000679078ac050000000000000000907800010000002300000000000000000000db580b771e1216629ca6e748e841ddecd32f2fb4a184a415"], 0x0)
ioctl$USBDEVFS_SETINTERFACE(r9, 0x80085504, &(0x7f0000000300)={0x1, 0x300b})
write$cgroup_freezer_state(r8, &(0x7f0000000040)='FROZEN\x00', 0x7)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x8, 0x1010, r8, 0xf64b3000)
sendfile(r8, r8, 0x0, 0x9)
newfstatat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r10=>0x0}, 0x400)
getresuid(&(0x7f00000004c0), &(0x7f0000000500), &(0x7f0000000580)=<r11=>0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000005c0)=<r12=>0x0)
setresuid(r10, r11, r12)

284.289655ms ago: executing program 2 (id=1042):
ioctl$USBDEVFS_SETINTERFACE(0xffffffffffffffff, 0x8008550e, 0x0)
syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x59c4, 0x8, 0x1000, 0x5cc}, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00"/11], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071000000180100002020752500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r2, &(0x7f0000005b40)=[{{&(0x7f0000000000)={0x2, 0x4e20, @multicast2}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000040)="f37481d90eeaead391345b4da9d27e24c9c670da3afc5c00"/50, 0x32}, {&(0x7f0000000140)="ead5e96719a44591801f33", 0xb}, {&(0x7f0000000180)="f3f97053495b072215aee864193557c0dabdd253711d5ed9b131c5abd8796e5759ab1f639211e68e24bf4471b6ab1429b165c7248cded82bfb4a3f48e8d0", 0x3e}], 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="2c000000000000000000000007000000441c9301ffffffff0000000000000000000000000000000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aae010000200000003"], 0x50}}, {{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000380)="c1ad061c5d914eadd95de7fb63eb7b0306d91c25f3fba6c97eda8ade2420dfe1fe0f5c7a01d724be33a44f1cd52028110d8f7dd4b3421a3fe4b2066d179f938ba15c3956e1aaad35035bcde7b90ed59ee2de06c8a4af3de95bda", 0x5a}], 0x1}}, {{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000480)="f41fa963edcd5e2a5d", 0x9}, {&(0x7f00000004c0)="0c71e8d7705b19c24e8c3ec98b4243ae0be48cd79f024361b8082d328363e63e360e122e7ec929c89aea0b338987609655fb5f5f91cd457584f30946f63e00fd0e8c536ae0106beb7d02fb4eb35db10c37c4bf3f2c6df9254d540598ae9b7098b74908c7da448e8891bc1b46f58553776f43370d090df693f3a4e4a724dbb498e51860bd766e36c41c0a0ee41019a0b05b519107c1fbb944f26f16f9fc127f3cd86c3fdbcf169912fc1c42a4a7051d3e85591ccd24b19681da775dc34c98ad24ab07c6feab583ba1f5efb430a06d66c039dbf40a84f04cfdfca240676e96579502925e57864815d3fe17edaf5cdbc3a4b48843c22372f9f1cf363d8428fe6341fb474ba53db6be689703ce5f7b6639b3493a5aca4c9316df8b4600d73533021932eb359ce7c1f00a54cb1318076ccb00e27ba0934db1867e078ee47b86d3e367b96ba948c3aa029c365eb0dc99685c5fd7bfbd1916b889da42d6ad1ab2466e989b5c8304b1e2190d4efeb9ccbd3a7a48c3b393470fc215e164cb91e238c5a28c4f40b4b99ee8f9481fe62e0bcf0a9831e491dc1150ad9c023217df6432487219a3083b310958cdbc217f99d02a19414987ff1bc176e3267c205827f466ea1912cbc0e304faf034602b85db010d8796d2ab18c2c4badf39db5312ad908d8555c30d0cc7d3bce8b4fcfc5764ed6e8bf4e8e4af6bbb3f82ac014f021dc6cb81cebe4b7d071e4d019719d1b0354ce0a2ff3b66ba7bf0f4598bde90a9115ddc4f197bcd881e0cd0baabb57316e75d108b14acc668ee906acf7bffdff3aef11ecf107b3eccd67a56c6b26e0a9a72d404a7a2dd3da8759e676c0eef6a95890d4f647269d1bf972d75307bd867819f385df6f57a7c28332307f444d1157c303c30a478b056d6e11111398aafcb6fff1b6a985cf888afa04586e35e7d3b292d254acf08a6bd38fbbd22bc9919052e6693c1e454aade6348679e027d1b102618476c9ab1f9928fc7f505046cb8383b9e1d79b961895502cded12f1842705102dffddc11f7bea0bd53833f1a455e661f6bda92d35b1159e1489cf762da76c125060ffedc7cc54238b3bd2d894a91d92a6c5cce9bf5417674a2bd0e38271912f7481e58ec7ab422db826482ffb80ce45dab2cb43105356c292a2fd1db8a758b37d56f46721163f24c075d980a37917cca20acce274c404828efaed50b881a5481f9ad268e99e25884db25426d5a5f338f405748817bba32b89e4c18b0f061e6758d46b5f0f2865b1c41be4f7ff999d289538a8fca45b2cf76a2fc398b7913db0ea85ee4d00156432f764ef888094dceb05c68da62fdf667b511276ac97dcf0b34819d9307cf0066267f94ab80fcc19c9f3d682e6e375ac25d7d6b71ae6d084ca1ed7e21b46b1ca0abc6cd50b3aa40e341cfc0a75f2040cc71c26e6cff3d76cc6c629051c47d8b950d01de19d324f2705e37a7a41364ecc70e5021ef955b50144860dafe6fc8b14fb6c451c0444aef66c3081097b", 0x42e}], 0x2}}, {{0x0, 0x0, &(0x7f0000004240)=[{&(0x7f0000003140)="01", 0x1}], 0x1}}], 0x4, 0xc080)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r3}, 0x10)
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x481, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000020000000c"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='tlb_flush\x00', r5}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x30dd3000)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000900)={0x1, &(0x7f00000008c0)=[{0x6, 0xfe}]})
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r7, &(0x7f0000000300)={0x1a, 0x0, 0x1f, 0x0, 0xc9, 0x8, @local}, 0x10)
r8 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r8, &(0x7f0000001880)=[{{0x0, 0x4, &(0x7f00000010c0)=[{&(0x7f00000000c0)="c8", 0x1}], 0x1, 0x0, 0x0, 0x60ff}}, {{0x0, 0x0, &(0x7f0000001800)=[{&(0x7f0000001280)=',', 0x1}], 0x11}}], 0x2, 0x0)

283.889555ms ago: executing program 5 (id=1043):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r2, 0x4c80, 0x7000000)

257.463405ms ago: executing program 5 (id=1044):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000880)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r2, 0x5)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r3, 0x2)
dup3(r3, r2, 0x0)

102.821398ms ago: executing program 5 (id=1045):
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0xb)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000040)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000000100000024000180060005004e230000060001000200000008000300ac1414aa0800060001"], 0x38}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000880)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0xd)

75.203478ms ago: executing program 3 (id=1046):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x10, 0x0, &(0x7f0000000640)="b9ff03076844268cb89e14f088f747e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x50)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='freezer.self_freezing\x00', 0x275a, 0x0)
r2 = creat(&(0x7f0000000140)='./file0\x00', 0x0)
fallocate(r2, 0x0, 0x0, 0x5)
fallocate(r1, 0x0, 0x0, 0x10fff9)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0xc, r2, 0x8, 0x0, 0x2})

74.733558ms ago: executing program 5 (id=1047):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000000)={[{@minixdf}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5e0, &(0x7f0000001200)="$eJzs3c9vVNUeAPDvmf6gpbzXQl7ee7iQJsZAorS0gCHGBWyNafBH3Lix0oJIgYbWaNGEkuDGxLgxxsSVC/G/UCJbVrpy4caVISFqWJo45k7nlk57p6Wl7a3czycZeu49cznndvqdc+6Zc+4EUFmD2T+1iP0RMZ0i+tP8Yl5nNDMHF553/48Pz2SPFPX6q7+lSM19+fNT82df8+CeiPjh+xT7OlaWOzN39cL41NTkleb28OzF6eGZuauHz18cPzd5bvLS6HOjJ44fO35i5MiGzuva8h29EXHjnff6Px574+sv/0wj3/w8luJkvNh84tLz2CyDMdj4naSVWX0nNruwknQ0/06WvsSps8QKsS7569cVEf+L/uiIBy9ef3z0cqmVA7ZUPUXUgYpK4h8qKu8H5Nf2y6+Da6X0SoDtcO/UwgDAyvjvXBgbjJ7G2MDu+ymWDuukiNjYyFyrPRFx5/bYjbO3x27EFo3DAcXmr0fE/4viPzXifyB6YqAR/7WW+M/6BaebP7P9r2yw/OVDxeIfts9C/PesGv/RJv7fXBL/b22w/MEHybd7W+K/d6OnBAAAAAAAAJV161REPFv0+X9tcf5PFMz/6YuIk5tQ/uCy7ZWf/9fubkIxQIF7pyJeKJz/W8tn/w50NFP/aswH6Epnz09NHomIf0fEoejalW2PrFLG4U/2fdEub7A5/y9/ZOXfac4FbNbjbueu1mMmxmfHH/W8gYh71yOeKJz/mxbb/1TQ/mfvB9MPWca+p2+ebpe3dvwDW6X+VcTBwvb/wV0r0ur35xhu9AeG817BSk9+8Om37crfaPy7xQQ8uqz93716/A+kpffrmVl/GUfnOuvt8jba/+9OrzVuOdPd3Pf++OzslZGI7vRSR7a3Zf/o+usMj6M8HvJ4yeL/0FOrj/8V9f97I2J+2f+dfm9dU5z77199v7Srj/4/lCeL/4l1tf/rT4zeHPiuXfkP1/4fa7T1hxY/jQjjfxARn+dh2t26vyAcO4uytru+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA4qEXEnki1ocV0rTY0FNEXEf+J3bWpyzOzz5y9/O6liSyv8f3/tfybfvsXtlP+/f8DS7ZHl20fjYi9EfFZR29je+jM5amJsk8eAAAAAAAAAAAAAAAAAAAAdoi+Nuv/M792lF07YMt1ll0BoDQF8f9jGfUAtp/2H6pL/EN1iX+oLvEP1SX+obrEP1SX+IfqEv8AAAAAAPBY2Xvg1k8pIuaf7208Mt3NvK5SawZstVrZFQBK4xY/UF2m/kB1ucYH0hr5PW0PWuvI1UyfeYSDAQAAAAAAAAAAAKByDu63/h+qyvp/qC7r/6G68vX/B0quB7D9XOMDscZK/sL1/2seBQAAAAAAAAAAAABsppm5qxfGp6Ymr0i8vjOqsZ2Jer1+Lfsr2Cn1+Ycn8qnwO6U+yxL5Wr+HO6q89yQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDV3wEAAP//o1kjUQ==")
r0 = open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0)
fallocate(r0, 0xa, 0x2, 0x8001000f8)
sendfile(r0, r0, 0x0, 0x100000008)

0s ago: executing program 3 (id=1048):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f00000001c0)=""/66}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000590000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
ioctl$TUNGETVNETLE(0xffffffffffffffff, 0x4010744d, &(0x7f0000000180))
r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2042, 0x0)
ioctl$AUTOFS_IOC_FAIL(r2, 0x4c80, 0x7000000)

kernel console output (not intermixed with test programs):

26] smc: net device bond0 applied user defined pnetid SYZ0
[   60.094157][ T4837] loop4: detected capacity change from 0 to 512
[   60.143715][ T4838] loop1: detected capacity change from 0 to 512
[   60.358896][ T4838] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   60.372753][ T4838] EXT4-fs (loop1): orphan cleanup on readonly fs
[   60.380366][ T4838] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.482: bg 0: block 248: padding at end of block bitmap is not set
[   60.395678][ T4838] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.482: Failed to acquire dquot type 1
[   60.409629][ T4838] EXT4-fs (loop1): 1 truncate cleaned up
[   60.442626][ T4837] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   60.474069][ T4843] loop2: detected capacity change from 0 to 128
[   60.497159][ T4837] EXT4-fs (loop4): invalid journal inode
[   60.521023][ T4843] ext4 filesystem being mounted at /109/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   60.557659][ T4837] EXT4-fs (loop4): can't get journal size
[   60.606794][ T4837] EXT4-fs (loop4): 1 truncate cleaned up
[   60.773857][ T4843] EXT4-fs error (device loop2): htree_dirblock_to_tree:1082: inode #2: block 4: comm syz.2.486: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1
[   61.339119][ T4872] loop4: detected capacity change from 0 to 128
[   61.356094][ T4874] loop2: detected capacity change from 0 to 1024
[   61.363143][ T4874] EXT4-fs: Ignoring removed nobh option
[   61.368823][ T4874] EXT4-fs: Ignoring removed bh option
[   61.375861][ T4869] FAULT_INJECTION: forcing a failure.
[   61.375861][ T4869] name failslab, interval 1, probability 0, space 0, times 0
[   61.388599][ T4869] CPU: 1 UID: 0 PID: 4869 Comm: syz.0.494 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   61.388688][ T4869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   61.388699][ T4869] Call Trace:
[   61.388706][ T4869]  <TASK>
[   61.388712][ T4869]  dump_stack_lvl+0xf6/0x150
[   61.388734][ T4869]  dump_stack+0x15/0x1a
[   61.388750][ T4869]  should_fail_ex+0x261/0x270
[   61.388772][ T4869]  should_failslab+0x8f/0xb0
[   61.388862][ T4869]  __kmalloc_noprof+0xad/0x410
[   61.388894][ T4869]  ? __register_sysctl_table+0x7cf/0xc00
[   61.388935][ T4869]  __register_sysctl_table+0x7cf/0xc00
[   61.388972][ T4869]  register_pidns_sysctls+0xdd/0x140
[   61.389060][ T4869]  copy_pid_ns+0x356/0x640
[   61.389113][ T4869]  ? copy_mnt_ns+0x78/0x5e0
[   61.389144][ T4869]  ? kmem_cache_alloc_noprof+0x237/0x340
[   61.389210][ T4869]  create_new_namespaces+0x188/0x430
[   61.389228][ T4869]  ? security_capable+0x81/0x90
[   61.389252][ T4869]  unshare_nsproxy_namespaces+0xe6/0x120
[   61.389275][ T4869]  ksys_unshare+0x3d3/0x700
[   61.389304][ T4869]  __x64_sys_unshare+0x1f/0x30
[   61.389367][ T4869]  x64_sys_call+0x2c93/0x2e10
[   61.389387][ T4869]  do_syscall_64+0xc9/0x1c0
[   61.389405][ T4869]  ? clear_bhb_loop+0x25/0x80
[   61.389456][ T4869]  ? clear_bhb_loop+0x25/0x80
[   61.389477][ T4869]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.389496][ T4869] RIP: 0033:0x7f3e8912d169
[   61.389509][ T4869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.389525][ T4869] RSP: 002b:00007f3e8776e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[   61.389545][ T4869] RAX: ffffffffffffffda RBX: 00007f3e89346080 RCX: 00007f3e8912d169
[   61.389624][ T4869] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000062040200
[   61.389638][ T4869] RBP: 00007f3e8776e090 R08: 0000000000000000 R09: 0000000000000000
[   61.389651][ T4869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.389661][ T4869] R13: 0000000000000000 R14: 00007f3e89346080 R15: 00007ffd49259828
[   61.389679][ T4869]  </TASK>
[   61.389685][ T4869] sysctl could not get directory: /kernel -12
[   61.617144][ T4874] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   61.632607][ T4874] SELinux:  Context system_u:object_r:man_t:s0 is not valid (left unmapped).
[   61.653652][ T4872] ext4 filesystem being mounted at /92/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   61.710756][ T4872] vxcan0: tx address claim with dlc 0
[   61.746966][ T4890] 9pnet_fd: Insufficient options for proto=fd
[   61.759246][ T4894] loop4: detected capacity change from 0 to 164
[   61.767876][ T4894] Unable to read rock-ridge attributes
[   61.792377][ T4894] Unable to read rock-ridge attributes
[   61.798422][ T4894] iso9660: Corrupted directory entry in block 4 of inode 1792
[   62.166838][ T4920] pim6reg1: entered promiscuous mode
[   62.172246][ T4920] pim6reg1: entered allmulticast mode
[   62.241850][ T4928] 9pnet_fd: Insufficient options for proto=fd
[   62.322798][ T4935] sctp: [Deprecated]: syz.0.519 (pid 4935) Use of int in max_burst socket option deprecated.
[   62.322798][ T4935] Use struct sctp_assoc_value instead
[   62.450963][ T4953] 9pnet_fd: Insufficient options for proto=fd
[   62.499267][ T4956] netlink: 4 bytes leftover after parsing attributes in process `syz.2.529'.
[   62.508803][ T4956] netlink: 4 bytes leftover after parsing attributes in process `syz.2.529'.
[   62.536315][ T4957] infiniband syz1: set down
[   62.540992][ T4957] infiniband syz1: added veth0_virt_wifi
[   62.553773][ T4957] RDS/IB: syz1: added
[   62.558445][ T4957] smc: adding ib device syz1 with port count 1
[   62.564789][ T4957] smc:    ib device syz1 port 1 has pnetid 
[   62.770452][ T4961] loop4: detected capacity change from 0 to 1764
[   62.795333][ T4961] iso9660: Bad value for 'uid'
[   62.800165][ T4961] iso9660: Bad value for 'uid'
[   62.877086][ T4970] netlink: 8 bytes leftover after parsing attributes in process `syz.2.530'.
[   63.015865][ T4998] loop3: detected capacity change from 0 to 128
[   63.023797][ T4998] ext4 filesystem being mounted at /99/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   63.028042][ T5000] loop4: detected capacity change from 0 to 128
[   63.066978][ T4998] EXT4-fs error (device loop3): htree_dirblock_to_tree:1082: inode #2: block 4: comm syz.3.547: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1
[   63.125797][ T5000] ext4 filesystem being mounted at /99/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   63.220007][ T5000] EXT4-fs error (device loop4): htree_dirblock_to_tree:1082: inode #2: block 4: comm syz.4.548: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1
[   63.235709][   T29] kauditd_printk_skb: 135 callbacks suppressed
[   63.235754][   T29] audit: type=1326 audit(2000000007.930:1648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4984 comm="syz.2.541" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f98a0dcd169 code=0x0
[   63.380904][ T5027] loop4: detected capacity change from 0 to 128
[   63.404374][ T5027] ext4 filesystem being mounted at /102/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   63.439186][ T5027] EXT4-fs error (device loop4): htree_dirblock_to_tree:1082: inode #2: block 4: comm syz.4.559: bad entry in directory: inode out of bounds - offset=1012, inode=128, rec_len=12, size=1024 fake=1
[   63.488610][   T29] audit: type=1400 audit(2000000008.180:1649): avc:  denied  { map } for  pid=5038 comm="syz.4.564" path="socket:[9904]" dev="sockfs" ino=9904 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   63.511843][   T29] audit: type=1400 audit(2000000008.180:1650): avc:  denied  { read } for  pid=5038 comm="syz.4.564" path="socket:[9904]" dev="sockfs" ino=9904 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   63.549343][ T5048] smc: net device bond0 erased user defined pnetid SYZ0
[   63.564596][   T29] audit: type=1400 audit(2000000008.250:1651): avc:  denied  { bind } for  pid=5042 comm="syz.4.566" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   63.585161][ T5044] netlink: 4 bytes leftover after parsing attributes in process `syz.4.566'.
[   63.594023][ T5044] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   63.651227][ T5053] netlink: 4 bytes leftover after parsing attributes in process `syz.0.568'.
[   63.654103][   T29] audit: type=1326 audit(2000000008.340:1652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5054 comm="syz.3.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8f9d8d169 code=0x7ffc0000
[   63.683566][   T29] audit: type=1326 audit(2000000008.340:1653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5054 comm="syz.3.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7ff8f9d8d169 code=0x7ffc0000
[   63.707361][   T29] audit: type=1326 audit(2000000008.340:1654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5054 comm="syz.3.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8f9d8d169 code=0x7ffc0000
[   63.731221][   T29] audit: type=1326 audit(2000000008.340:1655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5054 comm="syz.3.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7ff8f9d8d169 code=0x7ffc0000
[   63.754705][   T29] audit: type=1326 audit(2000000008.340:1656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5054 comm="syz.3.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff8f9d8d169 code=0x7ffc0000
[   63.778247][   T29] audit: type=1400 audit(2000000008.350:1657): avc:  denied  { create } for  pid=5052 comm="syz.0.568" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[   63.780715][ T5044] batman_adv: batadv0: Removing interface: batadv_slave_1
[   63.827321][ T5053] bond1: entered promiscuous mode
[   63.832409][ T5053] bond1: entered allmulticast mode
[   63.839576][ T5053] 8021q: adding VLAN 0 to HW filter on device bond1
[   63.846741][ T5062] usb usb8: usbfs: process 5062 (syz.2.571) did not claim interface 0 before use
[   63.856276][ T5062] FAULT_INJECTION: forcing a failure.
[   63.856276][ T5062] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   63.869592][ T5062] CPU: 0 UID: 0 PID: 5062 Comm: syz.2.571 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   63.869626][ T5062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   63.869641][ T5062] Call Trace:
[   63.869654][ T5062]  <TASK>
[   63.869663][ T5062]  dump_stack_lvl+0xf6/0x150
[   63.869691][ T5062]  dump_stack+0x15/0x1a
[   63.869711][ T5062]  should_fail_ex+0x261/0x270
[   63.869793][ T5062]  should_fail+0xb/0x10
[   63.869808][ T5062]  should_fail_usercopy+0x1a/0x20
[   63.869829][ T5062]  _copy_from_user+0x1c/0xa0
[   63.869858][ T5062]  kstrtouint_from_user+0x84/0x100
[   63.869883][ T5062]  ? 0xffffffff81000000
[   63.869948][ T5062]  ? selinux_file_permission+0x22d/0x360
[   63.870042][ T5062]  proc_fail_nth_write+0x54/0x160
[   63.870071][ T5062]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   63.870167][ T5062]  vfs_write+0x295/0x950
[   63.870186][ T5062]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   63.870234][ T5062]  ? __fget_files+0x186/0x1c0
[   63.870263][ T5062]  ksys_write+0xeb/0x1b0
[   63.870284][ T5062]  __x64_sys_write+0x42/0x50
[   63.870310][ T5062]  x64_sys_call+0x2a45/0x2e10
[   63.870454][ T5062]  do_syscall_64+0xc9/0x1c0
[   63.870472][ T5062]  ? clear_bhb_loop+0x25/0x80
[   63.870493][ T5062]  ? clear_bhb_loop+0x25/0x80
[   63.870519][ T5062]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   63.870555][ T5062] RIP: 0033:0x7f98a0dcbc1f
[   63.870572][ T5062] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   63.870630][ T5062] RSP: 002b:00007f989f42f030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   63.870653][ T5062] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f98a0dcbc1f
[   63.870666][ T5062] RDX: 0000000000000001 RSI: 00007f989f42f0a0 RDI: 0000000000000007
[   63.870720][ T5062] RBP: 00007f989f42f090 R08: 0000000000000000 R09: 0000000000000000
[   63.870731][ T5062] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   63.870741][ T5062] R13: 0000000000000000 R14: 00007f98a0fe5fa0 R15: 00007ffcffc14f68
[   63.870763][ T5062]  </TASK>
[   63.872346][ T5053] bond1 (unregistering): Released all slaves
[   64.090827][ T5059] bond0 (unregistering): Released all slaves
[   64.136929][ T5073] syz.4.576(5073): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[   64.167053][ T5075] smc: net device bond0 applied user defined pnetid SYZ0
[   64.174309][ T5075] smc: net device bond0 erased user defined pnetid SYZ0
[   64.216980][ T5080] sd 0:0:1:0: device reset
[   64.328832][ T5089] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.351682][ T5092] loop1: detected capacity change from 0 to 512
[   64.360438][ T5093] loop4: detected capacity change from 0 to 512
[   64.368745][ T5092] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   64.377036][ T5093] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   64.377966][ T5089] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.404212][ T5092] EXT4-fs (loop1): invalid journal inode
[   64.410075][ T5093] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[   64.414808][ T5092] EXT4-fs (loop1): can't get journal size
[   64.422974][ T5093] EXT4-fs error (device loop4): ext4_iget_extra_inode:4704: inode #15: comm syz.4.585: corrupted in-inode xattr: e_value size too large
[   64.439437][ T5093] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.585: couldn't read orphan inode 15 (err -117)
[   64.439806][ T5092] EXT4-fs (loop1): 1 truncate cleaned up
[   64.459342][ T5089] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.483536][ T5093] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000.
[   64.517874][ T5089] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.567102][ T5101] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5101 comm=syz.1.587
[   64.590397][ T5089] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.603191][ T5089] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.619497][ T5089] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.638754][ T5089] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   64.670479][ T5107] Invalid ELF header magic: != ELF
[   64.797596][ T5121] IPVS: sync thread started: state = MASTER, mcast_ifn = wg1, syncid = 262145, id = 0
[   64.867206][ T5126] loop1: detected capacity change from 0 to 128
[   64.885695][ T5126] ext4 filesystem being mounted at /115/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   64.943582][ T5126] vxcan0: tx address claim with dlc 0
[   64.973269][ T5133] smc: net device bond0 applied user defined pnetid SYZ0
[   64.980610][ T5133] smc: net device bond0 erased user defined pnetid SYZ0
[   65.001613][ T5134] netlink: 132 bytes leftover after parsing attributes in process `+}[@'.
[   65.149100][ T5147] loop1: detected capacity change from 0 to 512
[   65.157531][ T5147] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   65.168800][ T5147] EXT4-fs (loop1): orphan cleanup on readonly fs
[   65.176420][ T5147] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.601: bg 0: block 248: padding at end of block bitmap is not set
[   65.192453][ T5147] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.601: Failed to acquire dquot type 1
[   65.205723][ T5147] EXT4-fs (loop1): 1 truncate cleaned up
[   65.973388][ T5175] loop3: detected capacity change from 0 to 512
[   65.996187][ T5175] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   66.030008][ T5175] EXT4-fs (loop3): 1 truncate cleaned up
[   66.077222][ T5181] netlink: 8 bytes leftover after parsing attributes in process `syz.4.615'.
[   66.116351][ T5181] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   66.163191][ T5184] loop2: detected capacity change from 0 to 512
[   66.201914][ T5184] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   66.258057][ T5184] EXT4-fs (loop2): invalid journal inode
[   66.282507][ T5184] EXT4-fs (loop2): can't get journal size
[   66.309999][ T5184] EXT4-fs (loop2): 1 truncate cleaned up
[   66.511701][ T5195] FAULT_INJECTION: forcing a failure.
[   66.511701][ T5195] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   66.524993][ T5195] CPU: 0 UID: 0 PID: 5195 Comm: syz.3.619 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   66.525078][ T5195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   66.525089][ T5195] Call Trace:
[   66.525094][ T5195]  <TASK>
[   66.525101][ T5195]  dump_stack_lvl+0xf6/0x150
[   66.525123][ T5195]  dump_stack+0x15/0x1a
[   66.525138][ T5195]  should_fail_ex+0x261/0x270
[   66.525210][ T5195]  should_fail+0xb/0x10
[   66.525226][ T5195]  should_fail_usercopy+0x1a/0x20
[   66.525300][ T5195]  _copy_to_user+0x20/0xa0
[   66.525418][ T5195]  simple_read_from_buffer+0xb2/0x130
[   66.525455][ T5195]  proc_fail_nth_read+0x103/0x140
[   66.525492][ T5195]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   66.525527][ T5195]  vfs_read+0x1b2/0x710
[   66.525574][ T5195]  ? __rcu_read_unlock+0x4e/0x70
[   66.525644][ T5195]  ? __fget_files+0x186/0x1c0
[   66.525682][ T5195]  ksys_read+0xeb/0x1b0
[   66.525708][ T5195]  __x64_sys_read+0x42/0x50
[   66.525803][ T5195]  x64_sys_call+0x2a3b/0x2e10
[   66.525828][ T5195]  do_syscall_64+0xc9/0x1c0
[   66.525846][ T5195]  ? clear_bhb_loop+0x25/0x80
[   66.525935][ T5195]  ? clear_bhb_loop+0x25/0x80
[   66.525961][ T5195]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.525986][ T5195] RIP: 0033:0x7ff8f9d8bb7c
[   66.526002][ T5195] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   66.526018][ T5195] RSP: 002b:00007ff8f83ef030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   66.526035][ T5195] RAX: ffffffffffffffda RBX: 00007ff8f9fa5fa0 RCX: 00007ff8f9d8bb7c
[   66.526049][ T5195] RDX: 000000000000000f RSI: 00007ff8f83ef0a0 RDI: 0000000000000008
[   66.526059][ T5195] RBP: 00007ff8f83ef090 R08: 0000000000000000 R09: 0000000000000000
[   66.526073][ T5195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.526087][ T5195] R13: 0000000000000000 R14: 00007ff8f9fa5fa0 R15: 00007ffe55e11218
[   66.526109][ T5195]  </TASK>
[   66.916692][ T5218] random: crng reseeded on system resumption
[   67.029085][ T5227] loop1: detected capacity change from 0 to 512
[   67.220498][ T5227] EXT4-fs (loop1): 1 orphan inode deleted
[   67.228917][ T5227] ext4 filesystem being mounted at /122/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.239864][   T37] EXT4-fs error (device loop1): ext4_release_dquot:6971: comm kworker/u8:2: Failed to release dquot type 1
[   67.570932][ T5218] net_ratelimit: 11 callbacks suppressed
[   67.571010][ T5218] A link change request failed with some changes committed already. Interface ip6gre0 may have been left with an inconsistent configuration, please check.
[   67.707735][ T5238] netlink: 4 bytes leftover after parsing attributes in process `syz.3.637'.
[   67.860331][ T5245] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   67.882527][ T5245] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   67.957559][ T3302] EXT4-fs unmount: 38 callbacks suppressed
[   67.957578][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.531146][   T29] kauditd_printk_skb: 294 callbacks suppressed
[   68.531162][   T29] audit: type=1400 audit(2000000013.220:1949): avc:  denied  { ioctl } for  pid=5250 comm="syz.0.643" path="net:[4026532436]" dev="nsfs" ino=4026532436 ioctlcmd=0x8924 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[   68.564212][   T29] audit: type=1400 audit(2000000013.220:1950): avc:  denied  { listen } for  pid=5252 comm="syz.1.641" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   68.583931][   T29] audit: type=1400 audit(2000000013.220:1951): avc:  denied  { connect } for  pid=5252 comm="syz.1.641" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   68.603661][   T29] audit: type=1400 audit(2000000013.220:1952): avc:  denied  { write } for  pid=5252 comm="syz.1.641" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   68.613823][ T5259] vhci_hcd: default hub control req: 600f v0000 i0000 l0
[   68.624124][   T29] audit: type=1400 audit(2000000013.220:1953): avc:  denied  { nlmsg_read } for  pid=5252 comm="syz.1.641" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   68.665093][   T29] audit: type=1400 audit(2000000013.350:1954): avc:  denied  { execute } for  pid=5258 comm="syz.1.646" dev="tmpfs" ino=1099 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   68.686360][   T29] audit: type=1400 audit(2000000013.350:1955): avc:  denied  { execute_no_trans } for  pid=5258 comm="syz.1.646" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=1099 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   68.727458][   T29] audit: type=1326 audit(2000000013.360:1956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5258 comm="syz.1.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34cbc6d169 code=0x7ffc0000
[   68.750923][   T29] audit: type=1326 audit(2000000013.360:1957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5258 comm="syz.1.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f34cbc6d169 code=0x7ffc0000
[   68.774267][   T29] audit: type=1326 audit(2000000013.360:1958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5258 comm="syz.1.646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f34cbc6d169 code=0x7ffc0000
[   68.806117][ T5268] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   68.814955][ T5268] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   68.835596][ T5259] Falling back ldisc for ttyS3.
[   69.201243][ T5273] FAULT_INJECTION: forcing a failure.
[   69.201243][ T5273] name failslab, interval 1, probability 0, space 0, times 0
[   69.213939][ T5273] CPU: 0 UID: 0 PID: 5273 Comm: syz.3.650 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   69.214026][ T5273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   69.214042][ T5273] Call Trace:
[   69.214050][ T5273]  <TASK>
[   69.214059][ T5273]  dump_stack_lvl+0xf6/0x150
[   69.214083][ T5273]  dump_stack+0x15/0x1a
[   69.214098][ T5273]  should_fail_ex+0x261/0x270
[   69.214119][ T5273]  should_failslab+0x8f/0xb0
[   69.214180][ T5273]  kmem_cache_alloc_node_noprof+0x5c/0x340
[   69.214227][ T5273]  ? __alloc_skb+0x10d/0x320
[   69.214265][ T5273]  __alloc_skb+0x10d/0x320
[   69.214354][ T5273]  ? audit_log_start+0x37f/0x6e0
[   69.214377][ T5273]  audit_log_start+0x39a/0x6e0
[   69.214397][ T5273]  ? kstrtouint+0x7b/0xc0
[   69.214505][ T5273]  audit_seccomp+0x4b/0x130
[   69.214525][ T5273]  __seccomp_filter+0x694/0x10e0
[   69.214557][ T5273]  ? vfs_write+0x669/0x950
[   69.214590][ T5273]  __secure_computing+0x7e/0x160
[   69.214625][ T5273]  syscall_trace_enter+0xcf/0x1f0
[   69.214665][ T5273]  do_syscall_64+0xaa/0x1c0
[   69.214684][ T5273]  ? clear_bhb_loop+0x25/0x80
[   69.214704][ T5273]  ? clear_bhb_loop+0x25/0x80
[   69.214724][ T5273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.214747][ T5273] RIP: 0033:0x7ff8f9d8d169
[   69.214765][ T5273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.214826][ T5273] RSP: 002b:00007ff8f83ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   69.214845][ T5273] RAX: ffffffffffffffda RBX: 00007ff8f9fa5fa0 RCX: 00007ff8f9d8d169
[   69.214856][ T5273] RDX: 000000000000000a RSI: 0000200000000000 RDI: 000000000000000a
[   69.214867][ T5273] RBP: 00007ff8f83ef090 R08: 0000000000000000 R09: 0000000000000000
[   69.214877][ T5273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   69.214894][ T5273] R13: 0000000000000000 R14: 00007ff8f9fa5fa0 R15: 00007ffe55e11218
[   69.214916][ T5273]  </TASK>
[   69.580477][ T5290] loop3: detected capacity change from 0 to 128
[   69.609845][ T5292] loop2: detected capacity change from 0 to 512
[   69.618534][ T5292] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   70.230555][ T5302] netlink: 28 bytes leftover after parsing attributes in process `syz.1.661'.
[   70.318429][ T5302] support for the xor transformation has been removed.
[   70.470728][ T5292] EXT4-fs (loop2): orphan cleanup on readonly fs
[   70.478229][ T5292] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.654: bg 0: block 248: padding at end of block bitmap is not set
[   70.493631][ T5292] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.654: Failed to acquire dquot type 1
[   70.505465][ T5292] EXT4-fs (loop2): 1 truncate cleaned up
[   70.511746][ T5292] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   70.532486][ T5290] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   70.570819][ T5290] ext4 filesystem being mounted at /134/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   70.782379][ T3301] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   70.883869][ T5313] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   70.913092][ T5313] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   71.091530][ T5334] loop4: detected capacity change from 0 to 512
[   71.100338][ T5334] EXT4-fs (loop4): 1 truncate cleaned up
[   71.107663][ T5334] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.142121][ T5334] EXT4-fs error (device loop4): ext4_add_entry:2419: inode #2: comm syz.4.672: Directory hole found for htree leaf block 0
[   71.224437][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.362151][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.393856][ T5347] netlink: 12 bytes leftover after parsing attributes in process `syz.4.676'.
[   71.412614][ T5351] loop2: detected capacity change from 0 to 128
[   71.427060][ T5351] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   71.438333][ T5354] FAULT_INJECTION: forcing a failure.
[   71.438333][ T5354] name failslab, interval 1, probability 0, space 0, times 0
[   71.440498][ T5351] ext4 filesystem being mounted at /143/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   71.451904][ T5354] CPU: 1 UID: 0 PID: 5354 Comm: syz.4.677 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   71.451991][ T5354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   71.452004][ T5354] Call Trace:
[   71.452013][ T5354]  <TASK>
[   71.452022][ T5354]  dump_stack_lvl+0xf6/0x150
[   71.452053][ T5354]  dump_stack+0x15/0x1a
[   71.452075][ T5354]  should_fail_ex+0x261/0x270
[   71.452103][ T5354]  should_failslab+0x8f/0xb0
[   71.452196][ T5354]  __kmalloc_node_track_caller_noprof+0xaa/0x410
[   71.452239][ T5354]  ? __irq_work_queue_local+0x82/0x1d0
[   71.452282][ T5354]  ? v9fs_session_init+0x4e/0xdb0
[   71.452342][ T5354]  kstrdup+0x3d/0xd0
[   71.452422][ T5354]  v9fs_session_init+0x4e/0xdb0
[   71.452476][ T5354]  ? strcmp+0x21/0x50
[   71.452502][ T5354]  ? should_fail_ex+0xd7/0x270
[   71.452526][ T5354]  ? should_failslab+0x8f/0xb0
[   71.452560][ T5354]  ? __kmalloc_cache_noprof+0x18d/0x320
[   71.452599][ T5354]  ? v9fs_mount+0x56/0x580
[   71.452627][ T5354]  v9fs_mount+0x6c/0x580
[   71.452654][ T5354]  ? __pfx_v9fs_mount+0x10/0x10
[   71.452738][ T5354]  legacy_get_tree+0x77/0xd0
[   71.452809][ T5354]  vfs_get_tree+0x56/0x1e0
[   71.452840][ T5354]  do_new_mount+0x246/0x6b0
[   71.452927][ T5354]  path_mount+0x49b/0xb30
[   71.452960][ T5354]  __se_sys_mount+0x28f/0x2e0
[   71.452998][ T5354]  __x64_sys_mount+0x67/0x80
[   71.453032][ T5354]  x64_sys_call+0xd11/0x2e10
[   71.453108][ T5354]  do_syscall_64+0xc9/0x1c0
[   71.453133][ T5354]  ? clear_bhb_loop+0x25/0x80
[   71.453167][ T5354]  ? clear_bhb_loop+0x25/0x80
[   71.453194][ T5354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.453221][ T5354] RIP: 0033:0x7fc63499d169
[   71.453239][ T5354] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.453261][ T5354] RSP: 002b:00007fc632fff038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   71.453285][ T5354] RAX: ffffffffffffffda RBX: 00007fc634bb5fa0 RCX: 00007fc63499d169
[   71.453300][ T5354] RDX: 00002000000002c0 RSI: 0000200000000280 RDI: 0000200000000180
[   71.453393][ T5354] RBP: 00007fc632fff090 R08: 0000200000000300 R09: 0000000000000000
[   71.453408][ T5354] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   71.453423][ T5354] R13: 0000000000000000 R14: 00007fc634bb5fa0 R15: 00007ffea0f032f8
[   71.453445][ T5354]  </TASK>
[   71.777619][ T3311] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   71.808197][ T5372] netlink: 132 bytes leftover after parsing attributes in process `+}[@'.
[   71.820057][ T5383] SELinux:  Context system_u:object_r:net_conf_t:s0 is not valid (left unmapped).
[   71.833798][ T5383] loop2: detected capacity change from 0 to 512
[   71.849651][ T5383] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.881210][ T5383] ext4 filesystem being mounted at /144/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   71.929775][ T5391] loop4: detected capacity change from 0 to 512
[   71.938717][ T5391] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   71.998953][ T5395] FAULT_INJECTION: forcing a failure.
[   71.998953][ T5395] name failslab, interval 1, probability 0, space 0, times 0
[   72.011649][ T5395] CPU: 0 UID: 0 PID: 5395 Comm: syz.1.688 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   72.011680][ T5395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   72.011692][ T5395] Call Trace:
[   72.011698][ T5395]  <TASK>
[   72.011706][ T5395]  dump_stack_lvl+0xf6/0x150
[   72.011729][ T5395]  dump_stack+0x15/0x1a
[   72.011792][ T5395]  should_fail_ex+0x261/0x270
[   72.011812][ T5395]  should_failslab+0x8f/0xb0
[   72.011894][ T5395]  __kmalloc_cache_noprof+0x55/0x320
[   72.011973][ T5395]  ? legacy_init_fs_context+0x31/0x70
[   72.012004][ T5395]  ? __kmalloc_cache_noprof+0x22b/0x320
[   72.012107][ T5395]  legacy_init_fs_context+0x31/0x70
[   72.012211][ T5395]  alloc_fs_context+0x3fb/0x4e0
[   72.012284][ T5395]  fs_context_for_mount+0x21/0x30
[   72.012314][ T5395]  do_new_mount+0xf1/0x6b0
[   72.012341][ T5395]  path_mount+0x49b/0xb30
[   72.012371][ T5395]  __se_sys_mount+0x28f/0x2e0
[   72.012477][ T5395]  __x64_sys_mount+0x67/0x80
[   72.012526][ T5395]  x64_sys_call+0xd11/0x2e10
[   72.012551][ T5395]  do_syscall_64+0xc9/0x1c0
[   72.012569][ T5395]  ? clear_bhb_loop+0x25/0x80
[   72.012588][ T5395]  ? clear_bhb_loop+0x25/0x80
[   72.012613][ T5395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.012689][ T5395] RIP: 0033:0x7f34cbc6d169
[   72.012706][ T5395] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.012727][ T5395] RSP: 002b:00007f34ca2cf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   72.012792][ T5395] RAX: ffffffffffffffda RBX: 00007f34cbe85fa0 RCX: 00007f34cbc6d169
[   72.012807][ T5395] RDX: 0000200000001440 RSI: 0000200000001400 RDI: 00002000000013c0
[   72.012821][ T5395] RBP: 00007f34ca2cf090 R08: 0000200000000080 R09: 0000000000000000
[   72.012884][ T5395] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000002
[   72.012921][ T5395] R13: 0000000000000000 R14: 00007f34cbe85fa0 R15: 00007fffa70697d8
[   72.012944][ T5395]  </TASK>
[   72.313923][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.510330][ T5409] loop1: detected capacity change from 0 to 128
[   72.549326][ T5411] netlink: 8 bytes leftover after parsing attributes in process `syz.0.696'.
[   72.611698][ T5413] netlink: 132 bytes leftover after parsing attributes in process `+}[@'.
[   72.806118][ T5391] EXT4-fs (loop4): orphan cleanup on readonly fs
[   72.813901][ T5391] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.685: bg 0: block 248: padding at end of block bitmap is not set
[   72.830223][ T5391] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.685: Failed to acquire dquot type 1
[   72.842433][ T5391] EXT4-fs (loop4): 1 truncate cleaned up
[   72.850982][ T5391] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   72.875174][ T5409] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   72.937913][ T5409] ext4 filesystem being mounted at /135/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   73.038208][ T5434] tmpfs: Unknown parameter '(«#Yâfú5N$-@êzåÞÝ	øüû¸’ãk˜0¢øcX9ĺ÷ªMOˆÂK"¨ý­·z_°3y®+TIt¥ž
5·YþjîF.²6�§ûdw5_­«0�ëó_÷‚¶
[   73.038208][ T5434] jÀÔý‰£‚ü:»9Á³Ú³°Ì¨cçãFl�ˆ>!}ªû#Ô(/_t·Jšãq#ª7Íê}êÞ¼¥Y³V¡™¼?Þñ“„	ê?YÆǪKLX­óJ`ˆ'ÔŸõ07œig$œ ÿÿ18446744073709551615'
[   73.082323][ T5434] xt_CT: You must specify a L4 protocol and not use inversions on it
[   73.102416][ T5438] loop2: detected capacity change from 0 to 164
[   73.118517][ T5434] xt_recent: hitcount (4294967295) is larger than allowed maximum (65535)
[   73.135389][ T5438] tipc: Started in network mode
[   73.140388][ T5438] tipc: Node identity aaaaaaaaaaaa, cluster identity 4711
[   73.147697][ T5438] tipc: Enabled bearer <eth:syz_tun>, priority 10
[   73.170356][ T5438] netlink: 14 bytes leftover after parsing attributes in process `syz.2.706'.
[   73.198780][ T3302] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   73.211863][ T5438] tipc: Resetting bearer <eth:syz_tun>
[   73.233677][ T5438] tipc: Disabling bearer <eth:syz_tun>
[   73.279427][ T5448] netlink: 132 bytes leftover after parsing attributes in process `+}[@'.
[   73.313144][ T5452] loop3: detected capacity change from 0 to 1024
[   73.327187][ T5452] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.348284][ T5452] netlink: 16 bytes leftover after parsing attributes in process `syz.3.710'.
[   73.483928][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.671397][ T5468] netlink: '+}[@': attribute type 21 has an invalid length.
[   73.677539][   T29] kauditd_printk_skb: 852 callbacks suppressed
[   73.677556][   T29] audit: type=1400 audit(2000000018.360:2805): avc:  denied  { accept } for  pid=5467 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1
[   73.678796][ T5468] netlink: 128 bytes leftover after parsing attributes in process `+}[@'.
[   73.684943][   T29] audit: type=1400 audit(2000000018.360:2806): avc:  denied  { create } for  pid=5467 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   73.684970][   T29] audit: type=1400 audit(2000000018.360:2807): avc:  denied  { setopt } for  pid=5467 comm="+}[@" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   73.751520][ T5468] netlink: '+}[@': attribute type 4 has an invalid length.
[   73.758844][ T5468] netlink: '+}[@': attribute type 5 has an invalid length.
[   73.766192][ T5468] netlink: 3 bytes leftover after parsing attributes in process `+}[@'.
[   73.775661][   T29] audit: type=1326 audit(2000000018.470:2808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5467 comm="syz.2.716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98a0dcd169 code=0x7ffc0000
[   73.812289][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.840184][   T29] audit: type=1400 audit(2000000018.490:2809): avc:  denied  { read } for  pid=5460 comm="syz.1.714" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   73.859546][   T29] audit: type=1326 audit(2000000018.490:2810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5467 comm="syz.2.716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=294 compat=0 ip=0x7f98a0dcd169 code=0x7ffc0000
[   73.883191][   T29] audit: type=1326 audit(2000000018.490:2811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5467 comm="syz.2.716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98a0dcd169 code=0x7ffc0000
[   73.906669][   T29] audit: type=1400 audit(2000000018.490:2812): avc:  denied  { write } for  pid=5460 comm="syz.1.714" path="socket:[10969]" dev="sockfs" ino=10969 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   73.913929][ T5480] program syz.0.720 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   73.930163][   T29] audit: type=1326 audit(2000000018.490:2813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5467 comm="syz.2.716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f98a0dcd169 code=0x7ffc0000
[   73.962710][   T29] audit: type=1326 audit(2000000018.490:2814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5467 comm="syz.2.716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f98a0dcd169 code=0x7ffc0000
[   73.988816][ T5481] FAULT_INJECTION: forcing a failure.
[   73.988816][ T5481] name failslab, interval 1, probability 0, space 0, times 0
[   74.001525][ T5481] CPU: 0 UID: 0 PID: 5481 Comm: syz.4.718 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   74.001556][ T5481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   74.001570][ T5481] Call Trace:
[   74.001577][ T5481]  <TASK>
[   74.001586][ T5481]  dump_stack_lvl+0xf6/0x150
[   74.001611][ T5481]  dump_stack+0x15/0x1a
[   74.001627][ T5481]  should_fail_ex+0x261/0x270
[   74.001645][ T5481]  should_failslab+0x8f/0xb0
[   74.001666][ T5481]  kmem_cache_alloc_noprof+0x59/0x340
[   74.001693][ T5481]  ? alloc_empty_file+0x78/0x200
[   74.001721][ T5481]  ? _raw_spin_unlock+0x26/0x50
[   74.001743][ T5481]  alloc_empty_file+0x78/0x200
[   74.001771][ T5481]  alloc_file_pseudo+0xcb/0x160
[   74.001801][ T5481]  __shmem_file_setup+0x1bb/0x1f0
[   74.001826][ T5481]  shmem_zero_setup+0x63/0xe0
[   74.001851][ T5481]  mmap_region+0xebb/0x1630
[   74.001897][ T5481]  do_mmap+0x9ef/0xc80
[   74.001921][ T5481]  vm_mmap_pgoff+0x16d/0x2d0
[   74.001950][ T5481]  ksys_mmap_pgoff+0xd0/0x340
[   74.001970][ T5481]  ? syscall_trace_enter+0x102/0x1f0
[   74.001994][ T5481]  ? fpregs_assert_state_consistent+0x83/0xa0
[   74.002023][ T5481]  x64_sys_call+0x1945/0x2e10
[   74.002042][ T5481]  do_syscall_64+0xc9/0x1c0
[   74.002058][ T5481]  ? clear_bhb_loop+0x25/0x80
[   74.002076][ T5481]  ? clear_bhb_loop+0x25/0x80
[   74.002093][ T5481]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.002111][ T5481] RIP: 0033:0x7fc63499d169
[   74.002123][ T5481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.002138][ T5481] RSP: 002b:00007fc632fde038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   74.002154][ T5481] RAX: ffffffffffffffda RBX: 00007fc634bb6080 RCX: 00007fc63499d169
[   74.002164][ T5481] RDX: 0000000000000002 RSI: 0000000000b36000 RDI: 0000200000000000
[   74.002174][ T5481] RBP: 00007fc632fde090 R08: ffffffffffffffff R09: 0000000000000000
[   74.002185][ T5481] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000002
[   74.002194][ T5481] R13: 0000000000000000 R14: 00007fc634bb6080 R15: 00007ffea0f032f8
[   74.002210][ T5481]  </TASK>
[   74.312631][ T5488] loop2: detected capacity change from 0 to 8192
[   75.328254][ T5549] loop4: detected capacity change from 0 to 512
[   75.350110][ T5547] 9pnet: Could not find request transport: 0xffffffffffffffff
[   75.388460][ T5549] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.437015][ T5549] ext4 filesystem being mounted at /132/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   75.464180][ T5560] netlink: 52 bytes leftover after parsing attributes in process `syz.3.735'.
[   75.473142][ T5560] netlink: 8 bytes leftover after parsing attributes in process `syz.3.735'.
[   75.482148][ T5560] tipc: MTU too low for tipc bearer
[   75.567076][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.622265][ T5568] loop3: detected capacity change from 0 to 128
[   75.636577][ T5571] FAULT_INJECTION: forcing a failure.
[   75.636577][ T5571] name failslab, interval 1, probability 0, space 0, times 0
[   75.649279][ T5571] CPU: 1 UID: 0 PID: 5571 Comm: syz.4.736 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   75.649364][ T5571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   75.649377][ T5571] Call Trace:
[   75.649383][ T5571]  <TASK>
[   75.649390][ T5571]  dump_stack_lvl+0xf6/0x150
[   75.649425][ T5571]  dump_stack+0x15/0x1a
[   75.649445][ T5571]  should_fail_ex+0x261/0x270
[   75.649468][ T5571]  should_failslab+0x8f/0xb0
[   75.649491][ T5571]  kmem_cache_alloc_node_noprof+0x5c/0x340
[   75.649538][ T5571]  ? __alloc_skb+0x10d/0x320
[   75.649575][ T5571]  __alloc_skb+0x10d/0x320
[   75.649618][ T5571]  netlink_alloc_large_skb+0xad/0xe0
[   75.649651][ T5571]  netlink_sendmsg+0x3da/0x720
[   75.649758][ T5571]  ? __pfx_netlink_sendmsg+0x10/0x10
[   75.649787][ T5571]  __sock_sendmsg+0x140/0x180
[   75.649811][ T5571]  ____sys_sendmsg+0x350/0x4e0
[   75.649833][ T5571]  __sys_sendmsg+0x1a0/0x240
[   75.649900][ T5571]  __x64_sys_sendmsg+0x46/0x50
[   75.649971][ T5571]  x64_sys_call+0x26f3/0x2e10
[   75.650049][ T5571]  do_syscall_64+0xc9/0x1c0
[   75.650073][ T5571]  ? clear_bhb_loop+0x25/0x80
[   75.650100][ T5571]  ? clear_bhb_loop+0x25/0x80
[   75.650119][ T5571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.650138][ T5571] RIP: 0033:0x7fc63499d169
[   75.650153][ T5571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.650217][ T5571] RSP: 002b:00007fc632fff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   75.650239][ T5571] RAX: ffffffffffffffda RBX: 00007fc634bb5fa0 RCX: 00007fc63499d169
[   75.650255][ T5571] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000003
[   75.650269][ T5571] RBP: 00007fc632fff090 R08: 0000000000000000 R09: 0000000000000000
[   75.650322][ T5571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.650336][ T5571] R13: 0000000000000000 R14: 00007fc634bb5fa0 R15: 00007ffea0f032f8
[   75.650371][ T5571]  </TASK>
[   75.863892][ T5568] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   75.885133][ T5568] ext4 filesystem being mounted at /158/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   76.056131][ T3301] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   76.111897][ T5597] raw_sendmsg: syz.3.742 forgot to set AF_INET. Fix it!
[   76.200447][ T5611] loop3: detected capacity change from 0 to 512
[   76.214543][ T5614] netlink: 132 bytes leftover after parsing attributes in process `+}[@'.
[   76.226900][ T5611] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.258748][ T5611] ext4 filesystem being mounted at /161/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   76.304731][ T5629] netlink: 132 bytes leftover after parsing attributes in process `syz.1.747'.
[   76.320307][ T5631] netlink: 28 bytes leftover after parsing attributes in process `syz.4.749'.
[   76.332957][ T5629] loop1: detected capacity change from 0 to 256
[   76.339781][ T5629] vfat: Unknown parameter 'ÿÿÿÿ18446744073709551615ÿÿ'
[   76.530512][ T5667] loop1: detected capacity change from 0 to 512
[   76.539433][ T5667] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   76.559637][ T5667] EXT4-fs (loop1): orphan cleanup on readonly fs
[   76.567156][ T5667] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.752: bg 0: block 248: padding at end of block bitmap is not set
[   76.582051][ T5667] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.752: Failed to acquire dquot type 1
[   76.595000][ T5667] EXT4-fs (loop1): 1 truncate cleaned up
[   76.602053][ T5667] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   77.077713][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.309906][ T5667] syz.1.752 (5667) used greatest stack depth: 9216 bytes left
[   77.399779][ T5707] FAULT_INJECTION: forcing a failure.
[   77.399779][ T5707] name failslab, interval 1, probability 0, space 0, times 0
[   77.412617][ T5707] CPU: 1 UID: 0 PID: 5707 Comm: syz.4.754 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   77.412650][ T5707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   77.412665][ T5707] Call Trace:
[   77.412673][ T5707]  <TASK>
[   77.412681][ T5707]  dump_stack_lvl+0xf6/0x150
[   77.412711][ T5707]  dump_stack+0x15/0x1a
[   77.412731][ T5707]  should_fail_ex+0x261/0x270
[   77.412752][ T5707]  should_failslab+0x8f/0xb0
[   77.412775][ T5707]  kmem_cache_alloc_noprof+0x59/0x340
[   77.412810][ T5707]  ? vm_area_dup+0x2e/0x170
[   77.412837][ T5707]  vm_area_dup+0x2e/0x170
[   77.412860][ T5707]  __split_vma+0xfd/0x6a0
[   77.412896][ T5707]  vms_gather_munmap_vmas+0x2a5/0x7a0
[   77.412930][ T5707]  mmap_region+0x46f/0x1630
[   77.412966][ T5707]  ? ring_buffer_unlock_commit+0x36b/0x3c0
[   77.413001][ T5707]  ? __rcu_read_unlock+0x4e/0x70
[   77.413025][ T5707]  ? find_lowest_rq+0x67/0x170
[   77.413076][ T5707]  do_mmap+0x9ef/0xc80
[   77.413108][ T5707]  vm_mmap_pgoff+0x16d/0x2d0
[   77.413141][ T5707]  ksys_mmap_pgoff+0xd0/0x340
[   77.413162][ T5707]  ? syscall_trace_enter+0x102/0x1f0
[   77.413189][ T5707]  x64_sys_call+0x1945/0x2e10
[   77.413212][ T5707]  do_syscall_64+0xc9/0x1c0
[   77.413229][ T5707]  ? clear_bhb_loop+0x25/0x80
[   77.413253][ T5707]  ? clear_bhb_loop+0x25/0x80
[   77.413275][ T5707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.413300][ T5707] RIP: 0033:0x7fc63499d169
[   77.413317][ T5707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.413338][ T5707] RSP: 002b:00007fc632fbd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   77.413359][ T5707] RAX: ffffffffffffffda RBX: 00007fc634bb6160 RCX: 00007fc63499d169
[   77.413373][ T5707] RDX: 000000000100000a RSI: 000000000000a000 RDI: 0000200000000000
[   77.413384][ T5707] RBP: 00007fc632fbd090 R08: ffffffffffffffff R09: 0000000000000000
[   77.413394][ T5707] R10: 0000000004082172 R11: 0000000000000246 R12: 0000000000000001
[   77.413405][ T5707] R13: 0000000000000001 R14: 00007fc634bb6160 R15: 00007ffea0f032f8
[   77.413421][ T5707]  </TASK>
[   78.732743][   T29] kauditd_printk_skb: 127 callbacks suppressed
[   78.732759][   T29] audit: type=1326 audit(2000000023.420:2940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5726 comm="syz.0.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8912d169 code=0x7ffc0000
[   78.812934][ T5728] netlink: 4 bytes leftover after parsing attributes in process `syz.4.759'.
[   78.814959][   T29] audit: type=1326 audit(2000000023.470:2941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5726 comm="syz.0.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3e8912d169 code=0x7ffc0000
[   78.836388][ T5729] netlink: 132 bytes leftover after parsing attributes in process `+}[@'.
[   78.845084][   T29] audit: type=1326 audit(2000000023.470:2942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5726 comm="syz.0.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8912d169 code=0x7ffc0000
[   78.877235][   T29] audit: type=1326 audit(2000000023.470:2943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5726 comm="syz.0.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8912d169 code=0x7ffc0000
[   78.900602][   T29] audit: type=1326 audit(2000000023.470:2944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5726 comm="syz.0.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f3e8912d169 code=0x7ffc0000
[   78.923837][   T29] audit: type=1326 audit(2000000023.470:2945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5726 comm="syz.0.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8912d169 code=0x7ffc0000
[   78.947257][   T29] audit: type=1326 audit(2000000023.470:2946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5726 comm="syz.0.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8912d169 code=0x7ffc0000
[   78.970664][   T29] audit: type=1326 audit(2000000023.470:2947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5726 comm="syz.0.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3e8912d169 code=0x7ffc0000
[   78.994011][   T29] audit: type=1326 audit(2000000023.470:2948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5726 comm="syz.0.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8912d169 code=0x7ffc0000
[   79.017335][   T29] audit: type=1326 audit(2000000023.470:2949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5726 comm="syz.0.758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3e8912d169 code=0x7ffc0000
[   79.115438][ T5750] netlink: 14 bytes leftover after parsing attributes in process `syz.3.766'.
[   79.201232][ T5753] loop3: detected capacity change from 0 to 512
[   79.224812][ T5753] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   79.288028][ T5753] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.331469][ T5753] ext4 filesystem being mounted at /166/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.332208][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.383596][ T5753] EXT4-fs error (device loop3): ext4_rename:3809: inode #16: comm syz.3.767: target of rename is already freed
[   79.425248][ T5761] netlink: 24 bytes leftover after parsing attributes in process `syz.4.771'.
[   79.434228][ T5761] netlink: 24 bytes leftover after parsing attributes in process `syz.4.771'.
[   79.473458][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.622939][ T5791] FAULT_INJECTION: forcing a failure.
[   79.622939][ T5791] name failslab, interval 1, probability 0, space 0, times 0
[   79.635819][ T5791] CPU: 0 UID: 0 PID: 5791 Comm: syz.1.778 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   79.635874][ T5791] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   79.635889][ T5791] Call Trace:
[   79.635896][ T5791]  <TASK>
[   79.635905][ T5791]  dump_stack_lvl+0xf6/0x150
[   79.635985][ T5791]  dump_stack+0x15/0x1a
[   79.636005][ T5791]  should_fail_ex+0x261/0x270
[   79.636030][ T5791]  should_failslab+0x8f/0xb0
[   79.636061][ T5791]  kmem_cache_alloc_node_noprof+0x5c/0x340
[   79.636181][ T5791]  ? __alloc_skb+0x10d/0x320
[   79.636219][ T5791]  __alloc_skb+0x10d/0x320
[   79.636287][ T5791]  inet_ifmcaddr_notify+0x66/0x120
[   79.636408][ T5791]  __ip_mc_dec_group+0x1b2/0x3d0
[   79.636475][ T5791]  ip_mc_down+0x140/0x1c0
[   79.636495][ T5791]  inetdev_event+0x1b8/0xc70
[   79.636542][ T5791]  ? ib_netdevice_event+0x1f7/0x370
[   79.636639][ T5791]  ? __pfx_inetdev_event+0x10/0x10
[   79.636670][ T5791]  raw_notifier_call_chain+0x6f/0x1d0
[   79.636704][ T5791]  call_netdevice_notifiers_info+0xae/0x100
[   79.636736][ T5791]  dev_close_many+0x176/0x250
[   79.636820][ T5791]  unregister_netdevice_many_notify+0x306/0x1600
[   79.636852][ T5791]  ? unregister_netdevice_queue+0x134/0x230
[   79.636894][ T5791]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[   79.637003][ T5791]  rtnl_dellink+0x3b0/0x5c0
[   79.637057][ T5791]  ? security_capable+0x81/0x90
[   79.637162][ T5791]  ? ns_capable+0x7d/0xb0
[   79.637184][ T5791]  ? __pfx_rtnl_dellink+0x10/0x10
[   79.637210][ T5791]  rtnetlink_rcv_msg+0x65a/0x740
[   79.637231][ T5791]  ? ref_tracker_free+0x3b8/0x420
[   79.637319][ T5791]  netlink_rcv_skb+0x12f/0x230
[   79.637354][ T5791]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   79.637418][ T5791]  rtnetlink_rcv+0x1c/0x30
[   79.637443][ T5791]  netlink_unicast+0x605/0x6c0
[   79.637487][ T5791]  netlink_sendmsg+0x609/0x720
[   79.637527][ T5791]  ? __pfx_netlink_sendmsg+0x10/0x10
[   79.637559][ T5791]  __sock_sendmsg+0x140/0x180
[   79.637663][ T5791]  ____sys_sendmsg+0x350/0x4e0
[   79.637691][ T5791]  __sys_sendmsg+0x1a0/0x240
[   79.637731][ T5791]  __x64_sys_sendmsg+0x46/0x50
[   79.637755][ T5791]  x64_sys_call+0x26f3/0x2e10
[   79.637804][ T5791]  do_syscall_64+0xc9/0x1c0
[   79.637828][ T5791]  ? clear_bhb_loop+0x25/0x80
[   79.637855][ T5791]  ? clear_bhb_loop+0x25/0x80
[   79.637881][ T5791]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   79.637902][ T5791] RIP: 0033:0x7f34cbc6d169
[   79.637955][ T5791] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   79.637977][ T5791] RSP: 002b:00007f34ca2cf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   79.637999][ T5791] RAX: ffffffffffffffda RBX: 00007f34cbe85fa0 RCX: 00007f34cbc6d169
[   79.638010][ T5791] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[   79.638021][ T5791] RBP: 00007f34ca2cf090 R08: 0000000000000000 R09: 0000000000000000
[   79.638099][ T5791] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   79.638115][ T5791] R13: 0000000000000000 R14: 00007f34cbe85fa0 R15: 00007fffa70697d8
[   79.638138][ T5791]  </TASK>
[   79.950772][ T5791] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   79.987087][ T5791] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   79.999310][ T5791] bond0 (unregistering): Released all slaves
[   80.253911][ T5823] loop2: detected capacity change from 0 to 1024
[   80.285969][ T5823] EXT4-fs error (device loop2): ext4_orphan_get:1416: comm syz.2.791: bad orphan inode 32767
[   80.318443][ T5823] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.452789][ T5833] bond1: entered promiscuous mode
[   80.458024][ T5833] bond1: entered allmulticast mode
[   80.463483][ T5833] 8021q: adding VLAN 0 to HW filter on device bond1
[   80.470339][ T5835] __nla_validate_parse: 7 callbacks suppressed
[   80.470354][ T5835] netlink: 4 bytes leftover after parsing attributes in process `syz.2.791'.
[   80.489929][ T5833] bond1 (unregistering): Released all slaves
[   80.523722][ T5823] random: crng reseeded on system resumption
[   80.701960][ T5837] usb usb8: usbfs: process 5837 (syz.0.795) did not claim interface 0 before use
[   80.736849][ T5837] SELinux:  Context system_u:object_r:fixed_disk_device_t:s0 is not valid (left unmapped).
[   80.867578][ T5848] FAULT_INJECTION: forcing a failure.
[   80.867578][ T5848] name failslab, interval 1, probability 0, space 0, times 0
[   80.880350][ T5848] CPU: 0 UID: 0 PID: 5848 Comm: syz.3.799 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   80.880376][ T5848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   80.880387][ T5848] Call Trace:
[   80.880461][ T5848]  <TASK>
[   80.880470][ T5848]  dump_stack_lvl+0xf6/0x150
[   80.880495][ T5848]  dump_stack+0x15/0x1a
[   80.880514][ T5848]  should_fail_ex+0x261/0x270
[   80.880538][ T5848]  should_failslab+0x8f/0xb0
[   80.880565][ T5848]  __kmalloc_node_track_caller_noprof+0xaa/0x410
[   80.880622][ T5848]  ? should_failslab+0x8f/0xb0
[   80.880726][ T5848]  ? p9_client_create+0x20e/0xbb0
[   80.880758][ T5848]  kstrdup+0x3d/0xd0
[   80.880776][ T5848]  p9_client_create+0x20e/0xbb0
[   80.880801][ T5848]  ? __kmalloc_node_track_caller_noprof+0x1ed/0x410
[   80.880997][ T5848]  v9fs_session_init+0xfb/0xdb0
[   80.881027][ T5848]  ? obj_cgroup_charge+0xc9/0x170
[   80.881099][ T5848]  ? should_fail_ex+0xd7/0x270
[   80.881122][ T5848]  ? should_failslab+0x8f/0xb0
[   80.881151][ T5848]  ? __kmalloc_cache_noprof+0x18d/0x320
[   80.881212][ T5848]  ? v9fs_mount+0x56/0x580
[   80.881233][ T5848]  v9fs_mount+0x6c/0x580
[   80.881252][ T5848]  ? __pfx_v9fs_mount+0x10/0x10
[   80.881329][ T5848]  legacy_get_tree+0x77/0xd0
[   80.881371][ T5848]  vfs_get_tree+0x56/0x1e0
[   80.881399][ T5848]  do_new_mount+0x246/0x6b0
[   80.881457][ T5848]  path_mount+0x49b/0xb30
[   80.881490][ T5848]  __se_sys_mount+0x28f/0x2e0
[   80.881557][ T5848]  __x64_sys_mount+0x67/0x80
[   80.881591][ T5848]  x64_sys_call+0xd11/0x2e10
[   80.881617][ T5848]  do_syscall_64+0xc9/0x1c0
[   80.881641][ T5848]  ? clear_bhb_loop+0x25/0x80
[   80.881667][ T5848]  ? clear_bhb_loop+0x25/0x80
[   80.881715][ T5848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.881740][ T5848] RIP: 0033:0x7ff8f9d8d169
[   80.881758][ T5848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.881780][ T5848] RSP: 002b:00007ff8f83ef038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   80.881802][ T5848] RAX: ffffffffffffffda RBX: 00007ff8f9fa5fa0 RCX: 00007ff8f9d8d169
[   80.881861][ T5848] RDX: 00002000000002c0 RSI: 0000200000000080 RDI: 0000000000000000
[   80.881877][ T5848] RBP: 00007ff8f83ef090 R08: 0000200000000240 R09: 0000000000000000
[   80.881891][ T5848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   80.881901][ T5848] R13: 0000000000000000 R14: 00007ff8f9fa5fa0 R15: 00007ffe55e11218
[   80.881920][ T5848]  </TASK>
[   81.006614][ T5852] nfs: Unexpected value for 'acl'
[   81.149337][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.259312][ T5860] netlink: 132 bytes leftover after parsing attributes in process `+}[@'.
[   81.291328][ T5866] 8021q: adding VLAN 0 to HW filter on device bond0
[   81.298756][ T5866] bond0: (slave sit0): The slave device specified does not support setting the MAC address
[   81.334276][ T5866] bond0: (slave sit0): Error -95 calling set_mac_address
[   81.371065][ T5870] No such timeout policy "syz0"
[   81.586046][ T5884] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[   81.669571][ T5888] loop3: detected capacity change from 0 to 512
[   81.677913][ T5888] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   81.780029][ T5888] EXT4-fs (loop3): orphan cleanup on readonly fs
[   81.787538][ T5888] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.812: bg 0: block 248: padding at end of block bitmap is not set
[   81.802510][ T5888] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.812: Failed to acquire dquot type 1
[   81.814676][ T5888] EXT4-fs (loop3): 1 truncate cleaned up
[   81.917463][ T5892] loop4: detected capacity change from 0 to 128
[   81.928493][ T5892] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   81.961923][ T5892] ext4 filesystem being mounted at /156/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   82.289470][ T5902] FAULT_INJECTION: forcing a failure.
[   82.289470][ T5902] name failslab, interval 1, probability 0, space 0, times 0
[   82.302478][ T5902] CPU: 1 UID: 0 PID: 5902 Comm: syz.2.818 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   82.302525][ T5902] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   82.302538][ T5902] Call Trace:
[   82.302544][ T5902]  <TASK>
[   82.302551][ T5902]  dump_stack_lvl+0xf6/0x150
[   82.302574][ T5902]  dump_stack+0x15/0x1a
[   82.302666][ T5902]  should_fail_ex+0x261/0x270
[   82.302685][ T5902]  should_failslab+0x8f/0xb0
[   82.302711][ T5902]  __kmalloc_node_track_caller_noprof+0xaa/0x410
[   82.302792][ T5902]  ? v9fs_session_init+0x7b/0xdb0
[   82.302892][ T5902]  kstrdup+0x3d/0xd0
[   82.302911][ T5902]  v9fs_session_init+0x7b/0xdb0
[   82.302947][ T5902]  ? should_fail_ex+0xd7/0x270
[   82.302980][ T5902]  ? should_failslab+0x8f/0xb0
[   82.303060][ T5902]  ? __kmalloc_cache_noprof+0x18d/0x320
[   82.303155][ T5902]  ? v9fs_mount+0x56/0x580
[   82.303176][ T5902]  v9fs_mount+0x6c/0x580
[   82.303196][ T5902]  ? __pfx_v9fs_mount+0x10/0x10
[   82.303220][ T5902]  legacy_get_tree+0x77/0xd0
[   82.303253][ T5902]  vfs_get_tree+0x56/0x1e0
[   82.303283][ T5902]  do_new_mount+0x246/0x6b0
[   82.303373][ T5902]  path_mount+0x49b/0xb30
[   82.303467][ T5902]  __se_sys_mount+0x28f/0x2e0
[   82.303500][ T5902]  __x64_sys_mount+0x67/0x80
[   82.303593][ T5902]  x64_sys_call+0xd11/0x2e10
[   82.303613][ T5902]  do_syscall_64+0xc9/0x1c0
[   82.303631][ T5902]  ? clear_bhb_loop+0x25/0x80
[   82.303666][ T5902]  ? clear_bhb_loop+0x25/0x80
[   82.303692][ T5902]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.303718][ T5902] RIP: 0033:0x7f98a0dcd169
[   82.303732][ T5902] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.303780][ T5902] RSP: 002b:00007f989f42f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   82.303806][ T5902] RAX: ffffffffffffffda RBX: 00007f98a0fe5fa0 RCX: 00007f98a0dcd169
[   82.303820][ T5902] RDX: 0000200000000180 RSI: 0000200000000080 RDI: 0000000000000000
[   82.303835][ T5902] RBP: 00007f989f42f090 R08: 0000200000000200 R09: 0000000000000000
[   82.303849][ T5902] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   82.303863][ T5902] R13: 0000000000000000 R14: 00007f98a0fe5fa0 R15: 00007ffcffc14f68
[   82.303885][ T5902]  </TASK>
[   82.679098][ T5888] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   82.731024][ T5908] netlink: 76 bytes leftover after parsing attributes in process `syz.2.820'.
[   82.876785][ T5920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   82.886997][ T5920] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   82.896313][ T5920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   82.904972][ T5920] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   82.914678][ T5920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   82.923327][ T5920] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   82.941222][ T5923] netlink: 132 bytes leftover after parsing attributes in process `syz.0.824'.
[   82.952279][ T5920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   82.961173][ T5920] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   82.997458][ T3305] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   83.013117][ T5926] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=5926 comm=syz.0.826
[   83.027637][ T5920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   83.037495][ T5920] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   83.073899][ T5920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   83.104330][ T5920] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   83.316052][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.383473][ T5952] netlink: 80 bytes leftover after parsing attributes in process `syz.4.827'.
[   83.629616][ T5965] loop1: detected capacity change from 0 to 512
[   83.678169][ T5965] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.742681][ T5965] ext4 filesystem being mounted at /161/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.824257][ T5965] __quota_error: 388 callbacks suppressed
[   83.824277][ T5965] Quota error (device loop1): find_tree_dqentry: Cycle in quota tree detected: block 2 index 0
[   83.840645][ T5965] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[   83.850089][ T5965] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.838: Failed to acquire dquot type 0
[   83.994455][   T29] audit: type=1326 audit(2000000028.680:3334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5973 comm="syz.4.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63499d169 code=0x7ffc0000
[   84.019732][   T29] audit: type=1326 audit(2000000028.710:3335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5973 comm="syz.4.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7fc63499d169 code=0x7ffc0000
[   84.045071][   T29] audit: type=1326 audit(2000000028.730:3336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5973 comm="syz.4.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63499d169 code=0x7ffc0000
[   84.068475][   T29] audit: type=1326 audit(2000000028.730:3337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5973 comm="syz.4.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63499d169 code=0x7ffc0000
[   84.091881][   T29] audit: type=1326 audit(2000000028.730:3338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5973 comm="syz.4.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7fc63499d169 code=0x7ffc0000
[   84.115281][   T29] audit: type=1326 audit(2000000028.730:3339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5973 comm="syz.4.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63499d169 code=0x7ffc0000
[   84.138683][   T29] audit: type=1326 audit(2000000028.730:3340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5973 comm="syz.4.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63499d169 code=0x7ffc0000
[   84.215223][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.275299][ T5988] FAULT_INJECTION: forcing a failure.
[   84.275299][ T5988] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   84.289054][ T5988] CPU: 0 UID: 0 PID: 5988 Comm: syz.3.847 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   84.289082][ T5988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   84.289096][ T5988] Call Trace:
[   84.289103][ T5988]  <TASK>
[   84.289113][ T5988]  dump_stack_lvl+0xf6/0x150
[   84.289186][ T5988]  dump_stack+0x15/0x1a
[   84.289202][ T5988]  should_fail_ex+0x261/0x270
[   84.289222][ T5988]  should_fail+0xb/0x10
[   84.289237][ T5988]  should_fail_usercopy+0x1a/0x20
[   84.289262][ T5988]  _copy_from_user+0x1c/0xa0
[   84.289333][ T5988]  copy_msghdr_from_user+0x54/0x2b0
[   84.289361][ T5988]  ? __fget_files+0x186/0x1c0
[   84.289419][ T5988]  __sys_sendmsg+0x141/0x240
[   84.289492][ T5988]  __x64_sys_sendmsg+0x46/0x50
[   84.289552][ T5988]  x64_sys_call+0x26f3/0x2e10
[   84.289577][ T5988]  do_syscall_64+0xc9/0x1c0
[   84.289600][ T5988]  ? clear_bhb_loop+0x25/0x80
[   84.289626][ T5988]  ? clear_bhb_loop+0x25/0x80
[   84.289652][ T5988]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.289678][ T5988] RIP: 0033:0x7ff8f9d8d169
[   84.289700][ T5988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.289722][ T5988] RSP: 002b:00007ff8f83ef038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   84.289745][ T5988] RAX: ffffffffffffffda RBX: 00007ff8f9fa5fa0 RCX: 00007ff8f9d8d169
[   84.289759][ T5988] RDX: 0000000000000040 RSI: 0000200000000340 RDI: 0000000000000004
[   84.289773][ T5988] RBP: 00007ff8f83ef090 R08: 0000000000000000 R09: 0000000000000000
[   84.289787][ T5988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   84.289797][ T5988] R13: 0000000000000000 R14: 00007ff8f9fa5fa0 R15: 00007ffe55e11218
[   84.289884][ T5988]  </TASK>
[   84.471036][   T29] audit: type=1326 audit(2000000029.160:3341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5991 comm="syz.0.849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8912d169 code=0x7ffc0000
[   84.529222][ T5994] loop4: detected capacity change from 0 to 512
[   84.537107][ T5994] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   84.561680][ T5997] loop3: detected capacity change from 0 to 256
[   84.666074][ T5994] EXT4-fs (loop4): orphan cleanup on readonly fs
[   84.673438][ T5994] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.845: bg 0: block 248: padding at end of block bitmap is not set
[   84.691826][ T5992] netlink: 132 bytes leftover after parsing attributes in process `+}[@'.
[   84.701576][ T5994] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.845: Failed to acquire dquot type 1
[   84.718285][ T5994] EXT4-fs (loop4): 1 truncate cleaned up
[   84.822893][ T6005] loop3: detected capacity change from 0 to 512
[   84.912879][ T6005] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   84.947222][ T6009] FAULT_INJECTION: forcing a failure.
[   84.947222][ T6009] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   84.960505][ T6009] CPU: 1 UID: 0 PID: 6009 Comm: syz.2.853 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   84.960538][ T6009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   84.960598][ T6009] Call Trace:
[   84.960606][ T6009]  <TASK>
[   84.960615][ T6009]  dump_stack_lvl+0xf6/0x150
[   84.960722][ T6009]  dump_stack+0x15/0x1a
[   84.960742][ T6009]  should_fail_ex+0x261/0x270
[   84.960762][ T6009]  should_fail+0xb/0x10
[   84.960787][ T6009]  should_fail_usercopy+0x1a/0x20
[   84.960814][ T6009]  _copy_to_user+0x20/0xa0
[   84.960867][ T6009]  simple_read_from_buffer+0xb2/0x130
[   84.960894][ T6009]  proc_fail_nth_read+0x103/0x140
[   84.960923][ T6009]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   84.961006][ T6009]  vfs_read+0x1b2/0x710
[   84.961078][ T6009]  ? __rcu_read_unlock+0x4e/0x70
[   84.961111][ T6009]  ? __fget_files+0x186/0x1c0
[   84.961143][ T6009]  ksys_read+0xeb/0x1b0
[   84.961218][ T6009]  __x64_sys_read+0x42/0x50
[   84.961245][ T6009]  x64_sys_call+0x2a3b/0x2e10
[   84.961346][ T6009]  do_syscall_64+0xc9/0x1c0
[   84.961369][ T6009]  ? clear_bhb_loop+0x25/0x80
[   84.961402][ T6009]  ? clear_bhb_loop+0x25/0x80
[   84.961422][ T6009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.961441][ T6009] RIP: 0033:0x7f98a0dcbb7c
[   84.961459][ T6009] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   84.961481][ T6009] RSP: 002b:00007f989f42f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   84.961578][ T6009] RAX: ffffffffffffffda RBX: 00007f98a0fe5fa0 RCX: 00007f98a0dcbb7c
[   84.961593][ T6009] RDX: 000000000000000f RSI: 00007f989f42f0a0 RDI: 0000000000000004
[   84.961607][ T6009] RBP: 00007f989f42f090 R08: 0000000000000000 R09: 0000000000000000
[   84.961621][ T6009] R10: 000000000000003e R11: 0000000000000246 R12: 0000000000000001
[   84.961636][ T6009] R13: 0000000000000000 R14: 00007f98a0fe5fa0 R15: 00007ffcffc14f68
[   84.961658][ T6009]  </TASK>
[   85.219135][ T6005] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.232427][ T6005] ext4 filesystem being mounted at /176/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   85.347985][ T6020] loop2: detected capacity change from 0 to 128
[   85.364586][ T6005] bridge0: port 1(vlan2) entered blocking state
[   85.371056][ T6005] bridge0: port 1(vlan2) entered disabled state
[   85.418303][ T6020] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   85.431638][ T5994] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   85.484753][ T6005] vlan2: entered allmulticast mode
[   85.490065][ T6005] bridge0: entered allmulticast mode
[   85.503378][ T6020] ext4 filesystem being mounted at /170/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   85.536214][ T6005] vlan2: left allmulticast mode
[   85.541181][ T6005] bridge0: left allmulticast mode
[   85.643156][ T3311] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   85.655939][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.045271][ T6042] pim6reg1: entered promiscuous mode
[   86.050693][ T6042] pim6reg1: entered allmulticast mode
[   86.060485][ T6044] Cannot find set identified by id 0 to match
[   86.067594][ T6044] Cannot find set identified by id 0 to match
[   86.080576][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.149218][ T6053] FAULT_INJECTION: forcing a failure.
[   86.149218][ T6053] name failslab, interval 1, probability 0, space 0, times 0
[   86.156713][ T6052] futex_wake_op: syz.0.869 tries to shift op by -1; fix this program
[   86.161904][ T6053] CPU: 1 UID: 0 PID: 6053 Comm: syz.4.868 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   86.161951][ T6053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   86.161964][ T6053] Call Trace:
[   86.161972][ T6053]  <TASK>
[   86.161982][ T6053]  dump_stack_lvl+0xf6/0x150
[   86.162014][ T6053]  dump_stack+0x15/0x1a
[   86.162035][ T6053]  should_fail_ex+0x261/0x270
[   86.162066][ T6053]  should_failslab+0x8f/0xb0
[   86.162132][ T6053]  kmem_cache_alloc_lru_noprof+0x5e/0x330
[   86.162173][ T6053]  ? __d_alloc+0x3d/0x350
[   86.162197][ T6053]  __d_alloc+0x3d/0x350
[   86.162218][ T6053]  ? mpol_shared_policy_init+0xd2/0x510
[   86.162246][ T6053]  d_alloc_pseudo+0x1e/0x80
[   86.162332][ T6053]  alloc_file_pseudo+0x75/0x160
[   86.162376][ T6053]  __shmem_file_setup+0x1bb/0x1f0
[   86.162490][ T6053]  shmem_file_setup+0x3b/0x50
[   86.162525][ T6053]  __se_sys_memfd_create+0x2e1/0x5a0
[   86.162553][ T6053]  __x64_sys_memfd_create+0x31/0x40
[   86.162636][ T6053]  x64_sys_call+0x1163/0x2e10
[   86.162663][ T6053]  do_syscall_64+0xc9/0x1c0
[   86.162688][ T6053]  ? clear_bhb_loop+0x25/0x80
[   86.162715][ T6053]  ? clear_bhb_loop+0x25/0x80
[   86.162742][ T6053]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.162879][ T6053] RIP: 0033:0x7fc63499d169
[   86.162898][ T6053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.162921][ T6053] RSP: 002b:00007fc632ffee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   86.162951][ T6053] RAX: ffffffffffffffda RBX: 000000000000026d RCX: 00007fc63499d169
[   86.162967][ T6053] RDX: 00007fc632ffeef0 RSI: 0000000000000000 RDI: 00007fc634a1ec3c
[   86.162983][ T6053] RBP: 00002000000002c0 R08: 00007fc632ffebb7 R09: 00007fc632ffee40
[   86.162998][ T6053] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000740
[   86.163013][ T6053] R13: 00007fc632ffeef0 R14: 00007fc632ffeeb0 R15: 0000200000000200
[   86.163106][ T6053]  </TASK>
[   86.203008][ T6056] netlink: 32 bytes leftover after parsing attributes in process `syz.2.859'.
[   86.411454][ T6063] netlink: 132 bytes leftover after parsing attributes in process `+}[@'.
[   86.438545][ T6052] netlink: 12 bytes leftover after parsing attributes in process `syz.0.869'.
[   86.500822][ T6076] loop4: detected capacity change from 0 to 164
[   86.644205][ T6089] loop4: detected capacity change from 0 to 512
[   86.651659][ T6089] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   86.714833][ T6092] loop1: detected capacity change from 0 to 1024
[   86.725670][ T6089] EXT4-fs (loop4): orphan cleanup on readonly fs
[   86.733290][ T6089] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.879: bg 0: block 248: padding at end of block bitmap is not set
[   86.749678][ T6089] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.879: Failed to acquire dquot type 1
[   86.762894][ T6089] EXT4-fs (loop4): 1 truncate cleaned up
[   86.771318][ T6089] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   86.964172][ T6099] bond1: entered promiscuous mode
[   86.969378][ T6099] bond1: entered allmulticast mode
[   87.046917][ T6099] 8021q: adding VLAN 0 to HW filter on device bond1
[   87.058773][ T6108] 9pnet_virtio: no channels available for device éq‰Y’3aK
[   87.121708][ T6099] bond1 (unregistering): Released all slaves
[   87.150696][ T6112] loop2: detected capacity change from 0 to 512
[   87.225979][ T6112] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors
[   87.237279][ T6112] EXT4-fs (loop2): ext4_check_descriptors: Inode table for group 0 not in group (block 2)!
[   87.247424][ T6112] EXT4-fs (loop2): group descriptors corrupted!
[   87.328016][ T6114] loop3: detected capacity change from 0 to 1024
[   87.502968][ T6131] netlink: 72 bytes leftover after parsing attributes in process `syz.3.899'.
[   87.584690][ T6137] FAULT_INJECTION: forcing a failure.
[   87.584690][ T6137] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   87.598077][ T6137] CPU: 0 UID: 0 PID: 6137 Comm: syz.2.901 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   87.598105][ T6137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   87.598119][ T6137] Call Trace:
[   87.598126][ T6137]  <TASK>
[   87.598133][ T6137]  dump_stack_lvl+0xf6/0x150
[   87.598157][ T6137]  dump_stack+0x15/0x1a
[   87.598175][ T6137]  should_fail_ex+0x261/0x270
[   87.598299][ T6137]  should_fail+0xb/0x10
[   87.598346][ T6137]  should_fail_usercopy+0x1a/0x20
[   87.598367][ T6137]  _copy_to_user+0x20/0xa0
[   87.598396][ T6137]  simple_read_from_buffer+0xb2/0x130
[   87.598461][ T6137]  proc_fail_nth_read+0x103/0x140
[   87.598498][ T6137]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   87.598532][ T6137]  vfs_read+0x1b2/0x710
[   87.598551][ T6137]  ? __rcu_read_unlock+0x4e/0x70
[   87.598700][ T6137]  ? __fget_files+0x186/0x1c0
[   87.598808][ T6137]  ksys_read+0xeb/0x1b0
[   87.598925][ T6137]  __x64_sys_read+0x42/0x50
[   87.598951][ T6137]  x64_sys_call+0x2a3b/0x2e10
[   87.598972][ T6137]  do_syscall_64+0xc9/0x1c0
[   87.598990][ T6137]  ? clear_bhb_loop+0x25/0x80
[   87.599083][ T6137]  ? clear_bhb_loop+0x25/0x80
[   87.599109][ T6137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.599134][ T6137] RIP: 0033:0x7f98a0dcbb7c
[   87.599151][ T6137] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   87.599245][ T6137] RSP: 002b:00007f989f42f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   87.599268][ T6137] RAX: ffffffffffffffda RBX: 00007f98a0fe5fa0 RCX: 00007f98a0dcbb7c
[   87.599283][ T6137] RDX: 000000000000000f RSI: 00007f989f42f0a0 RDI: 0000000000000007
[   87.599297][ T6137] RBP: 00007f989f42f090 R08: 0000000000000000 R09: 0000000000000000
[   87.599309][ T6137] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   87.599320][ T6137] R13: 0000000000000000 R14: 00007f98a0fe5fa0 R15: 00007ffcffc14f68
[   87.599365][ T6137]  </TASK>
[   87.852079][ T6142] 9pnet_fd: Insufficient options for proto=fd
[   87.921919][ T6144] loop2: detected capacity change from 0 to 512
[   87.938161][ T6144] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.978528][ T6144] ext4 filesystem being mounted at /176/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.993312][ T6153] program syz.3.907 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   88.054180][ T6157] program syz.3.909 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   88.067562][ T6158] FAULT_INJECTION: forcing a failure.
[   88.067562][ T6158] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   88.081267][ T6158] CPU: 0 UID: 0 PID: 6158 Comm: syz.2.904 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   88.081301][ T6158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   88.081317][ T6158] Call Trace:
[   88.081324][ T6158]  <TASK>
[   88.081393][ T6158]  dump_stack_lvl+0xf6/0x150
[   88.081420][ T6158]  dump_stack+0x15/0x1a
[   88.081441][ T6158]  should_fail_ex+0x261/0x270
[   88.081508][ T6158]  should_fail+0xb/0x10
[   88.081529][ T6158]  should_fail_usercopy+0x1a/0x20
[   88.081550][ T6158]  _copy_to_iter+0xd8/0xd10
[   88.081571][ T6158]  ? chacha_block_generic+0x253/0x280
[   88.081670][ T6158]  get_random_bytes_user+0x131/0x290
[   88.081694][ T6158]  ? vfs_write+0x669/0x950
[   88.081744][ T6158]  ? import_ubuf+0xeb/0x120
[   88.081769][ T6158]  __x64_sys_getrandom+0xba/0x190
[   88.081853][ T6158]  x64_sys_call+0x29cd/0x2e10
[   88.081873][ T6158]  do_syscall_64+0xc9/0x1c0
[   88.081896][ T6158]  ? clear_bhb_loop+0x25/0x80
[   88.081923][ T6158]  ? clear_bhb_loop+0x25/0x80
[   88.081966][ T6158]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.081987][ T6158] RIP: 0033:0x7f98a0dcd169
[   88.082002][ T6158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   88.082023][ T6158] RSP: 002b:00007f989f40e038 EFLAGS: 00000246 ORIG_RAX: 000000000000013e
[   88.082045][ T6158] RAX: ffffffffffffffda RBX: 00007f98a0fe6080 RCX: 00007f98a0dcd169
[   88.082149][ T6158] RDX: 0000000000000002 RSI: fffffffffffffdde RDI: 0000200000000040
[   88.082164][ T6158] RBP: 00007f989f40e090 R08: 0000000000000000 R09: 0000000000000000
[   88.082178][ T6158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   88.082192][ T6158] R13: 0000000000000000 R14: 00007f98a0fe6080 R15: 00007ffcffc14f68
[   88.082209][ T6158]  </TASK>
[   88.283637][ T6160] SELinux: security policydb version 18 (MLS) not backwards compatible
[   88.308294][ T6160] SELinux: failed to load policy
[   88.366047][ T6168] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=6168 comm=syz.3.913
[   88.440833][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.460536][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.501031][ T6176] loop1: detected capacity change from 0 to 512
[   88.522470][ T6182] loop4: detected capacity change from 0 to 2048
[   88.544250][ T6182] ext4: Unknown parameter 'nouser_xattr'
[   88.552905][ T6176] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.580197][ T6176] ext4 filesystem being mounted at /176/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.599770][ T6197] loop4: detected capacity change from 0 to 512
[   88.609303][ T6197] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   88.647663][ T6197] EXT4-fs (loop4): invalid journal inode
[   88.653370][ T6197] EXT4-fs (loop4): can't get journal size
[   88.660016][ T6197] EXT4-fs (loop4): 1 truncate cleaned up
[   88.666377][ T6197] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.690199][ T3305] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.729365][ T3302] EXT4-fs error (device loop1): ext4_empty_dir:3077: inode #12: comm syz-executor: invalid size
[   88.740580][ T3302] EXT4-fs (loop1): Remounting filesystem read-only
[   88.892329][   T29] kauditd_printk_skb: 252 callbacks suppressed
[   88.892346][   T29] audit: type=1326 audit(2000000033.580:3588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6206 comm="syz.4.927" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc63499d169 code=0x0
[   89.007109][ T6202] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.016347][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   89.027034][   T12] Quota error (device loop1): write_blk: dquota write failed
[   89.034438][   T12] Quota error (device loop1): free_dqentry: Can't write quota data block 5
[   89.043532][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   89.051695][   T29] audit: type=1326 audit(2000000033.740:3589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6210 comm="syz.0.929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8912d169 code=0x7ffc0000
[   89.054171][   T12] Quota error (device loop1): write_blk: dquota write failed
[   89.077580][   T29] audit: type=1326 audit(2000000033.740:3590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6210 comm="syz.0.929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8912d169 code=0x7ffc0000
[   89.085006][   T12] Quota error (device loop1): free_dqentry: Can't write quota data block 5
[   89.110700][   T29] audit: type=1326 audit(2000000033.800:3591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6210 comm="syz.0.929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7f3e8912d169 code=0x7ffc0000
[   89.140467][   T29] audit: type=1326 audit(2000000033.800:3592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6210 comm="syz.0.929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e8912d169 code=0x7ffc0000
[   89.167496][   T29] audit: type=1326 audit(2000000033.810:3593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6210 comm="syz.0.929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7f3e8912d169 code=0x7ffc0000
[   89.412805][ T6217] chnl_net:caif_netlink_parms(): no params data found
[   89.481926][ T6217] bridge0: port 1(bridge_slave_0) entered blocking state
[   89.489139][ T6217] bridge0: port 1(bridge_slave_0) entered disabled state
[   89.511069][ T6217] bridge_slave_0: entered allmulticast mode
[   89.521627][ T6217] bridge_slave_0: entered promiscuous mode
[   89.528557][ T6217] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.535829][ T6217] bridge0: port 2(bridge_slave_1) entered disabled state
[   89.574196][ T6217] bridge_slave_1: entered allmulticast mode
[   89.582395][ T6217] bridge_slave_1: entered promiscuous mode
[   89.590117][ T6242] netlink: 132 bytes leftover after parsing attributes in process `+}[@'.
[   89.619142][ T6217] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   89.640916][ T6217] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   89.672017][ T6217] team0: Port device team_slave_0 added
[   89.678835][ T6217] team0: Port device team_slave_1 added
[   89.707454][ T6217] batman_adv: batadv0: Adding interface: batadv_slave_0
[   89.714504][ T6217] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.740512][ T6217] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   89.753734][ T6258] loop2: detected capacity change from 0 to 128
[   89.769145][ T6217] batman_adv: batadv0: Adding interface: batadv_slave_1
[   89.776239][ T6217] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   89.802555][ T6217] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   89.817832][ T6256] smc: net device bond0 applied user defined pnetid SYZ0
[   89.827219][ T6258] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   89.831787][ T6262] smc: net device bond0 erased user defined pnetid SYZ0
[   89.840409][ T6258] ext4 filesystem being mounted at /181/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   89.894767][ T6217] hsr_slave_0: entered promiscuous mode
[   89.914159][ T6217] hsr_slave_1: entered promiscuous mode
[   89.921187][ T6217] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   89.928882][ T6217] Cannot create hsr debugfs directory
[   89.993674][ T3311] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   90.039713][ T6217] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   90.049927][ T6217] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   90.062398][ T6275] netlink: 132 bytes leftover after parsing attributes in process `+}[@'.
[   90.072525][ T6217] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   90.086263][ T6217] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   90.179551][ T6217] 8021q: adding VLAN 0 to HW filter on device bond0
[   90.210940][ T6217] 8021q: adding VLAN 0 to HW filter on device team0
[   90.228625][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.235792][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   90.251002][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.258129][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[   90.267307][ T6287] /dev/nullb0: Can't lookup blockdev
[   90.287655][ T6217] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   90.336259][ T6285] vxcan0: tx drop: invalid sa for name 0x0000000000000001
[   90.360927][ T6217] 8021q: adding VLAN 0 to HW filter on device batadv0
[   90.414628][ T6306] smc: net device bond0 applied user defined pnetid SYZ0
[   90.422904][ T6306] smc: net device bond0 erased user defined pnetid SYZ0
[   90.477473][ T6217] veth0_vlan: entered promiscuous mode
[   90.486433][ T6217] veth1_vlan: entered promiscuous mode
[   90.507788][ T6217] veth0_macvtap: entered promiscuous mode
[   90.518026][ T6217] veth1_macvtap: entered promiscuous mode
[   90.531939][ T6217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.542619][ T6217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.552591][ T6217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.563480][ T6217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.573505][ T6217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.584070][ T6217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.598178][ T6217] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.605748][ T6325] netlink: 132 bytes leftover after parsing attributes in process `+}[@'.
[   90.619295][ T6217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.630026][ T6217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.637868][ T6328] FAULT_INJECTION: forcing a failure.
[   90.637868][ T6328] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   90.639935][ T6217] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.653254][ T6328] CPU: 1 UID: 0 PID: 6328 Comm: syz.0.964 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   90.653364][ T6328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   90.653482][ T6328] Call Trace:
[   90.653489][ T6328]  <TASK>
[   90.653498][ T6328]  dump_stack_lvl+0xf6/0x150
[   90.653528][ T6328]  dump_stack+0x15/0x1a
[   90.653549][ T6328]  should_fail_ex+0x261/0x270
[   90.653575][ T6328]  should_fail+0xb/0x10
[   90.653597][ T6328]  should_fail_usercopy+0x1a/0x20
[   90.653716][ T6328]  _copy_from_user+0x1c/0xa0
[   90.653757][ T6328]  move_addr_to_kernel+0x8c/0x130
[   90.653814][ T6328]  copy_msghdr_from_user+0x280/0x2b0
[   90.653845][ T6328]  __sys_sendmsg+0x141/0x240
[   90.653887][ T6328]  __x64_sys_sendmsg+0x46/0x50
[   90.653911][ T6328]  x64_sys_call+0x26f3/0x2e10
[   90.653938][ T6328]  do_syscall_64+0xc9/0x1c0
[   90.653981][ T6328]  ? clear_bhb_loop+0x25/0x80
[   90.654009][ T6328]  ? clear_bhb_loop+0x25/0x80
[   90.654036][ T6328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.654063][ T6328] RIP: 0033:0x7f3e8912d169
[   90.654124][ T6328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.654147][ T6328] RSP: 002b:00007f3e8778f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   90.654170][ T6328] RAX: ffffffffffffffda RBX: 00007f3e89345fa0 RCX: 00007f3e8912d169
[   90.654186][ T6328] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[   90.654201][ T6328] RBP: 00007f3e8778f090 R08: 0000000000000000 R09: 0000000000000000
[   90.654223][ T6328] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.654238][ T6328] R13: 0000000000000000 R14: 00007f3e89345fa0 R15: 00007ffd49259828
[   90.654261][ T6328]  </TASK>
[   90.842304][ T6217] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.853716][ T6217] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.875626][ T6217] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.884483][ T6217] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.893328][ T6217] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.902130][ T6217] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.946915][ T6339] smc: net device bond0 applied user defined pnetid SYZ0
[   90.954317][ T6339] smc: net device bond0 erased user defined pnetid SYZ0
[   91.005761][ T6348] loop4: detected capacity change from 0 to 128
[   91.032122][ T6348] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   91.046968][ T6348] ext4 filesystem being mounted at /172/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   91.099088][ T6360] FAULT_INJECTION: forcing a failure.
[   91.099088][ T6360] name failslab, interval 1, probability 0, space 0, times 0
[   91.111835][ T6360] CPU: 1 UID: 0 PID: 6360 Comm: syz.2.976 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   91.111870][ T6360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   91.111885][ T6360] Call Trace:
[   91.111896][ T6360]  <TASK>
[   91.111906][ T6360]  dump_stack_lvl+0xf6/0x150
[   91.111935][ T6360]  dump_stack+0x15/0x1a
[   91.111956][ T6360]  should_fail_ex+0x261/0x270
[   91.111981][ T6360]  should_failslab+0x8f/0xb0
[   91.112012][ T6360]  kmem_cache_alloc_noprof+0x59/0x340
[   91.112112][ T6360]  ? getname_flags+0x81/0x3b0
[   91.112210][ T6360]  getname_flags+0x81/0x3b0
[   91.112244][ T6360]  path_setxattrat+0x240/0x320
[   91.112300][ T6360]  __x64_sys_lsetxattr+0x71/0x90
[   91.112334][ T6360]  x64_sys_call+0x2014/0x2e10
[   91.112376][ T6360]  do_syscall_64+0xc9/0x1c0
[   91.112399][ T6360]  ? clear_bhb_loop+0x25/0x80
[   91.112425][ T6360]  ? clear_bhb_loop+0x25/0x80
[   91.112451][ T6360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.112552][ T6360] RIP: 0033:0x7f98a0dcd169
[   91.112570][ T6360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.112616][ T6360] RSP: 002b:00007f989f42f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[   91.112635][ T6360] RAX: ffffffffffffffda RBX: 00007f98a0fe5fa0 RCX: 00007f98a0dcd169
[   91.112649][ T6360] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000000
[   91.112663][ T6360] RBP: 00007f989f42f090 R08: 0000000000000000 R09: 0000000000000000
[   91.112677][ T6360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.112691][ T6360] R13: 0000000000000000 R14: 00007f98a0fe5fa0 R15: 00007ffcffc14f68
[   91.112713][ T6360]  </TASK>
[   91.298365][ T3305] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   91.339729][ T6363] syz.0.978 (6363): /proc/6362/oom_adj is deprecated, please use /proc/6362/oom_score_adj instead.
[   91.380335][ T6373] FAULT_INJECTION: forcing a failure.
[   91.380335][ T6373] name failslab, interval 1, probability 0, space 0, times 0
[   91.393100][ T6373] CPU: 0 UID: 0 PID: 6373 Comm: syz.0.982 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   91.393127][ T6373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   91.393200][ T6373] Call Trace:
[   91.393206][ T6373]  <TASK>
[   91.393214][ T6373]  dump_stack_lvl+0xf6/0x150
[   91.393380][ T6373]  dump_stack+0x15/0x1a
[   91.393400][ T6373]  should_fail_ex+0x261/0x270
[   91.393425][ T6373]  should_failslab+0x8f/0xb0
[   91.393450][ T6373]  kmem_cache_alloc_noprof+0x59/0x340
[   91.393501][ T6373]  ? audit_log_start+0x37f/0x6e0
[   91.393528][ T6373]  audit_log_start+0x37f/0x6e0
[   91.393594][ T6373]  audit_seccomp+0x4b/0x130
[   91.393617][ T6373]  __seccomp_filter+0x694/0x10e0
[   91.393660][ T6373]  __secure_computing+0x7e/0x160
[   91.393702][ T6373]  syscall_trace_enter+0xcf/0x1f0
[   91.393754][ T6373]  do_syscall_64+0xaa/0x1c0
[   91.393773][ T6373]  ? clear_bhb_loop+0x25/0x80
[   91.393797][ T6373]  ? clear_bhb_loop+0x25/0x80
[   91.393823][ T6373]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.393848][ T6373] RIP: 0033:0x7f3e8912bb7c
[   91.393866][ T6373] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   91.393938][ T6373] RSP: 002b:00007f3e8778f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   91.393960][ T6373] RAX: ffffffffffffffda RBX: 00007f3e89345fa0 RCX: 00007f3e8912bb7c
[   91.393974][ T6373] RDX: 000000000000000f RSI: 00007f3e8778f0a0 RDI: 0000000000000004
[   91.393985][ T6373] RBP: 00007f3e8778f090 R08: 0000000000000000 R09: 0000000000000000
[   91.393995][ T6373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.394050][ T6373] R13: 0000000000000000 R14: 00007f3e89345fa0 R15: 00007ffd49259828
[   91.394072][ T6373]  </TASK>
[   91.587958][ T6377] smc: net device bond0 applied user defined pnetid SYZ0
[   91.598087][ T6379] netlink: 16 bytes leftover after parsing attributes in process `syz.0.984'.
[   91.600602][ T6377] smc: net device bond0 erased user defined pnetid SYZ0
[   91.607719][ T6379] netlink: 4 bytes leftover after parsing attributes in process `syz.0.984'.
[   91.750932][ T6388] loop4: detected capacity change from 0 to 128
[   91.774428][ T6388] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   91.806370][ T6388] ext4 filesystem being mounted at /177/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   91.850793][ T6394] program syz.0.990 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   91.862376][ T6398] FAULT_INJECTION: forcing a failure.
[   91.862376][ T6398] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   91.875951][ T6398] CPU: 1 UID: 0 PID: 6398 Comm: syz.2.993 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   91.875986][ T6398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   91.876000][ T6398] Call Trace:
[   91.876007][ T6398]  <TASK>
[   91.876015][ T6398]  dump_stack_lvl+0xf6/0x150
[   91.876044][ T6398]  dump_stack+0x15/0x1a
[   91.876064][ T6398]  should_fail_ex+0x261/0x270
[   91.876089][ T6398]  should_fail+0xb/0x10
[   91.876149][ T6398]  should_fail_usercopy+0x1a/0x20
[   91.876226][ T6398]  _copy_from_user+0x1c/0xa0
[   91.876281][ T6398]  copy_msghdr_from_user+0x54/0x2b0
[   91.876310][ T6398]  ? __fget_files+0x186/0x1c0
[   91.876346][ T6398]  __sys_sendmsg+0x141/0x240
[   91.876402][ T6398]  __x64_sys_sendmsg+0x46/0x50
[   91.876419][ T6398]  x64_sys_call+0x26f3/0x2e10
[   91.876445][ T6398]  do_syscall_64+0xc9/0x1c0
[   91.876467][ T6398]  ? clear_bhb_loop+0x25/0x80
[   91.876563][ T6398]  ? clear_bhb_loop+0x25/0x80
[   91.876630][ T6398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.876651][ T6398] RIP: 0033:0x7f98a0dcd169
[   91.876668][ T6398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.876690][ T6398] RSP: 002b:00007f989f42f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   91.876713][ T6398] RAX: ffffffffffffffda RBX: 00007f98a0fe5fa0 RCX: 00007f98a0dcd169
[   91.876728][ T6398] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000005
[   91.876741][ T6398] RBP: 00007f989f42f090 R08: 0000000000000000 R09: 0000000000000000
[   91.876755][ T6398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.876772][ T6398] R13: 0000000000000000 R14: 00007f98a0fe5fa0 R15: 00007ffcffc14f68
[   91.876795][ T6398]  </TASK>
[   92.093117][ T6409] smc: net device bond0 applied user defined pnetid SYZ0
[   92.104285][ T6409] smc: net device bond0 erased user defined pnetid SYZ0
[   92.114262][ T3305] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   92.172810][ T6423] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1000'.
[   92.209939][ T6423] Driver unsupported XDP return value 0 on prog  (id 716) dev N/A, expect packet loss!
[   92.271270][ T6433] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1003'.
[   92.276318][ T6435] bridge0: port 3(macsec1) entered blocking state
[   92.287543][ T6435] bridge0: port 3(macsec1) entered disabled state
[   92.314664][ T6430] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[   92.315345][ T3380] IPVS: starting estimator thread 0...
[   92.329293][ T6443] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1003'.
[   92.340284][ T6435] macsec1: entered allmulticast mode
[   92.346409][ T6435] bridge0: entered allmulticast mode
[   92.362429][ T6435] macsec1: left allmulticast mode
[   92.367737][ T6435] bridge0: left allmulticast mode
[   92.415111][ T6442] IPVS: using max 2448 ests per chain, 122400 per kthread
[   92.463122][ T6465] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[   92.463122][ T6465] The task syz.3.1005 (6465) triggered the difference, watch for misbehavior.
[   92.606651][ T6478] bridge0: entered promiscuous mode
[   92.628020][ T6478] bridge0: port 3(macsec1) entered blocking state
[   92.634604][ T6478] bridge0: port 3(macsec1) entered disabled state
[   92.652525][ T6478] macsec1: entered allmulticast mode
[   92.657959][ T6478] bridge0: entered allmulticast mode
[   92.666965][ T6478] macsec1: left allmulticast mode
[   92.672155][ T6478] bridge0: left allmulticast mode
[   92.692088][ T6478] bridge0: left promiscuous mode
[   92.738246][ T6493] smc: net device bond0 applied user defined pnetid SYZ0
[   92.748152][ T6493] smc: net device bond0 erased user defined pnetid SYZ0
[   92.937065][ T6522] loop5: detected capacity change from 0 to 256
[   92.943853][ T6522] vfat: Unknown parameter 'ut@'
[   93.353394][ T6558] netlink: 146340 bytes leftover after parsing attributes in process `syz.3.1020'.
[   93.363807][ T6558] netlink: zone id is out of range
[   93.369014][ T6558] netlink: zone id is out of range
[   93.376555][ T6560] loop2: detected capacity change from 0 to 128
[   93.383509][ T6558] netlink: zone id is out of range
[   93.391456][ T6560] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   93.405035][ T6558] netlink: zone id is out of range
[   93.442613][ T6558] netlink: zone id is out of range
[   93.448527][ T6558] netlink: zone id is out of range
[   93.450377][ T6560] ext4 filesystem being mounted at /191/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   93.453726][ T6558] netlink: zone id is out of range
[   93.491505][ T6558] netlink: zone id is out of range
[   93.496797][ T6558] netlink: zone id is out of range
[   93.651883][ T3311] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   93.707200][ T6567] x_tables: duplicate underflow at hook 1
[   93.748036][ T6578] smc: net device bond0 applied user defined pnetid SYZ0
[   93.756586][ T6577] loop3: detected capacity change from 0 to 2048
[   93.762030][ T6578] smc: net device bond0 erased user defined pnetid SYZ0
[   93.848226][ T6577] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   93.876913][ T6577] 9pnet_fd: Insufficient options for proto=fd
[   93.917805][   T29] kauditd_printk_skb: 215 callbacks suppressed
[   93.917823][   T29] audit: type=1400 audit(2000000038.610:3807): avc:  denied  { unlink } for  pid=3311 comm="syz-executor" name="file0" dev="tmpfs" ino=1063 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   93.957079][   T29] audit: type=1326 audit(2000000038.650:3808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6592 comm="syz.5.1033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a9a2fd169 code=0x7ffc0000
[   93.981269][   T29] audit: type=1326 audit(2000000038.650:3809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6592 comm="syz.5.1033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7f7a9a2fd169 code=0x7ffc0000
[   94.004848][   T29] audit: type=1326 audit(2000000038.650:3810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6592 comm="syz.5.1033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a9a2fd169 code=0x7ffc0000
[   94.028751][   T29] audit: type=1326 audit(2000000038.650:3811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6592 comm="syz.5.1033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=238 compat=0 ip=0x7f7a9a2fd169 code=0x7ffc0000
[   94.052357][   T29] audit: type=1326 audit(2000000038.650:3812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6592 comm="syz.5.1033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a9a2fd169 code=0x7ffc0000
[   94.053661][ T6598] loop5: detected capacity change from 0 to 2048
[   94.085127][ T6577] FAULT_INJECTION: forcing a failure.
[   94.085127][ T6577] name failslab, interval 1, probability 0, space 0, times 0
[   94.098034][ T6577] CPU: 1 UID: 0 PID: 6577 Comm: syz.3.1027 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   94.098114][ T6577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   94.098129][ T6577] Call Trace:
[   94.098137][ T6577]  <TASK>
[   94.098147][ T6577]  dump_stack_lvl+0xf6/0x150
[   94.098175][ T6577]  dump_stack+0x15/0x1a
[   94.098196][ T6577]  should_fail_ex+0x261/0x270
[   94.098220][ T6577]  should_failslab+0x8f/0xb0
[   94.098261][ T6577]  __kmalloc_cache_node_noprof+0x58/0x340
[   94.098296][ T6577]  ? __get_vm_area_node+0xfb/0x1c0
[   94.098361][ T6577]  __get_vm_area_node+0xfb/0x1c0
[   94.098383][ T6577]  __vmalloc_node_range_noprof+0x285/0xe80
[   94.098406][ T6577]  ? sel_write_load+0x15b/0x3c0
[   94.098458][ T6577]  ? _parse_integer_limit+0x167/0x180
[   94.098498][ T6577]  ? _parse_integer+0x27/0x30
[   94.098605][ T6577]  ? avc_has_perm_noaudit+0x1cc/0x210
[   94.098630][ T6577]  ? sel_write_load+0x15b/0x3c0
[   94.098693][ T6577]  vmalloc_noprof+0x5e/0x70
[   94.098713][ T6577]  ? sel_write_load+0x15b/0x3c0
[   94.098731][ T6577]  sel_write_load+0x15b/0x3c0
[   94.098801][ T6577]  ? __pfx_sel_write_load+0x10/0x10
[   94.098822][ T6577]  vfs_write+0x295/0x950
[   94.098852][ T6577]  ? putname+0xe1/0x100
[   94.098880][ T6577]  ? __fget_files+0x186/0x1c0
[   94.098959][ T6577]  ksys_write+0xeb/0x1b0
[   94.099003][ T6577]  __x64_sys_write+0x42/0x50
[   94.099025][ T6577]  x64_sys_call+0x2a45/0x2e10
[   94.099047][ T6577]  do_syscall_64+0xc9/0x1c0
[   94.099066][ T6577]  ? clear_bhb_loop+0x25/0x80
[   94.099088][ T6577]  ? clear_bhb_loop+0x25/0x80
[   94.099136][ T6577]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.099222][ T6577] RIP: 0033:0x7ff8f9d8d169
[   94.099237][ T6577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.099255][ T6577] RSP: 002b:00007ff8f83ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   94.099274][ T6577] RAX: ffffffffffffffda RBX: 00007ff8f9fa5fa0 RCX: 00007ff8f9d8d169
[   94.099286][ T6577] RDX: 0000000000006000 RSI: 0000200000000000 RDI: 000000000000000d
[   94.099297][ T6577] RBP: 00007ff8f83ef090 R08: 0000000000000000 R09: 0000000000000000
[   94.099309][ T6577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.099320][ T6577] R13: 0000000000000000 R14: 00007ff8f9fa5fa0 R15: 00007ffe55e11218
[   94.099361][ T6577]  </TASK>
[   94.099391][ T6577] syz.3.1027: vmalloc error: size 24576, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null)
[   94.177107][ T6598] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.179567][ T6577] ,cpuset=
[   94.245841][ T6606] 9pnet_fd: Insufficient options for proto=fd
[   94.250088][ T6577] /,mems_allowed=0
[   94.250118][ T6577] CPU: 1 UID: 0 PID: 6577 Comm: syz.3.1027 Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   94.250149][ T6577] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   94.250165][ T6577] Call Trace:
[   94.250174][ T6577]  <TASK>
[   94.250243][ T6577]  dump_stack_lvl+0xf6/0x150
[   94.250272][ T6577]  dump_stack+0x15/0x1a
[   94.250293][ T6577]  warn_alloc+0x145/0x1b0
[   94.250325][ T6577]  __vmalloc_node_range_noprof+0x2aa/0xe80
[   94.250355][ T6577]  ? _parse_integer_limit+0x167/0x180
[   94.250479][ T6577]  ? _parse_integer+0x27/0x30
[   94.250521][ T6577]  ? avc_has_perm_noaudit+0x1cc/0x210
[   94.250552][ T6577]  ? sel_write_load+0x15b/0x3c0
[   94.250576][ T6577]  vmalloc_noprof+0x5e/0x70
[   94.250602][ T6577]  ? sel_write_load+0x15b/0x3c0
[   94.250626][ T6577]  sel_write_load+0x15b/0x3c0
[   94.250687][ T6577]  ? __pfx_sel_write_load+0x10/0x10
[   94.250725][ T6577]  vfs_write+0x295/0x950
[   94.250752][ T6577]  ? putname+0xe1/0x100
[   94.250788][ T6577]  ? __fget_files+0x186/0x1c0
[   94.250860][ T6577]  ksys_write+0xeb/0x1b0
[   94.250890][ T6577]  __x64_sys_write+0x42/0x50
[   94.250919][ T6577]  x64_sys_call+0x2a45/0x2e10
[   94.251003][ T6577]  do_syscall_64+0xc9/0x1c0
[   94.251043][ T6577]  ? clear_bhb_loop+0x25/0x80
[   94.251069][ T6577]  ? clear_bhb_loop+0x25/0x80
[   94.251096][ T6577]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.251127][ T6577] RIP: 0033:0x7ff8f9d8d169
[   94.251147][ T6577] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.251193][ T6577] RSP: 002b:00007ff8f83ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   94.251296][ T6577] RAX: ffffffffffffffda RBX: 00007ff8f9fa5fa0 RCX: 00007ff8f9d8d169
[   94.251311][ T6577] RDX: 0000000000006000 RSI: 0000200000000000 RDI: 000000000000000d
[   94.251326][ T6577] RBP: 00007ff8f83ef090 R08: 0000000000000000 R09: 0000000000000000
[   94.251362][ T6577] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.251377][ T6577] R13: 0000000000000000 R14: 00007ff8f9fa5fa0 R15: 00007ffe55e11218
[   94.251443][ T6577]  </TASK>
[   94.251451][ T6577] Mem-Info:
[   94.590314][ T6577] active_anon:3655 inactive_anon:0 isolated_anon:0
[   94.590314][ T6577]  active_file:21724 inactive_file:2313 isolated_file:0
[   94.590314][ T6577]  unevictable:0 dirty:261 writeback:0
[   94.590314][ T6577]  slab_reclaimable:2946 slab_unreclaimable:33397
[   94.590314][ T6577]  mapped:29917 shmem:813 pagetables:806
[   94.590314][ T6577]  sec_pagetables:0 bounce:0
[   94.590314][ T6577]  kernel_misc_reclaimable:0
[   94.590314][ T6577]  free:1865146 free_pcp:13041 free_cma:0
[   94.635268][ T6577] Node 0 active_anon:14620kB inactive_anon:0kB active_file:86896kB inactive_file:9252kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:119668kB dirty:1044kB writeback:0kB shmem:3252kB writeback_tmp:0kB kernel_stack:2944kB pagetables:3224kB sec_pagetables:0kB all_unreclaimable? no
[   94.663155][ T6577] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   94.690829][ T6577] lowmem_reserve[]: 0 2884 7862 7862
[   94.696273][ T6577] Node 0 DMA32 free:2949876kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2953408kB mlocked:0kB bounce:0kB free_pcp:3532kB local_pcp:0kB free_cma:0kB
[   94.711233][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.726653][ T6577] lowmem_reserve[]: 0 0 4978 4978
[   94.726692][ T6577] Node 0 
[   94.734085][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.739105][ T6577] Normal free:4495232kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB active_anon:14620kB inactive_anon:0kB active_file:86896kB inactive_file:9252kB unevictable:0kB writepending:1044kB present:5242880kB managed:5098248kB mlocked:0kB bounce:0kB free_pcp:48744kB local_pcp:16380kB free_cma:0kB
[   94.742231][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.749780][ T6577] lowmem_reserve[]: 0 0 0 0
[   94.749820][ T6577] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 
[   94.781860][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.788016][ T6577] 0*64kB 
[   94.792530][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.798151][ T6577] 0*128kB 0*256kB 0*512kB 
[   94.805672][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.808602][ T6577] 1*1024kB 
[   94.816078][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.820495][ T6577] (U) 1*2048kB 
[   94.828251][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.831337][ T6577] (M) 3*4096kB 
[   94.839773][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.843468][ T6577] (M) = 15360kB
[   94.852017][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.855582][ T6577] Node 0 DMA32: 3*4kB 
[   94.863047][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.866480][ T6577] (M) 3*8kB (M) 3*16kB (M) 3*32kB 
[   94.873895][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.877967][ T6577] (M) 5*64kB (M) 4*128kB (M) 3*256kB (M) 4*512kB (M) 3*1024kB 
[   94.885454][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.885477][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.889306][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.890766][ T6577] (M) 3*2048kB (M) 
[   94.898779][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.898806][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.906548][ T6577] 717*4096kB 
[   94.914045][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.921692][ T6577] (M) = 2949876kB
[   94.929222][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.933004][ T6577] Node 0 Normal: 
[   94.940626][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.948067][ T6577] 763*4kB 
[   94.951385][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.958851][ T6577] (UME) 478*8kB 
[   94.962508][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.971547][ T6577] (ME) 
[   94.975375][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.982638][ T6577] 329*16kB 
[   94.986005][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.993484][ T6577] (UME) 38*32kB 
[   94.997428][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   94.997455][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   95.004903][ T6577] (UM) 183*64kB 
[   95.007695][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   95.015081][ T6577] (UM) 65*128kB 
[   95.018199][   T10] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   95.025560][ T6577] (UME) 19*256kB 
[   95.033668][   T10] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[   95.036717][ T6577] (ME) 29*512kB 
[   95.050724][ T6609] loop2: detected capacity change from 0 to 164
[   95.055491][ T6577] (UME) 32*1024kB 
[   95.060093][ T6609] Unable to read rock-ridge attributes
[   95.066750][ T6577] (UME) 15*2048kB (UME) 1069*4096kB (UM) = 4495212kB
[   95.066806][ T6577] Node 0 hugepages_total=4 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[   95.066904][ T6577] 24882 total pagecache pages
[   95.066916][ T6577] 0 pages in swap cache
[   95.066924][ T6577] Free swap  = 124544kB
[   95.066931][ T6577] Total swap = 124996kB
[   95.066940][ T6577] 2097051 pages RAM
[   95.066946][ T6577] 0 pages HighMem/MovableOnly
[   95.066953][ T6577] 80297 pages reserved
[   95.070177][ T6607] SELinux:  policydb magic number 0x80 does not match expected magic number 0xf97cff8c
[   95.095911][ T6609] netlink: 16 bytes leftover after parsing attributes in process `+}[@'.
[   95.119403][ T6607] SELinux: failed to load policy
[   95.173214][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.186062][ T6611] smc: net device bond0 applied user defined pnetid SYZ0
[   95.193428][ T6611] smc: net device bond0 erased user defined pnetid SYZ0
[   95.202356][ T6217] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.217723][ T6613] loop3: detected capacity change from 0 to 2048
[   95.263816][   T29] audit: type=1326 audit(2000000039.950:3813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6614 comm="syz.0.1041" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3e8912d169 code=0x0
[   95.294234][ T6613] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   95.332723][ T6613] 9pnet_fd: Insufficient options for proto=fd
[   95.363008][ T6613] SELinux: ebitmap: truncated map
[   95.370493][ T6613] SELinux: failed to load policy
[   95.386679][   T29] audit: type=1326 audit(2000000040.070:3814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6625 comm="syz.5.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a9a2fd169 code=0x7ffc0000
[   95.413874][   T29] audit: type=1326 audit(2000000040.100:3815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6625 comm="syz.5.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7a9a2fd169 code=0x7ffc0000
[   95.439419][   T29] audit: type=1326 audit(2000000040.100:3816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6625 comm="syz.5.1044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a9a2fd169 code=0x7ffc0000
[   95.484706][ T3301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.506490][ T6632] loop3: detected capacity change from 0 to 128
[   95.515395][ T6632] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   95.527877][ T6632] ext4 filesystem being mounted at /223/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   95.561874][ T6635] loop5: detected capacity change from 0 to 1024
[   95.581914][ T3301] ==================================================================
[   95.583184][ T6635] EXT4-fs error (device loop5): ext4_orphan_get:1416: comm syz.5.1047: bad orphan inode 2304
[   95.590035][ T3301] BUG: KCSAN: data-race in __find_get_block / has_bh_in_lru
[   95.590077][ T3301] 
[   95.609878][ T3301] read-write to 0xffff888237d26b70 of 8 bytes by task 6635 on cpu 1:
[   95.618308][ T3301]  __find_get_block+0x430/0x8a0
[   95.623174][ T3301]  bdev_getblk+0x139/0x3b0
[   95.627609][ T3301]  ext4_sb_breadahead_unmovable+0x44/0x190
[   95.633563][ T3301]  __ext4_get_inode_loc+0x846/0x9a0
[   95.638853][ T3301]  __ext4_iget+0x312/0x1e90
[   95.643381][ T3301]  ext4_fill_super+0x2b5f/0x3580
[   95.648947][ T3301]  get_tree_bdev_flags+0x2b4/0x330
[   95.654083][ T3301]  get_tree_bdev+0x1f/0x30
[   95.658600][ T3301]  ext4_get_tree+0x1c/0x30
[   95.663127][ T3301]  vfs_get_tree+0x56/0x1e0
[   95.667555][ T3301]  do_new_mount+0x246/0x6b0
[   95.672074][ T3301]  path_mount+0x49b/0xb30
[   95.676432][ T3301]  __se_sys_mount+0x28f/0x2e0
[   95.681302][ T3301]  __x64_sys_mount+0x67/0x80
[   95.686131][ T3301]  x64_sys_call+0xd11/0x2e10
[   95.690750][ T3301]  do_syscall_64+0xc9/0x1c0
[   95.695341][ T3301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.701277][ T3301] 
[   95.703605][ T3301] read to 0xffff888237d26b70 of 8 bytes by task 3301 on cpu 0:
[   95.711594][ T3301]  has_bh_in_lru+0x35/0x1f0
[   95.716226][ T3301]  smp_call_function_many_cond+0x30a/0xbc0
[   95.722144][ T3301]  on_each_cpu_cond_mask+0x3c/0x90
[   95.727377][ T3301]  invalidate_bh_lrus+0x2a/0x30
[   95.732239][ T3301]  invalidate_bdev+0x42/0x70
[   95.736854][ T3301]  ext4_put_super+0x65b/0x910
[   95.741607][ T3301]  generic_shutdown_super+0xe5/0x220
[   95.746901][ T3301]  kill_block_super+0x2a/0x70
[   95.751583][ T3301]  ext4_kill_sb+0x44/0x80
[   95.755921][ T3301]  deactivate_locked_super+0x7d/0x1c0
[   95.761313][ T3301]  deactivate_super+0x9f/0xb0
[   95.766012][ T3301]  cleanup_mnt+0x26e/0x2e0
[   95.770452][ T3301]  __cleanup_mnt+0x19/0x20
[   95.774907][ T3301]  task_work_run+0x13c/0x1b0
[   95.779702][ T3301]  syscall_exit_to_user_mode+0xa8/0x120
[   95.785277][ T3301]  do_syscall_64+0xd6/0x1c0
[   95.789801][ T3301]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.795698][ T3301] 
[   95.798022][ T3301] value changed: 0xffff88810647f478 -> 0xffff88810647fbc8
[   95.805234][ T3301] 
[   95.807565][ T3301] Reported by Kernel Concurrency Sanitizer on:
[   95.813719][ T3301] CPU: 0 UID: 0 PID: 3301 Comm: syz-executor Not tainted 6.14.0-syzkaller-10892-g4e82c87058f4 #0 PREEMPT(voluntary) 
[   95.825980][ T3301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   95.836065][ T3301] ==================================================================
[   95.874516][ T6640] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1049'.