last executing test programs:

16.72839647s ago: executing program 2 (id=357):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg(r2, &(0x7f0000002ec0)={0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f0000002b80)="b2", 0x1}], 0x1}, 0x40488e0)
close(r2)

16.71962453s ago: executing program 2 (id=359):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000980)=@newqdisc={0x468, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xd}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x43c, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0x5ec888eb7598db49}, @TCA_TBF_PARMS={0x28, 0x1, {{0x3, 0x2, 0x8, 0x1, 0xff, 0x7}, {0x4, 0x0, 0x3, 0xa159, 0x1000, 0x7}, 0x3, 0x8, 0x41e}}, @TCA_TBF_PTAB={0x404, 0x3, [0x104, 0x2, 0xc, 0xfff, 0x0, 0x8ba, 0xa1, 0x4d91, 0x7fffffff, 0x63c4, 0x0, 0x7ffd, 0x403, 0x255, 0x6, 0xc, 0xd81, 0x3, 0xa, 0xa, 0x7, 0x6, 0xc, 0x200, 0xfffffffd, 0x5, 0xb96, 0x7, 0x0, 0xffffffff, 0x200, 0x3, 0x80000001, 0x7c, 0xfffffffc, 0x5, 0x3, 0x2, 0x8, 0x6, 0x1, 0xd, 0x80, 0x400, 0x80, 0x90000010, 0x3800000, 0x0, 0xfffff30b, 0x0, 0xf6, 0x81, 0xfffffffa, 0x80, 0x101, 0x3f, 0xfffffbff, 0x36a5, 0x4, 0x6, 0x200, 0x1ba, 0x9, 0xab, 0x6, 0xfffffff7, 0x6, 0x0, 0x3, 0x1, 0x963, 0x1ff, 0x2, 0xfffffffd, 0x6, 0x5, 0x0, 0x3, 0x0, 0xb09, 0x3ff, 0x7, 0x8000, 0x4, 0x8, 0x1000, 0x101, 0x5, 0x3, 0x6, 0x9, 0x0, 0x1, 0x8762, 0x10008e, 0x80000005, 0xfffff76b, 0x0, 0x4, 0x4275c4e9, 0x4000000, 0x5, 0x800, 0x4, 0x6, 0x8, 0x6cdf139e, 0x9, 0x3, 0x5, 0x10001, 0xff, 0x80000001, 0xed2, 0x5, 0xfffffffa, 0x10002, 0x18d0, 0x0, 0x3, 0x9486, 0x80, 0x5, 0x80000000, 0xdb, 0x3, 0x80, 0xffbf7ffc, 0x1, 0x8, 0x7, 0x1, 0x2, 0x8008, 0x2, 0x8, 0x2, 0x81, 0x3, 0x1, 0x6bf, 0x7, 0xea, 0x4, 0xc1, 0x2, 0x40, 0x5, 0x27f, 0x200, 0x7, 0x40, 0x7, 0x4, 0x7, 0xff, 0x400, 0x8, 0x7fffffff, 0xfffffff7, 0x8, 0xfffffff4, 0x8, 0xc, 0x96, 0x6, 0x104, 0x62cc, 0xfffffff5, 0x7, 0x2eb7, 0x10001, 0xcbf, 0x10000, 0x101, 0x9, 0xfffffffa, 0x1, 0x8, 0x7, 0x8001, 0xf, 0x5, 0x8, 0x8d, 0xffffffff, 0x2, 0x7, 0x1, 0x61, 0xffffffff, 0x494, 0xb, 0x1, 0x1, 0xd1, 0xd, 0x9, 0x1002, 0xffffffff, 0x6, 0x3, 0xfffffffb, 0xffff, 0xff, 0x5, 0x40000e, 0x401, 0x2, 0x8cc5, 0x8, 0x159, 0xfffffff7, 0x81, 0x382ae49d, 0x9, 0xffffffff, 0xffff, 0xdf3b, 0x8d, 0x6, 0xfffffef7, 0x89c3, 0x6319da67, 0x20000005, 0x9, 0x2, 0xfffff801, 0x0, 0x5, 0x5, 0x7, 0x7, 0x7f, 0x7, 0x1, 0x0, 0xffffffff, 0xdfed, 0xb, 0x77, 0x7, 0xff, 0xb331, 0x9, 0x6, 0x9, 0x7, 0x5, 0x400, 0x10001, 0x1, 0x800, 0x6000, 0xfe000000, 0xfffffffd]}]}}]}, 0x468}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
close(0x3)
socket(0x2, 0x80805, 0x0)
r5 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000100)=@base={0x1f, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000640), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}})
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r6, 0x1, 0x26, &(0x7f0000000000)=0x1, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x2d41, 0xd2)
close(r7)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r8, 0x7)
r9 = socket$phonet_pipe(0x23, 0x5, 0x2)
mount$9p_fd(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), 0x200000, &(0x7f0000000000)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r9}})
getresgid(&(0x7f0000000140), &(0x7f0000000180), 0x0)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000060000000000000000008500000007000000850000000e00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00', r10}, 0x10)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r11, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)={0x4c, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
sendmsg$IPSET_CMD_TEST(r11, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="640000000906010800000000000000000600000505000100070000003c0007801800148014000240fc0000000000000000000000000000011800018014000240ff01000000000000000000000000000105000300070000000900020073797a31"], 0x64}}, 0x4800)
sendmsg$IPSET_CMD_DESTROY(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)=ANY=[@ANYBLOB="1c0000000306010200000000000000000700000a0500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40814)

16.650191255s ago: executing program 2 (id=362):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x7, 0x8604, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x200, 0x100}, 0x10, 0x10000, 0x0, 0x6, 0x8, 0x20005, 0x100b, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffff7f, 0xffffffffffffffff, 0x2) (async)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x1, r1}, 0x38) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000019200)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0xfffffffffffffffe}, 0x18) (async)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x81000)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x48) (async)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x10}, 0x0)
pwritev2(r3, &(0x7f0000000300)=[{&(0x7f0000000b80)="8ac443e8825aa8846ce7a04c226865dc7725416f51f1bc708d05e792fc0fb59633eb7c4fc4c3120ede68ce8e987f4f10bad778c89fdeb85ff580be6ad206fe33bd572ea6d97a330e84a3565e2e605b10301e064278e2676e0d3b929b8156d2097fa08640bb569beb6f22587bf5d838db07add07d9d6269bd453f05de440e21e671c02a539aebc62dea9638ede3b600e09192e645845a087a20ce8ff243849c850bcb57e577252206fbc754a945dfd766930fb20b91e47253356289f7a104ca579ed6760cb1399d995bd1246db55b39d95d9ee9a131fa86", 0xd7}, {&(0x7f0000000c80)="7087b624bd5766c38a7622545f763fd49e1da47728cb5988f7f8a34ed9a77e7660297926b7068f4bda837ac2c3ad86cdf36e9d9d866c52c43167ce4c2b784ee93e590c59a20848f6d21cc44878ebda291ef940a1a1dcc3a6dd41335da230e6d118bda9aedf032fed2cb33c4dac40186f8b5454bc2e7e15fbbcdd4dc8c2d6d8d36d36f48e4b68cb75183031b7484403b9025e2a126cec51a34322a7e8d69c91f145c31b6fbca39695998e67542c558a0811937a64af83d991d1d79715379fb33be478b8e844ad30361f8c7b012cfdd011ceadd59796ecd373723748f540a86f29455d32102e5cb29e94747878147a18fe857b967669c4a5658d2affe9", 0xfc}, {&(0x7f00000002c0)="1c5c39f91a70bf1e", 0x8}], 0x3, 0x7f, 0x7, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x1}, @NFTA_EXTHDR_TYPE={0x5}, @NFTA_EXTHDR_SREG={0x8, 0x7, 0x1, 0x0, 0x5}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r6}, 0x38) (async)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r7, 0x0, 0x115}, 0x18)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x3, &(0x7f0000000d80)=ANY=[@ANYBLOB="1800000003000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000000}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r8, 0x0, 0x94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x63, 0x0, &(0x7f00000000c0)='\x00', 0x0}, 0x48) (async)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r9}, 0x10) (async)
r10 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_buf(r10, 0x0, 0x8008000000010, &(0x7f0000000240)="17000000020001000003be8c5e687a8a12003300020300ecff3f0005000300000a0001000098fc5a53d3f5b7e4a96c6b06169da9c0f8d9485bbb6a880a00243c5197b29f9368bdd6c8db0000dba67e06000000e289c46f8ab8b4028a7a63c900000200df0180000000000100000000000080c457681f009cee4a5acb3dac00001fb7315033bf79ac2df5bc080236e2b68c8eec25a02aff0601150b000000010000000affff02dfccebf6ba00085d024f0298e9e90554062a", 0xb8) (async)
syz_read_part_table(0x593, &(0x7f00000005c0)="$eJzs0r1LK2kUB+A3A5c0e4lcLli4hWCwigqx0CIpRGJIY0RcsbAWLLQQLCwkEq39+AcUv0BsxD6lGEEUYiUpxXpBsUmVZdfZxmplUdnleZrhPefMHF5+E/hPi8Lv7XY7EUJoJ9//9m+nhbFS98TI5FQIiTAbQij8+stfnUQ88fdXz+NzOT6XktnG/vXo82nHTc9dPX0Yxf1aFMJaCGHh4Sj1b+/G/99Z/jK1vrFU3FzJz98XVx8H5/oKXVuFxZ2hg1xlujM3E/9Ytehz9qcbw8e37fLT7vf+b/VGK3sVz2USH7Ofr/U2/72f1Wa1Nd57sjyQ+dG8qGzHub/IHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+GBn+cvU+sZScXMlP39fXH0cnOsrdG0VFneGDnKV6c7cTPQ6V4s+Z3+6MXx82y4/7X7v/1ZvtLJX8Vwm8TH7+Vpv89/7WW1WW+O9J8sDmR/Ni8p2nPuL/AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf6gwVuqeGJmcCiERZkMIo1HH0Z/1dvK1n4jnzuNnOa6XktnG/vXo82nHTc9dPX04EddrUQhrIYSFh6PUp1+Gd/sjAAD///tch0s=") (async)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1400000110060000000000000000c6000000000a2c000000060a0904000000000000510002007a30000000000900020073797a320000000020000000080a01020000000000000000020000060903010073797a3000000000140000001100010d00000000000000000300000a"], 0x74}, 0x1, 0x0, 0x0, 0x4040}, 0x0)

16.575854361s ago: executing program 2 (id=364):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000000000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000021aee3dece8055f60000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000040000000000000000000200000000000000000000000000000000000000100000300000000440005000a010101000000000000000000000000000004d62b"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r3 = socket$kcm(0xf, 0x3, 0x2)
sendmsg$inet(r3, &(0x7f00000000c0)={0x0, 0xfe, &(0x7f0000000000)=[{&(0x7f0000000040)="0207000902000000e4a17c45c8d260c9", 0x10}], 0x1}, 0x0)
socket$kcm(0x2, 0x5, 0x0)
sendmsg$inet(r3, &(0x7f00000004c0)={&(0x7f0000000180)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xff}}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000140)="9f", 0x1}], 0x1}, 0x2000328)
r4 = open_tree(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x1000, 0x0)
mount$bind(&(0x7f0000000440)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x10a5840, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f0000000040)='./file0/file0\x00', r4, &(0x7f0000000500)='./file0/file0\x00', 0x240)
socket$key(0xf, 0x3, 0x2)
r5 = syz_open_procfs(0x0, &(0x7f0000000240)='net/sockstat\x00')
close_range(r5, 0xffffffffffffffff, 0x0)
sendmsg$key(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="020a000307000000ef3c061f00de3f0005001a"], 0x38}}, 0x0)

15.664044783s ago: executing program 2 (id=373):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)={0x4c, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="640000000906010800000000000000000600000505000100070000003c0007801800148014000240fc0000000000000000000000000000011800018014000240ff01000000000000000000000000000105000300070000000900020073797a31"], 0x64}}, 0x4800)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)=ANY=[@ANYBLOB="1c0000000306010200000000000000000700000a0500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40814)

15.410653523s ago: executing program 2 (id=381):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/11], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f00000020c0)='./file0\x00', 0xce)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000580)='kmem_cache_free\x00', r1, 0x0, 0x7fff}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
getresuid(&(0x7f0000000280), &(0x7f00000002c0), &(0x7f0000000300))
clock_settime(0x1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(r2)
mq_unlink(0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x2, 0x4, 0xc000000}]})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
syz_io_uring_setup(0x280d, &(0x7f0000000400)={0x0, 0xc890, 0x400, 0x4}, 0x0, 0x0)

15.371768446s ago: executing program 32 (id=381):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/11], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f00000020c0)='./file0\x00', 0xce)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000580)='kmem_cache_free\x00', r1, 0x0, 0x7fff}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
getresuid(&(0x7f0000000280), &(0x7f00000002c0), &(0x7f0000000300))
clock_settime(0x1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(r2)
mq_unlink(0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6, 0x2, 0x4, 0xc000000}]})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x4b, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, &(0x7f0000000000), 0x0}, 0x50)
syz_io_uring_setup(0x280d, &(0x7f0000000400)={0x0, 0xc890, 0x400, 0x4}, 0x0, 0x0)

938.466395ms ago: executing program 5 (id=611):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000c00)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0000003d030100000000009500ffb1000000006926000000000000bf67000000000000150002000fff52e84407000009300000240600000ee60000bf050000000000001c63000000000000650700000200000007070000fbffffff1f75000000000000bf54000000000000070400000410f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8673e2060162cc43bcba1060999eef9d60bb39d0af449deaa27ea949e8f9000d885deea2783835e29eba8546fc020c1966f8b5f32b095f566edf66b7751828da9dbd5b996b9e8d897e461c01c697671d100000000400036c17fb01dde179c1f2686ee970d6482a2e71a55d6ebe700b3be005e47ef55e0dd81244b18590e000000000000356d82e43407a6d7fa94b21002f06cd247b126b6349ab62d7b07ba0a71a72145edade9941f49f300a8c8913e0e4ea9e4c77740ab3312edee62a4dc2fc85755d387bfa1bc9b49da28724ba9cd79fbee8f97af876d0e30c19555ffdd7d73815b459f4763c6222175c974be2f76fb5f330b015a68587a75c013000000000000000000000003000000000000d6ddc46e58eff8f4fbadfc6a3af8123b7f42407107000cdc9d7820c4eb67cc0f8b5fe9258eeacb5776aebbab3d5c55020000006082778366dadfc36029633e0514cbcee1f3928970bde148c940434f33acd377cbad17673b2d30b6339255c98eba97efb4e9ac1f11be815dd6045592edcbee7f253ec74c7c1313505bd7ff8fd58b3a6569c91dbdef1df585aeaea7346a2a65caee5c85f9eddeeeee3c8a2e523c864ac430eb47cb4d0c8767b9d4125661b5a1a170c04b64da3a99ddb93bf14fae3ca2d1e882375b8dbac83978e136c34f90b33cc0eeb57debcfe26589efc08124d5d62a7e593c9738a50171adf051ea4f07e7e7e770c2016eeacbe8511afffffbea75759a1ea5404f5453c0b5c46c9700808c096cf8cf5223f341cb003841b5cd224c1b381d56afebe9f99a00e3cd94dc0bb7af9e8709db487cc4d9b3b96723d69d512ddd57b0dee9b9f6ae80a502cce352098603e75414c91fce6c86287945bd8d258442760000ff010000000000000000000000300807f2f3906c1d45d05ba9df828d35376fed399fa311ff63a34f0c0b82b4f2825e729eb9b7f4c9ab3be5bc011ff29904bbc424880247fabe7325a6e8d139e99d2b2fbf7e84fca3b21c78840b858ce900a4eb9c2b8b9b7fb664d2aeac991ca09b1afc0ef7aed4541a2f7275130a9fa3853481c81e919c000000000000000000000000b1e0e4b55e0d5d8c657b4853fc18ec43be33e5f971cceda04d95c87489910ce692ee55c536d1671bffd4c9b98efb741b13f0ab26ac191c74"], &(0x7f0000000100)='GPL\x00'}, 0x48)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b702000000000080bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b70000000000000095000000000000008e17f199a68b061b93d83298a8cdda1ce784909b849d5550ad855dab54d8877a6db61d69f2ffcaa10350e11cb97ce8df1bc9a0c4eeceb9971e43405d621ffbc9b0d8ca56b50f0c010d631f6dbc8486bc5d5bf2ca8285056892db03cf1c62d57c08a90b189d190c341035de53a9a53608c10556e5734eb84049761451ce540c772e069f80cb201b2de17dfdb4b60939d5d6aed4062049b87e03e2cd18a77dda613e0c64497fcc059c062234d5595f6fbaa187b81d1106000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8000000000000000b91c61bd99dc89f12907af7dccd106cb937b450f859ce8292a79c3e40000b59b0fc46d6cec3c080a882add4e1179bd4a44f231a2d73148be4248cdc138408ba953df4aece69311687f4122073a236c3a32efa04137d46f0247d2638da3261c8162bb7c7824be6195a66d2e17e122040e11001131ce319045e5b3334e68475ac3f46aa2837f9004600daded9b19b35eebe52613c346e255421b23a278fd00004270b1cd5fc9aa2286ccca37db965d9dd366598f5ec993cb0cf127e2a46cfbdf63eea190d86a4d1b75ae98480100bd5828954a7d093a54f7e75b3753508ca3c41685d1e407315e59d626c23b3f89a926e9382966853774e7dd1f1a2177cdf2802237c177d543e8da47a01f05e113e53518270239b69c117e2637c31085f4d8a596b6edab26afaf6605b231199f38a6fc7eb83714387450ea18eafbace8eec18a4b2c442e7b88a7611c1283bec84e1715fb9f4fcaf52c08058fc4f21c0ad71adabdd850aed3eeec6eaab347bdf474e17b9aa345d1e6e3bb83f90230bdf53e7d0e5c3f914d905422b83f30936674ba8f0bffaf2305c0972df71fe5f4e01506471e897bced7798509e64df360d95f9a4099f86438ac2bbcbdbd1d9db21a1d5c065567fd70aae68096827fa5c2d9bd20292344c7dcf6241447cfbb05b5d0fdb4e08afbac5397b64aa369922ed7ed8918f97294b6854210d2b93aaf92159dbaa2f186d4a420c68d6baf1c31de4f0bf478bfd51bb1e96ea849a80ae5a89be7e38474c7aade344d68324f9e12a6b9770e6bd12ae69efffaee58040753701af84c2924c1b5aea1650f42c9ae9820a33095f062fb88313d035ea405515a61a4be64f9fa0985c5be592090cc48291004609fdac2ab6100000000000000a84570c7c00d647daf8af334050b61e9b2d3f0adad1d1ff47be19b8da2799e9ecef8efabe73f92dbd0760f8bbd9c590bd1371e2b5d9a2ea2190f5e4f5cd641cdfe5d89f84a368ef7e6ff1eacdc0ec9e97b8f9c9e314661ea0aa8a104008d188b66b3a4aedeed9df4238a08fc2fb1007233cc2c87fcaa0cccd8ec03444471c1dd660c87acc17bff740d199a7c0c52c63c0408b5158e0000000c275eedb02f141113cf2c55b2c08c2c68cc99d2bb5840fba332e1c82862ec9b90106248f81d32a47ac94ddee815dba8aeb5d3121cf247a81aef7805b020e9eec44cbe3055be69fe066824ba2292b9cdce41635fc00df96fb10a3a8cc60c4a76c65ebbb0640e0a29de94edf5cbefac1c5fa96e7080af804b22cabce10ea52f1018527f4aa39cdafa3eff63de2a7f50d042667820f6f86f276afb2b8134301e031351ee13013137e9d5cec0c84d7e3f82c6fd12eb98f9ea654bcb9ce59a2015183c6e65bb0537e611b830d74c30fb8207fca0990acdbb51e4e234026e00000000b3ebae3eb52c140953a350fcf0124b1a30b1afc29ea56f8413686d912eb8118d73ef9c6d3843ebcb555301c0205dd3bd9b1d742e334319c8979c322e92"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340)}, 0x42)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000080)="05804ab382844306d758e60803dc", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x5, 0x4f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000003}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kfree\x00', r3, 0x0, 0x100003c}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2, 0x0, 0xffffffffffffffff}, 0x13)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x5e21, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000240)='tunl0\x00', 0x10)
setsockopt$inet6_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000000), 0x4)
sendmmsg$inet6(r4, &(0x7f00000038c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8000)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8927, &(0x7f0000000cc0)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12tQ\xb16\xe3\xd7\\b\x8b\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x13\xec\x00\x00\x02\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX~3\xa1\xa2\xf4\xd9\xf7\xc7\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xa1\xe3=\xa6\x00\x98\xc1\xb3\x91-\xab\'W\x8al?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\a\xf6\xfc\x1d\xd4\x893\xeb)\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00O!\xd2q\xda}\xe2\xa2\xfe\xfd)\\\xdf\x9aN\\\xaeyc\xe4g\xc0\x8a\n\v{\xa9H\\\xd1\x9d')
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)
r6 = socket(0x10, 0x803, 0x0)
sendto(r6, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r6, &(0x7f0000002040)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)=""/178, 0xb2}], 0x1}, 0x2}], 0x1, 0x40000022, 0x0)
recvmmsg(r6, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000fcdbdf250100000004000180100002800c0001800800010003"], 0x28}}, 0x2000c050)

851.346912ms ago: executing program 1 (id=616):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, r1)
sendmsg$TIPC_NL_LINK_SET(r0, 0x0, 0x20040040)
syz_genetlink_get_family_id$nl80211(0x0, r0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
r4 = add_key$keyring(&(0x7f0000000400), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, 0x0, 0x0)
r5 = add_key(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, &(0x7f0000000380)="d8", 0x1, r5)
keyctl$search(0xa, r5, &(0x7f0000000080)='user\x00', &(0x7f0000000180)={'syz', 0x3}, r4)

813.426696ms ago: executing program 5 (id=619):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'ip6_vti0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000400)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x2000008, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xfff1, 0xffff}, {0x0, 0xc}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0)

768.130129ms ago: executing program 1 (id=620):
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xadz\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000001e40), 0x0, 0x40010001, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r2, 0x0, 0x200000000000006}, 0x18)
r3 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r3, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000080)="da", 0x1}], 0x1, &(0x7f0000000040)=ANY=[], 0xd0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000001c0)="b8", 0x1}], 0x1}}], 0x2, 0x0)
close(r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sys_enter\x00'}, 0x10)
setgroups(0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$notify(r3, 0x402, 0x19)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000180)='kfree\x00', r5}, 0x18)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_WIPHY(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)={0x1c, r7, 0x65aebf9dafbebb59, 0x70bd28, 0x1, {{}, {@void, @val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x400c080}, 0x24048840)
getgroups(0x0, 0x0)

756.94521ms ago: executing program 5 (id=623):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f00000020c0)='./file0\x00', 0xce)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000580)='kmem_cache_free\x00', r0, 0x0, 0x7fff}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
getresuid(&(0x7f0000000280), &(0x7f00000002c0), &(0x7f0000000300))
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(r1)
mq_unlink(0x0)

707.998333ms ago: executing program 1 (id=624):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000009c0000000b"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r0, @ANYRES16], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x40, 0x7fff0000}]})
perf_event_open(&(0x7f00000014c0)={0x0, 0x80, 0x40, 0xfe, 0xff, 0x5, 0x0, 0x1, 0x94012, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x3, @perf_bp={&(0x7f0000000300), 0x4}, 0x1590, 0x0, 0x8, 0x3, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
syz_open_procfs$namespace(0x0, &(0x7f0000000300)='ns/mnt\x00')
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r1, &(0x7f0000000180)={0x0, 0x300, &(0x7f0000000240)=[{&(0x7f0000000380)="5c00000012006bab9e3fe3d86e6c1d000014a10d00000000000004b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dffefffffffffffffff60a64c9f4080003fe060100000400020015b53631", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x44010)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0xe5, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf3fb, 0x2, @perf_config_ext={0x9, 0x200}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x28, &(0x7f00000000c0)=0x80, 0x4)
syz_open_procfs(0x0, &(0x7f0000000000)='net/vlan/vlan0\x00')
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0xa0, 0x0, 0x7ffc0001}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000780)=ANY=[@ANYBLOB="180000000000000000000000000400d02591cd69af360a8af11b301709b7c0ca15217c331e28f928050169606dce6dbec0c869ab2973a35e7cfecba77dd5fdf9188ba4634399b6a53d10818023b6db25cee0ddb33eb36cd708df452b933035b169f14b22aaebe0041ca4e0b891b3001c2c725c97846011086df30bfaa16ba90ebb33373ec0558fa2d5296e15e5a59efbd71b0e1777", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x3, &(0x7f0000000340)=0x1, 0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000e40)=@raw={'raw\x00', 0x3c1, 0x3, 0x268, 0xd0, 0x18c, 0x203, 0xd0, 0x19030000, 0x198, 0x2e0, 0x2e0, 0x198, 0x2e0, 0x7fffffe, 0x0, {[{{@uncond, 0x300, 0xa8, 0xd0, 0x0, {0x1000000}}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@uncond, 0x0, 0xa8, 0xc8}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x2c8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='sys_enter\x00', r4, 0x0, 0x3}, 0x18)
unshare(0x20060400)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
r6 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r6, 0x8108551b, &(0x7f0000000380)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a0000000086d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f6853772b21a100efb76cba37ff3111d6847e8b9398a646717af75fc008daefba68e6222103472bc55704cdb72b4b996ed831f3b802549db3a8ffff7d34171113d806726615380fe65a6a0a72e1ac2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13f4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe363590d1f600"})
ioctl$USBDEVFS_CLEAR_HALT(r6, 0xc0105502, &(0x7f0000000300)={0x1, 0x1})
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0xd, 0x8, &(0x7f00000004c0)=ANY=[@ANYRES16=r4, @ANYRESDEC=r2, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000100000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

682.009915ms ago: executing program 5 (id=625):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000002, 0x200000005c832, 0xffffffffffffffff, 0x0)
r2 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x6d33, 0x1000, 0x0, 0x4000000})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

615.114471ms ago: executing program 5 (id=629):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000480)={'syztnl0\x00', <r1=>0x0, 0x80, 0x80, 0x6, 0x20000008, {{0x5, 0x4, 0x0, 0x20, 0x14, 0x66, 0x0, 0x80, 0x4, 0x0, @remote, @multicast1}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f3, &(0x7f0000000000)={'syztnl0\x00', &(0x7f0000000040)={'erspan0\x00', r1, 0x10, 0x700, 0x4000002, 0x2, {{0x5, 0x4, 0x0, 0x17, 0x14, 0xfffd, 0x0, 0x81, 0x29, 0x0, @multicast2, @dev={0xac, 0x14, 0x14, 0x15}}}}})

532.835798ms ago: executing program 5 (id=632):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000840), 0x81, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r3, 0x1, 0x200000, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x40840d4}, 0x0)
pipe2(&(0x7f0000000340), 0x4000)
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
write$binfmt_aout(r4, &(0x7f00000000c0)=ANY=[], 0x20)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4, 0x12, r5, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)

512.800489ms ago: executing program 3 (id=634):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'ip6_vti0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000400)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x2000008, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xfff1, 0xffff}, {0x0, 0xc}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0)

506.27346ms ago: executing program 4 (id=635):
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xadz\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000001e40), 0x0, 0x40010001, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r2, 0x0, 0x200000000000006}, 0x18)
r3 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r3, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000080)="da", 0x1}], 0x1, &(0x7f0000000040)=ANY=[], 0xd0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000001c0)="b8", 0x1}], 0x1}}], 0x2, 0x0)
close(r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sys_enter\x00'}, 0x10)
setgroups(0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$notify(r3, 0x402, 0x19)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000180)='kfree\x00', r5}, 0x18)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_WIPHY(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)={0x1c, r7, 0x65aebf9dafbebb59, 0x70bd28, 0x1, {{}, {@void, @val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x400c080}, 0x24048840)
getgroups(0x0, 0x0)

452.258984ms ago: executing program 0 (id=637):
socket$key(0xf, 0x3, 0x2)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x6}, 0x18)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)=@newsa={0x11c, 0x10, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in6=@empty, 0x4e20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2, 0x0, 0x10000000, 0xffffffffffffffff, 0x1}, {0x0, 0x200000, 0x7}, {0x40000, 0xfffffffd, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x34}, [@proto={0x5, 0x19, 0xff}, @lifetime_val={0x24, 0x9, {0x3, 0x8000000000000001, 0xb2, 0x5}}]}, 0x11c}}, 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0x1003, 0x5)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0xffffffffffffffff, &(0x7f0000000380), 0x2, 0x4}}, 0x20)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x5, &(0x7f0000000140)=<r5=>0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
io_submit(r5, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000040)="0200ffff0000", 0x6}])

448.374024ms ago: executing program 4 (id=638):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001840)=ANY=[@ANYRESDEC=0x0, @ANYRES64, @ANYRESDEC, @ANYRES32, @ANYRES16=0x0, @ANYRES64, @ANYRESDEC, @ANYRES8], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0039936da8abb4625380b974"], 0x1, 0x539, &(0x7f00000005c0)="$eJzs3V9v01YfwPGfS8tT5ZHQo+d5hFBV4FA2qZVKcBIIirjBc07SA44d2Q5qr1BFW1SRwkSZtPaOG7ZJ24vgdi9id7va7d4G2kvY5D8tKW2S0pIGVd9PBOfEPjnnd1LLPzmJbQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGK5ddsuWeIZv7Os+nPrYdAasH4i72/hQDFgXBEr+SfT03IlW3Tl/x9WX07+m5NZkT9FZFamk+fTsvvvy/+5/7/Jib3XDwjoTGzv7D5f7XbXX407kDFpat9EgWk5Ta1MFKhatWrfXmpEqmE8Ha1EsW4pN9ROHIRq3l1QpVqtonRxJej4zbrj6b2F926VbbuqHhbb2gmjwL/9sBi5S8bzjN9M2ySrkzb3kg3xkYlVrJ2WUhub3fXKsCCTRqXjNCoPa1S2y+VSqVwuVe/W7t6z7clDC+yPyKEW499oMV4j2IsDJzOR53/xxIgvHVkWdeTDlbqEEkjrwNIH+7VcmvgnZOHr2w8Gjtub/2ezRbNXPqyekTT/X8ueXeuX//vEenaPbdmRXXkuq9KVrqzLq5P2dH38cznJoylafDESSSBGWuKkS1S+RElNqlIVW57IkjQkEiUNMeKJlkhWJJJYdLpFuRKKFkdiCSQUJfPiyoIoKUlNalIRJVqKsiKBdMSXptTFSXvZkM30fa8MiHG/Uek4jcoDGpH/cXqj2I0DJ/L3Xv4HAAAAAADnlpV++p4c/0/J1bTWMJ62xx0WAAAAAAD4jNJv/meTYiqpXRWL438AAAAAAM4bKz3HzhKRglzPantnQvEhAAAAAAAA50T6/f+1pCgkteticfwPAAAAAMB58+P+1Xf7XWM3av/L+u0vCcMp6017+Stry0naOVsXstdd+LjHuDFjXco7SYvqZP7M1bNWfvXL/Ytgvs+LjWFxWJ8hAPlZbmRtbqxl5dremmyUQsN4uugG3v2SOM6liVgvx9+92Pxe0un/5LcuWbKx2V0vPn3ZXUtjeZP08mYrv4DioesoDojldXq9hfSciyNnPJWeiJGPW8jGtXvnn99yYeITxnwrc1mbuUJWFg7OfzoZs1S8X5LJo2afR1E65czfys2szc35m1lxRBTl4oe/wR95nweiKPdGcaL34hhRVIr9toQ8isopowCAcdkYkoWsw4n/BHu5Q9n94iiy+1uZz9rMz6Q71smZI/bo9rA9un3K7PbroXsg9cuxybi/fJRV3yUveNd33MgrW8lbeOH11rdyeXtn99bm1uqz9WfrL8rlStW+Y9t3yzKVTiMvyD0AgCMMv8fO0BbWnSFH1f/d/0lBUZ7KS+nKmiymZxukvzg4stdCz88QFocctRZ67vCyOOSortBzo5fjt62cwV8CAICzMzckDx8n/y8OOe4+mMsHHx335vIhBt9gEAAA9KXD91Yh/sEKQ9N+UqrVSk68pFUYuI9UaOpNrYwf69BdcvymVu0wiAM38JLKY1PXkYo67XYQxqoRhKodRGY5vfO7ym/9HumW48fGjdqediKt3MCPHTdWdRO5qt35xjPRkg7TF0dt7ZqG+T3/xDvohK4uKhVp3dPQ1LUfm4ZJqr5qh6blhCvqceB1WlrVdeSGph0HWYd7Yxm/EYQtJzaBXxz3mw0AwBdie2f3+Wq3u/5qhJVxzxEAABxElgYAAAAAAAAAAAAAAAAAAAAA4Ms3stP+LuYDjPTMQiojrHzqtjHxBcRM5eSVi3JgyZh3TABG7p8AAAD//xR6Tls=")

428.952726ms ago: executing program 3 (id=639):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x2}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r3, r1, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0xd81, &(0x7f00000012c0)={@local, @link_local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0xc, 0xd73, 0x65, 0x0, 0x7, 0x2f, 0x0, @rand_addr=0x64010100, @empty}, {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1}, {0x1}, {0x1, 0x0, 0x1, 0x1}, {0x8, 0x88be, 0x2, {{0x8, 0x1, 0x2, 0x0, 0x1, 0x1, 0x2, 0xe}, 0x1, {0xae}}}, {0x8, 0x22eb, 0x2, {{0x7, 0x2, 0x6, 0x3, 0x0, 0x0, 0x6, 0x1}, 0x2, {0x9, 0x5, 0x2, 0x2, 0x1, 0x1, 0x3, 0x1}}}, {0x8, 0x6558, 0x0, "d55d48121df1e156585a99654addef5997b53285749cce9797d205eb24cc406cdfffd5e3b749fe7f75932b406ae05fce7ddc74a9c825d44e7b6e8fac7511080647bd25634b86912c25f0e9bdb1a080510e3899965433e4b96ab8a5bf77143a72b5ee8e3503f1f86d232c7c90cbb5c70306097f3d69a9a9e37824c1c0293dde5cce0e083c249c24cfa590aab837835e348ef6284d49c8d8685c460236921bd788c81a05bb527b777e1b509c17966965de8127da478e88397621b9371b6e0abc599235785c40e4d5f7dc14935d85416312928797e0eaabb260b05e33a8cf4c70b376c337cfc890126c82403d2f2a74224ce0b855488b68ace5f445956160ef8421666f6475cf9edfc0c7fe7f2a83cb9e53ba6964efb4aad44215175d87890f48baeac930e4d6b56c2bd77b80f414c29fcbb182319f1f98a668060f754f72b3f7a12c452387af6be097d162163c484fa312aea7a87a19858ebde61e8667d87ce0beaf58ca338b22b83f3dfba4466e3487135fbd50aab5650ef74b4aa8a8b04fbf3d1c66dbf608985f9b3d28dc733bb61423ca37c0b318827ae6afa691e96906f4858a26a8b8e60e937249af6f3baca9086065d83558a8343c8fda15f4ddf64fb7b4f2e1d20937877eb76eb1d118e4c7bc17ee64812f9e81543b4789397f13f0b649265f4750e26e1d774b68fabc1865fcaee18e4a26dcf5984769f4d593f650d9e5849ab4beb0a17e26ae0c8dd3c312e586ba10b72deca7f72fb88adab4772cc5259375720c1aaf1d889c5fe69935f17af097d3a64645fea9785619ac3399c05185fe87f3e3ddf8c1191ec177cdd012f384a398e32508617af0bcb8b3fee35efe7870f6b9c66cfadbe7177f83d144c8d67774e2de3ed05aba4f1243e7c812aea0661234a107f4b4e5848b768a1389101d3d199010a41bdce6da0acdd4518544bd5ce0f09b0b39aaaf9fd79864438ae95803be23bcfceccac7fd2bef6fe74fe61bbe4ef30d3849a1a25fbc56a5bf92be52bebe721f3bb2e16bf6dc3071fb56c2238a26f7a0a6ccc350f9ccf14170027224453f4fac9118bad679bd4e9e8dd8efedc4c9e6499da25473b498050c6bfd5c2f5b0d5ee24247ea18a0dfe628fcde806b78bb326cf811c19fd4434ce760f5db3e57ac2b565cb8cc10cee6d007b5e6a5a5f1b3cea26fd6586a2cb89449d6a8bc0d323e54cf7e4b89deb65fb322d8bd54335af4080eb3c3e82141ef3ce236c981b2b9e2d5e66d70413df1ff75060ce08d82c040a5c6b4f33c8591cb9237fb8ab27951e844d4c09f9b1deb9300c6fdc680b14a823d18bf10fc73b73d21091da129566c03896ab491c86895be5e003dc06aa8085c8857481fa40a05f8cf35dd1cd6fa7a7b9f9ec39e5899edaa64ff560f52fb6e259a6827d3127ca81eb8a4acb16ae5eec2e6aab92847aa00a05edbaa77f7f8af6be807939fab2d20292d894a36e14f529cfe3ff2d2dee34dc98ce302bab511213ddf6719c9c5a28651b1ff0cc39a975adc3c620b7966fde65d7dcbfb51ac2565b7f37b38cbd5445b37e18c1f1ae254877ffdf57f646e9fd4208d273f2781a291cdf2128020caaf8dc2ec87e6eaa2dbed6aab36fa5abb17daccc9f05a628fa7462f54e2001d8ecad950e50f3cfe5b7d1994e6eb0bb39db5dcaa77c5d1bbdc3878d9db27b1b861b43bad0ace960fba0555e2666320218aed3070f01fec7c9fa2c763bd4fd7af6caf8014422f450596e21dea3ac728a2d9f41c48df98478cbc3d0daf1ca6927883dc2464357888662c8f15ff363e8403b9ed8775f30929f16fc7c5de5df1e463d7e6819904a26594cffbb7d328e4f45e67a8580f9915d93152a09e46aa378994743e9fa36e4b76c00d73cf935c1b1afa34bb7eb7c3ac55cfe724bd517ce32ecfca5fcad79fedce6e76f164b4638594f3a14f01a9d56e650e08a71d6ec99a97d3d72337da2cf9259b56ddaff0af35596a386b8f73ebe96567561a9620d7a348bcfa8f5b26b42ae636a1e6537185b19acd2d5cb1a9579bf5e1a34c30e73756c2631dc96e70f34e6d8dc90f77cda95a733a971713efd0e28beb4315f95ef119270842ccdc6c5327e86e2f58849d492bbf18ec5daff51b4f10d2885722c2b0efba64286abfae7fda23fa060e265183dc462d956f6f252a323e091877125317f54f8176712ba87e11aa5247dcca4e491283accb6ca5df994162d03cd757402b700399686ca128447732af2bcd1c3de46ed5e12d61e904a2c45bc8bc7b996afc84ef2d77ddda365b705ebfb4d6e6a4fc360b7579cbff29b34a65c666255d4dbcf7244020c2792f3320a5475e5b441cadbc6c76b724ecc3bd2fb3daac781b8f58c9ff1e0cbfbd4172f8adfffeb1f7d382e21daebae0edd8f2b07b925b069d47edbe7c70118993923676b6d8352bcc2eddb6ba3102f1eafb983375ef2f5adc69df297a3eea24da0076b6cd2ec6317fa494ec74e3201c99a65cae8978157587d97f4a494ee3c5ae9505574d6b4fa1eb09aebba2581a04153774519600337fe802783595a8e2d11c7af3c041f90e6e5a78b63816d96ea6e21bc76b8e4af50f3f889e20c1ef5c4b81e70fdf47f8b259c192075312dd8d84b481c08c04efed397d39e477e659be51c51e7c2b2b8757d27acfa98087a91afe52ce408561cd877ab44495e099e35cfb6404cb18de34c11df88531b1558ce978d213450c52f8e7fda2ef533751e0b557c85b0f33f0c04d7c0c77ab73c334da8a7680edc8c79524bc0373b6b1b2e80d84b88cc6c11ef184c0ba01cc81b11ebf133369019c85bf7f539996c9748a91543acb17f4bdcecccddf4b8c9e3994b2a97a97c6eadb1e24495d515748dca86e727b434dd042e42a5e69e70d8a191876aa946f0530fa38f1b88089225f711fc02288750985e2de600faa4c915ceb702dbff6c0ec5c7fac840e07cd4b92de4059a64b123542b0dabda379ac89b45e39ad4d0b419c361fb1cf4fd51c7281c2b83a474c33345ce4870afd148a00152ba47cc82d76ef50bb3444ff692692c4f801fe1b45a6d1e0ead7a9a952c8fe56198d654f01dbfd462de91a0b195d23f5354abdf98aa0168a77bc7ec5033a865d29187e429e5b6b1f6afcad3ce7e608fc9aa03b11b5c0d1f04b887c6b0a60ffa9c2262bb30cad6bd62b878416e10d77f8f1c1d1e03943668aa7e3e41bc36f465235eb41b640fe8946a8977b44e86fa3559d58a07266bb0abe97da1dd54031d339658a634f5f5336fd4cd54031fcb0d5cb06892a003e27a57ce7d26e1c84ae66d81aa222b20c840d3cfad10ebaec142bbbd6295b5199f637a32aad73b58eac623707c161763ff26fe3cc28f0332b522cd3fdac1d73fba047f4848b01713bdfcb2e241ad23f5c83a785f3e4ba89e6160336abd3874de4a76ab091b542b25ae2ddcadbd170a5fd616e3d6f35ccb8e9da661f1708e9b1d1e9eadd8d269c74cdab65760812d742ad0c61a38f66a9b7433c1ffd4482d6d007bcd8964bf25380b7b690888344bb396484015752190ff61f4ef6e043a5832717117984b45f49a20f663f284e7daa4ab24c8872dc9fcbe1bdb2c37da316a0987f9b0ebd3768e5f850601a1619d2332be8e7a9d2862cffd9d8b3e885ec4d98e808ec1af71c3d5a01ecfe7d567c24493d33a8284102a751c2b51a78db62abf65c7e2379cb0bc79fee0679b3654f89d3d5e960e112c14ef6d006e5f43fe07534dcba8cc2b2c8f787591b38dd45eb7456b1e201d1412d764382fa5d3f3c4de43c5ab46509896453f464d67873eea7d8927d0ed004e95d16c44a80a575bb0b3578bbb832a41e172cd84665728fc458c556f5f36e200a8e5c7672913f2d272e425a2375e268462a9964be4144524aa2c04a0447f70c94ca8ff2bda6497a888a825f00e03565eb2efbc361be1ea50f6da9f585021557a66ecf6b6200335c75720c7635ebc9d7002e5b65cf1c440fed9622593ef4ebbb78b9e4a5ccde585cb5b654e3e9ecbad7f45a0297093ad85daaac1800a59674c2457fa1543b0e63f66e184e0582819933d025e6c21532fc6daec6a462375b076a2163860b875da9ce51bdf0fb3991f31f78edde243602da1f5ac944c59430f08a0e870828830af004e3cf167495d8877eb9149c92c831613659de709649dfc2a2035b730ee17801334918022a2c7445732e96d0cc52f6e2dd7c7c6cabb7ad271570470760049991468c71753852953a62a49690cdb1525c6d52420182b7a71c685b2ae5234ad4447afe1d290d2facb1a89e490d424ca08313565afa275c624e72d421fbb3ac3b253dbc18575bc76eedf2e4cd0a44390e65aa64884a4e24414c6c6666d812a80c3b42536f6df261facc81066b0d655c826fe1e0f9718d476ded11290e69f9b75831b9a1502f3f18b60ff877a5c84363a24e8c44ecc398b8cf0a0c0f6ff0c780c7f57a11c4663ce2d269c5a18a497e5ce777c0e823f01be3203ac5a5a4ecb8fdeaea5f0ba8622ccd804ae7a64ce1091581874780081854a83e01c98060665e48e2a93d9805d5cd146c588eadcafa61145a2b6682d3ecd8138c5557357d8ca0d338ea21bef2b048654370dadd68ce617b3c76d73200c8271a53677c901ada12c80e9199bb367f5c371cb0a6cdaf1f49f9c2483321d7b0a71bffb19a05b50d57c2f2163e1e8bd2b6df8e066c8a01fa42191fcaea96816f4c4f358ff88141437dd5783c8dd9a7e26ec407aa929700ca9654ec5f85e514ba72395907614c95"}}}}}}, 0x0)
r4 = getpgid(0x0)
r5 = syz_pidfd_open(r4, 0x0)
r6 = pidfd_getfd(r5, r5, 0x0)
setns(r6, 0x66020000)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r6, 0x89f2, &(0x7f0000000100)={'ip6_vti0\x00', &(0x7f0000000080)={'syztnl2\x00', r1, 0x2f, 0x1, 0x2, 0x6, 0x9, @mcast2, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x20, 0x10, 0x2, 0xfa2}})

367.176421ms ago: executing program 4 (id=640):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000002, 0x200000005c832, 0xffffffffffffffff, 0x0)
r2 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x6d33, 0x1000, 0x0, 0x4000000})
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

320.620224ms ago: executing program 3 (id=641):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f00000020c0)='./file0\x00', 0xce)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000580)='kmem_cache_free\x00', r0, 0x0, 0x7fff}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
getresuid(&(0x7f0000000280), &(0x7f00000002c0), &(0x7f0000000300))
clock_settime(0x1, 0x0)
close(0xffffffffffffffff)
mq_unlink(0x0)

320.217404ms ago: executing program 0 (id=642):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000002001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$kcm(0x29, 0x2, 0x0)
sendmsg(r2, &(0x7f0000002ec0)={0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f0000002b80)="b2", 0x1}], 0x1}, 0x40488e0)
close(r2)

298.052496ms ago: executing program 4 (id=643):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, r1)
sendmsg$TIPC_NL_LINK_SET(r0, 0x0, 0x20040040)
syz_genetlink_get_family_id$nl80211(0x0, r0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
r4 = add_key$keyring(&(0x7f0000000400), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, 0x0, 0x0)
r5 = add_key(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, &(0x7f0000000380)="d8", 0x1, r5)
keyctl$search(0xa, r5, &(0x7f0000000080)='user\x00', &(0x7f0000000180)={'syz', 0x3}, r4)

289.671437ms ago: executing program 0 (id=644):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000c00)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf20000000000000070000000f0000003d030100000000009500ffb1000000006926000000000000bf67000000000000150002000fff52e84407000009300000240600000ee60000bf050000000000001c63000000000000650700000200000007070000fbffffff1f75000000000000bf54000000000000070400000410f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8673e2060162cc43bcba1060999eef9d60bb39d0af449deaa27ea949e8f9000d885deea2783835e29eba8546fc020c1966f8b5f32b095f566edf66b7751828da9dbd5b996b9e8d897e461c01c697671d100000000400036c17fb01dde179c1f2686ee970d6482a2e71a55d6ebe700b3be005e47ef55e0dd81244b18590e000000000000356d82e43407a6d7fa94b21002f06cd247b126b6349ab62d7b07ba0a71a72145edade9941f49f300a8c8913e0e4ea9e4c77740ab3312edee62a4dc2fc85755d387bfa1bc9b49da28724ba9cd79fbee8f97af876d0e30c19555ffdd7d73815b459f4763c6222175c974be2f76fb5f330b015a68587a75c013000000000000000000000003000000000000d6ddc46e58eff8f4fbadfc6a3af8123b7f42407107000cdc9d7820c4eb67cc0f8b5fe9258eeacb5776aebbab3d5c55020000006082778366dadfc36029633e0514cbcee1f3928970bde148c940434f33acd377cbad17673b2d30b6339255c98eba97efb4e9ac1f11be815dd6045592edcbee7f253ec74c7c1313505bd7ff8fd58b3a6569c91dbdef1df585aeaea7346a2a65caee5c85f9eddeeeee3c8a2e523c864ac430eb47cb4d0c8767b9d4125661b5a1a170c04b64da3a99ddb93bf14fae3ca2d1e882375b8dbac83978e136c34f90b33cc0eeb57debcfe26589efc08124d5d62a7e593c9738a50171adf051ea4f07e7e7e770c2016eeacbe8511afffffbea75759a1ea5404f5453c0b5c46c9700808c096cf8cf5223f341cb003841b5cd224c1b381d56afebe9f99a00e3cd94dc0bb7af9e8709db487cc4d9b3b96723d69d512ddd57b0dee9b9f6ae80a502cce352098603e75414c91fce6c86287945bd8d258442760000ff010000000000000000000000300807f2f3906c1d45d05ba9df828d35376fed399fa311ff63a34f0c0b82b4f2825e729eb9b7f4c9ab3be5bc011ff29904bbc424880247fabe7325a6e8d139e99d2b2fbf7e84fca3b21c78840b858ce900a4eb9c2b8b9b7fb664d2aeac991ca09b1afc0ef7aed4541a2f7275130a9fa3853481c81e919c000000000000000000000000b1e0e4b55e0d5d8c657b4853fc18ec43be33e5f971cceda04d95c87489910ce692ee55c536d1671bffd4c9b98efb741b13f0ab26ac191c74"], &(0x7f0000000100)='GPL\x00'}, 0x48)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x16, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b702000000000080bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b70000000000000095000000000000008e17f199a68b061b93d83298a8cdda1ce784909b849d5550ad855dab54d8877a6db61d69f2ffcaa10350e11cb97ce8df1bc9a0c4eeceb9971e43405d621ffbc9b0d8ca56b50f0c010d631f6dbc8486bc5d5bf2ca8285056892db03cf1c62d57c08a90b189d190c341035de53a9a53608c10556e5734eb84049761451ce540c772e069f80cb201b2de17dfdb4b60939d5d6aed4062049b87e03e2cd18a77dda613e0c64497fcc059c062234d5595f6fbaa187b81d1106000000000f0000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8000000000000000b91c61bd99dc89f12907af7dccd106cb937b450f859ce8292a79c3e40000b59b0fc46d6cec3c080a882add4e1179bd4a44f231a2d73148be4248cdc138408ba953df4aece69311687f4122073a236c3a32efa04137d46f0247d2638da3261c8162bb7c7824be6195a66d2e17e122040e11001131ce319045e5b3334e68475ac3f46aa2837f9004600daded9b19b35eebe52613c346e255421b23a278fd00004270b1cd5fc9aa2286ccca37db965d9dd366598f5ec993cb0cf127e2a46cfbdf63eea190d86a4d1b75ae98480100bd5828954a7d093a54f7e75b3753508ca3c41685d1e407315e59d626c23b3f89a926e9382966853774e7dd1f1a2177cdf2802237c177d543e8da47a01f05e113e53518270239b69c117e2637c31085f4d8a596b6edab26afaf6605b231199f38a6fc7eb83714387450ea18eafbace8eec18a4b2c442e7b88a7611c1283bec84e1715fb9f4fcaf52c08058fc4f21c0ad71adabdd850aed3eeec6eaab347bdf474e17b9aa345d1e6e3bb83f90230bdf53e7d0e5c3f914d905422b83f30936674ba8f0bffaf2305c0972df71fe5f4e01506471e897bced7798509e64df360d95f9a4099f86438ac2bbcbdbd1d9db21a1d5c065567fd70aae68096827fa5c2d9bd20292344c7dcf6241447cfbb05b5d0fdb4e08afbac5397b64aa369922ed7ed8918f97294b6854210d2b93aaf92159dbaa2f186d4a420c68d6baf1c31de4f0bf478bfd51bb1e96ea849a80ae5a89be7e38474c7aade344d68324f9e12a6b9770e6bd12ae69efffaee58040753701af84c2924c1b5aea1650f42c9ae9820a33095f062fb88313d035ea405515a61a4be64f9fa0985c5be592090cc48291004609fdac2ab6100000000000000a84570c7c00d647daf8af334050b61e9b2d3f0adad1d1ff47be19b8da2799e9ecef8efabe73f92dbd0760f8bbd9c590bd1371e2b5d9a2ea2190f5e4f5cd641cdfe5d89f84a368ef7e6ff1eacdc0ec9e97b8f9c9e314661ea0aa8a104008d188b66b3a4aedeed9df4238a08fc2fb1007233cc2c87fcaa0cccd8ec03444471c1dd660c87acc17bff740d199a7c0c52c63c0408b5158e0000000c275eedb02f141113cf2c55b2c08c2c68cc99d2bb5840fba332e1c82862ec9b90106248f81d32a47ac94ddee815dba8aeb5d3121cf247a81aef7805b020e9eec44cbe3055be69fe066824ba2292b9cdce41635fc00df96fb10a3a8cc60c4a76c65ebbb0640e0a29de94edf5cbefac1c5fa96e7080af804b22cabce10ea52f1018527f4aa39cdafa3eff63de2a7f50d042667820f6f86f276afb2b8134301e031351ee13013137e9d5cec0c84d7e3f82c6fd12eb98f9ea654bcb9ce59a2015183c6e65bb0537e611b830d74c30fb8207fca0990acdbb51e4e234026e00000000b3ebae3eb52c140953a350fcf0124b1a30b1afc29ea56f8413686d912eb8118d73ef9c6d3843ebcb555301c0205dd3bd9b1d742e334319c8979c322e92"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340)}, 0x42)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000080)="05804ab382844306d758e60803dc", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x5, 0x4f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000003}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x100003c}, 0x18)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000000)={0x500, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="020200090f000000000000000000000005000600000000000a0000000000000000000000000000000000000000000000000000000000000002000100000004d20000020300000020050005002f8000000a00000000000000ff0100000000000000000000000000010000000000000000010018"], 0x78}}, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000100)=0x1, 0x4)
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x5e21, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000240)='tunl0\x00', 0x10)
setsockopt$inet6_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000000), 0x4)
sendmmsg$inet6(r4, &(0x7f00000038c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8000)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8927, &(0x7f0000000cc0)='lo:\x96o8\x14d\xa1\xba\xda\xd1\xa0J\x12tQ\xb16\xe3\xd7\\b\x8b\x1f\xa1Y\xad4\x90\x9d`\xd2\x98\x00\x00\x00 \'Y\x17]\x15c\xcaR\xdd\x98OC\x89\xff\xe6\x84\xe2\x05\x80w\xd2|D\x8dK\x14Bx\xcbuH\xc2\xeec\xbf<>Y\x1a\xfc\x1f9OB\x81\x89\xb7l\xed}\xe5\x186\xc5q@n\xb4\xb6s\xb0\x13\xec\x00\x00\x02\b\x00\x00\xda\xef\xecE\xec\xd5I\xb2\x9b\xfe\x8d\x90?\x00\xe9\xe4~g:\xc1\xb2ak\x96\xbb\xa7\xe2\xc0\xdc\xf9Q\b\xeb\x01\x00\x00\x00\xd3\r7\x8e\xabd\x0ftp\x82\xae\xd2\x15\x8e+c\xf6\xbf\xe14>\xa6-\xa5c\xde\xd7\xab\xea\x1f\xd5s2\x9cVF\xd5\x18\xfe\x0f\x8f \x01\x00\x00\xb1\x88\xebW_\xa5\xe1\xf6\x8aj\xca\xf8m\xab\xe8\x99\xeb\xe1\xde\x8at\x1c\x80\xfc\xb0\x95\xa2\xa7\xd7,Y]E8\x83X\xf5F\xdc\x88-\xf5\xb0\xb5^\xdb\x1a\xb6\xaa\x14\xe2\rh^J-\xd1\xfc\xfa 6(%\x1c\xb5\xbf\xb6\x90\xb4\xc2\x7f]/\xb3\xe7\xc9\'\x94\xcfIo\xdf\x04\x95\xb5\x06\x84\x1fH>\xda\xc5\x04 \x94\x88\xeb\'\xd4;6\x7f\xd9\x99-\x1b|G\x8d\xd4\xb9%\xaaQ\xa0K\x10\x1f\x9c,\x113\x7f\x03\x93\xe1\xcc\xe7f\r\xf3\xff0\f\x82%_\x92\x8b\xc4\xb9\xd9\xe7\xf2\xe4\xc1i\x03\x9d\xdd\x1bj\xdf\xacg\xe3\xa0S\xd3\x8a\xe1n\x97\xea\xf5\xa0\'\v\xe9\xa0\xf1 f\xaan\xcf\xb5i\xb6d\xbc\x92\v\xd58\x16\b\xb3_:\xa4!\ny\xc4&\nWMM\xa8\xc4\v\x9f\x01o\xf4\xab&\xb6\x17\x02!\xed\xff\xee$\xc89\x8cB0\xd1\xa8\xd4\xe6K0\xe1\xa3TS\x18\xe6x\x1f%P\x9fU)\x83E\n\x90M\r.\x85gn_\xb2\xe9\x8a\x1c\xe3\x93\xd8\xbc\xb6N\xc3\xe1\xafh\xa0iF\xdcq\xf9\x17\xd9i\x844E\x1a\x13\x9a\xe6\xd3\xab:PM\xfbe\xfe9\xd9\x94\x1dx\xd6\x03b\xf7\x10N\xd1\x93\rU\x7fy\x18tE\xf1*\x9a0Z\x9f\xdc{\x13\xf6\xb7\xf7\xe6=\x9cD\x108\x8eS\xa0\xd0\xa7\tn\xd9\xae\xc0\x18~x[\x85Y\xb2\x82w\x150\x97\xba\xe6\xca\xb1\xa3\x02\x14^\xbdZ\xae\xf5/\xcf\xb8\xea8Uw\x92`\"2\x81j\xbb\x87+\x89\xc5<J\x1f\xba\xfc\x90(\x985\x93\xa8\xd4\xf0\xbdTy\x18\xc8\xa0\xbb\x99\x8c\xe0Q\xffCl\xbdX~3\xa1\xa2\xf4\xd9\xf7\xc7\xfb\xce\x959x\xfeW\r\xf0{\xcaT\xecp)=\x9d\xdfG8\xa1\xe3=\xa6\x00\x98\xc1\xb3\x91-\xab\'W\x8al?d<JN\xcb\xd4H\xb0_jO\xf3\x90\xe8/l\xdfg)\x8d#\xfdo\xa9L\xdeA*\xec\xa1\x14,\xe8\x8d^\xb9r=\xc0\x18\xd4\x11dU[Ry\xed\xd6\x97\x8a\xe8\xca\x99\x10\x8e\xc8P\xa3\xae/\xdaof\x06\x7f\xf7\x80$f\b\x92\xae\xeb\xdd\"\x89\xb8\xf0\xc3\b\x00\x00\x00\x00\a\xf6\xfc\x1d\xd4\x893\xeb)\xc1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00O!\xd2q\xda}\xe2\xa2\xfe\xfd)\\\xdf\x9aN\\\xaeyc\xe4g\xc0\x8a\n\v{\xa9H\\\xd1\x9d')
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000540), 0xffffffffffffffff)
r6 = socket(0x10, 0x803, 0x0)
sendto(r6, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r6, &(0x7f0000002040)=[{{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000a00)=""/178, 0xb2}], 0x1}, 0x2}], 0x1, 0x40000022, 0x0)
recvmmsg(r6, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380), 0x0, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x77359400})
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000fcdbdf250100000004000180100002800c0001800800010003"], 0x28}}, 0x2000c050)

268.868809ms ago: executing program 4 (id=645):
syz_mount_image$ext4(&(0x7f0000001d40)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000a40)={[{@auto_da_alloc}, {@barrier}, {@noblock_validity}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x4}}, {@delalloc}, {@auto_da_alloc}]}, 0x1, 0x490, &(0x7f0000000580)="$eJzs3UFrXNUeAPD/nSR9aZu+pO+9RV/BWmwlLdqZpLFtcFEriK4Kat3HmExCyCQTMpO2CUVS/ACCiAquXLkR/ACC9COIUNC9iCiirS5cqCMzudPWOJMETHNx5veD03vOPTPzP6eTOXPPPZe5AXSt4xFxKSJ6IuJ0RAym+3NpivWNVH/c3Ts3puopiVrtyg9JJOm+5msl6fZg+rT+iHj5hYjXkr/GrayuzU+WSsXltFyoLiwVKqtrZ+YWJmeLs8XFsbHR8+MXxs+Nj+xaXy8+9807b374/MVPn7z21cR3p16vN2sgrXuwH7tpo+t9jf+Lpt6IWH4YwTLQk/anL+uGAACwI/Vj/P9ExGON4//B6GkczQEAAACdpPbMQPyaRNQAAACAjpVrXAOb5PLptQADkcvl8xvX8P4vDuRK5Ur1iZnyyuL0xrWyQ9GXm5krFUfSa4WHoi+pl0cb+fvls5vKYxFxOCLeHtzfKOenyqXprE9+AAAAQJc4uGn+//PgxvwfAAAA6DBDWTcAAAAAeOjM/wEAAKDzmf8DAABAR3vx8uV6qjXvfz19dXVlvnz1zHSxMp9fWJnKT5WXl/Kz5fJs4zf7FrZ7vVK5vPRULK5cL1SLlWqhsro2sVBeWaxONO7rPVF0n2gAAADYe4cfvfVlEhHrT+9vpLp9aZ25OnS2XNYNADLTk3UDgMz0Zt0AIDPm+ECyTX1/u4rPdr8tAADAwzH8f+v/0K2s/0P3sv4P3cv6P3Qvc3zA+j8AAHS+gUZKcvl0LXAgcrl8PuJQ47YAfcnMXKk4EhH/jogvBvv+VS+PZt1oAAAAAAAAAAAAAAAAAAAAAAAAAPiHqdWSqAEAAAAdLSL3bZLe/2t48OTA5vMD+5JfBhvbiLj2/pV3r09Wq8uj9f0/3ttffS/dfzaLMxgAAADAZs15enMeDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC76e6dG1PNtJdxv382IoZaxe+N/sa2P/oi4sBPSfQ+8LwkInp2If76zYg40ip+Um9WDKWt2Bw/FxH7M45/cBfiQze7VR9/LrX6/OXieGPb+vPXm6a/q/34l7s3/vW0Gf8O7TDG0dsfF9rGvxlxtLf1+NOMn7SJf2KH8V99ZW2tXV3tg4jhlt8/yZ9iFaoLS4XK6tqZuYXJ2eJscXFsbPT8+IXxc+MjhZm5UjH9t2WMtx755Pet+n+gTfyhbfp/cof9/+329Tv/3SL+qROt3/8jW8Sv/008nn4P1OuHm/n1jfyDjn30+bGt+j/dpv/bvf+ndtj/0y+98fUOHwoA7IHK6tr8ZKlUXJaRkZG5l8l6ZAIAAHbb/YP+rFsCAAAAAAAAAAAAAAAAAAAA3Wsvfk4s6z4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOzEHwEAAP//0wfUAw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x48241, 0x141)
pwrite64(r0, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x441, 0x108)
fallocate(r1, 0x20, 0x0, 0x8000)
acct(&(0x7f0000000000)='./file0\x00')

267.144969ms ago: executing program 3 (id=646):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="d8000000100081044e81f782db44b904021d006a0f000000e8fe55a1290015000600142603600e120900040044000000a80016000a0003402e60000000000000b94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a985162f7ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d3220a7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x60044084)

220.083953ms ago: executing program 1 (id=647):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, r1)
sendmsg$TIPC_NL_LINK_SET(r0, 0x0, 0x20040040)
syz_genetlink_get_family_id$nl80211(0x0, r0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
r4 = add_key$keyring(&(0x7f0000000400), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, 0x0, 0x0)
r5 = add_key(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, &(0x7f0000000380)="d8", 0x1, r5)
keyctl$search(0xa, r5, &(0x7f0000000080)='user\x00', &(0x7f0000000180)={'syz', 0x3}, r4)

171.083676ms ago: executing program 3 (id=648):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdir(&(0x7f00000020c0)='./file0\x00', 0xce)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000580)='kmem_cache_free\x00', r0, 0x0, 0x7fff}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
getresuid(&(0x7f0000000280), &(0x7f00000002c0), &(0x7f0000000300))
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(r1)
mq_unlink(0x0)

120.8811ms ago: executing program 1 (id=649):
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xadz\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000001e40), 0x0, 0x40010001, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r2, 0x0, 0x200000000000006}, 0x18)
r3 = socket$kcm(0x29, 0x2, 0x0)
sendmmsg$inet(r3, &(0x7f0000000780)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000080)="da", 0x1}], 0x1, &(0x7f0000000040)=ANY=[], 0xd0}}, {{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000001c0)="b8", 0x1}], 0x1}}], 0x2, 0x0)
close(r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sys_enter\x00'}, 0x10)
setgroups(0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$notify(r3, 0x402, 0x19)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000980)={&(0x7f0000000180)='kfree\x00', r5}, 0x18)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_WIPHY(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)={0x1c, r7, 0x65aebf9dafbebb59, 0x70bd28, 0x1, {{}, {@void, @val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x400c080}, 0x24048840)
getgroups(0x0, 0x0)

117.72904ms ago: executing program 0 (id=650):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'ip6_vti0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000400)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x2000008, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xfff1, 0xffff}, {0x0, 0xc}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0)

91.630482ms ago: executing program 0 (id=651):
bpf$MAP_CREATE(0x0, &(0x7f0000001840)=ANY=[@ANYRESDEC=0x0, @ANYRES64, @ANYRESDEC, @ANYRES32, @ANYRES16=0x0, @ANYRES64, @ANYRESDEC, @ANYRES8], 0x48)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x2}, 0x18)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="0039936da8abb4625380b974"], 0x1, 0x539, &(0x7f00000005c0)="$eJzs3V9v01YfwPGfS8tT5ZHQo+d5hFBV4FA2qZVKcBIIirjBc07SA44d2Q5qr1BFW1SRwkSZtPaOG7ZJ24vgdi9id7va7d4G2kvY5D8tKW2S0pIGVd9PBOfEPjnnd1LLPzmJbQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGK5ddsuWeIZv7Os+nPrYdAasH4i72/hQDFgXBEr+SfT03IlW3Tl/x9WX07+m5NZkT9FZFamk+fTsvvvy/+5/7/Jib3XDwjoTGzv7D5f7XbXX407kDFpat9EgWk5Ta1MFKhatWrfXmpEqmE8Ha1EsW4pN9ROHIRq3l1QpVqtonRxJej4zbrj6b2F926VbbuqHhbb2gmjwL/9sBi5S8bzjN9M2ySrkzb3kg3xkYlVrJ2WUhub3fXKsCCTRqXjNCoPa1S2y+VSqVwuVe/W7t6z7clDC+yPyKEW499oMV4j2IsDJzOR53/xxIgvHVkWdeTDlbqEEkjrwNIH+7VcmvgnZOHr2w8Gjtub/2ezRbNXPqyekTT/X8ueXeuX//vEenaPbdmRXXkuq9KVrqzLq5P2dH38cznJoylafDESSSBGWuKkS1S+RElNqlIVW57IkjQkEiUNMeKJlkhWJJJYdLpFuRKKFkdiCSQUJfPiyoIoKUlNalIRJVqKsiKBdMSXptTFSXvZkM30fa8MiHG/Uek4jcoDGpH/cXqj2I0DJ/L3Xv4HAAAAAADnlpV++p4c/0/J1bTWMJ62xx0WAAAAAAD4jNJv/meTYiqpXRWL438AAAAAAM4bKz3HzhKRglzPantnQvEhAAAAAAAA50T6/f+1pCgkteticfwPAAAAAMB58+P+1Xf7XWM3av/L+u0vCcMp6017+Stry0naOVsXstdd+LjHuDFjXco7SYvqZP7M1bNWfvXL/Ytgvs+LjWFxWJ8hAPlZbmRtbqxl5dremmyUQsN4uugG3v2SOM6liVgvx9+92Pxe0un/5LcuWbKx2V0vPn3ZXUtjeZP08mYrv4DioesoDojldXq9hfSciyNnPJWeiJGPW8jGtXvnn99yYeITxnwrc1mbuUJWFg7OfzoZs1S8X5LJo2afR1E65czfys2szc35m1lxRBTl4oe/wR95nweiKPdGcaL34hhRVIr9toQ8isopowCAcdkYkoWsw4n/BHu5Q9n94iiy+1uZz9rMz6Q71smZI/bo9rA9un3K7PbroXsg9cuxybi/fJRV3yUveNd33MgrW8lbeOH11rdyeXtn99bm1uqz9WfrL8rlStW+Y9t3yzKVTiMvyD0AgCMMv8fO0BbWnSFH1f/d/0lBUZ7KS+nKmiymZxukvzg4stdCz88QFocctRZ67vCyOOSortBzo5fjt62cwV8CAICzMzckDx8n/y8OOe4+mMsHHx335vIhBt9gEAAA9KXD91Yh/sEKQ9N+UqrVSk68pFUYuI9UaOpNrYwf69BdcvymVu0wiAM38JLKY1PXkYo67XYQxqoRhKodRGY5vfO7ym/9HumW48fGjdqediKt3MCPHTdWdRO5qt35xjPRkg7TF0dt7ZqG+T3/xDvohK4uKhVp3dPQ1LUfm4ZJqr5qh6blhCvqceB1WlrVdeSGph0HWYd7Yxm/EYQtJzaBXxz3mw0AwBdie2f3+Wq3u/5qhJVxzxEAABxElgYAAAAAAAAAAAAAAAAAAAAA4Ms3stP+LuYDjPTMQiojrHzqtjHxBcRM5eSVi3JgyZh3TABG7p8AAAD//xR6Tls=")

39.116027ms ago: executing program 4 (id=652):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000240)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000980)=@newqdisc={0x468, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xd}, {0xffff, 0xffff}, {0x0, 0xfff2}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x43c, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0x5ec888eb7598db49}, @TCA_TBF_PARMS={0x28, 0x1, {{0x3, 0x2, 0x8, 0x1, 0xff, 0x7}, {0x4, 0x0, 0x3, 0xa159, 0x1000, 0x7}, 0x3, 0x8, 0x41e}}, @TCA_TBF_PTAB={0x404, 0x3, [0x104, 0x2, 0xc, 0xfff, 0x0, 0x8ba, 0xa1, 0x4d91, 0x7fffffff, 0x63c4, 0x0, 0x7ffd, 0x403, 0x255, 0x6, 0xc, 0xd81, 0x3, 0xa, 0xa, 0x7, 0x6, 0xc, 0x200, 0xfffffffd, 0x5, 0xb96, 0x7, 0x0, 0xffffffff, 0x200, 0x3, 0x80000001, 0x7c, 0xfffffffc, 0x5, 0x3, 0x2, 0x8, 0x6, 0x1, 0xd, 0x80, 0x400, 0x80, 0x90000010, 0x3800000, 0x0, 0xfffff30b, 0x0, 0xf6, 0x81, 0xfffffffa, 0x80, 0x101, 0x3f, 0xfffffbff, 0x36a5, 0x4, 0x6, 0x200, 0x1ba, 0x9, 0xab, 0x6, 0xfffffff7, 0x6, 0x0, 0x3, 0x1, 0x963, 0x1ff, 0x2, 0xfffffffd, 0x6, 0x5, 0x0, 0x3, 0x0, 0xb09, 0x3ff, 0x7, 0x8000, 0x4, 0x8, 0x1000, 0x101, 0x5, 0x3, 0x6, 0x9, 0x0, 0x1, 0x8762, 0x10008e, 0x80000005, 0xfffff76b, 0x0, 0x4, 0x4275c4e9, 0x4000000, 0x5, 0x800, 0x4, 0x6, 0x8, 0x6cdf139e, 0x9, 0x3, 0x5, 0x10001, 0xff, 0x80000001, 0xed2, 0x5, 0xfffffffa, 0x10002, 0x18d0, 0x0, 0x3, 0x9486, 0x80, 0x5, 0x80000000, 0xdb, 0x3, 0x80, 0xffbf7ffc, 0x1, 0x8, 0x7, 0x1, 0x2, 0x8008, 0x2, 0x8, 0x2, 0x81, 0x3, 0x1, 0x6bf, 0x7, 0xea, 0x4, 0xc1, 0x2, 0x40, 0x5, 0x27f, 0x200, 0x7, 0x40, 0x7, 0x4, 0x7, 0xff, 0x400, 0x8, 0x7fffffff, 0xfffffff7, 0x8, 0xfffffff4, 0x8, 0xc, 0x96, 0x6, 0x104, 0x62cc, 0xfffffff5, 0x7, 0x2eb7, 0x10001, 0xcbf, 0x10000, 0x101, 0x9, 0xfffffffa, 0x1, 0x8, 0x7, 0x8001, 0xf, 0x5, 0x8, 0x8d, 0xffffffff, 0x2, 0x7, 0x1, 0x61, 0xffffffff, 0x494, 0xb, 0x1, 0x1, 0xd1, 0xd, 0x9, 0x1002, 0xffffffff, 0x6, 0x3, 0xfffffffb, 0xffff, 0xff, 0x5, 0x40000e, 0x401, 0x2, 0x8cc5, 0x8, 0x159, 0xfffffff7, 0x81, 0x382ae49d, 0x9, 0xffffffff, 0xffff, 0xdf3b, 0x8d, 0x6, 0xfffffef7, 0x89c3, 0x6319da67, 0x20000005, 0x9, 0x2, 0xfffff801, 0x0, 0x5, 0x5, 0x7, 0x7, 0x7f, 0x7, 0x1, 0x0, 0xffffffff, 0xdfed, 0xb, 0x77, 0x7, 0xff, 0xb331, 0x9, 0x6, 0x9, 0x7, 0x5, 0x400, 0x10001, 0x1, 0x800, 0x6000, 0xfe000000, 0xfffffffd]}]}}]}, 0x468}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
close(0x3)
socket(0x2, 0x80805, 0x0)
r5 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000100)=@base={0x1f, 0x0, 0x0, 0x2000, 0x0, 0xffffffffffffffff, 0xfffffffc}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000640), 0x0, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}})
r6 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r6, 0x1, 0x26, &(0x7f0000000000)=0x1, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x2d41, 0xd2)
close(r7)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
listen(r8, 0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000012c0)={&(0x7f0000000040)='kfree\x00'}, 0x10)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000180)={0x4c, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
sendmsg$IPSET_CMD_TEST(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="640000000906010800000000000000000600000505000100070000003c0007801800148014000240fc0000000000000000000000000000011800018014000240ff01000000000000000000000000000105000300070000000900020073797a31"], 0x64}}, 0x4800)
sendmsg$IPSET_CMD_DESTROY(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)=ANY=[@ANYBLOB="1c0000000306010200000000000000000700000a0500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40814)

38.555227ms ago: executing program 1 (id=653):
socket$key(0xf, 0x3, 0x2)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x6}, 0x18)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000004c0)=@newsa={0x11c, 0x10, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in6=@empty, 0x4e20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2, 0x0, 0x10000000, 0xffffffffffffffff, 0x1}, {0x0, 0x200000, 0x7}, {0x40000, 0xfffffffd, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x34}, [@proto={0x5, 0x19, 0xff}, @lifetime_val={0x24, 0x9, {0x3, 0x8000000000000001, 0xb2, 0x5}}]}, 0x11c}}, 0x0)
set_mempolicy(0x8006, &(0x7f0000000040)=0x1003, 0x5)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0xffffffffffffffff, &(0x7f0000000380), 0x2, 0x4}}, 0x20)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x5, &(0x7f0000000140)=<r5=>0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
io_submit(r5, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000040)="0200ffff0000", 0x6}])

34.197657ms ago: executing program 3 (id=654):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000002, 0x200000005c832, 0xffffffffffffffff, 0x0)
r1 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x6d33, 0x1000, 0x0, 0x4000000})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)

0s ago: executing program 0 (id=655):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, r1)
sendmsg$TIPC_NL_LINK_SET(r0, 0x0, 0x20040040)
syz_genetlink_get_family_id$nl80211(0x0, r0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
bind$rds(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
r4 = add_key$keyring(&(0x7f0000000400), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, 0x0, 0x0)
r5 = add_key(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, &(0x7f0000000380)="d8", 0x1, r5)
keyctl$search(0xa, r5, &(0x7f0000000080)='user\x00', &(0x7f0000000180)={'syz', 0x3}, r4)

kernel console output (not intermixed with test programs):

lave_1 (retrying later): interface not active
[   28.290895][ T3322] team0: Port device team_slave_1 added
[   28.297535][ T3314] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   28.333928][ T3313] hsr_slave_0: entered promiscuous mode
[   28.339877][ T3313] hsr_slave_1: entered promiscuous mode
[   28.351648][ T3314] team0: Port device team_slave_0 added
[   28.364301][ T3322] batman_adv: batadv0: Adding interface: batadv_slave_0
[   28.371253][ T3322] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   28.397162][ T3322] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   28.408586][ T3314] team0: Port device team_slave_1 added
[   28.427922][ T3322] batman_adv: batadv0: Adding interface: batadv_slave_1
[   28.434881][ T3322] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   28.460782][ T3322] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   28.477535][ T3321] hsr_slave_0: entered promiscuous mode
[   28.483475][ T3321] hsr_slave_1: entered promiscuous mode
[   28.489300][ T3321] debugfs: 'hsr0' already exists in 'hsr'
[   28.495002][ T3321] Cannot create hsr debugfs directory
[   28.517795][ T3318] hsr_slave_0: entered promiscuous mode
[   28.523870][ T3318] hsr_slave_1: entered promiscuous mode
[   28.529702][ T3318] debugfs: 'hsr0' already exists in 'hsr'
[   28.535395][ T3318] Cannot create hsr debugfs directory
[   28.543103][ T3314] batman_adv: batadv0: Adding interface: batadv_slave_0
[   28.550061][ T3314] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   28.575942][ T3314] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   28.587131][ T3314] batman_adv: batadv0: Adding interface: batadv_slave_1
[   28.594109][ T3314] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   28.619990][ T3314] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   28.682056][ T3322] hsr_slave_0: entered promiscuous mode
[   28.688008][ T3322] hsr_slave_1: entered promiscuous mode
[   28.693904][ T3322] debugfs: 'hsr0' already exists in 'hsr'
[   28.699635][ T3322] Cannot create hsr debugfs directory
[   28.715329][ T3314] hsr_slave_0: entered promiscuous mode
[   28.721286][ T3314] hsr_slave_1: entered promiscuous mode
[   28.727023][ T3314] debugfs: 'hsr0' already exists in 'hsr'
[   28.732749][ T3314] Cannot create hsr debugfs directory
[   28.866563][ T3313] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   28.880341][ T3313] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   28.894510][ T3313] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   28.908350][ T3313] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   28.928746][ T3318] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   28.939916][ T3318] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   28.950746][ T3318] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   28.967622][ T3321] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   28.976635][ T3318] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   28.986182][ T3321] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   28.998497][ T3321] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   29.009418][ T3321] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   29.037770][ T3314] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   29.048868][ T3314] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   29.057878][ T3314] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   29.073132][ T3314] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   29.108109][ T3322] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   29.117521][ T3322] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   29.128266][ T3322] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   29.140587][ T3313] 8021q: adding VLAN 0 to HW filter on device bond0
[   29.147537][ T3322] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   29.181970][ T3313] 8021q: adding VLAN 0 to HW filter on device team0
[   29.191974][ T3318] 8021q: adding VLAN 0 to HW filter on device bond0
[   29.208741][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.215805][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.228446][ T3321] 8021q: adding VLAN 0 to HW filter on device bond0
[   29.238626][ T1676] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.245687][ T1676] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.267196][ T3318] 8021q: adding VLAN 0 to HW filter on device team0
[   29.280816][ T3321] 8021q: adding VLAN 0 to HW filter on device team0
[   29.294523][ T2102] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.301668][ T2102] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.313966][ T1474] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.321019][ T1474] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.334361][ T1474] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.341393][ T1474] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.352126][ T1474] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.359198][ T1474] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.378485][ T3314] 8021q: adding VLAN 0 to HW filter on device bond0
[   29.414179][ T3314] 8021q: adding VLAN 0 to HW filter on device team0
[   29.423182][ T3322] 8021q: adding VLAN 0 to HW filter on device bond0
[   29.435680][ T3321] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   29.446158][ T3321] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   29.468523][   T31] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.475606][   T31] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.491876][ T3322] 8021q: adding VLAN 0 to HW filter on device team0
[   29.507895][  T957] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.514940][  T957] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.528187][  T957] bridge0: port 1(bridge_slave_0) entered blocking state
[   29.535230][  T957] bridge0: port 1(bridge_slave_0) entered forwarding state
[   29.551083][ T3313] 8021q: adding VLAN 0 to HW filter on device batadv0
[   29.566656][ T1474] bridge0: port 2(bridge_slave_1) entered blocking state
[   29.573738][ T1474] bridge0: port 2(bridge_slave_1) entered forwarding state
[   29.596843][ T3321] 8021q: adding VLAN 0 to HW filter on device batadv0
[   29.636150][ T3318] 8021q: adding VLAN 0 to HW filter on device batadv0
[   29.675662][ T3313] veth0_vlan: entered promiscuous mode
[   29.708839][ T3313] veth1_vlan: entered promiscuous mode
[   29.740618][ T3322] 8021q: adding VLAN 0 to HW filter on device batadv0
[   29.759028][ T3314] 8021q: adding VLAN 0 to HW filter on device batadv0
[   29.800549][ T3313] veth0_macvtap: entered promiscuous mode
[   29.810715][ T3318] veth0_vlan: entered promiscuous mode
[   29.827002][ T3313] veth1_macvtap: entered promiscuous mode
[   29.840176][ T3318] veth1_vlan: entered promiscuous mode
[   29.862831][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_0
[   29.880148][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_1
[   29.902887][ T3321] veth0_vlan: entered promiscuous mode
[   29.913973][ T2105] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   29.924175][ T3318] veth0_macvtap: entered promiscuous mode
[   29.937694][ T3318] veth1_macvtap: entered promiscuous mode
[   29.946022][ T2105] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   29.959426][ T2105] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   29.968337][ T2105] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   29.977840][ T3321] veth1_vlan: entered promiscuous mode
[   29.990596][ T3322] veth0_vlan: entered promiscuous mode
[   30.001385][   T29] kauditd_printk_skb: 10 callbacks suppressed
[   30.001397][   T29] audit: type=1400 audit(1765917667.746:90): avc:  denied  { mounton } for  pid=3313 comm="syz-executor" path="/root/syzkaller.ZYCHmW/syz-tmp" dev="sda1" ino=2041 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   30.002144][ T3322] veth1_vlan: entered promiscuous mode
[   30.007981][   T29] audit: type=1400 audit(1765917667.746:91): avc:  denied  { mount } for  pid=3313 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   30.034701][ T3314] veth0_vlan: entered promiscuous mode
[   30.067129][   T29] audit: type=1400 audit(1765917667.776:92): avc:  denied  { mounton } for  pid=3313 comm="syz-executor" path="/root/syzkaller.ZYCHmW/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   30.069147][ T3314] veth1_vlan: entered promiscuous mode
[   30.092393][   T29] audit: type=1400 audit(1765917667.776:93): avc:  denied  { mount } for  pid=3313 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   30.105945][ T3318] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.119452][   T29] audit: type=1400 audit(1765917667.786:94): avc:  denied  { mounton } for  pid=3313 comm="syz-executor" path="/root/syzkaller.ZYCHmW/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   30.140598][ T3322] veth0_macvtap: entered promiscuous mode
[   30.153131][   T29] audit: type=1400 audit(1765917667.786:95): avc:  denied  { mounton } for  pid=3313 comm="syz-executor" path="/root/syzkaller.ZYCHmW/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3764 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[   30.160924][ T3322] veth1_macvtap: entered promiscuous mode
[   30.186084][   T29] audit: type=1400 audit(1765917667.786:96): avc:  denied  { unmount } for  pid=3313 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   30.197103][ T3322] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.211335][   T29] audit: type=1400 audit(1765917667.806:97): avc:  denied  { mounton } for  pid=3313 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   30.231641][ T3318] batman_adv: batadv0: Interface activated: batadv_slave_1
[   30.241100][   T29] audit: type=1400 audit(1765917667.806:98): avc:  denied  { mount } for  pid=3313 comm="syz-executor" name="/" dev="gadgetfs" ino=3765 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[   30.259501][ T3321] veth0_macvtap: entered promiscuous mode
[   30.278395][ T3313] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   30.290731][ T3321] veth1_macvtap: entered promiscuous mode
[   30.303989][   T29] audit: type=1400 audit(1765917668.046:99): avc:  denied  { read write } for  pid=3313 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   30.333916][ T3321] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.347094][ T3322] batman_adv: batadv0: Interface activated: batadv_slave_1
[   30.361375][  T391] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   30.376038][ T3321] batman_adv: batadv0: Interface activated: batadv_slave_1
[   30.387970][  T391] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   30.399589][  T391] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   30.412400][  T391] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   30.429813][ T3314] veth0_macvtap: entered promiscuous mode
[   30.436346][  T391] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   30.454548][ T3314] veth1_macvtap: entered promiscuous mode
[   30.468103][  T391] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   30.486104][ T3314] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.495774][  T391] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   30.505093][  T391] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   30.514034][  T391] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   30.526439][ T3314] batman_adv: batadv0: Interface activated: batadv_slave_1
[   30.548907][  T391] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   30.573914][ T3498] loop0: detected capacity change from 0 to 128
[   30.580574][ T3498] EXT4-fs: Ignoring removed oldalloc option
[   30.591847][  T391] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   30.602284][ T3498] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   30.617614][  T391] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   30.628102][ T1676] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   30.628249][ T3498] ext4 filesystem being mounted at /0/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   30.649101][ T1676] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   30.678943][ T1676] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   30.728782][ T1676] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   30.785893][ T3498] SELinux: failed to load policy
[   30.795157][ T3498] 9p: Bad value for 'rfdno'
[   30.842039][ T3318] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   30.890718][ T3527] loop0: detected capacity change from 0 to 128
[   30.897567][ T3527] EXT4-fs: Ignoring removed oldalloc option
[   30.913848][ T3527] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   30.930392][ T3527] ext4 filesystem being mounted at /1/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   30.994870][ T3527] SELinux: failed to load policy
[   31.002981][ T3527] 9p: Bad value for 'rfdno'
[   31.019920][ T3544] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   31.027272][ T3544] vhci_hcd vhci_hcd.2: invalid port number 96
[   31.033371][ T3544] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[   31.041554][ T3536] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   31.042790][ T3545] process 'syz.3.20' launched './file0' with NULL argv: empty string added
[   31.048888][ T3536] vhci_hcd vhci_hcd.2: invalid port number 96
[   31.048904][ T3536] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[   31.140354][ T3318] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   31.168834][ T3557] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   31.203586][ T3557] vhci_hcd vhci_hcd.2: invalid port number 96
[   31.209740][ T3557] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[   31.360130][ T3578] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   31.379548][ T3578] vhci_hcd vhci_hcd.2: invalid port number 96
[   31.385662][ T3578] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[   31.421117][ T3587] loop4: detected capacity change from 0 to 128
[   31.449268][ T3587] EXT4-fs: Ignoring removed oldalloc option
[   31.458816][ T3587] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   31.514547][ T3587] ext4 filesystem being mounted at /11/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   31.565967][ T3575] syz.1.44 uses obsolete (PF_INET,SOCK_PACKET)
[   31.568588][ T3602] FAULT_INJECTION: forcing a failure.
[   31.568588][ T3602] name failslab, interval 1, probability 0, space 0, times 1
[   31.584856][ T3602] CPU: 1 UID: 0 PID: 3602 Comm: syz.3.45 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   31.584884][ T3602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   31.584896][ T3602] Call Trace:
[   31.584906][ T3602]  <TASK>
[   31.584913][ T3602]  __dump_stack+0x1d/0x30
[   31.584937][ T3602]  dump_stack_lvl+0xe8/0x140
[   31.584959][ T3602]  dump_stack+0x15/0x1b
[   31.585015][ T3602]  should_fail_ex+0x265/0x280
[   31.585038][ T3602]  should_failslab+0x8c/0xb0
[   31.585061][ T3602]  kmem_cache_alloc_node_noprof+0x6b/0x4c0
[   31.585082][ T3602]  ? alloc_vmap_area+0x241/0xea0
[   31.585170][ T3602]  ? __schedule+0x85f/0xcd0
[   31.585191][ T3602]  alloc_vmap_area+0x241/0xea0
[   31.585210][ T3602]  ? should_fail_ex+0xdb/0x280
[   31.585293][ T3602]  ? __kmalloc_cache_node_noprof+0x2b3/0x4d0
[   31.585316][ T3602]  __get_vm_area_node+0x173/0x1d0
[   31.585339][ T3602]  __vmalloc_node_range_noprof+0x28e/0x1310
[   31.585380][ T3602]  ? kernel_read_file+0x2c3/0x500
[   31.585406][ T3602]  ? avc_has_perm+0x171/0x180
[   31.585423][ T3602]  ? selinux_kernel_load_from_file+0x1f4/0x230
[   31.585464][ T3602]  ? kernel_read_file+0x2c3/0x500
[   31.585486][ T3602]  vmalloc_noprof+0x82/0xc0
[   31.585506][ T3602]  ? kernel_read_file+0x2c3/0x500
[   31.585528][ T3602]  kernel_read_file+0x2c3/0x500
[   31.585610][ T3602]  __se_sys_finit_module+0x2de/0x470
[   31.585643][ T3602]  __x64_sys_finit_module+0x3e/0x50
[   31.585742][ T3602]  x64_sys_call+0x27fa/0x3000
[   31.585763][ T3602]  do_syscall_64+0xd8/0x2c0
[   31.585852][ T3602]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   31.585870][ T3602] RIP: 0033:0x7fe0bbf6f749
[   31.585888][ T3602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   31.585903][ T3602] RSP: 002b:00007fe0ba9d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[   31.585922][ T3602] RAX: ffffffffffffffda RBX: 00007fe0bc1c5fa0 RCX: 00007fe0bbf6f749
[   31.585933][ T3602] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000003
[   31.585945][ T3602] RBP: 00007fe0ba9d7090 R08: 0000000000000000 R09: 0000000000000000
[   31.585956][ T3602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   31.585966][ T3602] R13: 00007fe0bc1c6038 R14: 00007fe0bc1c5fa0 R15: 00007ffc6ef17cd8
[   31.585980][ T3602]  </TASK>
[   31.586001][ T3602] syz.3.45: vmalloc error: size 136, vm_struct allocation failed, mode:0xcc0(GFP_KERNEL), nodemask=(null)
[   31.719027][    C0] hrtimer: interrupt took 27877 ns
[   31.722446][ T3602] ,cpuset=
[   31.741669][ T3608] SELinux: failed to load policy
[   31.741849][ T3602] /,mems_allowed=0
[   31.741875][ T3602] CPU: 1 UID: 0 PID: 3602 Comm: syz.3.45 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   31.741958][ T3602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   31.741970][ T3602] Call Trace:
[   31.741975][ T3602]  <TASK>
[   31.741983][ T3602]  __dump_stack+0x1d/0x30
[   31.742007][ T3602]  dump_stack_lvl+0xe8/0x140
[   31.742029][ T3602]  dump_stack+0x15/0x1b
[   31.742186][ T3602]  warn_alloc+0x12b/0x1a0
[   31.742213][ T3602]  __vmalloc_node_range_noprof+0x2b3/0x1310
[   31.742242][ T3602]  ? avc_has_perm+0x171/0x180
[   31.742312][ T3602]  ? selinux_kernel_load_from_file+0x1f4/0x230
[   31.742345][ T3602]  ? kernel_read_file+0x2c3/0x500
[   31.742378][ T3602]  vmalloc_noprof+0x82/0xc0
[   31.742400][ T3602]  ? kernel_read_file+0x2c3/0x500
[   31.742506][ T3602]  kernel_read_file+0x2c3/0x500
[   31.742534][ T3602]  __se_sys_finit_module+0x2de/0x470
[   31.742702][ T3602]  __x64_sys_finit_module+0x3e/0x50
[   31.742732][ T3602]  x64_sys_call+0x27fa/0x3000
[   31.742756][ T3602]  do_syscall_64+0xd8/0x2c0
[   31.742789][ T3602]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   31.742849][ T3602] RIP: 0033:0x7fe0bbf6f749
[   31.742865][ T3602] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   31.742904][ T3602] RSP: 002b:00007fe0ba9d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000139
[   31.742998][ T3602] RAX: ffffffffffffffda RBX: 00007fe0bc1c5fa0 RCX: 00007fe0bbf6f749
[   31.743010][ T3602] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000003
[   31.743022][ T3602] RBP: 00007fe0ba9d7090 R08: 0000000000000000 R09: 0000000000000000
[   31.743034][ T3602] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   31.743045][ T3602] R13: 00007fe0bc1c6038 R14: 00007fe0bc1c5fa0 R15: 00007ffc6ef17cd8
[   31.743062][ T3602]  </TASK>
[   31.743073][ T3602] Mem-Info:
[   31.874125][ T3587] 9p: Bad value for 'rfdno'
[   31.875713][ T3602] active_anon:9788 inactive_anon:0 isolated_anon:0
[   31.875713][ T3602]  active_file:8858 inactive_file:2232 isolated_file:0
[   31.875713][ T3602]  unevictable:0 dirty:1468 writeback:0
[   31.875713][ T3602]  slab_reclaimable:3071 slab_unreclaimable:13971
[   31.875713][ T3602]  mapped:32771 shmem:3061 pagetables:1110
[   31.875713][ T3602]  sec_pagetables:0 bounce:0
[   31.875713][ T3602]  kernel_misc_reclaimable:0
[   31.875713][ T3602]  free:1894253 free_pcp:6130 free_cma:0
[   32.073530][ T3602] Node 0 active_anon:39152kB inactive_anon:0kB active_file:35432kB inactive_file:8928kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:131084kB dirty:5872kB writeback:0kB shmem:12244kB kernel_stack:3728kB pagetables:4440kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   32.100881][ T3602] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   32.130494][ T3602] lowmem_reserve[]: 0 2880 7859 7859
[   32.135774][ T3602] Node 0 DMA32 free:2945972kB boost:0kB min:4132kB low:7060kB high:9988kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:3129332kB managed:2949500kB mlocked:0kB bounce:0kB free_pcp:3528kB local_pcp:0kB free_cma:0kB
[   32.166808][ T3602] lowmem_reserve[]: 0 0 4978 4978
[   32.171870][ T3602] Node 0 Normal free:4612828kB boost:0kB min:7188kB low:12284kB high:17380kB reserved_highatomic:0KB free_highatomic:0KB active_anon:39152kB inactive_anon:0kB active_file:35432kB inactive_file:8928kB unevictable:0kB writepending:5872kB zspages:0kB present:5242880kB managed:5098240kB mlocked:0kB bounce:0kB free_pcp:23400kB local_pcp:17844kB free_cma:0kB
[   32.204950][ T3602] lowmem_reserve[]: 0 0 0 0
[   32.209487][ T3602] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   32.222143][ T3602] Node 0 DMA32: 5*4kB (M) 2*8kB (M) 5*16kB (M) 2*32kB (M) 4*64kB (M) 2*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (M) 3*2048kB (M) 716*4096kB (M) = 2945972kB
[   32.238221][ T3602] Node 0 Normal: 1*4kB (E) 3*8kB (UME) 2*16kB (ME) 1*32kB (U) 1*64kB (E) 0*128kB 2*256kB (UM) 2*512kB (UM) 1*1024kB (E) 3*2048kB (UME) 1124*4096kB (M) = 4612764kB
[   32.254851][ T3602] Node 0 hugepages_total=8 hugepages_free=0 hugepages_surp=4 hugepages_size=2048kB
[   32.264144][ T3602] 14147 total pagecache pages
[   32.268872][ T3602] 0 pages in swap cache
[   32.273030][ T3602] Free swap  = 124996kB
[   32.277165][ T3602] Total swap = 124996kB
[   32.281331][ T3602] 2097051 pages RAM
[   32.285187][ T3602] 0 pages HighMem/MovableOnly
[   32.289902][ T3602] 81276 pages reserved
[   32.388314][ T3615] loop3: detected capacity change from 0 to 128
[   32.405861][ T3615] EXT4-fs: Ignoring removed oldalloc option
[   32.413452][ T3615] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   32.426090][ T3615] ext4 filesystem being mounted at /13/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   32.433536][ T3322] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   32.455823][ T3615] SELinux: failed to load policy
[   32.464861][ T3615] 9p: Bad value for 'rfdno'
[   32.495890][ T3624] loop0: detected capacity change from 0 to 2048
[   32.596990][ T3632] FAULT_INJECTION: forcing a failure.
[   32.596990][ T3632] name failslab, interval 1, probability 0, space 0, times 0
[   32.609691][ T3632] CPU: 0 UID: 0 PID: 3632 Comm: syz.4.54 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   32.609751][ T3632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   32.609764][ T3632] Call Trace:
[   32.609771][ T3632]  <TASK>
[   32.609778][ T3632]  __dump_stack+0x1d/0x30
[   32.609801][ T3632]  dump_stack_lvl+0xe8/0x140
[   32.609820][ T3632]  dump_stack+0x15/0x1b
[   32.609843][ T3632]  should_fail_ex+0x265/0x280
[   32.609863][ T3632]  should_failslab+0x8c/0xb0
[   32.609895][ T3632]  kmem_cache_alloc_noprof+0x69/0x4b0
[   32.609914][ T3632]  ? skb_clone+0x151/0x1f0
[   32.609941][ T3632]  skb_clone+0x151/0x1f0
[   32.609972][ T3632]  __netlink_deliver_tap+0x2c9/0x500
[   32.610008][ T3632]  netlink_unicast+0x66b/0x690
[   32.610032][ T3632]  netlink_sendmsg+0x58b/0x6b0
[   32.610101][ T3632]  ? __pfx_netlink_sendmsg+0x10/0x10
[   32.610132][ T3632]  __sock_sendmsg+0x145/0x180
[   32.610152][ T3632]  ____sys_sendmsg+0x31e/0x4a0
[   32.610267][ T3632]  ___sys_sendmsg+0x17b/0x1d0
[   32.610306][ T3632]  __x64_sys_sendmsg+0xd4/0x160
[   32.610364][ T3632]  x64_sys_call+0x17ba/0x3000
[   32.610422][ T3632]  do_syscall_64+0xd8/0x2c0
[   32.610456][ T3632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   32.610479][ T3632] RIP: 0033:0x7fb9de82f749
[   32.610496][ T3632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   32.610515][ T3632] RSP: 002b:00007fb9dd28f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   32.610575][ T3632] RAX: ffffffffffffffda RBX: 00007fb9dea85fa0 RCX: 00007fb9de82f749
[   32.610589][ T3632] RDX: 0000000000000800 RSI: 0000200000000300 RDI: 0000000000000006
[   32.610602][ T3632] RBP: 00007fb9dd28f090 R08: 0000000000000000 R09: 0000000000000000
[   32.610616][ T3632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   32.610675][ T3632] R13: 00007fb9dea86038 R14: 00007fb9dea85fa0 R15: 00007ffecf14dcf8
[   32.610693][ T3632]  </TASK>
[   32.814654][ T3624] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.828004][ T3634] netlink: 'syz.2.55': attribute type 1 has an invalid length.
[   32.849838][ T3321] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   33.014446][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.044899][ T3655] SELinux:  Context Ü is not valid (left unmapped).
[   33.083009][ T3667] loop3: detected capacity change from 0 to 128
[   33.090498][ T3667] EXT4-fs: Ignoring removed oldalloc option
[   33.103766][ T3667] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   33.133392][ T3667] ext4 filesystem being mounted at /15/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   33.155829][ T3676] loop2: detected capacity change from 0 to 512
[   33.167150][ T3667] SELinux: failed to load policy
[   33.199296][ T3676] EXT4-fs error (device loop2): ext4_iget_extra_inode:5073: inode #15: comm syz.2.70: corrupted in-inode xattr: invalid ea_ino
[   33.218116][ T3667] 9p: Bad value for 'rfdno'
[   33.220549][ T3676] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.70: couldn't read orphan inode 15 (err -117)
[   33.235403][ T3676] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   33.257666][ T3676] EXT4-fs error (device loop2): ext4_find_dest_de:2050: inode #2: block 13: comm syz.2.70: bad entry in directory: directory entry overrun - offset=76, inode=0, rec_len=1024, size=1024 fake=0
[   33.359349][ T3321] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   33.389500][ T3697] Invalid ELF header type: 2 != 1
[   33.403261][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.520055][ T3709] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   33.842702][ T3724] loop0: detected capacity change from 0 to 128
[   33.849672][ T3724] FAT-fs (loop0): bogus logical sector size 65535
[   33.856214][ T3724] FAT-fs (loop0): Can't find a valid FAT filesystem
[   34.031747][ T3742] SELinux:  Context GPL is not valid (left unmapped).
[   34.080274][ T3747] loop3: detected capacity change from 0 to 1024
[   34.107651][ T3747] =======================================================
[   34.107651][ T3747] WARNING: The mand mount option has been deprecated and
[   34.107651][ T3747]          and is ignored by this kernel. Remove the mand
[   34.107651][ T3747]          option from the mount to silence this warning.
[   34.107651][ T3747] =======================================================
[   34.167608][ T3747] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   34.219704][ T3757] loop4: detected capacity change from 0 to 512
[   34.236912][ T3747] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.96: Invalid block bitmap block 0 in block_group 0
[   34.250542][ T3747] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.96: Failed to acquire dquot type 0
[   34.261938][ T3747] EXT4-fs error (device loop3): ext4_free_blocks:6728: comm syz.3.96: Freeing blocks not in datazone - block = 0, count = 4096
[   34.275630][ T3747] EXT4-fs error (device loop3): ext4_read_inode_bitmap:139: comm syz.3.96: Invalid inode bitmap blk 0 in block_group 0
[   34.288326][ T2105] EXT4-fs error (device loop3): ext4_release_dquot:7022: comm kworker/u8:11: Failed to release dquot type 0
[   34.300164][ T3747] EXT4-fs error (device loop3) in ext4_free_inode:361: Corrupt filesystem
[   34.308969][ T3747] EXT4-fs (loop3): 1 orphan inode deleted
[   34.315688][ T3747] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.329782][ T3747] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.357585][ T3757] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.384596][ T3757] ext4 filesystem being mounted at /19/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   34.397496][ T3769] program syz.2.101 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   34.427553][ T3767] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.462891][ T3767] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   34.509326][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.521110][ T3747] syz.3.96 (3747) used greatest stack depth: 9216 bytes left
[   34.532288][ T3786] bridge: RTM_NEWNEIGH with invalid ether address
[   34.566381][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.604895][ T3377] IPVS: starting estimator thread 0...
[   34.632397][ T3787] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   34.636991][ T3796] netlink: 763 bytes leftover after parsing attributes in process `syz.4.107'.
[   34.667068][ T3805] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[   34.687513][ T3787] ext4 filesystem being mounted at /21/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   34.703571][ T3802] netlink: '+}[@': attribute type 4 has an invalid length.
[   34.710869][ T3793] IPVS: using max 4080 ests per chain, 204000 per kthread
[   34.739406][ T3805] netlink: 'syz.3.112': attribute type 4 has an invalid length.
[   34.756962][ T3812] FAULT_INJECTION: forcing a failure.
[   34.756962][ T3812] name failslab, interval 1, probability 0, space 0, times 0
[   34.769759][ T3812] CPU: 1 UID: 0 PID: 3812 Comm: syz.0.114 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   34.769787][ T3812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   34.769801][ T3812] Call Trace:
[   34.769807][ T3812]  <TASK>
[   34.769814][ T3812]  __dump_stack+0x1d/0x30
[   34.769841][ T3812]  dump_stack_lvl+0xe8/0x140
[   34.769937][ T3812]  dump_stack+0x15/0x1b
[   34.769957][ T3812]  should_fail_ex+0x265/0x280
[   34.769978][ T3812]  should_failslab+0x8c/0xb0
[   34.769999][ T3812]  kmem_cache_alloc_noprof+0x69/0x4b0
[   34.770036][ T3812]  ? fasync_alloc+0x26/0x30
[   34.770061][ T3812]  ? do_fcntl_add_lease+0x48/0x2b0
[   34.770087][ T3812]  fasync_alloc+0x26/0x30
[   34.770192][ T3812]  do_fcntl_add_lease+0x1dd/0x2b0
[   34.770279][ T3812]  fcntl_setlease+0xb7/0xe0
[   34.770299][ T3812]  do_fcntl+0x5de/0xf60
[   34.770325][ T3812]  __se_sys_fcntl+0xb1/0x120
[   34.770353][ T3812]  __x64_sys_fcntl+0x43/0x50
[   34.770392][ T3812]  x64_sys_call+0x2d6f/0x3000
[   34.770414][ T3812]  do_syscall_64+0xd8/0x2c0
[   34.770469][ T3812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   34.770560][ T3812] RIP: 0033:0x7fd4a119f749
[   34.770576][ T3812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   34.770632][ T3812] RSP: 002b:00007fd49fbff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[   34.770651][ T3812] RAX: ffffffffffffffda RBX: 00007fd4a13f5fa0 RCX: 00007fd4a119f749
[   34.770715][ T3812] RDX: 0000000000000001 RSI: 0000000000000400 RDI: 0000000000000006
[   34.770726][ T3812] RBP: 00007fd49fbff090 R08: 0000000000000000 R09: 0000000000000000
[   34.770736][ T3812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   34.770746][ T3812] R13: 00007fd4a13f6038 R14: 00007fd4a13f5fa0 R15: 00007ffcc742c118
[   34.770762][ T3812]  </TASK>
[   34.797651][ T3784] FAULT_INJECTION: forcing a failure.
[   34.797651][ T3784] name failslab, interval 1, probability 0, space 0, times 0
[   34.874512][ T3818] netlink: 28 bytes leftover after parsing attributes in process `syz.4.117'.
[   34.874730][ T3784] CPU: 0 UID: 0 PID: 3784 Comm: syz.1.106 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   34.874835][ T3784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   34.874847][ T3784] Call Trace:
[   34.874853][ T3784]  <TASK>
[   34.874860][ T3784]  __dump_stack+0x1d/0x30
[   34.874884][ T3784]  dump_stack_lvl+0xe8/0x140
[   34.874954][ T3784]  dump_stack+0x15/0x1b
[   34.874974][ T3784]  should_fail_ex+0x265/0x280
[   34.874997][ T3784]  should_failslab+0x8c/0xb0
[   34.875018][ T3784]  kmem_cache_alloc_noprof+0x69/0x4b0
[   34.875041][ T3784]  ? getname_flags+0x80/0x3b0
[   34.875091][ T3784]  getname_flags+0x80/0x3b0
[   34.875115][ T3784]  path_setxattrat+0x223/0x310
[   34.875186][ T3784]  __x64_sys_setxattr+0x6e/0x90
[   34.875223][ T3784]  x64_sys_call+0xf1e/0x3000
[   34.875311][ T3784]  do_syscall_64+0xd8/0x2c0
[   34.875396][ T3784]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   34.875417][ T3784] RIP: 0033:0x7fd3c144f749
[   34.875432][ T3784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   34.875449][ T3784] RSP: 002b:00007fd3bfeaf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[   34.875468][ T3784] RAX: ffffffffffffffda RBX: 00007fd3c16a5fa0 RCX: 00007fd3c144f749
[   34.875498][ T3784] RDX: 0000000000000000 RSI: 0000200000002b80 RDI: 0000200000000140
[   34.875510][ T3784] RBP: 00007fd3bfeaf090 R08: 0000000000000003 R09: 0000000000000000
[   34.875522][ T3784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   34.875534][ T3784] R13: 00007fd3c16a6038 R14: 00007fd3c16a5fa0 R15: 00007ffce62f5fb8
[   34.875552][ T3784]  </TASK>
[   35.145542][ T3818] netlink: 28 bytes leftover after parsing attributes in process `syz.4.117'.
[   35.155767][   T29] kauditd_printk_skb: 707 callbacks suppressed
[   35.155796][   T29] audit: type=1326 audit(1765917672.896:802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3819 comm="syz.2.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa61df749 code=0x7ffc0000
[   35.217229][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.227476][   T29] audit: type=1326 audit(1765917672.936:803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3819 comm="syz.2.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fdaa61df749 code=0x7ffc0000
[   35.251170][   T29] audit: type=1326 audit(1765917672.936:804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3819 comm="syz.2.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa61df749 code=0x7ffc0000
[   35.274781][   T29] audit: type=1326 audit(1765917672.936:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3819 comm="syz.2.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa61df749 code=0x7ffc0000
[   35.298013][   T29] audit: type=1400 audit(1765917672.936:806): avc:  denied  { read } for  pid=3821 comm="syz.3.118" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   35.321369][   T29] audit: type=1400 audit(1765917672.936:807): avc:  denied  { open } for  pid=3821 comm="syz.3.118" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   35.321449][   T29] audit: type=1400 audit(1765917672.936:808): avc:  denied  { ioctl } for  pid=3821 comm="syz.3.118" path="/dev/autofs" dev="devtmpfs" ino=91 ioctlcmd=0x937e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[   35.321476][   T29] audit: type=1400 audit(1765917672.936:809): avc:  denied  { write } for  pid=3821 comm="syz.3.118" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   35.321499][   T29] audit: type=1326 audit(1765917672.946:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3819 comm="syz.2.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa61df749 code=0x7ffc0000
[   35.321542][   T29] audit: type=1326 audit(1765917672.946:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3819 comm="syz.2.119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdaa61df749 code=0x7ffc0000
[   35.382607][ T3843] netlink: 20 bytes leftover after parsing attributes in process `syz.0.121'.
[   35.490862][ T3849] netlink: 19 bytes leftover after parsing attributes in process `syz.1.126'.
[   35.562697][ T3855] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.563135][ T3859] netlink: 'syz.1.131': attribute type 4 has an invalid length.
[   35.575427][ T3855] ext4 filesystem being mounted at /26/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   35.597407][ T3859] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[   35.604018][ T3859] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   35.611497][ T3859] vhci_hcd vhci_hcd.0: Device attached
[   35.617562][ T3855] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   35.625103][ T3862] vhci_hcd: connection closed
[   35.626749][ T1474] vhci_hcd vhci_hcd.1: stop threads
[   35.636651][ T1474] vhci_hcd vhci_hcd.1: release socket
[   35.643155][ T1474] vhci_hcd vhci_hcd.1: disconnect device
[   35.653586][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.688535][ T3865] netlink: 'syz.2.133': attribute type 6 has an invalid length.
[   35.696316][ T3865] netlink: 32 bytes leftover after parsing attributes in process `syz.2.133'.
[   35.706618][ T3865] Zero length message leads to an empty skb
[   35.718245][ T3865] FAULT_INJECTION: forcing a failure.
[   35.718245][ T3865] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   35.731579][ T3865] CPU: 0 UID: 0 PID: 3865 Comm: syz.2.133 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   35.731606][ T3865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   35.731619][ T3865] Call Trace:
[   35.731624][ T3865]  <TASK>
[   35.731695][ T3865]  __dump_stack+0x1d/0x30
[   35.731720][ T3865]  dump_stack_lvl+0xe8/0x140
[   35.731739][ T3865]  dump_stack+0x15/0x1b
[   35.731756][ T3865]  should_fail_ex+0x265/0x280
[   35.731806][ T3865]  should_fail+0xb/0x20
[   35.731825][ T3865]  should_fail_usercopy+0x1a/0x20
[   35.731902][ T3865]  _copy_to_user+0x20/0xa0
[   35.731918][ T3865]  simple_read_from_buffer+0xb5/0x130
[   35.731930][ T3865]  proc_fail_nth_read+0x10e/0x150
[   35.732005][ T3865]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   35.732096][ T3865]  vfs_read+0x1a8/0x770
[   35.732106][ T3865]  ? __rcu_read_unlock+0x4f/0x70
[   35.732118][ T3865]  ? __fget_files+0x184/0x1c0
[   35.732131][ T3865]  ? mutex_lock+0x58/0x90
[   35.732168][ T3865]  ksys_read+0xda/0x1a0
[   35.732179][ T3865]  __x64_sys_read+0x40/0x50
[   35.732250][ T3865]  x64_sys_call+0x2889/0x3000
[   35.732282][ T3865]  do_syscall_64+0xd8/0x2c0
[   35.732380][ T3865]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   35.732392][ T3865] RIP: 0033:0x7fdaa61de15c
[   35.732401][ T3865] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   35.732482][ T3865] RSP: 002b:00007fdaa4c3f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   35.732493][ T3865] RAX: ffffffffffffffda RBX: 00007fdaa6435fa0 RCX: 00007fdaa61de15c
[   35.732500][ T3865] RDX: 000000000000000f RSI: 00007fdaa4c3f0a0 RDI: 0000000000000008
[   35.732519][ T3865] RBP: 00007fdaa4c3f090 R08: 0000000000000000 R09: 0000000000000000
[   35.732526][ T3865] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   35.732533][ T3865] R13: 00007fdaa6436038 R14: 00007fdaa6435fa0 R15: 00007fff8976a998
[   35.732543][ T3865]  </TASK>
[   35.999691][ T3880] netlink: 48 bytes leftover after parsing attributes in process `syz.4.132'.
[   36.022850][ T3882] set_capacity_and_notify: 5 callbacks suppressed
[   36.022868][ T3882] loop2: detected capacity change from 0 to 1024
[   36.038537][ T3882] EXT4-fs: inline encryption not supported
[   36.044437][ T3882] EXT4-fs: Ignoring removed i_version option
[   36.071025][ T3882] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   36.095494][ T3882] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[   36.095522][ T3882] EXT4-fs: failed to create workqueue
[   36.110438][ T3882] EXT4-fs (loop2): mount failed
[   36.130539][ T3891] sctp: [Deprecated]: syz.4.140 (pid 3891) Use of int in max_burst socket option deprecated.
[   36.130539][ T3891] Use struct sctp_assoc_value instead
[   36.161091][ T3891] netlink: 'syz.4.140': attribute type 39 has an invalid length.
[   36.184883][ T3897] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   36.197705][ T3899] FAULT_INJECTION: forcing a failure.
[   36.197705][ T3899] name failslab, interval 1, probability 0, space 0, times 0
[   36.210365][ T3899] CPU: 1 UID: 0 PID: 3899 Comm: syz.0.143 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   36.210438][ T3899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   36.210451][ T3899] Call Trace:
[   36.210458][ T3899]  <TASK>
[   36.210465][ T3899]  __dump_stack+0x1d/0x30
[   36.210494][ T3899]  dump_stack_lvl+0xe8/0x140
[   36.210513][ T3899]  dump_stack+0x15/0x1b
[   36.210623][ T3899]  should_fail_ex+0x265/0x280
[   36.210717][ T3899]  should_failslab+0x8c/0xb0
[   36.210740][ T3899]  __kmalloc_cache_noprof+0x65/0x4c0
[   36.210766][ T3899]  ? sctp_add_bind_addr+0x71/0x1e0
[   36.210788][ T3899]  sctp_add_bind_addr+0x71/0x1e0
[   36.210856][ T3899]  sctp_copy_local_addr_list+0x199/0x220
[   36.210881][ T3899]  sctp_copy_one_addr+0x7f/0x280
[   36.210902][ T3899]  sctp_bind_addr_copy+0x79/0x290
[   36.210974][ T3899]  sctp_assoc_set_bind_addr_from_ep+0xce/0xe0
[   36.211053][ T3899]  sctp_connect_new_asoc+0x1c3/0x3a0
[   36.211087][ T3899]  sctp_sendmsg+0xf10/0x18d0
[   36.211196][ T3899]  ? selinux_socket_sendmsg+0xa1/0x1b0
[   36.211224][ T3899]  ? __pfx_sctp_sendmsg+0x10/0x10
[   36.211248][ T3899]  inet_sendmsg+0xc5/0xd0
[   36.211267][ T3899]  __sock_sendmsg+0x102/0x180
[   36.211322][ T3899]  ____sys_sendmsg+0x345/0x4a0
[   36.211351][ T3899]  ___sys_sendmsg+0x17b/0x1d0
[   36.211387][ T3899]  __sys_sendmmsg+0x178/0x300
[   36.211483][ T3899]  __x64_sys_sendmmsg+0x57/0x70
[   36.211506][ T3899]  x64_sys_call+0x1e28/0x3000
[   36.211561][ T3899]  do_syscall_64+0xd8/0x2c0
[   36.211595][ T3899]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   36.211614][ T3899] RIP: 0033:0x7fd4a119f749
[   36.211627][ T3899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   36.211644][ T3899] RSP: 002b:00007fd49fbff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   36.211733][ T3899] RAX: ffffffffffffffda RBX: 00007fd4a13f5fa0 RCX: 00007fd4a119f749
[   36.211744][ T3899] RDX: 0000000000000002 RSI: 0000200000000000 RDI: 0000000000000003
[   36.211755][ T3899] RBP: 00007fd49fbff090 R08: 0000000000000000 R09: 0000000000000000
[   36.211766][ T3899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   36.211778][ T3899] R13: 00007fd4a13f6038 R14: 00007fd4a13f5fa0 R15: 00007ffcc742c118
[   36.211797][ T3899]  </TASK>
[   36.214108][ T3897] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=13 sclass=netlink_route_socket pid=3897 comm=syz.2.144
[   36.388815][ T3907] netlink: 'syz.1.147': attribute type 10 has an invalid length.
[   36.461224][ T3908] netlink: 'syz.1.147': attribute type 39 has an invalid length.
[   36.473341][ T3907] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   36.482820][ T3907] batman_adv: batadv0: Removing interface: batadv_slave_0
[   36.492248][ T3907] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[   36.583793][ T3915] bridge0: port 1(bridge_slave_0) entered disabled state
[   36.593971][ T3919] netlink: 16 bytes leftover after parsing attributes in process `syz.4.152'.
[   36.611086][ T3915] bridge0: port 2(bridge_slave_1) entered disabled state
[   36.614593][ T3919] loop4: detected capacity change from 0 to 512
[   36.644752][ T3919] EXT4-fs: dax option not supported
[   36.688732][ T3922] bridge0: port 1(bridge_slave_0) entered blocking state
[   36.695859][ T3922] bridge0: port 1(bridge_slave_0) entered forwarding state
[   36.706304][ T3922] bridge0: port 2(bridge_slave_1) entered blocking state
[   36.713388][ T3922] bridge0: port 2(bridge_slave_1) entered forwarding state
[   36.756658][ T3921] netlink: 68 bytes leftover after parsing attributes in process `syz.1.153'.
[   36.765653][ T3921] netlink: 68 bytes leftover after parsing attributes in process `syz.1.153'.
[   36.898808][ T3927] loop0: detected capacity change from 0 to 8192
[   37.021359][ T3949] FAULT_INJECTION: forcing a failure.
[   37.021359][ T3949] name failslab, interval 1, probability 0, space 0, times 0
[   37.034084][ T3949] CPU: 1 UID: 0 PID: 3949 Comm: syz.4.164 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   37.034151][ T3949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   37.034163][ T3949] Call Trace:
[   37.034168][ T3949]  <TASK>
[   37.034174][ T3949]  __dump_stack+0x1d/0x30
[   37.034196][ T3949]  dump_stack_lvl+0xe8/0x140
[   37.034215][ T3949]  dump_stack+0x15/0x1b
[   37.034275][ T3949]  should_fail_ex+0x265/0x280
[   37.034300][ T3949]  should_failslab+0x8c/0xb0
[   37.034323][ T3949]  __kmalloc_cache_noprof+0x65/0x4c0
[   37.034348][ T3949]  ? dev_ethtool+0x96/0x1670
[   37.034390][ T3949]  dev_ethtool+0x96/0x1670
[   37.034427][ T3949]  ? full_name_hash+0x92/0xe0
[   37.034450][ T3949]  ? strcmp+0x22/0x50
[   37.034478][ T3949]  dev_ioctl+0x2e0/0x960
[   37.034558][ T3949]  sock_do_ioctl+0x197/0x220
[   37.034588][ T3949]  sock_ioctl+0x41b/0x610
[   37.034662][ T3949]  ? __pfx_sock_ioctl+0x10/0x10
[   37.034693][ T3949]  __se_sys_ioctl+0xce/0x140
[   37.034726][ T3949]  __x64_sys_ioctl+0x43/0x50
[   37.034757][ T3949]  x64_sys_call+0x14b0/0x3000
[   37.034810][ T3949]  do_syscall_64+0xd8/0x2c0
[   37.034901][ T3949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   37.034924][ T3949] RIP: 0033:0x7fb9de82f749
[   37.034940][ T3949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   37.034955][ T3949] RSP: 002b:00007fb9dd28f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   37.034971][ T3949] RAX: ffffffffffffffda RBX: 00007fb9dea85fa0 RCX: 00007fb9de82f749
[   37.034982][ T3949] RDX: 0000200000000040 RSI: 0000000000008946 RDI: 0000000000000006
[   37.035066][ T3949] RBP: 00007fb9dd28f090 R08: 0000000000000000 R09: 0000000000000000
[   37.035079][ T3949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   37.035092][ T3949] R13: 00007fb9dea86038 R14: 00007fb9dea85fa0 R15: 00007ffecf14dcf8
[   37.035166][ T3949]  </TASK>
[   37.236633][ T3951] loop3: detected capacity change from 0 to 512
[   37.243467][ T3951] EXT4-fs: Ignoring removed i_version option
[   37.249563][ T3951] EXT4-fs: Ignoring removed bh option
[   37.284483][ T3932] loop1: detected capacity change from 0 to 128
[   37.459585][ T3951] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   37.472566][ T3951] ext4 filesystem being mounted at /30/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   37.684692][ T3961] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   37.777477][ T3965] loop9: detected capacity change from 0 to 7
[   37.828128][ T3965] Buffer I/O error on dev loop9, logical block 0, async page read
[   37.871047][ T3965] Buffer I/O error on dev loop9, logical block 0, async page read
[   37.878888][ T3965]  loop9: unable to read partition table
[   37.920722][ T3965] loop_reread_partitions: partition scan of loop9 (žč¢«xüŸŃų éŚ¬§½dG¤“ą–ƒŻ”Æ ā·ū
[   37.920722][ T3965] 
) failed (rc=-5)
[   37.935706][ T3562] Buffer I/O error on dev loop9, logical block 0, async page read
[   37.986175][ T3562] Buffer I/O error on dev loop9, logical block 0, async page read
[   38.033020][ T3562] Buffer I/O error on dev loop9, logical block 0, async page read
[   38.081775][ T3562] Buffer I/O error on dev loop9, logical block 0, async page read
[   38.118406][ T3562] Buffer I/O error on dev loop9, logical block 0, async page read
[   38.165116][ T3988] loop1: detected capacity change from 0 to 128
[   38.397399][ T3996] loop4: detected capacity change from 0 to 4096
[   38.420635][ T3996] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.474070][ T3996] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.526069][ T3988] syz.1.177: attempt to access beyond end of device
[   38.526069][ T3988] loop1: rw=2049, sector=153, nr_sectors = 8 limit=128
[   38.548004][ T3988] syz.1.177: attempt to access beyond end of device
[   38.548004][ T3988] loop1: rw=2049, sector=169, nr_sectors = 8 limit=128
[   38.577378][ T3988] syz.1.177: attempt to access beyond end of device
[   38.577378][ T3988] loop1: rw=2049, sector=185, nr_sectors = 8 limit=128
[   38.604592][ T3988] syz.1.177: attempt to access beyond end of device
[   38.604592][ T3988] loop1: rw=2049, sector=201, nr_sectors = 8 limit=128
[   38.632265][ T3988] syz.1.177: attempt to access beyond end of device
[   38.632265][ T3988] loop1: rw=2049, sector=217, nr_sectors = 8 limit=128
[   38.660796][ T3988] syz.1.177: attempt to access beyond end of device
[   38.660796][ T3988] loop1: rw=2049, sector=233, nr_sectors = 8 limit=128
[   38.694008][ T3988] syz.1.177: attempt to access beyond end of device
[   38.694008][ T3988] loop1: rw=2049, sector=249, nr_sectors = 8 limit=128
[   38.707847][ T3988] syz.1.177: attempt to access beyond end of device
[   38.707847][ T3988] loop1: rw=2049, sector=265, nr_sectors = 8 limit=128
[   38.742854][ T3988] syz.1.177: attempt to access beyond end of device
[   38.742854][ T3988] loop1: rw=2049, sector=281, nr_sectors = 8 limit=128
[   38.792710][ T3988] syz.1.177: attempt to access beyond end of device
[   38.792710][ T3988] loop1: rw=2049, sector=297, nr_sectors = 8 limit=128
[   38.824842][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.038456][ T4034] loop3: detected capacity change from 0 to 1024
[   39.056781][ T4042] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   39.057283][ T4034] EXT4-fs: Ignoring removed orlov option
[   39.064256][ T4042] batman_adv: batadv0: Removing interface: batadv_slave_0
[   39.080759][ T4042] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   39.086360][ T4034] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.088148][ T4042] batman_adv: batadv0: Removing interface: batadv_slave_1
[   39.108774][ T4050] mmap: syz.0.195 (4050) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   39.134523][ T4054] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[   39.141134][ T4054] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   39.148789][ T4054] vhci_hcd vhci_hcd.0: Device attached
[   39.157321][ T4034] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=43 sclass=netlink_route_socket pid=4034 comm=syz.3.193
[   39.177692][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.256950][ T4055] vhci_hcd: connection closed
[   39.304816][ T2105] vhci_hcd vhci_hcd.2: stop threads
[   39.314898][ T2105] vhci_hcd vhci_hcd.2: release socket
[   39.320366][ T2105] vhci_hcd vhci_hcd.2: disconnect device
[   39.330250][ T3493] vhci_hcd vhci_hcd.2: vhci_device speed not set
[   40.038113][ T4070] nfs4: Unknown parameter 'ÜV?$	9„1^ųvL`¬:īQĪų3ÓJćKw£¾Srž:I[”ĄØ0/õŌhSdĮgBćįéÓ¦õÆźÉÅ®ƒ„xG‘—pĘĒ;‘™Ģ–¬ŃģܙøĪƓ³¦$ĄTžŹĆō‹ņJŅS‹ŚŌTW¹C’X‚Ł¹ˆüÕ·KjGĖĶŌśÅģĘ‹hyOBŗ9q„S…×p”Ōūē)4"]øaĀß
[   40.038113][ T4070] _¹ęøt±_d…±’ō9Æiw#zI‡Ā¼ĘŽXĆūžæ¹$šŗ2ķŒdÜ’ĪĄŗ ¦˜v«P¦z	WŖ™KĆöšų…Šż¤§Gņv"<ī'Ų9ŪCóČ× ŹW9WżßhɉP¼FŻµō'
[   40.285328][   T29] kauditd_printk_skb: 663 callbacks suppressed
[   40.285344][   T29] audit: type=1400 audit(1765917677.586:1475): avc:  denied  { write } for  pid=4061 comm="syz.4.201" name="001" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   40.451488][ T4081] __nla_validate_parse: 5 callbacks suppressed
[   40.451504][ T4081] netlink: 8 bytes leftover after parsing attributes in process `syz.0.206'.
[   40.459470][ T4085] Invalid ELF header type: 2 != 1
[   40.483375][ T4085] Invalid ELF header type: 3 != 1
[   40.491049][   T29] audit: type=1326 audit(1765917678.216:1476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4080 comm="syz.0.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4a119f749 code=0x7ffc0000
[   40.514415][   T29] audit: type=1326 audit(1765917678.216:1477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4080 comm="syz.0.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd4a119f749 code=0x7ffc0000
[   40.537641][   T29] audit: type=1326 audit(1765917678.216:1478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4080 comm="syz.0.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4a119f749 code=0x7ffc0000
[   40.561045][   T29] audit: type=1326 audit(1765917678.216:1479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4080 comm="syz.0.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd4a119f749 code=0x7ffc0000
[   40.584546][   T29] audit: type=1326 audit(1765917678.216:1480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4080 comm="syz.0.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4a119f749 code=0x7ffc0000
[   40.594236][ T4081] SELinux: failed to load policy
[   40.608170][   T29] audit: type=1326 audit(1765917678.216:1481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4080 comm="syz.0.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd4a119f749 code=0x7ffc0000
[   40.608206][   T29] audit: type=1326 audit(1765917678.236:1482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4080 comm="syz.0.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4a119f749 code=0x7ffc0000
[   40.608297][   T29] audit: type=1326 audit(1765917678.236:1483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4080 comm="syz.0.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd4a119f749 code=0x7ffc0000
[   40.608387][   T29] audit: type=1326 audit(1765917678.236:1484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4080 comm="syz.0.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4a119f749 code=0x7ffc0000
[   40.712556][ T4092] loop2: detected capacity change from 0 to 512
[   40.737686][ T4092] EXT4-fs error (device loop2): ext4_xattr_inode_iget:446: comm syz.2.210: error while reading EA inode 32 err=-116
[   40.759839][ T4092] EXT4-fs (loop2): Remounting filesystem read-only
[   40.770360][ T4092] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   40.783534][ T4092] EXT4-fs warning (device loop2): ext4_evict_inode:256: couldn't mark inode dirty (err -30)
[   40.799136][ T4092] EXT4-fs (loop2): 1 orphan inode deleted
[   40.805691][ T4092] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.853775][ T4102] netlink: 36 bytes leftover after parsing attributes in process `syz.0.213'.
[   40.916328][ T4113] netlink: 'syz.0.219': attribute type 4 has an invalid length.
[   40.934078][ T4113] capability: warning: `syz.0.219' uses 32-bit capabilities (legacy support in use)
[   40.934678][ T4114] syzkaller0: entered promiscuous mode
[   40.948992][ T4114] syzkaller0: entered allmulticast mode
[   40.961502][ T4115] EXT4-fs: Ignoring removed orlov option
[   40.967737][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.017888][ T4115] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.189261][ T4129] delete_channel: no stack
[   41.247594][ T4144] netlink: 24 bytes leftover after parsing attributes in process `syz.0.229'.
[   41.265037][ T4144] veth3: entered allmulticast mode
[   41.272531][ T4144] netlink: 'syz.0.229': attribute type 4 has an invalid length.
[   41.291197][ T4146] set_capacity_and_notify: 3 callbacks suppressed
[   41.291213][ T4146] loop1: detected capacity change from 0 to 2048
[   41.383418][ T4146] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.398380][ T4146] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.476559][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.569779][ T4167] loop1: detected capacity change from 0 to 1024
[   41.583913][ T4167] EXT4-fs: Ignoring removed orlov option
[   41.607455][ T4167] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   41.636656][ T4167] EXT4-fs error (device loop1): ext4_ext_check_inode:523: inode #11: comm syz.1.238: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[   41.655467][ T4167] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.238: couldn't read orphan inode 11 (err -117)
[   41.669614][ T4167] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.728348][ T4160] loop2: detected capacity change from 0 to 128
[   41.747065][ T4167] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.238: Invalid block bitmap block 0 in block_group 0
[   41.747463][ T4160] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   41.772890][ T4167] EXT4-fs error (device loop1): ext4_acquire_dquot:6986: comm syz.1.238: Failed to acquire dquot type 0
[   41.773349][ T4160] ext4 filesystem being mounted at /39/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   41.820130][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.836671][ T3313] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   41.937722][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.003331][ T4193] netlink: 'syz.1.247': attribute type 8 has an invalid length.
[   42.105759][ T4204] FAULT_INJECTION: forcing a failure.
[   42.105759][ T4204] name failslab, interval 1, probability 0, space 0, times 0
[   42.118450][ T4204] CPU: 1 UID: 0 PID: 4204 Comm: syz.2.251 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   42.118472][ T4204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   42.118483][ T4204] Call Trace:
[   42.118489][ T4204]  <TASK>
[   42.118495][ T4204]  __dump_stack+0x1d/0x30
[   42.118516][ T4204]  dump_stack_lvl+0xe8/0x140
[   42.118537][ T4204]  dump_stack+0x15/0x1b
[   42.118556][ T4204]  should_fail_ex+0x265/0x280
[   42.118577][ T4204]  should_failslab+0x8c/0xb0
[   42.118599][ T4204]  kmem_cache_alloc_noprof+0x69/0x4b0
[   42.118620][ T4204]  ? vm_area_dup+0x33/0x2c0
[   42.118641][ T4204]  vm_area_dup+0x33/0x2c0
[   42.118661][ T4204]  dup_mmap+0x4b7/0xea0
[   42.118695][ T4204]  copy_mm+0x11a/0x370
[   42.118716][ T4204]  copy_process+0xcbc/0x1ef0
[   42.118738][ T4204]  kernel_clone+0x16c/0x5c0
[   42.118754][ T4204]  ? vfs_write+0x7e8/0x960
[   42.118770][ T4204]  __x64_sys_clone+0xe6/0x120
[   42.118792][ T4204]  x64_sys_call+0x12d0/0x3000
[   42.118812][ T4204]  do_syscall_64+0xd8/0x2c0
[   42.118840][ T4204]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.118858][ T4204] RIP: 0033:0x7fdaa61df749
[   42.118872][ T4204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   42.118886][ T4204] RSP: 002b:00007fdaa4c3efe8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[   42.118905][ T4204] RAX: ffffffffffffffda RBX: 00007fdaa6435fa0 RCX: 00007fdaa61df749
[   42.118917][ T4204] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002c9a4080
[   42.118928][ T4204] RBP: 00007fdaa4c3f090 R08: ffffffffffffffff R09: ffffffffffffffff
[   42.118941][ T4204] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[   42.118952][ T4204] R13: 00007fdaa6436038 R14: 00007fdaa6435fa0 R15: 00007fff8976a998
[   42.118968][ T4204]  </TASK>
[   42.299047][ T4202] loop4: detected capacity change from 0 to 1024
[   42.334771][ T4187] netlink: 108 bytes leftover after parsing attributes in process `syz.3.242'.
[   42.534240][ T4211] SELinux: failed to load policy
[   42.590622][ T4233] loop0: detected capacity change from 0 to 2048
[   42.639961][ T4233]  loop0: p2 < > p4
[   42.655058][ T4233] loop0: p4 size 262144 extends beyond EOD, truncated
[   42.855222][ T4239] netlink: 104 bytes leftover after parsing attributes in process `syz.4.266'.
[   42.869763][ T4260] loop2: detected capacity change from 0 to 1024
[   42.884853][ T4260] EXT4-fs: Ignoring removed orlov option
[   42.895377][ T4260] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   42.917996][ T4260] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #11: comm syz.2.272: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[   42.946368][ T4260] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.272: couldn't read orphan inode 11 (err -117)
[   42.958334][ T4268] loop3: detected capacity change from 0 to 2048
[   42.976550][ T4260] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   42.991853][ T4258] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.272: Invalid block bitmap block 0 in block_group 0
[   43.006582][ T4258] EXT4-fs error (device loop2): ext4_acquire_dquot:6986: comm syz.2.272: Failed to acquire dquot type 0
[   43.028581][ T4268]  loop3: p2 p3 p7
[   43.075972][ T4277] loop0: detected capacity change from 0 to 512
[   43.106501][ T4277] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.119297][ T4277] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.139907][ T3562] udevd[3562]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   43.140970][ T3501] udevd[3501]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory
[   43.167480][ T3305] udevd[3305]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   43.182998][ T4285] netlink: 'syz.1.280': attribute type 3 has an invalid length.
[   43.190874][ T4285] netlink: 16 bytes leftover after parsing attributes in process `syz.1.280'.
[   43.192077][ T3562] udevd[3562]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   43.202311][ T3501] udevd[3501]: inotify_add_watch(7, /dev/loop3p7, 10) failed: No such file or directory
[   43.228898][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.229489][ T3305] udevd[3305]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   43.251874][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.332282][ T4296] xt_hashlimit: max too large, truncated to 1048576
[   43.355861][ T4296] xt_CT: No such helper "netbios-ns"
[   43.385774][ T4300] FAULT_INJECTION: forcing a failure.
[   43.385774][ T4300] name failslab, interval 1, probability 0, space 0, times 0
[   43.398430][ T4300] CPU: 0 UID: 0 PID: 4300 Comm: syz.1.287 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   43.398489][ T4300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   43.398500][ T4300] Call Trace:
[   43.398507][ T4300]  <TASK>
[   43.398513][ T4300]  __dump_stack+0x1d/0x30
[   43.398536][ T4300]  dump_stack_lvl+0xe8/0x140
[   43.398560][ T4300]  dump_stack+0x15/0x1b
[   43.398613][ T4300]  should_fail_ex+0x265/0x280
[   43.398637][ T4300]  should_failslab+0x8c/0xb0
[   43.398660][ T4300]  kmem_cache_alloc_lru_noprof+0x6d/0x4c0
[   43.398684][ T4300]  ? __d_alloc+0x37/0x340
[   43.398709][ T4300]  ? avc_policy_seqno+0x15/0x30
[   43.398788][ T4300]  __d_alloc+0x37/0x340
[   43.398829][ T4300]  ? selinux_inode_permission+0x6be/0x7c0
[   43.398861][ T4300]  d_alloc_parallel+0x54/0xcd0
[   43.398892][ T4300]  ? security_inode_permission+0x4a/0xb0
[   43.398919][ T4300]  ? lockref_get_not_dead+0x120/0x1c0
[   43.399007][ T4300]  ? __rcu_read_unlock+0x4f/0x70
[   43.399029][ T4300]  __lookup_slow+0x8c/0x250
[   43.399057][ T4300]  lookup_slow+0x3c/0x60
[   43.399111][ T4300]  path_lookupat+0x2f7/0x500
[   43.399140][ T4300]  filename_lookup+0x147/0x340
[   43.399174][ T4300]  user_path_at+0x3e/0x130
[   43.399228][ T4300]  __se_sys_chroot+0x45/0x230
[   43.399267][ T4300]  __x64_sys_chroot+0x1f/0x30
[   43.399291][ T4300]  x64_sys_call+0x2238/0x3000
[   43.399317][ T4300]  do_syscall_64+0xd8/0x2c0
[   43.399351][ T4300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.399394][ T4300] RIP: 0033:0x7fd3c144f749
[   43.399410][ T4300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.399429][ T4300] RSP: 002b:00007fd3bfeaf038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a1
[   43.399520][ T4300] RAX: ffffffffffffffda RBX: 00007fd3c16a5fa0 RCX: 00007fd3c144f749
[   43.399532][ T4300] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00002000000001c0
[   43.399544][ T4300] RBP: 00007fd3bfeaf090 R08: 0000000000000000 R09: 0000000000000000
[   43.399556][ T4300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   43.399653][ T4300] R13: 00007fd3c16a6038 R14: 00007fd3c16a5fa0 R15: 00007ffce62f5fb8
[   43.399672][ T4300]  </TASK>
[   43.648944][ T4304] loop3: detected capacity change from 0 to 2048
[   43.680522][ T4304] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.700166][ T4304] FAULT_INJECTION: forcing a failure.
[   43.700166][ T4304] name failslab, interval 1, probability 0, space 0, times 0
[   43.712879][ T4304] CPU: 1 UID: 0 PID: 4304 Comm: syz.3.288 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   43.712926][ T4304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   43.713004][ T4304] Call Trace:
[   43.713011][ T4304]  <TASK>
[   43.713018][ T4304]  __dump_stack+0x1d/0x30
[   43.713043][ T4304]  dump_stack_lvl+0xe8/0x140
[   43.713112][ T4304]  dump_stack+0x15/0x1b
[   43.713142][ T4304]  should_fail_ex+0x265/0x280
[   43.713167][ T4304]  should_failslab+0x8c/0xb0
[   43.713199][ T4304]  __kmalloc_noprof+0xb9/0x5a0
[   43.713220][ T4304]  ? ext4_find_extent+0x16b/0x7a0
[   43.713236][ T4304]  ext4_find_extent+0x16b/0x7a0
[   43.713313][ T4304]  ? __rcu_read_unlock+0x4f/0x70
[   43.713326][ T4304]  ext4_ext_map_blocks+0x11f/0x38a0
[   43.713345][ T4304]  ? blk_mq_flush_plug_list+0x301/0x330
[   43.713358][ T4304]  ? blk_mq_submit_bio+0xaca/0x1120
[   43.713439][ T4304]  ? __blk_flush_plug+0x262/0x2a0
[   43.713454][ T4304]  ? invalidate_inode_pages2_range+0x397/0x3d0
[   43.713471][ T4304]  ? put_dec+0xd3/0xe0
[   43.713484][ T4304]  ext4_map_query_blocks+0xa2/0x4c0
[   43.713573][ T4304]  ext4_map_blocks+0x368/0xd20
[   43.713589][ T4304]  ? bdev_getblk+0x35b/0x3f0
[   43.713607][ T4304]  ? __ext4_journal_start_sb+0x131/0x300
[   43.713620][ T4304]  ext4_iomap_begin+0x89b/0xe40
[   43.713720][ T4304]  ? __pfx_ext4_iomap_begin+0x10/0x10
[   43.713737][ T4304]  iomap_iter+0x388/0x790
[   43.713749][ T4304]  __iomap_dio_rw+0x78a/0x1290
[   43.713771][ T4304]  iomap_dio_rw+0x40/0x90
[   43.713849][ T4304]  ext4_file_write_iter+0xb3a/0xf60
[   43.713884][ T4304]  do_iter_readv_writev+0x4a1/0x540
[   43.713906][ T4304]  vfs_writev+0x2df/0x8b0
[   43.714011][ T4304]  __se_sys_pwritev2+0xfc/0x1c0
[   43.714065][ T4304]  __x64_sys_pwritev2+0x67/0x80
[   43.714088][ T4304]  x64_sys_call+0x2c9e/0x3000
[   43.714151][ T4304]  do_syscall_64+0xd8/0x2c0
[   43.714183][ T4304]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.714242][ T4304] RIP: 0033:0x7fe0bbf6f749
[   43.714257][ T4304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.714274][ T4304] RSP: 002b:00007fe0ba9d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   43.714294][ T4304] RAX: ffffffffffffffda RBX: 00007fe0bc1c5fa0 RCX: 00007fe0bbf6f749
[   43.714306][ T4304] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000006
[   43.714371][ T4304] RBP: 00007fe0ba9d7090 R08: 0000000000000000 R09: 0000000000000003
[   43.714382][ T4304] R10: 0000000000009c00 R11: 0000000000000246 R12: 0000000000000001
[   43.714444][ T4304] R13: 00007fe0bc1c6038 R14: 00007fe0bc1c5fa0 R15: 00007ffc6ef17cd8
[   43.714461][ T4304]  </TASK>
[   44.014018][ T4325] ip6t_REJECT: TCP_RESET illegal for non-tcp
[   44.053598][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.071880][ T4333] netlink: 52 bytes leftover after parsing attributes in process `syz.4.302'.
[   44.179785][ T4348] netlink: 4 bytes leftover after parsing attributes in process `syz.0.306'.
[   44.331194][ T4348] loop0: detected capacity change from 0 to 512
[   44.516725][ T4348] bond1: option arp_interval: invalid value (18446744072758484506)
[   44.524731][ T4348] bond1: option arp_interval: allowed values 0 - 2147483647
[   44.698497][ T4348] bond1 (unregistering): Released all slaves
[   45.113822][ T4387] netlink: 52 bytes leftover after parsing attributes in process `syz.1.314'.
[   45.191115][ T4391] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   45.199855][ T4391] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   45.251958][ T4391] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4215: comm syz.1.317: Allocating blocks 41-42 which overlap fs metadata
[   45.293525][   T29] kauditd_printk_skb: 548 callbacks suppressed
[   45.293551][   T29] audit: type=1326 audit(1765917683.036:2029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4384 comm="syz.3.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe0bbf665e7 code=0x7ffc0000
[   45.347446][ T4391] Quota error (device loop1): write_blk: dquota write failed
[   45.354936][ T4391] Quota error (device loop1): find_free_dqentry: Can't write quota data block 5
[   45.378804][ T4398] ISOFS: unable to read i-node block
[   45.399252][   T29] audit: type=1326 audit(1765917683.076:2030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4384 comm="syz.3.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe0bbf0b829 code=0x7ffc0000
[   45.405923][ T4398] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   45.422529][   T29] audit: type=1326 audit(1765917683.076:2031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4384 comm="syz.3.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe0bbf665e7 code=0x7ffc0000
[   45.438132][ T4391] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4215: comm syz.1.317: Allocating blocks 41-42 which overlap fs metadata
[   45.454766][   T29] audit: type=1326 audit(1765917683.076:2032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4384 comm="syz.3.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe0bbf0b829 code=0x7ffc0000
[   45.491537][   T29] audit: type=1326 audit(1765917683.076:2033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4384 comm="syz.3.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe0bbf665e7 code=0x7ffc0000
[   45.491564][   T29] audit: type=1326 audit(1765917683.076:2034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4384 comm="syz.3.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe0bbf0b829 code=0x7ffc0000
[   45.491606][   T29] audit: type=1326 audit(1765917683.076:2035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4384 comm="syz.3.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fe0bbf6f749 code=0x7ffc0000
[   45.491632][   T29] audit: type=1326 audit(1765917683.076:2036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4384 comm="syz.3.313" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe0bbf665e7 code=0x7ffc0000
[   45.525898][ T4391] EXT4-fs error (device loop1): ext4_acquire_dquot:6986: comm syz.1.317: Failed to acquire dquot type 1
[   45.619825][ T4391] EXT4-fs error (device loop1): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   45.635820][ T4391] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.317: corrupted inode contents
[   45.663252][ T4391] EXT4-fs error (device loop1): ext4_dirty_inode:6502: inode #12: comm syz.1.317: mark_inode_dirty error
[   45.675868][ T4391] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.317: corrupted inode contents
[   45.689279][ T4391] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #12: comm syz.1.317: mark_inode_dirty error
[   45.702579][ T4416] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   45.717416][ T4391] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.317: corrupted inode contents
[   45.735006][ T4391] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[   45.744588][ T4391] EXT4-fs error (device loop1): ext4_do_update_inode:5617: inode #12: comm syz.1.317: corrupted inode contents
[   45.756943][ T4391] EXT4-fs error (device loop1): ext4_truncate:4635: inode #12: comm syz.1.317: mark_inode_dirty error
[   45.768602][ T4391] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem
[   45.779198][ T4391] EXT4-fs (loop1): 1 truncate cleaned up
[   45.793110][ T4391] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.926812][ T4391] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   46.062941][ T4433] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   46.088162][ T4433] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   46.103517][ T4437] xt_hashlimit: max too large, truncated to 1048576
[   46.110723][ T4435] netlink: 12 bytes leftover after parsing attributes in process `syz.3.327'.
[   46.119664][ T4435] netlink: 8 bytes leftover after parsing attributes in process `syz.3.327'.
[   46.176088][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.225104][ T4445] netlink: 52 bytes leftover after parsing attributes in process `syz.2.328'.
[   46.242692][ T4443] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.398687][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.436631][ T4453] set_capacity_and_notify: 4 callbacks suppressed
[   46.436656][ T4453] loop2: detected capacity change from 0 to 512
[   46.449470][ T4457] loop3: detected capacity change from 0 to 128
[   46.449763][ T4457] vfat: Unknown parameter ''
[   46.520217][ T4453] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   46.536524][ T4453] ext4 filesystem being mounted at /65/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.627501][ T3313] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.720981][ T4472] SELinux:  Context system_u:object is not valid (left unmapped).
[   46.777326][ T4481] veth0_to_team: entered promiscuous mode
[   46.786162][ T4481] netlink: 'syz.0.345': attribute type 1 has an invalid length.
[   46.910391][ T4498] loop0: detected capacity change from 0 to 128
[   46.917699][ T4498] FAT-fs (loop0): bogus logical sector size 65535
[   46.924175][ T4498] FAT-fs (loop0): Can't find a valid FAT filesystem
[   46.939715][ T4501] 9p: Unknown Cache mode or invalid value non¾9'Įrsion}9p2000.u
[   46.969909][ T4503] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.040595][ T4503] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.117600][ T4503] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.157299][ T4511] netlink: 'syz.4.354': attribute type 21 has an invalid length.
[   47.170535][ T4503] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   47.192733][ T4511] netlink: 'syz.4.354': attribute type 6 has an invalid length.
[   47.200425][ T4511] netlink: 132 bytes leftover after parsing attributes in process `syz.4.354'.
[   47.263383][ T4512] netlink: 20 bytes leftover after parsing attributes in process `syz.4.354'.
[   47.305836][ T1474] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.341101][ T1474] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.355405][ T1474] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.374698][ T1474] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   47.437047][ T4524] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   47.614698][ T4552] loop3: detected capacity change from 0 to 1764
[   47.813203][ T4575] sg_write: data in/out 134243804/1 bytes for SCSI command 0xc4-- guessing data in;
[   47.813203][ T4575]    program syz.0.363 not setting count and/or reply_len properly
[   48.046839][ T4596] xt_hashlimit: max too large, truncated to 1048576
[   48.380785][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.462951][ T4683] xt_hashlimit: max too large, truncated to 1048576
[   48.550377][ T4697] netlink: 4 bytes leftover after parsing attributes in process `syz.1.375'.
[   48.559888][ T4697] netlink: 12 bytes leftover after parsing attributes in process `syz.1.375'.
[   48.657257][ T4705] netlink: 60 bytes leftover after parsing attributes in process `syz.0.379'.
[   48.726505][ T4709] netlink: 'syz.1.378': attribute type 13 has an invalid length.
[   48.759626][ T4709] gretap0: refused to change device tx_queue_len
[   48.765995][ T4709] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   48.789487][ T4708] IPv6: Can't replace route, no match found
[   48.851756][ T4714] netlink: 4 bytes leftover after parsing attributes in process `syz.3.383'.
[   48.866994][ T4714] loop3: detected capacity change from 0 to 1024
[   48.874387][ T4714] EXT4-fs: inline encryption not supported
[   48.880248][ T4714] EXT4-fs: Ignoring removed orlov option
[   48.890256][ T4714] EXT4-fs (loop3): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   48.910292][ T4714] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840c018, mo2=0002]
[   48.946474][ T4714] System zones: 0-1, 3-12
[   48.957514][ T4714] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.023341][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.054884][ T4713] chnl_net:caif_netlink_parms(): no params data found
[   49.081678][ T4736] rdma_op ffff88810488ad80 conn xmit_rdma 0000000000000000
[   49.122909][ T4740] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.170375][ T4713] bridge0: port 1(bridge_slave_0) entered blocking state
[   49.177504][ T4713] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.206486][ T4751] netlink: 60 bytes leftover after parsing attributes in process `syz.0.391'.
[   49.215489][ T4713] bridge_slave_0: entered allmulticast mode
[   49.222032][ T4713] bridge_slave_0: entered promiscuous mode
[   49.240760][ T4740] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.254748][ T4713] bridge0: port 2(bridge_slave_1) entered blocking state
[   49.261994][ T4713] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.278732][ T4759] loop0: detected capacity change from 0 to 1024
[   49.285274][ T4713] bridge_slave_1: entered allmulticast mode
[   49.292432][ T4759] EXT4-fs: inline encryption not supported
[   49.298487][ T4759] EXT4-fs: Ignoring removed orlov option
[   49.305039][ T4713] bridge_slave_1: entered promiscuous mode
[   49.312133][ T4759] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled
[   49.323094][ T4761] loop4: detected capacity change from 0 to 512
[   49.332388][ T4759] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e840c018, mo2=0002]
[   49.343040][ T4761] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   49.344484][ T4759] System zones: 0-1
[   49.351782][ T4761] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   49.364734][ T4759] , 3-12
[   49.368559][ T4759] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.371405][ T4761] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4215: comm syz.4.396: Allocating blocks 41-42 which overlap fs metadata
[   49.382264][ T4759] FAULT_INJECTION: forcing a failure.
[   49.382264][ T4759] name failslab, interval 1, probability 0, space 0, times 0
[   49.395629][ T4756] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.406877][ T4759] CPU: 1 UID: 0 PID: 4759 Comm: syz.0.395 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   49.406938][ T4759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   49.406950][ T4759] Call Trace:
[   49.406956][ T4759]  <TASK>
[   49.406964][ T4759]  __dump_stack+0x1d/0x30
[   49.406989][ T4759]  dump_stack_lvl+0xe8/0x140
[   49.407038][ T4759]  dump_stack+0x15/0x1b
[   49.407107][ T4759]  should_fail_ex+0x265/0x280
[   49.407130][ T4759]  should_failslab+0x8c/0xb0
[   49.407151][ T4759]  __kmalloc_noprof+0xb9/0x5a0
[   49.407213][ T4759]  ? ext4_find_extent+0x16b/0x7a0
[   49.407238][ T4759]  ext4_find_extent+0x16b/0x7a0
[   49.407263][ T4759]  ext4_ext_map_blocks+0x11f/0x38a0
[   49.407289][ T4759]  ? try_charge_memcg+0x215/0xa10
[   49.407360][ T4759]  ? __account_obj_stock+0x2cc/0x350
[   49.407381][ T4759]  ext4_map_blocks+0x626/0xd20
[   49.407476][ T4759]  ext4_iomap_begin+0x89b/0xe40
[   49.407512][ T4759]  ? __pfx_ext4_iomap_begin+0x10/0x10
[   49.407542][ T4759]  iomap_iter+0x388/0x790
[   49.407626][ T4759]  __iomap_dio_rw+0x78a/0x1290
[   49.407662][ T4759]  iomap_dio_rw+0x40/0x90
[   49.407684][ T4759]  ext4_file_write_iter+0xb3a/0xf60
[   49.407723][ T4759]  ? __pfx_ext4_file_write_iter+0x10/0x10
[   49.407815][ T4759]  vfs_write+0x52a/0x960
[   49.407838][ T4759]  __x64_sys_pwrite64+0xfd/0x150
[   49.407859][ T4759]  x64_sys_call+0x9f7/0x3000
[   49.407882][ T4759]  do_syscall_64+0xd8/0x2c0
[   49.407941][ T4759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.407962][ T4759] RIP: 0033:0x7fd4a119f749
[   49.407977][ T4759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.407993][ T4759] RSP: 002b:00007fd49fbff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[   49.408061][ T4759] RAX: ffffffffffffffda RBX: 00007fd4a13f5fa0 RCX: 00007fd4a119f749
[   49.408073][ T4759] RDX: 00000000200000c1 RSI: 00002000000000c0 RDI: 0000000000000007
[   49.408157][ T4759] RBP: 00007fd49fbff090 R08: 0000000000000000 R09: 0000000000000000
[   49.408169][ T4759] R10: 0000000000009000 R11: 0000000000000246 R12: 0000000000000001
[   49.408180][ T4759] R13: 00007fd4a13f6038 R14: 00007fd4a13f5fa0 R15: 00007ffcc742c118
[   49.408198][ T4759]  </TASK>
[   49.424886][ T4761] EXT4-fs error (device loop4): ext4_acquire_dquot:6986: comm syz.4.396: Failed to acquire dquot type 1
[   49.645516][ T4761] EXT4-fs error (device loop4): mb_free_blocks:2037: group 0, inode 12: block 14:freeing already freed block (bit 14); block bitmap corrupt.
[   49.645875][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.660812][ T4761] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.396: corrupted inode contents
[   49.681020][ T4761] EXT4-fs error (device loop4): ext4_dirty_inode:6502: inode #12: comm syz.4.396: mark_inode_dirty error
[   49.692879][ T4761] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.396: corrupted inode contents
[   49.705770][ T4761] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #12: comm syz.4.396: mark_inode_dirty error
[   49.706515][ T4740] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.717739][ T4761] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.396: corrupted inode contents
[   49.743199][ T4761] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[   49.752212][ T4761] EXT4-fs error (device loop4): ext4_do_update_inode:5617: inode #12: comm syz.4.396: corrupted inode contents
[   49.764486][ T4761] EXT4-fs error (device loop4): ext4_truncate:4635: inode #12: comm syz.4.396: mark_inode_dirty error
[   49.776704][ T4761] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[   49.777130][ T4713] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   49.797749][ T4756] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.802581][ T4771] loop0: detected capacity change from 0 to 2048
[   49.814695][ T4761] EXT4-fs (loop4): 1 truncate cleaned up
[   49.815791][ T4713] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   49.823242][ T4761] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.843970][ T4740] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.855186][ T4761] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   49.872331][ T4756] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.877148][ T4771] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.895143][ T3322] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.913310][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.913624][ T4713] team0: Port device team_slave_0 added
[   49.928787][ T4713] team0: Port device team_slave_1 added
[   49.954259][ T4756] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   49.983208][ T4713] batman_adv: batadv0: Adding interface: batadv_slave_0
[   49.990211][ T4713] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   50.016160][ T4713] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   50.032407][ T2105] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   50.041181][ T4713] batman_adv: batadv0: Adding interface: batadv_slave_1
[   50.048139][ T4713] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   50.074109][ T4713] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   50.108059][ T2105] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   50.133423][ T2105] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   50.143746][ T4713] hsr_slave_0: entered promiscuous mode
[   50.150376][ T4713] hsr_slave_1: entered promiscuous mode
[   50.156197][ T4713] debugfs: 'hsr0' already exists in 'hsr'
[   50.161945][ T4713] Cannot create hsr debugfs directory
[   50.175581][ T2105] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   50.208048][ T2105] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   50.256294][ T4740] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.302728][ T4713] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   50.312880][ T4756] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.325511][ T4713] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   50.337237][ T4713] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   50.350272][ T4740] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.362078][ T4713] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   50.375781][ T4756] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.393719][ T4740] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   50.438668][ T4713] 8021q: adding VLAN 0 to HW filter on device bond0
[   50.452358][ T4713] 8021q: adding VLAN 0 to HW filter on device team0
[   50.478271][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.485416][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[   50.497538][ T1631] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.504680][ T1631] bridge0: port 2(bridge_slave_1) entered forwarding state
[   50.530484][ T4713] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   50.540961][ T4713] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   50.606234][ T4713] 8021q: adding VLAN 0 to HW filter on device batadv0
[   50.729463][ T4713] veth0_vlan: entered promiscuous mode
[   50.737798][ T4713] veth1_vlan: entered promiscuous mode
[   50.755381][ T4713] veth0_macvtap: entered promiscuous mode
[   50.763319][ T4713] veth1_macvtap: entered promiscuous mode
[   50.774450][ T4713] batman_adv: batadv0: Interface activated: batadv_slave_0
[   50.785418][ T4713] batman_adv: batadv0: Interface activated: batadv_slave_1
[   50.795095][ T4824] loop0: detected capacity change from 0 to 256
[   50.799984][ T1631] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   50.812601][   T29] kauditd_printk_skb: 592 callbacks suppressed
[   50.812623][   T29] audit: type=1400 audit(1765917688.556:2624): avc:  denied  { mount } for  pid=4823 comm="syz.0.408" name="/" dev="loop0" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   50.842812][ T4675] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   50.854189][ T4824] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   50.863088][ T4824] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   50.870933][ T4675] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   50.888128][ T4675] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   50.899287][   T29] audit: type=1400 audit(1765917688.646:2625): avc:  denied  { mounton } for  pid=4713 comm="syz-executor" path="/root/syzkaller.BCu1Yv/syz-tmp" dev="sda1" ino=2047 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   50.936254][ T4826] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   50.948913][ T4824] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   50.957616][   T29] audit: type=1400 audit(1765917688.676:2626): avc:  denied  { mount } for  pid=4713 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   50.957648][   T29] audit: type=1400 audit(1765917688.676:2627): avc:  denied  { mount } for  pid=4713 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   51.001775][   T29] audit: type=1400 audit(1765917688.676:2628): avc:  denied  { mounton } for  pid=4713 comm="syz-executor" path="/root/syzkaller.BCu1Yv/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   51.028496][   T29] audit: type=1400 audit(1765917688.676:2629): avc:  denied  { mounton } for  pid=4713 comm="syz-executor" path="/root/syzkaller.BCu1Yv/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=9196 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[   51.056047][   T29] audit: type=1400 audit(1765917688.676:2630): avc:  denied  { mounton } for  pid=4713 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   51.078986][   T29] audit: type=1400 audit(1765917688.676:2631): avc:  denied  { mount } for  pid=4713 comm="syz-executor" name="/" dev="gadgetfs" ino=3765 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[   51.109884][   T29] audit: type=1400 audit(1765917688.826:2632): avc:  denied  { unmount } for  pid=3318 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   51.136606][ T4841] loop0: detected capacity change from 0 to 512
[   51.170285][ T4841] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.209109][ T4841] ext4 filesystem being mounted at /91/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   51.228760][ T4854] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   51.239836][ T4841] __nla_validate_parse: 2 callbacks suppressed
[   51.239850][ T4841] netlink: 20 bytes leftover after parsing attributes in process `syz.0.410'.
[   51.276385][ T4859] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   51.320069][ T4864] netlink: 124 bytes leftover after parsing attributes in process `syz.0.410'.
[   51.329062][ T4864] netlink: 16 bytes leftover after parsing attributes in process `syz.0.410'.
[   51.350011][ T4859] FAT-fs (loop5): error, corrupted directory (invalid entries)
[   51.362159][ T4859] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[   51.371309][ T4867] netlink: 48 bytes leftover after parsing attributes in process `syz.4.416'.
[   51.646464][   T29] audit: type=1400 audit(1765917689.386:2633): avc:  denied  { setopt } for  pid=4903 comm="syz.4.419" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[   52.160842][ T4953] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   53.491760][ T5014] netlink: 48 bytes leftover after parsing attributes in process `syz.4.427'.
[   53.501884][ T5012] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   53.509417][ T5012] vhci_hcd vhci_hcd.2: invalid port number 96
[   53.515559][ T5012] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[   55.201555][ T4841] Set syz1 is full, maxelem 65536 reached
[   55.212036][ T5012] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   55.226261][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.240399][ T5017] netlink: 72 bytes leftover after parsing attributes in process `syz.4.429'.
[   55.254106][ T5017] set_capacity_and_notify: 1 callbacks suppressed
[   55.254123][ T5017] loop4: detected capacity change from 0 to 512
[   55.323856][ T5027] netlink: 24 bytes leftover after parsing attributes in process `syz.0.433'.
[   55.386424][ T5034] netlink: 8 bytes leftover after parsing attributes in process `syz.4.436'.
[   55.395224][ T5034] netlink: 20 bytes leftover after parsing attributes in process `syz.4.436'.
[   55.405611][ T5036] loop0: detected capacity change from 0 to 128
[   55.413065][  T391] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   55.422563][ T5036] EXT4-fs: Ignoring removed oldalloc option
[   55.437215][ T2102] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   55.447384][ T2102] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   55.456661][ T2102] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   55.457042][ T5036] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   55.477821][ T5036] ext4 filesystem being mounted at /95/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   55.493999][ T5036] SELinux: failed to load policy
[   55.501288][ T5036] 9p: Bad value for 'rfdno'
[   55.607076][ T3318] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   55.631709][ T5043] netlink: 44 bytes leftover after parsing attributes in process `syz.4.449'.
[   55.693288][ T5048] loop4: detected capacity change from 0 to 8192
[   55.838091][ T5050] Set syz1 is full, maxelem 65536 reached
[   55.846706][   T29] kauditd_printk_skb: 27 callbacks suppressed
[   55.846717][   T29] audit: type=1326 audit(1765917693.596:2661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5051 comm="syz.4.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9de82f749 code=0x7ffc0000
[   55.876528][   T29] audit: type=1326 audit(1765917693.596:2662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5051 comm="syz.4.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9de82f749 code=0x7ffc0000
[   55.900213][   T29] audit: type=1326 audit(1765917693.616:2663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5051 comm="syz.4.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7fb9de82f749 code=0x7ffc0000
[   55.923779][   T29] audit: type=1326 audit(1765917693.616:2664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5051 comm="syz.4.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9de82f749 code=0x7ffc0000
[   55.947297][   T29] audit: type=1326 audit(1765917693.616:2665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5051 comm="syz.4.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9de82f749 code=0x7ffc0000
[   55.971209][   T29] audit: type=1326 audit(1765917693.686:2666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5051 comm="syz.4.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7fb9de82f749 code=0x7ffc0000
[   55.994535][   T29] audit: type=1326 audit(1765917693.686:2667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5051 comm="syz.4.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9de82f749 code=0x7ffc0000
[   56.018136][   T29] audit: type=1326 audit(1765917693.686:2668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5051 comm="syz.4.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb9de82f749 code=0x7ffc0000
[   56.041903][   T29] audit: type=1326 audit(1765917693.686:2669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5051 comm="syz.4.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9de82f749 code=0x7ffc0000
[   56.065196][   T29] audit: type=1326 audit(1765917693.686:2670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5051 comm="syz.4.442" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb9de82f749 code=0x7ffc0000
[   56.101645][ T5061] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   56.144790][ T5059] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[   56.973344][ T5092] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   57.045088][ T5099] loop1: detected capacity change from 0 to 2048
[   57.051724][ T5107] loop0: detected capacity change from 0 to 128
[   57.066254][ T5104] loop4: detected capacity change from 0 to 164
[   57.073203][ T5104] ISOFS: unable to read i-node block
[   57.078737][ T5104] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   57.092470][ T5099]  loop1: p2 p3 p7
[   57.157565][ T5113] loop1: detected capacity change from 0 to 128
[   57.168307][ T5113] EXT4-fs: Ignoring removed oldalloc option
[   57.180061][ T5113] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   57.192339][ T5113] ext4 filesystem being mounted at /85/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   57.205704][ T5113] SELinux: failed to load policy
[   57.213205][ T5113] 9p: Bad value for 'rfdno'
[   57.261994][ T5012] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.292854][ T5117] veth0_to_team: entered promiscuous mode
[   57.312219][ T5117] netlink: 'syz.4.469': attribute type 1 has an invalid length.
[   57.323163][ T5012] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.365050][ T3314] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   57.382863][ T5012] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.442798][ T5128] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   57.453139][ T5128] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.486670][ T1631] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.511349][ T5128] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   57.521768][ T5128] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.539369][ T1631] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.557902][ T1631] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.587633][ T1631] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.612597][ T5128] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   57.622952][ T5128] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.636581][ T5139] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   57.645245][ T5139] vhci_hcd vhci_hcd.2: invalid port number 96
[   57.651406][ T5139] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[   57.663240][ T5141] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   57.701510][ T5128] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   57.709068][ T5147] loop1: detected capacity change from 0 to 164
[   57.711869][ T5128] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   57.738054][ T5147] ISOFS: unable to read i-node block
[   57.751169][ T5147] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   57.766651][ T5149] loop5: detected capacity change from 0 to 128
[   57.773429][ T5149] EXT4-fs: Ignoring removed oldalloc option
[   57.781906][ T5149] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   57.802180][ T1631] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   57.810367][ T1631] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.818798][ T5149] ext4 filesystem being mounted at /6/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   57.840362][ T5149] SELinux: failed to load policy
[   57.850721][ T5149] 9p: Bad value for 'rfdno'
[   57.855691][   T41] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   57.863900][   T41] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.892021][ T1631] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   57.900350][ T1631] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.927953][ T1631] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   57.936200][ T1631] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.949896][ T4673] bio_check_eod: 78 callbacks suppressed
[   57.949909][ T4673] kworker/u8:12: attempt to access beyond end of device
[   57.949909][ T4673] loop0: rw=1, sector=145, nr_sectors = 536 limit=128
[   57.958220][ T5156] netlink: 'syz.3.480': attribute type 13 has an invalid length.
[   58.038238][ T5156] gretap0: refused to change device tx_queue_len
[   58.044644][ T5156] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   58.081131][ T4713] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   58.159708][ T5172] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   58.179716][ T5172] vhci_hcd vhci_hcd.2: invalid port number 96
[   58.180698][ T5175] loop5: detected capacity change from 0 to 2048
[   58.185817][ T5172] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[   58.229801][ T5174] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   58.297491][ T5175] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   58.415779][ T5195] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   58.509998][ T5206] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   58.517301][ T5206] vhci_hcd vhci_hcd.2: invalid port number 96
[   58.523803][ T5206] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[   58.534812][ T5204] __nla_validate_parse: 1 callbacks suppressed
[   58.534826][ T5204] netlink: 8 bytes leftover after parsing attributes in process `syz.1.503'.
[   58.549929][ T5204] netlink: 20 bytes leftover after parsing attributes in process `syz.1.503'.
[   58.643551][ T5212] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   58.730112][ T4713] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   58.859852][ T5233] netlink: 8 bytes leftover after parsing attributes in process `syz.4.515'.
[   58.868652][ T5233] netlink: 20 bytes leftover after parsing attributes in process `syz.4.515'.
[   58.946248][ T5240] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   58.954038][ T5240] vhci_hcd vhci_hcd.2: invalid port number 96
[   58.960530][ T5240] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[   58.965672][ T5241] netlink: 'syz.5.507': attribute type 13 has an invalid length.
[   59.005465][ T5246] ISOFS: unable to read i-node block
[   59.012067][ T5246] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   59.073693][ T5251] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   59.129467][ T5241] gretap0: refused to change device tx_queue_len
[   59.135821][ T5241] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[   59.151502][ T5243] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   59.196883][ T5255] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   59.219696][ T5251] EXT4-fs error (device loop3): ext4_iget_extra_inode:5073: inode #12: comm syz.3.521: corrupted in-inode xattr: invalid size in ea xattr
[   59.309962][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   59.483557][ T5268] netlink: 8 bytes leftover after parsing attributes in process `syz.1.527'.
[   59.492958][ T5268] netlink: 20 bytes leftover after parsing attributes in process `syz.1.527'.
[   59.979526][ T5282] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   59.987099][ T5282] vhci_hcd vhci_hcd.2: invalid port number 96
[   59.993247][ T5282] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[   60.044656][ T5286] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   60.338139][ T5304] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   60.348033][ T5304] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.382156][ T5307] set_capacity_and_notify: 3 callbacks suppressed
[   60.382170][ T5307] loop5: detected capacity change from 0 to 164
[   60.418451][ T5307] ISOFS: unable to read i-node block
[   60.424391][ T5313] netlink: 8 bytes leftover after parsing attributes in process `syz.3.543'.
[   60.427844][ T5307] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   60.433207][ T5313] netlink: 'syz.3.543': attribute type 5 has an invalid length.
[   60.433222][ T5313] netlink: 12 bytes leftover after parsing attributes in process `syz.3.543'.
[   60.465037][ T5304] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   60.474879][ T5304] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.554018][ T5322] loop1: detected capacity change from 0 to 2048
[   60.561527][ T5304] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   60.571332][ T5304] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.589807][ T5323] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   60.598967][ T5322] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   60.611401][ T5323] vhci_hcd vhci_hcd.2: invalid port number 96
[   60.617528][ T5323] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[   60.635281][ T5304] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   60.645132][ T5304] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   60.655086][ T5325] loop3: detected capacity change from 0 to 164
[   60.682294][ T5325] ISOFS: unable to read i-node block
[   60.699194][ T5325] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   60.786620][ T5334] bridge0: port 3(vlan2) entered blocking state
[   60.792943][ T5334] bridge0: port 3(vlan2) entered disabled state
[   60.801305][ T5334] vlan2: entered allmulticast mode
[   60.806456][ T5334] bridge0: entered allmulticast mode
[   60.813263][ T5339] netlink: 16 bytes leftover after parsing attributes in process `syz.0.548'.
[   60.831020][ T5334] vlan2: left allmulticast mode
[   60.835893][ T5334] bridge0: left allmulticast mode
[   60.857351][   T29] kauditd_printk_skb: 1319 callbacks suppressed
[   60.857363][   T29] audit: type=1400 audit(1765917698.596:3990): avc:  denied  { recv } for  pid=3005 comm="udevd" saddr=10.128.0.163 src=30036 daddr=10.128.1.99 dest=42506 netif=eth0 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[   60.936569][   T29] audit: type=1400 audit(1765917698.676:3991): avc:  denied  { setopt } for  pid=5342 comm="syz.3.551" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   60.957223][ T3314] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.973080][   T29] audit: type=1326 audit(1765917698.716:3992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5352 comm="syz.3.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0bbf6f749 code=0x7ffc0000
[   61.010039][   T29] audit: type=1326 audit(1765917698.746:3993): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5352 comm="syz.3.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7fe0bbf6f749 code=0x7ffc0000
[   61.033434][   T29] audit: type=1326 audit(1765917698.746:3994): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5352 comm="syz.3.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0bbf6f749 code=0x7ffc0000
[   61.056824][   T29] audit: type=1326 audit(1765917698.746:3995): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5352 comm="syz.3.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7fe0bbf6f749 code=0x7ffc0000
[   61.080124][   T29] audit: type=1326 audit(1765917698.746:3996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5352 comm="syz.3.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0bbf6f749 code=0x7ffc0000
[   61.104091][   T29] audit: type=1326 audit(1765917698.746:3997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5352 comm="syz.3.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe0bbf6f749 code=0x7ffc0000
[   61.127891][   T29] audit: type=1326 audit(1765917698.746:3998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5352 comm="syz.3.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0bbf6f749 code=0x7ffc0000
[   61.151256][   T29] audit: type=1326 audit(1765917698.746:3999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5352 comm="syz.3.555" exe="/root/syz-executor" sig=0 arch=c000003e syscall=241 compat=0 ip=0x7fe0bbf6f749 code=0x7ffc0000
[   61.151864][ T5359] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   61.195807][ T5356] netlink: 4 bytes leftover after parsing attributes in process `syz.3.556'.
[   61.226039][ T5356] netlink: 'syz.3.556': attribute type 4 has an invalid length.
[   61.247854][ T5356] .`: renamed from bond0 (while UP)
[   61.284923][ T5369] loop6: detected capacity change from 0 to 7
[   61.287106][ T5367] loop1: detected capacity change from 0 to 128
[   61.316589][ T5372] loop3: detected capacity change from 0 to 1024
[   61.334164][ T5367] EXT4-fs: Ignoring removed oldalloc option
[   61.349653][ T5372] EXT4-fs: Ignoring removed orlov option
[   61.360858][ T5372] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   61.413864][ T5367] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   61.435515][ T5381] loop0: detected capacity change from 0 to 164
[   61.469955][ T5381] ISOFS: unable to read i-node block
[   61.475384][ T5367] ext4 filesystem being mounted at /116/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   61.495625][ T5381] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   61.520239][ T5367] SELinux: failed to load policy
[   61.550501][ T5385] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   61.557853][ T5385] vhci_hcd vhci_hcd.2: invalid port number 96
[   61.564028][ T5385] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[   61.568992][ T5367] 9p: Bad value for 'rfdno'
[   61.600037][ T3321] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.609239][ T5387] loop0: detected capacity change from 0 to 2048
[   61.630716][ T5387] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   61.645704][ T5393] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   61.651760][ T5395] tipc: Started in network mode
[   61.657857][ T5395] tipc: Node identity 7f000001, cluster identity 4711
[   61.664797][ T5395] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[   61.666914][ T5393] vhci_hcd vhci_hcd.2: invalid port number 96
[   61.679150][ T5393] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[   61.741328][ T5401] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   61.773500][ T3314] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   61.811771][ T5405] netlink: 'syz.1.570': attribute type 4 has an invalid length.
[   61.833560][ T5405] .`: renamed from bond0 (while UP)
[   61.844710][ T5410] loop5: detected capacity change from 0 to 512
[   61.853504][ T5410] journal_path: Non-blockdev passed as './bus'
[   61.859714][ T5410] EXT4-fs: error: could not find journal device path
[   61.897595][ T3318] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.995397][ T5424] netlink: 'syz.5.578': attribute type 5 has an invalid length.
[   62.009105][ T2102] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   62.028959][ T2102] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   62.050872][ T2102] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   62.083280][ T5434] loop6: detected capacity change from 0 to 7
[   62.085018][ T5433] EXT4-fs: Ignoring removed oldalloc option
[   62.096811][ T2102] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   62.109830][ T5433] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   62.129543][ T5433] ext4 filesystem being mounted at /116/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   62.195171][ T5438] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   62.233085][ T5433] SELinux: failed to load policy
[   62.277735][ T5442] ISOFS: unable to read i-node block
[   62.283653][ T5442] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   62.309754][ T5433] 9p: Bad value for 'rfdno'
[   62.391636][ T5453] netlink: 'syz.5.587': attribute type 4 has an invalid length.
[   62.403719][ T5453] .`: renamed from bond0 (while UP)
[   62.419400][ T3318] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   62.446989][ T5456] ISOFS: unable to read i-node block
[   62.459039][ T5456] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   62.511669][ T5462] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   62.519367][ T5462] vhci_hcd vhci_hcd.2: invalid port number 96
[   62.525439][ T5462] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[   62.541377][ T5460] netlink: 'syz.5.590': attribute type 5 has an invalid length.
[   62.625398][ T5472] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   62.918046][ T5486] netlink: 'syz.0.600': attribute type 4 has an invalid length.
[   62.937604][ T5486] .`: renamed from bond0 (while UP)
[   62.943760][ T5490] ISOFS: unable to read i-node block
[   62.957350][ T5490] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   63.006741][ T5493] ISOFS: unable to read i-node block
[   63.030199][ T5496] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[   63.031768][ T5493] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   63.039505][ T5496] vhci_hcd vhci_hcd.2: invalid port number 96
[   63.052545][ T5496] vhci_hcd vhci_hcd.2: default hub control req: 0300 vfffa i0060 l0
[   63.054912][ T5497] netlink: 'syz.5.604': attribute type 5 has an invalid length.
[   63.135861][ T5500] tipc: Started in network mode
[   63.140767][ T5500] tipc: Node identity 7f000001, cluster identity 4711
[   63.164082][ T5500] tipc: Enabled bearer <udp:syz2>, priority 10
[   63.245403][  T957] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   63.253689][  T957] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.302135][  T957] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   63.310364][  T957] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.335313][  T957] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   63.343563][  T957] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.384599][  T957] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   63.392964][  T957] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.409324][ T5530] ISOFS: unable to read i-node block
[   63.414620][ T5530] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   63.420798][ T5525] netlink: 'syz.0.617': attribute type 5 has an invalid length.
[   63.486424][ T2102] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   63.509580][ T2102] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   63.536931][ T2102] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   63.571542][ T2102] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   63.600942][ T5552] netdevsim netdevsim5 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   63.610868][ T5552] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   63.696185][ T5565] ISOFS: unable to read i-node block
[   63.710755][ T5552] netdevsim netdevsim5 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   63.720558][ T5552] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   63.739190][ T5565] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   63.881563][ T5580] netlink: 'syz.3.646': attribute type 4 has an invalid length.
[   63.889426][ T5580] __nla_validate_parse: 12 callbacks suppressed
[   63.889438][ T5580] netlink: 152 bytes leftover after parsing attributes in process `syz.3.646'.
[   63.941742][ T5552] netdevsim netdevsim5 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   63.951665][ T5552] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   63.980196][ T5584] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   64.002050][ T5584] ext4 filesystem being mounted at /139/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   64.026934][ T5552] netdevsim netdevsim5 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[   64.036723][ T5552] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   64.057724][ T5597] ISOFS: unable to read i-node block
[   64.065325][ T5597] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   64.136528][ T3005] ==================================================================
[   64.144628][ T3005] BUG: KCSAN: data-race in set_nlink / set_nlink
[   64.150974][ T3005] 
[   64.153289][ T3005] read to 0xffff888107966780 of 4 bytes by task 3562 on cpu 1:
[   64.158937][ T5603] sch_tbf: peakrate 7 is lower than or equals to rate 6829859379779001161 !
[   64.160819][ T3005]  set_nlink+0x29/0xb0
[   64.160842][ T3005]  kernfs_iop_permission+0x1e2/0x220
[   64.178807][ T3005]  inode_permission+0x2de/0x3c0
[   64.183660][ T3005]  link_path_walk+0x779/0xe30
[   64.188340][ T3005]  path_openat+0x1c0/0x23b0
[   64.192853][ T3005]  do_filp_open+0x109/0x230
[   64.197379][ T3005]  do_sys_openat2+0xa6/0x150
[   64.201959][ T3005]  __x64_sys_openat+0xf2/0x120
[   64.206713][ T3005]  x64_sys_call+0x2b07/0x3000
[   64.211377][ T3005]  do_syscall_64+0xd8/0x2c0
[   64.215872][ T3005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.221749][ T3005] 
[   64.224056][ T3005] write to 0xffff888107966780 of 4 bytes by task 3005 on cpu 0:
[   64.231663][ T3005]  set_nlink+0x99/0xb0
[   64.235715][ T3005]  kernfs_iop_permission+0x1e2/0x220
[   64.240991][ T3005]  inode_permission+0x2de/0x3c0
[   64.245828][ T3005]  link_path_walk+0x779/0xe30
[   64.250489][ T3005]  path_lookupat+0x8c/0x500
[   64.254980][ T3005]  filename_lookup+0x147/0x340
[   64.259730][ T3005]  vfs_statx+0x9d/0x390
[   64.263872][ T3005]  vfs_fstatat+0x115/0x170
[   64.268275][ T3005]  __se_sys_newfstatat+0x55/0x260
[   64.273291][ T3005]  __x64_sys_newfstatat+0x55/0x70
[   64.278301][ T3005]  x64_sys_call+0x111f/0x3000
[   64.282963][ T3005]  do_syscall_64+0xd8/0x2c0
[   64.287472][ T3005]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.293349][ T3005] 
[   64.295653][ T3005] value changed: 0x00000009 -> 0x00000008
[   64.301351][ T3005] 
[   64.303653][ T3005] Reported by Kernel Concurrency Sanitizer on:
[   64.309797][ T3005] CPU: 0 UID: 0 PID: 3005 Comm: udevd Not tainted syzkaller #0 PREEMPT(voluntary) 
[   64.319065][ T3005] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[   64.329102][ T3005] ==================================================================
[   64.340380][ T3481] tipc: Node number set to 2130706433
[   64.345984][  T957] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[   64.354269][  T957] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   64.369440][  T957] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[   64.377629][  T957] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   64.386074][  T957] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[   64.394275][  T957] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   64.407469][  T957] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[   64.415765][  T957] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0