last executing test programs:

10m17.353221612s ago: executing program 32 (id=278):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x2001, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1d, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r0}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000b00)=ANY=[@ANYBLOB="0600000004000000be7000005c00000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x48)
clock_adjtime(0xffffffd3, &(0x7f0000000000)={0xb, 0x86, 0xfffffffffffffffe, 0x5, 0x7, 0xb, 0x651, 0xffffffff, 0x9657, 0x0, 0x7ffffffd, 0x0, 0xf3, 0xb, 0x80000000000000, 0xcc3, 0x1, 0x1, 0x94d6, 0x5, 0xfffffffd, 0x8, 0x8, 0xfffffffffffffffa, 0x3, 0x6})
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x0, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
creat(&(0x7f00000000c0)='./bus\x00', 0x182)
clock_adjtime(0x0, &(0x7f0000000240)={0x0, 0xfffffffffffffff7, 0x5, 0x5, 0x5, 0x6, 0x0, 0x2, 0x1, 0xffffffffffff8001, 0x5, 0x3, 0x0, 0x7dc, 0x7fffffff, 0x80000001, 0x8ea9, 0x5, 0x3, 0x4, 0x5d286ba, 0xd0, 0x6, 0x7, 0xc1, 0x5})
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r2, 0x0, 0x5}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'batadv_slave_0\x00'})
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0/../file0\x00', &(0x7f00000001c0), 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

8m26.00482658s ago: executing program 2 (id=1320):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000000)=0x8000, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000040)=0x8, 0x4)
recvmmsg(r0, &(0x7f0000004e80)=[{{0x0, 0x0, 0x0}, 0xc}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b80)=""/151, 0x97}, 0x7}], 0x2, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

8m25.213360494s ago: executing program 2 (id=1322):
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100006cc70000000000000000ea04850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000080)='U', 0x1080}], 0x29a}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
getrandom(&(0x7f0000000080)=""/240, 0xfffffffffffffe77, 0x0)

8m23.351579814s ago: executing program 2 (id=1336):
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00'}, 0x10)
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
readv(r0, &(0x7f0000000080)=[{&(0x7f00000078c0)=""/110, 0x94}], 0x1)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x0)
close(r1)

8m22.744496573s ago: executing program 2 (id=1339):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020100008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
recvmsg(0xffffffffffffffff, 0x0, 0x1f00)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x26, 0x75c, &(0x7f0000000b00)="$eJzs3M1rHGUYAPBnJtmkTaMbQfDjIEILFko3SXNpT40Xb4VCwWsNySSETLIhu6ndWLD1LNTmoiCIePboVSj1D/AmBQXvgmiNB/GyMptNatNsum3Srqa/H0z3eefjfd6nO7zsQN4J4Ln1ZvFPEjEcERcjotzen0bEQCs6EnF987yNe9emiy2JZvPSb0lxWWw0y9t9Je3PY9G6JF6NiDuliFMfPZy31lhbmMrzbKXdHq0vLo/WGmtD84tTc9lctjQ+cW7s7MTE2bGJR9bwSpe1nnj33NFb37+zvv7DN/Wbb/SfTmKyVXe0a+uym8ey+X9Siskd+5eeRrIeSno9AAAAulL8zu+LiP7Wr9Ry9LUiAAAA4DBpDjYBAACAQy+JPQ4e2esgAAAA8P+w9XcAW2t7n9Y62E5+fTsiRnbL399aQxxxJEoRMbSRPLAyIdm8DPbl+o2IuD258/77qrjDru+z77Ed7QfXSA/ss3cOwu1i/pncbf5Jt+ef2GX+6d96d8I+dZ7/7ufv6zD/Xewyx7dfvFbqmP9GxOv9u+VPtvMnHfK/12X+m+sf33rUObvl/3eurfdDnH74/RCTs/P5nq8fuPP3ybudjhX1D3XK3+q1c/3LXdRe+GDjj4VOc0mR/+Txvb//3fIX98Qn7XGkEXGr/Vm013fkOL7443d71T8T0XyS7//LLuv/+evBq12eCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC1pRAxHkla24zStVCKORcTLMZTm1Vr91Gx1dWmmOBYxEqV0dj7PxiKivNlOivZ4K77fPrOjPRERL/10dDPpfJ5Vpqv5TK+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNuxiBiOJK1ERBoRf5bTtFKJ6O/i2sFnMD4AAADggIz0egAAAADAU+f5HwAAAA6/J33+Tw54HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMChdvHChWJrbty7Nl20Z640VheqV07PZLWFyuLqdGW6urJcmatW5/KsMl1dfFR/ebW6PH4uVq+O1rNafbTWWLu8WF1dql+eX5yayy5npWdSFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI9ruLUlaSUi0lacppVKxAsRMRKlZHY+z8Yi4sWIuFsuDRbt8V4PGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgANXa6wtTOV5tiIQCJ5Z8GFE/AeGsUfQ65kJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBeqDXWFqbyPFup9XokAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fb6SxIRxfZW+cTwjoN9A8lf5SIYiIj3P7/06dWpen1lPGIg+X17f/2z9v4zPSkAAAAAngfnH+fkref0red4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAbtUaawtTeZ6t7C84H421ZtLhnF7XCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJl/AgAA///CK8Nb")
chdir(&(0x7f00000001c0)='./file0\x00')
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14113e, 0x6ceac77f206eabb9)
write$binfmt_script(r0, &(0x7f0000000080), 0x208e24b)
r1 = open(&(0x7f0000000480)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFSMAP(r1, 0xc0c0583b, &(0x7f0000000500)=ANY=[@ANYBLOB="000000004c900200000000000300010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff"])

8m22.251593752s ago: executing program 2 (id=1346):
syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x1, 0x8, 0x4932, 0x10, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2000000}, 0x50)

8m21.680679199s ago: executing program 2 (id=1350):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r6, 0x40345410, &(0x7f0000000040)={{0x0, 0x0, 0xfffffff9, 0x0, 0xb}})

8m21.650720241s ago: executing program 33 (id=1350):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r6, 0x40345410, &(0x7f0000000040)={{0x0, 0x0, 0xfffffff9, 0x0, 0xb}})

7m40.412768165s ago: executing program 1 (id=1560):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={0x0, 0x0}, 0x28)

7m40.2272106s ago: executing program 1 (id=1562):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000008850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000300)=ANY=[], 0x70}}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=@newtaction={0x64, 0x30, 0xffffffffffffffff, 0x0, 0x40002, {}, [{0x50, 0x1, [@m_bpf={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1}}, @TCA_ACT_BPF_FD={0x8, 0x5, r1}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000640)=@newtfilter={0x24, 0x2c, 0x4, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xffff, 0x1}, {0x3, 0x4}, {0x1}}}, 0x24}}, 0x40c4)
r2 = socket(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0)

7m39.790923556s ago: executing program 1 (id=1564):
r0 = socket$tipc(0x1e, 0x2, 0x0)
connect$tipc(r0, &(0x7f0000000e00)=@id={0x1e, 0x3, 0x1, {0x4e21, 0x2}}, 0x10)

7m39.732727181s ago: executing program 1 (id=1565):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x404, &(0x7f0000000340)={[{@nogrpid}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@errors_continue}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
pwritev2(r0, &(0x7f0000000500)=[{&(0x7f0000000340)='\b', 0x1}], 0x1, 0x1ffffff, 0x0, 0x3)
r1 = open(&(0x7f0000000440)='./bus\x00', 0x105502, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f00000003c0)='./bus\x00', 0x0, 0x205001, 0x0)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x0, 0x46)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0xf, 0x8005, 0x0, 0x0, 0x9, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d10a00966d61fdcf66326bdb9bffbcc2542ded71038259ca0400e1a311efec32d71e14ef3dc177b5b48b3c00", "f2fdfffffffffffaff8100000001c50c752200", [0x6, 0xffe]})
pwritev2(r1, &(0x7f0000000640)=[{&(0x7f0000000140)="9f", 0x1}], 0x1, 0x3, 0x6, 0x6)

7m39.480489831s ago: executing program 1 (id=1569):
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000600)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000400), 0x12)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000000240)={r2, 0x0, &(0x7f0000001700)=""/50}, 0x20)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r4}, 0x18)
r5 = socket(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0xd0f, 0x70bd26, 0x25dfdbfb, {0x60, 0x0, 0x0, r7, {0x0, 0x7}, {0xffff, 0xffff}, {0x6, 0x5}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x2, 0x2, 0x1, 0x3, 0x3, 0x8}}}}]}, 0x4c}}, 0x0)

7m39.283412327s ago: executing program 1 (id=1572):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x28)

7m39.230446041s ago: executing program 34 (id=1572):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a}, 0x28)

1m36.577953632s ago: executing program 3 (id=4582):
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x80000001, 0x200}}, './file0\x00'})
syz_open_pts(r0, 0xa0000)
getpeername$unix(r0, &(0x7f0000000140), 0x0)
r1 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r1, &(0x7f00000032c0), 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010005000900000001"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = epoll_create1(0x80000)
r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/wakeup_count', 0x80800, 0x8)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r4, &(0x7f00000000c0)={0xe000001a})
read$char_usb(r4, &(0x7f0000001980)=""/179, 0xb3)
epoll_ctl$EPOLL_CTL_MOD(r3, 0x3, r4, &(0x7f0000000000))
r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(r5)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r6)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000500000095"], &(0x7f0000001000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x800, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd'])
sendmsg$TIPC_CMD_ENABLE_BEARER(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
r9 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r9, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
r10 = socket(0x2, 0x80805, 0x0)
getsockopt$bt_hci(r10, 0x84, 0x82, &(0x7f0000000000)=""/4087, &(0x7f0000001080)=0xff7)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r11)

1m36.512697118s ago: executing program 3 (id=4585):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000240), &(0x7f00000002c0)=r1}, 0x20)
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x3)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
fgetxattr(r2, &(0x7f0000000000)=ANY=[], 0x0, 0x0)

1m36.512428378s ago: executing program 3 (id=4586):
r0 = socket$unix(0x1, 0x5, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair(0x18, 0x0, 0x2, &(0x7f0000000000))
syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r4, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f00000000c0)=@ethtool_regs={0x4, 0x0, 0x4, "f42a97b9"}})

1m35.463592352s ago: executing program 3 (id=4596):
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wg2\x00', <r0=>0x0})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x18, 0x8, &(0x7f00000009c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0xffffffff}, 0x48, 0xffffffffffffffff)
r3 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r4 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000300)={0x0, "6035ae1e0fe721441705322025000000003e2a5b4377f7ad4bcf2b71d17e1ec0ef54e6773fd7264c39ea00c508ba607269613800"}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r4, r3, r3, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000001000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000006c0), 0xfe, 0x275, &(0x7f0000000980)="$eJzs3T1onHUcB/Dfcy8mMUGiLoL4AiKigRAHQXDRRSEgIYgIKkREnCQRYoJbzsnFwc5tydQllG5NO5YuoUuha9pmSJcODR0aOrTDleeeu3BJLiS515Ln84HL8/zv/m8H9/0/d8PzTwC5NR4RX0ZEMSImIqIcEUlzhfezx3i9uDqyMRdRrX73OKnVy8qZRrvRiKhExOcRpcZry+s/bT/d/Oaj/5bKH15a/3GkX+8vYnjvbGd769vdizP/Xp3+dLlQf26sfmx+H92UtHiulES80YvBXhJJadAz4CRm/75yN839mxHxQS3/5SjUI/v/4is3y/HJhaPannt05+1+zhXovmq1nF4DK1Ugdwq178BJYTIisvNCYXIy+w5/r5jEHwuLf038vrA0/1vL5aPY9wUL6ESS/jZPf4B/fX3o2uiB/D8sZvk/kc96PFOgJ8Yitr6fXbufnu+6ikM+vJMd0vxP/LLyccg/5I78Q37JP+SX/MMZ0GZ25R/yqzn/Q4OeDNBXrv9whpUbJ5WWL8s/5Jf8Q34dyH8f78cFBq05/wBAvlSHBn0HMjAog15/AAAAAAAAAAAAAAAAAACAw1ZHNuYaj36Neet8xM5XEVHaP362H3mx9v+II4Zrf199kqTV9iRZs478/F6HHXTocpfvvp455Uburz3o7vindfvd3vT7z/7ikXvbrcxHVNLKU6XS4c9/Uv/8HevI/l8/pmH515MN0C3JgfIXP3Sv75U22jxf69747ZjejLiRrj9Trda/QrxVO7Zef8aat1hu05/POuwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvnkRAAD//0x2aeA=")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0xc0800, 0x80)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f00000002c0)=0x20)
keyctl$KEYCTL_MOVE(0x4, r2, r2, 0x0, 0x0)

1m35.348839942s ago: executing program 3 (id=4599):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000000)={'\x00', 0xb, 0x4, 0xffffffff, 0x7ff, 0x3})
syz_clone3(&(0x7f0000000280)={0x81000200, &(0x7f0000000080), &(0x7f0000000100), &(0x7f0000000140), {0x1d}, &(0x7f0000000180)=""/111, 0x6f, &(0x7f0000000200)=""/43, &(0x7f0000000240)=[0xffffffffffffffff, 0x0], 0x2}, 0x58)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000c40)={0x0, 0xfe72})

1m35.325706373s ago: executing program 3 (id=4602):
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0100008000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000647fcedee8400dd75c0000000000000000bcf2e66f4bea803ed999314bd48141efb0596dde5761fa53cb1ab87138aa08a9541f84107ee692b25dc85788a4235031fbc0017e00cad8445f69b56d128f0e89a485781a6a9c980499268d90dfa2675314e1c597a676ad97a31324b687e922724d49006b8f01d2a1213659e3370fea2d020b7f9460c872eea6ee8e25572e4348f4a02f864a435047a9b3667b03df5820db68a678020000008636c22a5700bb2f6f2b924cab10cae72c75ceb941b7b5a17da9785fde3e94a12461eeb14d8c4b0990890497c43f5ffc54e36f20d621953e6cb46be6a76d6ac870a1f589caca291b1e2731eed8afc1368a86a994e749a900dd56d6d3a2982d2b0edf3ca7d28ba10f61b4633998fe58d138fffeff3892d710fcccfb8ea7dffc132376c5dcde15c3dfd2192db58b46c6e8bff88fdcbeed45f576b323de0b153ce9c2275777c629d54b864482dc2a6cff75b42b160c9b8ab5707059b424092f3883dce30ef6d97be7a5ffff86f583f6431c45ca8c3352359006342772bc320665a6cb15f5272639d87a928c8fcfc44263c87e4eb358db4ad3a02d4a4a50036dc52ed1f26bda7be526f04a999d659ed029fb53fb3801688b87da5604b3aa3aa069f3a3ef7c41387d0dfaefed74bf63c2f7ebfca9abdb4551cf4cdcf29def206bf7ac31ffcb764d70abe2699ded"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020047b1af8ff00000000bfa1", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000020000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r3}, 0x18)
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, &(0x7f0000000a00)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='mmap_lock_acquire_returned\x00', 0xffffffffffffffff, 0x0, 0x6}, 0x18)
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)

1m35.302289925s ago: executing program 35 (id=4602):
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000c40)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0100008000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000647fcedee8400dd75c0000000000000000bcf2e66f4bea803ed999314bd48141efb0596dde5761fa53cb1ab87138aa08a9541f84107ee692b25dc85788a4235031fbc0017e00cad8445f69b56d128f0e89a485781a6a9c980499268d90dfa2675314e1c597a676ad97a31324b687e922724d49006b8f01d2a1213659e3370fea2d020b7f9460c872eea6ee8e25572e4348f4a02f864a435047a9b3667b03df5820db68a678020000008636c22a5700bb2f6f2b924cab10cae72c75ceb941b7b5a17da9785fde3e94a12461eeb14d8c4b0990890497c43f5ffc54e36f20d621953e6cb46be6a76d6ac870a1f589caca291b1e2731eed8afc1368a86a994e749a900dd56d6d3a2982d2b0edf3ca7d28ba10f61b4633998fe58d138fffeff3892d710fcccfb8ea7dffc132376c5dcde15c3dfd2192db58b46c6e8bff88fdcbeed45f576b323de0b153ce9c2275777c629d54b864482dc2a6cff75b42b160c9b8ab5707059b424092f3883dce30ef6d97be7a5ffff86f583f6431c45ca8c3352359006342772bc320665a6cb15f5272639d87a928c8fcfc44263c87e4eb358db4ad3a02d4a4a50036dc52ed1f26bda7be526f04a999d659ed029fb53fb3801688b87da5604b3aa3aa069f3a3ef7c41387d0dfaefed74bf63c2f7ebfca9abdb4551cf4cdcf29def206bf7ac31ffcb764d70abe2699ded"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020047b1af8ff00000000bfa1", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000020000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r3}, 0x18)
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, &(0x7f0000000a00)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='mmap_lock_acquire_returned\x00', 0xffffffffffffffff, 0x0, 0x6}, 0x18)
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)

1m22.294384904s ago: executing program 4 (id=4793):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="a183000000000000000005"], 0x78}}, 0x0)

1m22.244041728s ago: executing program 4 (id=4795):
r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000300)={'syz', 0x1}, 0x0, 0x0, r0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYRESHEX, @ANYBLOB="d10bb809e6039aa0aca224c9ac7c8cb7a929358fa4fcb249aef7e7930034cb167a59e8eda88ea1069b23dd9b84d15ecbda6586344e46ff350a4ede3275ea970e30d6e4bfb02d160b7a9af53529759d48f291f513e2e00994c2f31e32fe9c9c322e1c9dbd32a0e586fa7923130d0b29b79fe763fb3625914b2e682a2784f1839023a4daa39806f0ec5c9f7cc5ee5d08b483ac18ad8fd22b6284f96ca5330b36aeb26ac160deffeef21f8732732981bcebcdf227e28ace854a3439", @ANYRESHEX, @ANYRES8=0x0, @ANYRESOCT=r2, @ANYBLOB="4e36e8f0d9c950b10a9ac4fdf5053c89a21a6547d64e4255e8153d963e5836e4c4a834c8a621bc0c5697a0666d86d19d252e1d7bcc3f5749260a9da4662171ab08423e36eec0539f3521fe463cf18cfe1f0341e04e06b255a8433e8ea4f994862c21959e8b19701881681e116c030fd340e127d9c1027d75674098f22739197fb790c6be5788a1d58eac75bc044abc651cf9ee88ccaf74939b57fd3190e0f6388c280134d3d0063efebcd52c8de8687512546af1dff3fb84489b2b39cde8b59c3fd9465c777bf531dca6c2bf51612526a93613dca7273cbd157c31a9c843464c2d99bad776b5c824c8", @ANYRES16, @ANYRES8], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r4}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='mpol=interleave,mpol=local'])
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000520001000000000000000000020000000c00"], 0x20}}, 0x10008881)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r6 = io_uring_setup(0x4a86, &(0x7f0000000300)={0x0, 0xfa58, 0x40, 0x1, 0x254})
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x10, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000010000000000000000000000711212000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @sk_msg=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r7 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r7, 0x89e2, &(0x7f0000001380)={<r8=>0xffffffffffffffff})
syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r8)
close_range(r6, 0xffffffffffffffff, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/13, @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r9}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000200100000102"], 0x50)
perf_event_open(&(0x7f0000000380)={0x3, 0x80, 0x0, 0x0, 0x0, 0x5, 0x0, 0x4, 0x22090, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0xa000, 0xc8, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x95ac}, 0x0, 0x101, 0xffffffffffffffff, 0x1)
ioctl$BTRFS_IOC_BALANCE_PROGRESS(0xffffffffffffffff, 0x84009422, &(0x7f0000001200)={0x0, 0x0, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @struct}, {0x0, @struct}})
add_key(&(0x7f0000000000)='rxrpc\x00', 0x0, &(0x7f00000002c0)="0000000000000002ff6900000000000100000018009b3900000200861f4104bfeacdd5a9007d16dcdc2850b5", 0x2c, r1)
r10 = epoll_create1(0x80000)
r11 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/wakeup_count', 0x80800, 0x8)
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r11, &(0x7f00000000c0)={0xe000001a})
socket$nl_generic(0x10, 0x3, 0x10)

1m22.061423803s ago: executing program 4 (id=4797):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ip6_tables_targets\x00')
ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x1c0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

1m22.017926427s ago: executing program 4 (id=4798):
r0 = socket(0x1e, 0x4, 0x0)
connect$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000900)={{{@in=@multicast1, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@remote}, 0x0, @in=@initdev}}, &(0x7f0000000540)=0xe8)
mount$cgroup(0x0, &(0x7f00000004c0)='./file0\x00', &(0x7f0000000500), 0x1000, &(0x7f0000000780)={[{@subsystem='net'}, {@clone_children}, {@cpuset_v2_mode}, {@favordynmods}, {}], [{@smackfsdef={'smackfsdef', 0x3d, ',-'}}, {@uid_eq={'uid', 0x3d, r4}}, {@audit}, {@fsmagic={'fsmagic', 0x3d, 0x100000000}}]})
ioctl$TIOCGSID(r3, 0x5429, &(0x7f0000000300)=<r5=>0x0)
stat(&(0x7f0000000440)='./file0\x00', &(0x7f0000001a00)={0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0})
getresgid(&(0x7f0000000480), &(0x7f0000001a80)=<r7=>0x0, &(0x7f0000001ac0))
getresgid(&(0x7f0000001b00), &(0x7f0000001b40), &(0x7f0000001b80)=<r8=>0x0)
syz_io_uring_setup(0x109, &(0x7f0000000580)={0x0, 0xd736, 0x8, 0x3, 0xbffffffa}, &(0x7f00000003c0), &(0x7f0000000340)=<r9=>0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES64=r9], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8a}, 0x94)
r11 = getpid()
sched_setscheduler(r11, 0x2, &(0x7f00000001c0)=0x7)
getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000001bc0)={{{@in, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0}}, {{@in=@remote}, 0x0, @in=@initdev}}, &(0x7f0000001cc0)=0xe8)
getresgid(&(0x7f0000000c40), &(0x7f0000000140), &(0x7f0000000240)=<r13=>0x0)
syz_mount_image$msdos(&(0x7f00000000c0), &(0x7f0000000200)='./file0\x00', 0x10814, &(0x7f0000000700)=ANY=[@ANYBLOB='umask=00000000000000000000000,flush,nodots,dots,gid=', @ANYRESHEX=r13, @ANYBLOB="00006b746769643d0092", @ANYRES8, @ANYBLOB="1500bba7d41fabba4332de3ca642acf6f8de847e3f21783608008708a887d30aaf0a14b0691d48445fe3b4d1ddde1b81337b2c3b5f88535d7f6fa931b84783704494cebe49ca9f6269b05edde0246c360d0566b4056f0f02ccab035d3d0a5cde0b31bd424949fe23c0a0a25691738006c5c6acdf101fecdb4f79abdfb95c6afaea03dd5903b5240565f31504c207a9a2aa6c8108fb973081e90412a3c6cfa3b2513693727fad9acd8108acb8b90fab033c9dac0dc3e5a61c513e7b5edc5d76320f0e54045ea2b7b8fb1f78d3d346e26ee5ed6926cea1ffe0a1"], 0x1, 0x1fa, &(0x7f0000000500)="$eJzs2zFrE2EYB/Dn2rRe7GAHJ1E4cHEK6icwSAUxIEQy6GSgurQipEsUxH4eZz+EX8alg2SLXO5om2sLjWdyEn8/ON6H/O/guSF53uHN27sfDvY/Hr3f+nISaZLFRsSTmETs5lUpKdd0Vm/HnCTq+FXraQDgj/T7w27TPbBco1F3eDsidi4kg2+NNAQAAAAAAAAAAEBti5z/34j4Wj3/f7zifgGA+pz/X1/tch2NusN7xf6twvl/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDmT6fTWNL/Sci2vGxGRRkQ7Im5GRCsi8s+b7hcAqG8ynZ/7V83/iEgiwvwHgDXw6vWbF91eb6+fZWnEz+PxYDwo1iJ/9ry39zCb2T176mQ8Hmye5o+KPJvPt2b7hjx/fGm+HQ/uF3mePX3Zq+Q7sb/81weA/1InO3Vuvm+WV0Snc1mez+eiOrc/qMzvVtxprew1AIAFHH36fDA8PHw3+utFsthT7bKhq+/53lpWq4prFT+Sf6INRd0ivc7NDf8wAUt39qWvJmkzDQEAAAAAAAAAAAAAABes4i9HTb8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADr53cAAAD//8h6UUs=")
openat$cgroup(r3, &(0x7f0000001d00)='syz1\x00', 0x200002, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000001d40)='/sys/power/disk', 0x8000, 0x12)
r14 = gettid()
r15 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r15, 0x13)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r3, 0xc018937b, &(0x7f0000001d80)={{0x1, 0x1, 0x18, r3, {r4, <r16=>0xffffffffffffffff}}, './file0/file0\x00'})
sendmmsg$unix(r3, &(0x7f0000001f00)=[{{&(0x7f0000000140)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000280)=[{&(0x7f0000000580)="9e95f0e87addeefb02a571ee3cb8145008ca4ec3b952a90c316f8c5fb53d4672e241f5b26d51da79cf981a4e8b23d0eca2cdfa97ec2bfb8b76b6f658898d6f913ace25921d8329adece483070015dedacb9ebbebf0108a5ba84858131d83f9ea868efc61536a87fbc1a9b19a54de63f93616c9e8e1e57c69aa35ae4e879e4299ae09979a99d1cc24915305ecd16797b0d721bf116a3f2d4c4be2fa0645101a6fb3f0714de13084df25a96d5196a6cc55fc1ec265bdf11fcf829b9f6856b9eac2836e6c2bd079f608cc5c427751331168f61049af8d1153c3b7a3f401f86d6bcba1395ecc4e1dc5eb97bced6dc57d89f5589ecf14392415ec2c83a4bacaf794d5385acb15b352c850143883162bfdbd9f4b1ae4332cacdfbbe6dd412a9f5c2f6f95ad45ff236637334a5ac3174cae5386aa8f0c3680238827c369e40dd13e457f8c1059ff66d7c063dee0d9094d12aa25cccb0b565a657c8ebd49310a14713c021a57cbf02c28d6ae33f16e635f6e765728859cb4530aab7e6f39d0d98d5f53f5f10279c150f75b1bcacbb58c5d04993756ee880659ce84cceb13d832537c99756d17f40fbceb3b578790c794d83338d371367588ccf1836c22baeef8b309ee30170deb9ff93c776890fbab1106a636936028ba7af95883352e52d44fc7e0e144f1b1c2e8492e5585ade6931c912673fe814fa400fe70fd2c7a8e4d45e1dcddacaacfc73bc2cf6e9529c72b8aa6e6855c0699d4f77a879aada201cdbdca87cc9062bf99d613b46f999bed88efe69c9cb0287be64b318a047442833819fbdab9e7d525515b8049da9034bfba04dca5ac5e6230cb88fdb202c135107b94d35b6c49babcb3853348607e342e386dc328c244cd681b8442d634081dbf5124a0a5e059991e370a062d837a178a875bfd5d4bf5c3ec9965ed4b83d1d2c0243e19cd95d4067b81a68a837b71b16e1ad948315764132902e41f4647e4a0e0a3e518d11ebe616e97c9f253ed4416d45442d617022546e0f6cd8576a6229e3e4932b04940e49cf7c3534cc67d1589343ea5b65e90b965b1c22d28777ba167a7ecd82dac9626eff39c8531834f23d6e8dfe3ecad32daca6d34842ce29ef130c830824490a809ca73c5a471718f6609e4791ff1dbf0c2a1ab6f27e86678273c90ef805c52673dea87473468f6759c3030f0fe9785d01286a5398a7f96350713d97a85fb707be5b92e467edbc50316f9b926a69290fbb7639ff0e0321303475c7559d8c9f29857f112683eea7a097f62e1d69ed3f42c8be9a554b82d8e5547e4fb97589a42ddd8061ceb003daeaf61b1abca7251c4f2629f11d1db0b061139bbe2792e4a843372bcde1a2f0df6f57ad50f4303538f294644fd23ebd39dd25c7ee6ade1a1290cf427bfa246c4e09170ed53caa7374a8096d325fe1c22d1936828626791214fd3fed159c07f1863ce02312f3cc50c657f075c657b6977b4f071dec4e093eddbdd49e8b60d2ec1a44b2eecdcda37297a23083185eebffdf5a7beb9dd3440ffd21fe1736394b9553deb250dd0ad80a7cf50e98c8e8746a46623f02a7d76d2db75317ae24de0fc5aee2b5ece3e63206b80cd827e8e25c0067672a518c776f12e5e215e77fd750394a2ac9f35e564407465a3c0d3d75e99c9efee4c039bfbd2798ddc02b03b00d401071e89079eff73fe46a13f09d1a5e8b33f6fe5712d409ecebd0dac1e539705246c854567f44f3c570dc900dad7635c0642ff133a2733e4a834e9c2657b0829185618e9e60542aa3fed1ed0e1c1258f9247b264311292e474cd1e871254cb889f9d4244d6423cb0c279b4e728d43ee0c65f476fe2d51454972b24e076f42e6ebc64f906463207b7aaef00242ade8392a467c6e96d360f8a806a5fc000f4d93b857a0a30f3f783eb9f908c85923690bc30d1de53cdfaa9da2c3df640dd2914b9c9f48afad90961627f0e50fbe816d20cdef8df5c26ffc1a7b0138997f64432973196dd7c8a91e667cd1e21c209e7255d690dc9e92f2466c192dca28d481a0cc6903f8b1f7df4999257499f63a7e9c67f6a370e32628123fbe47a2c5a6d4f5081aeb656699e98d3d22fc975714b0f33c91827b4e1bbc1cc192eef64bb1343164ed710c261f411c506d9d5bfd268b93435b86e9efce57e5edcec1cc525ecccc2623e42a86410fb84e3a8662fbe99e330d78fb1d7fd264f718735f6eb70c542044bd6bbda1d7e26d868e3c07268de99df020c8ec077ecf314a9e0b7e428e4cd25487336d8b33d38dd46d4010132e5fe10fb0c19e332935a88a53b738f5dde53b6a920ffd30f8309bfb63fab4553a659928b6eba6668beb99d4e3e5d5838b2f54494b02927cb380136ea22d41cba1ce403308cd854965abed1e63aedff95259ea07b9b5532d6b9dca50d91e3c52f1ccf61b02db32fb59df4c6750888c481b087e6206d9695dd71c6a28f7bb1fdaae9931056f7215b6e31158901315027ec6fc012c86cc5c6e9c61f02407fd1b0389371dcdf3dc65cc5fdefe33e93b6d7700e688e363cd7f7a59be5f25d228d5ccef792b575a2ad271a91509952a1b6134d1130e9544314f63ff1768cc894fef7c647299e0a8ed5ce1544b10b809ccd83d7e3e6c3f8592478a77d2f9d5396ff87c5ea095db890259a09c6d01c5213f2891387b187b0994e5eb975cf0a4b1eef5ab7311d337c09686eb6e4985e56e1638cbc47d5c74ff067c0ac9bc670473e3e8282173687e9fb77139401478bb75481941daef61f89aa9709478ddda97076c67292cbb65ad04c79a9ffd162b6d14b8724a35930892ba5b7ad08bfff5646835884ac988394c4194cf2bcdc326e52a20549f3ee1b2b42edd49de500187c5620521231d4941e7cd535aef60e2de1941d225ff8529f386c1ec8e5dab996823b8833197e5ad4e8f96d4b0a5a27bfe0d7d74fe8c91e4713642bf917c6b26522c81c16285e5c45fa017cf7f6b100be8fbbb8f9b90a095d77761a5037c32609b8e5565c9feb90181c7c66f7215e25db0b896f5c247492ac6c9bfa3989ab044ab3c5b842b122f7b7881661704c8509e65740420a6020f936690a37e385ecddbc00421753cc6b5526d7d3deb0dfad9faf6f51fe226766503d7efb20d32a50ccdf8d60b855b37a1bbff12ca28ec99da21683e4e4062451e5815f7bcf20882c099018f67d90dacafcebbcf7e50b1f6cc25c4d94a4db9137a1dd1745ee40182bbe131c9027bfc066d8f24bb71b416bf8a4d2feb74420e738cf7410b9d2080c67d2b33a7278e2517bc8b45065204d7e82ce800c8ac44cb5ca0640f5558f03287b20c94e5c89d4f9d15d2e9e0b85876848db3b6753194303971f6f0e66c642e1bdd103ff0f8c68314c7ce63db53c771534b20a484c9b2eccad541f4f58535d9dbc4318382e17cc2b1b0648210e4922531bfb9e9c547bcb90c352e00ccc2b57af3efb96afeb3e39d0a8499840f7df06f8ca9ee83d9d0f9b2ab052181e30f756585ddc3c03065086e8516fadf50f20bbddf120e931a15341693b2ba3708a7a00483e6cad62a2d43ebd566e19fd68e33ed66dc567e7fa5a0a4c229fc33aac5fa5b7ba3232a38bd3265ea96d29c613bc01d51a7249ca7111bbdc6e5cf77bf64e2489f9d64e43757eb6b2b3ee2a455c337b08deca898586fa9c86abab51dff51cce563d8225c68fe349f84e4d9a040ea282c005ad8f1bf161d2c7e8ed88718be0236d6860589287a62b75d72c3eece39c7538efeab2971c31ec6184ebb4535b7e2251cfcb3546d080b4ad26823c18bca45db7c47b24ef107dff9649631aac4c0760e805801e67b96ba42aed084de188c42109affc8b5167e4f844da05c10e5a4717c91fd457cd94faaf86bbc86e95842818b47e38e8c6736275fa7bfddb49ef48aa66e13bd4aeeae3046360f3b4b9d1fbc7855125c4eda4ac345eb68cd723354c692ab32ac6aafe4d2675a2487696185d3e53576aa284a2ae3a8caee6ec24e6e7e752a1f900a983c7c536f82e4d241d8418c22c105933277ba20798344ea6157dbba7116ee3800316d56682966849c4003c3a1899cfba6a6a75809a2b65dff34ebaad7e18ca1f42b021389fdb39408ccd4b1b113a5f0fd6a78d63454c3df7beeca9dc0ba3252510ff83672a383b1973a9fca5204fd7c00a1d367eb3667792a8c0ccd8d88dca8078e577d1f378022532d36fa8c341e77280fd6e3b495c17b3a8cba5dfdbb3fb9aded01644c0c043764bd25d4b7c2a1ca369c2c65ddada17c7e8e2c5d5f8967116de3f8d9101c31eea92129bc56180d8292ab574c7b640ff80e529aa0581e8d4af2cde7ddca74ecdce023c4533c99c6763b99978d6c8bb67a68e6fb59c2f946da9d428978cfc5cdcfb45a1c4d8738b2aa2fcc53000629b9ed89e1ecc572fda72fc076538f975b132b78a5353296d7956dddb0d63f70545d114a86ab8f66d4b3d5b8e91c81fedc3f2789cf423d520c8e33c30fe8d909597562f8fb15745f25f7dd48e8d5a40527092992b39f487a79528ab20ac852e137b17313641003a27451666a4531684cc4e6b85342a80d18667a9bbe24bad60be7ce98d065540d8091bd46f18ab7246688749fa501d0494ca8d4a17ccca319a3075139ff46d232c16b270ed241d6feddf17f3d46b469a89511c858294ded5d7f51b6f6bf2f2faa1457fe79194cee061d00322874407335a010d393c94242257e2685d271519066507206afb5e6820339f3650ebcea72433d4185ae00b4a231289d8a5cc43f007a61348391486012991f3165570d365a41e7cf3c717a83cc3ef854dd46804f37e07533323552a018306407cdcea71e7bd0f6110cfe00ac81e7706dae8d9608347c5ce21726603f63485bfe3bb74b4a87383554c93a4503094f275a116a816e6e105f68a152bc2f51207c57bc5db31727c18d4f60081d119d4b0b0322e5ed4efd8ffea5087ec6c04844d3bf7bc755a52715212682bab16a60fb892a57f07e7fafa0f37efb35b174f315bd26c8f8648f112447cee727b0b5a9c225457a99b94371f72171b9dfe670cafc850f741a13f619bbee22df1678e030a2abee7b7ca53eae60e0dfda8170caa69e31726dfa8fa7365828f24c4d3be24c6fb0eb7fe39cd947d1cc9462f391f99db24d6a8c237dedfb56926ec7163cafac8dfd1f3973b997d6b250751a2f4f625196b3e521bd6a4492747a4bb97ddeea3d84bc1a7236b592683eda3ceb9a408a2551ad3e2d52e7b245bba50f8c36f2b34f797215dbb5a9281ffa25dc7489a0a882a0aa3a858a0fb6a104e7f4c68f03826ed184c968f6d46e969ea6411528e129a38c174a2abca53f8c4f8c7cd8db8ebf99519e591274c27b29763b2903db93870e66229253faa40db81a1a5609bd3079c7e44d7ea9dc5c8492b3989925516cf21de6971c0dddec51509a5dac1d7804a156c6e45398447f7803aa4d9b79c0a13014973b107e208e8577fb09c581574e23e459a592bc5d3161e9f7c350012e8f12d12a512018b697f671ece394fc9c317f471d13f4513b42ad880fbe80e7d0632aa5c99e3f37bdc42ccd86d32408d3618197dfcd49b7a31f0aaaf2e670eb6f5460fd678821292f1127e595805feaec5ee2cb4def379af191e82cb6f038a0d497054c5eaad77ce8fc037a07c9525dff0d7cd78af5777115d947a726382a2a193f2bc2c2d942981015403f8cafa33f25c5730113f9c5c7c0b4d9bbe93193a3490ae207f54fca106dcf49a35ecaf45348deacd625c033fcd569122e1782cba8b5dc91aa343bf9cc6cf384461ff2f8a132630a3d18f9b", 0xfffffffffffffeb9}, {&(0x7f00000001c0)="cd9d15f4f662ad4385ce62a86602afdf9968d24c0d0562b3b023b9db18310ec902e267b7a04fb32cc4139a1806e8b20ec428621c6aa77b1d428e5066fdbb9c20a19fda35e9d74e31d0c7bdc1c881e75316c5966329da750c093cd41a809bbecec628dae56ada589ae182fd9522b34474a4552d3e532be1751a0c0ae52f804b60868f9b239e3537ce5fca508b87b5b08df8d4ecf25b75eed844393497de45b2670d2b5ca7ce3819d516f139b602734eb5a7bb", 0xb2}, {&(0x7f00000000c0)="19809036cb07edd4b794db27d7f09c99b4d8fbfeac4be521718bf730a956", 0x1e}], 0x3, &(0x7f00000002c0)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r4, 0xee01}}}], 0x20, 0x8000}}, {{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000001580)="685c759680ca2c5b841bbed1c692f3a1d5d2f8b18bee31a53f7d78aaf59af19c73e1c4dd6e77cfceb43c3ff6b30a69016d0b2f1aaf0f0173fd0ea7b0347ed39bf80f88c0145a9598ffee623057bff71af16a090f6930eb6a43e6ba6be0822cb5368268e9b461c9ea81980dd6fc0c9be15e8231003f02c9c192612e685cd0cd0aa430fdecf14f20839c53ecb92b81c70de07023e61fbbc7e9b043fd8d629f302d5d2b918c626010ce9b2e2c521198ef6bace347268d492a2d0d58d2b25e0078d47770bbca331ca93a088a7e62d1012cf3a6b927fff4d15a9d85e37881524b90a02b35bdf8f48a94a04bf5a5c0d7f733d45d2ee85443c5f65a", 0xf8}, {&(0x7f0000001680)="cadbafac5c5d2fff38ab88cfb87972e38a2186d15e1d4c32f650a78260ae9477311c7327d7cdc4e463f9b1ce1df4447d15d698fc675ddcab6039580d35e37732b5c2440681461efa07400ee3f82b792d8a6d57d7b0534594806090f87ec07d639f060cdd1136ebb3b19ad0249a03ae8d002240e8a9c540978042b083f0e01d864c48940396e5b168392c8e87d4524b88c8713e0cdcd282699b9c1292fcf82544bcffbc8815f630667610ed9227083705367ff54d13f2e3ab7e1ff628e8627d6bf7fea56545e2906e5e204520cd69ffa212a55fe599ae9d52cef7c8cd314d21dbb5f2126ecafa", 0xe6}, {&(0x7f0000001780)="3b7ad8ffbb1d33bfdbe3c2a6adbf0c34b1fbd26941aece9a767507be718b33c64cfd5325dce3cc5ace2dbf6ac390b2c52d84f0d0bc0c7dd2c86982fbfbccd2c48c2f10d8418e88594881065b840322a521b9cc4ee42666e2965e97b1b90a18cfebaca06f46449a9bf940680382a269d64169ad4d610cfa84c3044f400dc9db144a8ceb7d9a7f4e2932faadb2e32e9c3ea0cb7664187b59829b13dc5b8a891e05f8117e372c1f1339", 0xa8}, {&(0x7f0000001840)="71a115cb18482e0285e3fafcbc4744d904ec5b437df532aa91ea5a559c7bf7d6797f0040d0a6fc57d60dc3a2e6b9acaa84955bcd60dfe8e1a981705368039987c4c81491ad61ea07b32e9768ffe373698acaac8a431d184c6a8539da0637ba1f4f3b1edb446303638842b8ab965e0b111fd23e4b6e94c2ca6e986d01e03265e1b4a2b9b1c10f762b607eae952a5b460236db7f5ae5e1", 0x96}, {&(0x7f0000001900)="5a3a6e4fd3f55d28b523cbc795e7cd95bbb910dba5d922329141fc172fb55917438ae63edaca32f4dfa25e5b94e2077c722d0f764aa59dc53382db145e112127c044961c0b95636d8c3fbf2bbccced9a1111b06b9d59d17b77c89296f06fe96aa895912f1b987a3a3836ea575d054761af5ed5d67e5d32dc8f9c1c0b262c262efe118469141ff52d4980dba30eedb16b0e4dfa5ca858090c6532b1daa1cb975b849bc3c426a25670c42cdc0f1162d8c1c707bd9cfc072f6c75314dbe3ce9bf5affb760d93def4f3c0d33472756b014448fc9f5dac2bfd0167fa294ec32f62a6bc048ef2b8cac1f04037ebc6a65bdaa2deb0365ff8598abc344", 0xf9}], 0x5, &(0x7f0000001dc0)=[@cred={{0x1c, 0x1, 0x2, {r5, r4, r6}}}, @cred={{0x1c, 0x1, 0x2, {0x0, r4, r7}}}, @cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, r4, r8}}}, @rights={{0x28, 0x1, 0x1, [r0, r2, r1, r10, r3, r3]}}, @cred={{0x18, 0x1, 0x2, {r11, r12, r13}}}, @rights={{0x10}}, @cred={{0x1c, 0x1, 0x2, {r14, r4, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {r15, r4, r16}}}], 0xf8, 0x40000}}], 0x2, 0x0)

1m21.872782008s ago: executing program 4 (id=4801):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket(0x40000000015, 0x5, 0x0)
getsockopt(r0, 0x200000000114, 0x2721, &(0x7f0000000580)=""/102393, &(0x7f0000000040)=0x18ff9)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
setrlimit(0xa, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = open_tree(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0x8000)
getsockname$packet(r4, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000240)=0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r3}, 0x10)
open(&(0x7f0000000080)='./file1\x00', 0x66842, 0x90)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r5, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000300)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e000000000000000000180002801400038010"], 0x44}}, 0x0)

1m18.25430875s ago: executing program 4 (id=4842):
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000280)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r3}, 0x94)

1m18.244340961s ago: executing program 36 (id=4842):
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x1000f4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000280)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r3}, 0x94)

56.310612459s ago: executing program 8 (id=5137):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x69, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000e40)=[{&(0x7f0000000d00)=""/242, 0xfffffd63}, {&(0x7f0000000240)=""/205, 0xcd}, {&(0x7f0000000380)=""/210, 0xd2}, {&(0x7f00000006c0)=""/188, 0xc9}, {&(0x7f0000000f40)=""/213, 0xd5}, {&(0x7f0000002100)=""/4077, 0xfed}, {&(0x7f00000007c0)=""/211, 0xd3}, {&(0x7f0000000b00)=""/231, 0xe7}, {&(0x7f0000000480)=""/176, 0xb0}, {&(0x7f0000000c00)=""/208, 0xd0}], 0xa}, 0x40012100)
recvmsg$kcm(r0, &(0x7f0000000900)={0x0, 0x0, 0x0}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
recvmsg$kcm(r0, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0)
r2 = gettid()
ppoll(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
tkill(r2, 0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
prctl$PR_SET_THP_DISABLE(0x29, 0x0)
prctl$PR_SET_THP_DISABLE(0x29, 0x1)

55.852734766s ago: executing program 8 (id=5149):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
r2 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000c40)={0x0, 0xfe72})

55.650514563s ago: executing program 8 (id=5151):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=<r1=>0xffffffffffffffff], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pipe(&(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
write$binfmt_misc(r4, &(0x7f0000000680)="bdc99b91a6b003e6007d3b41bb80d5fcff0500000000000000171c7199a390bd018fa089742eb2a1dc8732cbb53d3a3690cbb731aa2f744bd270c9d936b8491d778d1bcfd8c7", 0x46)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000580)={r3, 0x20, &(0x7f00000004c0)={&(0x7f0000000380)=""/188, 0xbc, <r5=>0x0, &(0x7f0000000040)=""/57, 0x39}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xa, 0xc, &(0x7f0000000240)=ANY=[@ANYRESHEX=r1, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x10, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r6, 0x0, 0x100000000}, 0x18)
r7 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x40, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r7, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r8}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r9, 0x0, 0x5}, 0x18)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
mount$nfs4(&(0x7f00000001c0)='\x00', &(0x7f0000000000)='./file0\x00', &(0x7f00000003c0), 0x200000, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r10], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
timer_create(0x0, 0x0, &(0x7f0000000000))
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f00000005c0)=ANY=[@ANYRES32=r7], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000500)='hrtimer_start\x00', r11}, 0x10)
timer_settime(0x0, 0x0, &(0x7f0000000200)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
write$nci(r0, 0x0, 0xfffffeea)

55.165547992s ago: executing program 8 (id=5153):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000000)='binfmt_misc\x00', 0xc00, 0x0)
chroot(&(0x7f00000001c0)='./file0\x00')
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001240)=@newlink={0x68, 0x10, 0x437, 0x70bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x40c89}, [@IFLA_LINKINFO={0x48, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x38, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x7, @private0}, @IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e20}, @IFLA_GRE_TTL={0x5, 0x8, 0x6}, @IFLA_GRE_FLOWINFO={0x8, 0xc, 0x5}, @IFLA_GRE_ENCAP_FLAGS={0x6, 0xf, 0x7fff}]}}}]}, 0x68}, 0x1, 0x0, 0x0, 0x20008000}, 0x20000000)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00')
pivot_root(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000240)='./file0/../file0\x00')

55.036141382s ago: executing program 8 (id=5155):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008001500b7040000000000008500000058"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000780)='sys_enter\x00', r1}, 0x18)
statx(0xffffffffffffffff, 0x0, 0x0, 0x40, 0x0) (fail_nth: 3)

54.601852947s ago: executing program 8 (id=5165):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000002001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x66, &(0x7f00000068c0)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb86dd6007000000303a00fe8000f500"], 0x0)

54.601719807s ago: executing program 37 (id=5165):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000002001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0x66, &(0x7f00000068c0)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb86dd6007000000303a00fe8000f500"], 0x0)

1.766352357s ago: executing program 5 (id=6487):
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="06000000040000000700000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000080)='GPL\x00', 0xffff, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@broadcast, @in=@broadcast, 0x0, 0x0, 0x4e20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x72}, {0x3}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0x0, 0x32}, 0x2, @in, 0x0, 0x4}}, 0xe8)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000280))
sendmmsg$inet6(r2, &(0x7f0000000a80)=[{{&(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}], 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
unshare(0x22020600)
r4 = socket(0x23, 0x80805, 0x0)
connect$pptp(r4, &(0x7f0000000180)={0x18, 0x2, {0x1, @multicast1}}, 0x1e)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0xb, &(0x7f0000000100)=0xfff, 0x4)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff02000000000000000000000000000104004e200023b0"], 0x0)

1.060346945s ago: executing program 7 (id=6525):
r0 = socket$unix(0x1, 0x5, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000500000005000000090000"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair(0x18, 0x0, 0x2, &(0x7f0000000000))
syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r4, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f00000000c0)=@ethtool_regs={0x4, 0x0, 0x4, "f42a97b9"}})

842.094512ms ago: executing program 5 (id=6519):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r1, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000300)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000008000000180001801400020073797a5f74756e0000000000000000001800028014000380"], 0x44}}, 0x0)

816.886634ms ago: executing program 5 (id=6521):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{r1}, 0x0, &(0x7f0000004040)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r2, 0x0, 0x8000000000000}, 0x18)
openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1ae98752ffffff00", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r3, 0x84, 0x17, &(0x7f0000000000)=ANY=[], 0xffc9)
close_range(r0, 0xffffffffffffffff, 0x0)

793.872276ms ago: executing program 5 (id=6524):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a017f7f00000000000000050000000900010073797a30000000000900030073797a300000000008000a400000000328000480080002400000001208000140000000000d0003"], 0xac}, 0x1, 0x0, 0x0, 0xc0c1}, 0x40400)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)

755.957049ms ago: executing program 5 (id=6528):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x18)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x70, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x17f}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)=[0x45c], 0x0, 0x0, 0x100000, 0x1}}, 0x40)

730.390381ms ago: executing program 5 (id=6531):
r0 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYRES16=r0, @ANYRESDEC=r0], &(0x7f0000000080)='GPL\x00', 0xffff, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="0207000902"], 0x10}}, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@broadcast, @in=@broadcast, 0x0, 0x0, 0x4e20, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x72}, {0x3}, 0x0, 0x0, 0x1}, {{@in6=@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010101}, 0x0, 0x32}, 0x2, @in, 0x0, 0x4}}, 0xe8)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000280))
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
unshare(0x22020600)
r4 = socket(0x23, 0x80805, 0x0)
connect$pptp(r4, &(0x7f0000000180)={0x18, 0x2, {0x1, @multicast1}}, 0x1e)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0xb, &(0x7f0000000100)=0xfff, 0x4)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff02000000000000000000000000000104004e200023b0"], 0x0)

579.821453ms ago: executing program 9 (id=6540):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r2, 0x0, 0x8000000000000}, 0x18)
openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1ae98752ffffff00", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r3, 0x84, 0x17, &(0x7f0000000000)=ANY=[], 0xffc9)
close_range(r0, 0xffffffffffffffff, 0x0)

538.348426ms ago: executing program 9 (id=6541):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000940)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad1f50ad32d3fd25dfd73a015e0ca6a0f68a7d007f15451dfb265a0e3ccae669e173a64bc1cfd5587d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661ca3dbe74bd09de8793dbcceef76b2e5feecf9c66c54c3b3ffe1b4ce25d7c983c044c06cd0a48dfe3e26e7a23129d6606fd28a69989d552af6d9a9df2c3af36e0360050011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a13ed38ae82f87925bfacba83109753f541cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b70a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a92895614cd50cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba73c31b05c00fba8a4aee676d7c45bb29671a68ee2e60da7b01a2e5785a238afa4aba70c07fcd95bf8b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf334178b04963d67dd5a5707e618a1ef9057fec00f9e930219fa8d30e716de8cde9c60f0000000c3b64d10f0939b42b788daa7075fa542242b00f6bf9b64ad460e386b6f388351fbdacb3ad074574ee9d450f9dcfaef1be95ff3c449e6482e4403174618c20e887d6f320616d31d78a0e5421d5742cc52509fd90cf2df6d1404f6b8f810d7b94d421971b77a3270153a0d57cccfe27872f3e8e44480f93c33421986a7737842627301fb2fee8cabab074adaa2024ff57e609ba2f4d83b3bbf52309484532416f48f43b31395c6f45fee8f1682a4e8d5e3b9ae634ed24fb0e8b5fadaf5cb7eea62b7bb4264e72950c9dc791d771acc24c08cdb6ef24c813d082a86d9b879bdf5aefdfd905a2bd4ea36b0b54915a68fe149db154a8340017e1855511e9c0fe62d0cf55"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0x46, &(0x7f00000001c0)={@link_local, @random="2059379000", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "108114", 0x10, 0x11, 0x0, @empty, @mcast2, {[], {0x0, 0xe22, 0x10, 0x0, @gue={{0x2, 0x1, 0x0, 0x9}}}}}}}}, 0x0)

489.08593ms ago: executing program 9 (id=6544):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b70400000000000085000000010000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0800034000000004640000000e0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000380003803400008028000180230001"], 0xf0}, 0x1, 0x0, 0x0, 0x80}, 0x0)

462.334932ms ago: executing program 9 (id=6547):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{r1}, &(0x7f0000004000), 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r2, 0x0, 0x8000000000000}, 0x18)
openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1ae98752ffffff00", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r3, 0x84, 0x17, &(0x7f0000000000)=ANY=[], 0xffc9)
close_range(r0, 0xffffffffffffffff, 0x0)

415.711856ms ago: executing program 9 (id=6550):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a017f7f00000000000000050000000900010073797a30000000000900030073797a300000000008000a400000000328000480080002400000001208000140000000000d0003"], 0xac}, 0x1, 0x0, 0x0, 0xc0c1}, 0x40400)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)

377.130029ms ago: executing program 9 (id=6553):
r0 = syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000200)='./file0\x00', 0x18000, &(0x7f0000002f40)=ANY=[@ANYRES8=0x0, @ANYRES8, @ANYRES16=0x0, @ANYRESDEC, @ANYRES32, @ANYRES32], 0x1, 0x2ee, &(0x7f00000009c0)="$eJzs3M9PE1sUwPHTH5S2BMri5b28l7xwoxvdTKC6VhoDibGJBKnxR2IywFSbji2ZaTA1RnTl1vhHuCAs2ZEo/wAbd7px446NiQtZGMd0OkNpGUBKaRG+n4TMYe49nXtnBnLuhGHzzuvHxbyt5fWKhONKQiIiWyLDEhZfyNuG3TgmO72QiwPfPv5/6+69G5lsdmJaqcnMzKW0Umpo5N2TZwmv21q/bAw/2Pya/rLx98a/mz9nHhVsVbBVqVxRupotf67os6ah5gt2UVNqyjR021CFkm1Y9fZyvT1vlhcWqkovzQ8mFyzDtpVeqqqiUVWVsqpYVRV5qBdKStM0NZgUHCS3PD2tZ9pMnuvwYHBMLCujR0Qksaslt9yTAQEAgJ5qrf/DojpZ/6+cW68M3F4d8ur/tVhQ/X/5U/2zmur/uIgE1v/+8QPrf/1w9f/uiuhsOVL9j5NhJLZrV6gR1hqtjJ70fn5dL++vjLoB9T8AAAAAAAAAAAAAAAAAAAAAAH+CLcdJOY6T8rf+V7+IxEXE/z4gNSIiV3swZHTQEa4/ToHGi3vRIRHz1WJuMVffeh3WRcQUQ0YlJT/c+8FTi/03j1TNsLw3l7z8pcVcxG3J5KXg5o9Jqk9a8x1n8np2YkzVNef3SXJnflpS8ldwfjowPyYXzu/I1yQlH+akLKbMu+No5D8fU+razWxLfsLtBwAAAADAaaCpbYHrd03bq72ev72+bn0+EGmsr0cD1+dR+S/a27kDAAAAAHBW2NWnRd00DWufICEH92k/iB7TJ/sz/N0s/28Zjm+m+wT+wZua4t7Ojp+W0CFOyx5BWNrJGqnNRh11Fv5jo736yNR4965g0zD+efP2e+cOcWU1fsBM2w8i+98AfV37BQQAAACgaxpFv79nvLcDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgDOrGv0nr9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JXAAAA//+qDgR1")
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000880)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000180)={&(0x7f0000000680)={0xa0, 0x0, 0x1, 0x3, 0x0, 0x0, {0x7}, [@CTA_NAT_DST={0x4c, 0xd, 0x0, 0x1, [@CTA_NAT_V4_MINIP={0x8, 0x1, @initdev={0xac, 0x1e, 0x1, 0x0}}, @CTA_NAT_V6_MINIP={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x12}}, @CTA_NAT_PROTO={0x4}, @CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e21}]}, @CTA_NAT_V4_MINIP={0x8, 0x1, @rand_addr=0x64010101}, @CTA_NAT_V6_MINIP={0x14, 0x4, @mcast2}]}, @CTA_ID={0x8, 0xc, 0x1, 0x0, 0x3}, @CTA_NAT_SRC={0x10, 0x6, 0x0, 0x1, [@CTA_NAT_PROTO={0xc, 0x3, 0x0, 0x1, [@CTA_PROTONAT_PORT_MIN={0x6, 0x1, 0x4e20}]}]}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x810}]}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x3d29f75d}, @CTA_NAT_DST={0x4}, @CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x4}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x1002}]}, 0xa0}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
getsockopt$inet6_mreq(r0, 0x29, 0x1c, &(0x7f0000000000), &(0x7f00000000c0)=0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000480)=@abs={0x0, 0x0, 0x8004e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
r4 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
writev(r4, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}], 0x1)

242.64922ms ago: executing program 0 (id=6555):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000940)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad1f50ad32d3fd25dfd73a015e0ca6a0f68a7d007f15451dfb265a0e3ccae669e173a64bc1cfd5587d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661ca3dbe74bd09de8793dbcceef76b2e5feecf9c66c54c3b3ffe1b4ce25d7c983c044c06cd0a48dfe3e26e7a23129d6606fd28a69989d552af6d9a9df2c3af36e0360050011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a13ed38ae82f87925bfacba83109753f541cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b70a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a92895614cd50cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba73c31b05c00fba8a4aee676d7c45bb29671a68ee2e60da7b01a2e5785a238afa4aba70c07fcd95bf8b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf334178b04963d67dd5a5707e618a1ef9057fec00f9e930219fa8d30e716de8cde9c60f0000000c3b64d10f0939b42b788daa7075fa542242b00f6bf9b64ad460e386b6f388351fbdacb3ad074574ee9d450f9dcfaef1be95ff3c449e6482e4403174618c20e887d6f320616d31d78a0e5421d5742cc52509fd90cf2df6d1404f6b8f810d7b94d421971b77a3270153a0d57cccfe27872f3e8e44480f93c33421986a7737842627301fb2fee8cabab074adaa2024ff57e609ba2f4d83b3bbf52309484532416f48f43b31395c6f45fee8f1682a4e8d5e3b9ae634ed24fb0e8b5fadaf5cb7eea62b7bb4264e72950c9dc791d771acc24c08cdb6ef24c813d082a86d9b879bdf5aefdfd905a2bd4ea36b0b54915a68fe149db154a8340017e1855511e9c0fe62d0cf55"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0x46, &(0x7f00000001c0)={@link_local, @random="2059379000", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "108114", 0x10, 0x11, 0x0, @empty, @mcast2, {[], {0x0, 0xe22, 0x10, 0x0, @gue={{0x2, 0x1, 0x0, 0x9}}}}}}}}, 0x0)

222.560392ms ago: executing program 6 (id=6557):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b70400000000000085000000010000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f0800034000000004640000000e0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000380003803400008028000180230001"], 0xf0}, 0x1, 0x0, 0x0, 0x80}, 0x0)

217.552342ms ago: executing program 0 (id=6558):
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
write$selinux_attr(r0, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)

195.786974ms ago: executing program 7 (id=6559):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x70, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x17f}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)=[0x45c], 0x0, 0x0, 0x100000, 0x1}}, 0x40)

178.290465ms ago: executing program 6 (id=6560):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{r1}, &(0x7f0000004000), 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r2, 0x0, 0x8000000000000}, 0x18)
openat$selinux_create(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f00000002c0)="1ae98752ffffff00", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r3, 0x84, 0x17, &(0x7f0000000000)=ANY=[], 0xffc9)
close_range(r0, 0xffffffffffffffff, 0x0)

159.104237ms ago: executing program 7 (id=6561):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
getpid()
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'batadv_slave_0\x00'})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)

131.240459ms ago: executing program 0 (id=6562):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x18, 0x5, &(0x7f0000001080)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6a, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0, r0}, 0x18)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000160a0500000000000000000002000000300003802c00038004000100776732000000000000000000000000001400010076657468315f746f5f627269646765000900020073797a30000000000900010073797a30"], 0x84}, 0x1, 0x0, 0x0, 0x40000}, 0x20008000)

130.745059ms ago: executing program 6 (id=6563):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000440)='kfree\x00', r1, 0x0, 0x5}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a017f7f00000000000000050000000900010073797a30000000000900030073797a300000000008000a400000000328000480080002400000001208000140000000000d0003"], 0xac}, 0x1, 0x0, 0x0, 0xc0c1}, 0x40400)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
mlock2(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)

113.644681ms ago: executing program 0 (id=6564):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x1, &(0x7f0000000780)=[{0x200000000006, 0xf, 0x6, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000060000850000001b000000b700000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
inotify_init()

93.574432ms ago: executing program 7 (id=6565):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffff"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000021007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000540)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x106, 0xa}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000280)=0x1, r2, 0x0, 0x1, 0x4}}, 0x20)

85.072303ms ago: executing program 0 (id=6566):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01080000000000000000020000000900020073797a2a0000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

44.548106ms ago: executing program 6 (id=6567):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0700000004000000000100000100000028"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a0000000000000000181200", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000001880), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000840)=ANY=[@ANYBLOB='x\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="a183000000000000000005"], 0x78}}, 0x0)

44.387386ms ago: executing program 7 (id=6568):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00'}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x800, 0x3, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
move_pages(0x0, 0x0, &(0x7f0000000040), &(0x7f0000001180), 0x0, 0x0)

44.241566ms ago: executing program 6 (id=6569):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x1, &(0x7f0000000780)=[{0x200000000006, 0xf, 0x6, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x18)
inotify_init()

41.133847ms ago: executing program 0 (id=6570):
r0 = socket$unix(0x1, 0x5, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000500000005000000090000"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair(0x18, 0x0, 0x2, &(0x7f0000000000))
syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r4, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f00000000c0)=@ethtool_regs={0x4, 0x0, 0x4, "f42a97b9"}})

717.59µs ago: executing program 6 (id=6571):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x18)
r2 = getpid()
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x70, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x17f}, 0x94)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(0xffffffffffffffff, &(0x7f00000011c0)={&(0x7f0000000b40)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001180)={&(0x7f00000010c0)={0xbc, 0x0, 0x200, 0x70bd2d, 0x25dfdbfd, {}, [@HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'xfrm0\x00'}]}, @HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x4}, @HEADER={0x38, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0xbc}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0xecf86c37d53049cc)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)=[0x45c], 0x0, 0x0, 0x100000, 0x1, r2}}, 0x40)

0s ago: executing program 7 (id=6572):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x70, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x17f}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000003c0)=[0x45c], 0x0, 0x0, 0x100000, 0x1}}, 0x40)

kernel console output (not intermixed with test programs):

77777777777'
[  623.794299][T21806] netlink: 'syz.9.5030': attribute type 27 has an invalid length.
[  623.822081][T21806] bridge0: port 3(
30ªî{X¹¦) entered disabled state
[  623.871214][T21806] bridge0: port 2(bridge_slave_1) entered disabled state
[  623.878592][T21806] bridge0: port 1(bridge_slave_0) entered disabled state
[  623.895279][T21810] netlink: 'syz.6.5031': attribute type 1 has an invalid length.
[  623.959006][T21806] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  624.020751][T21806] gretap1: left promiscuous mode
[  624.037703][T21810] 8021q: adding VLAN 0 to HW filter on device bond1
[  624.092248][ T6354] netdevsim netdevsim9 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  624.108647][ T6354] netdevsim netdevsim9 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  624.142168][ T6354] netdevsim netdevsim9 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  624.178733][ T6354] netdevsim netdevsim9 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  624.444818][T21838] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  624.553568][T18144] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  624.783179][T21884] 9pnet_fd: Insufficient options for proto=fd
[  624.873489][T21898] loop8: detected capacity change from 0 to 512
[  624.895652][T21898] EXT4-fs (loop8): couldn't mount as ext3 due to feature incompatibilities
[  624.926979][T21909] netlink: 100 bytes leftover after parsing attributes in process `syz.5.5049'.
[  625.248029][T21969] netlink: 20 bytes leftover after parsing attributes in process `syz.9.5055'.
[  625.277908][T21973] loop6: detected capacity change from 0 to 128
[  625.321296][T21977] netlink: 100 bytes leftover after parsing attributes in process `syz.9.5060'.
[  625.376486][T21981] ref_ctr_offset mismatch. inode: 0xfe offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x8000000
[  625.396268][T21981] hub 9-0:1.0: USB hub found
[  625.401232][T21981] hub 9-0:1.0: 8 ports detected
[  625.965047][T22038] netlink: 20 bytes leftover after parsing attributes in process `syz.7.5067'.
[  626.484394][T22121] nfs4: Bad value for 'source'
[  626.559324][T22134] netlink: 20 bytes leftover after parsing attributes in process `syz.9.5080'.
[  627.206758][T22142] loop6: detected capacity change from 0 to 736
[  627.216616][   T29] kauditd_printk_skb: 360 callbacks suppressed
[  627.216634][   T29] audit: type=1400 audit(2000000021.530:19699): avc:  denied  { mounton } for  pid=22141 comm="syz.6.5082" path="/143/file0" dev="tmpfs" ino=777 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  627.245734][T22142] iso9660: Unknown parameter '01777777777777777777777'
[  627.257592][T22142] netlink: 'syz.6.5082': attribute type 27 has an invalid length.
[  627.268179][T22144] nfs4: Bad value for 'source'
[  627.289650][T22142] bridge0: port 3(gretap0) entered disabled state
[  627.325809][T22149] loop9: detected capacity change from 0 to 128
[  627.344714][T22142] bridge0: port 2(bridge_slave_1) entered disabled state
[  627.352157][T22142] bridge0: port 1(bridge_slave_0) entered disabled state
[  627.407489][T22142] vxcan1: left allmulticast mode
[  627.458302][T22142] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  627.492584][T22142] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  627.557054][T22152] netlink: 100 bytes leftover after parsing attributes in process `syz.7.5086'.
[  627.566299][T16235] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  627.576334][T16235] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  627.602202][T16235] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  627.636730][T16235] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  627.657214][   T29] audit: type=1400 audit(2000000021.970:19700): avc:  denied  { allowed } for  pid=22156 comm="syz.7.5088" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  627.705078][   T29] audit: type=1400 audit(2000000022.010:19701): avc:  denied  { map_create } for  pid=22156 comm="syz.7.5088" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  627.750834][T22162] nfs4: Bad value for 'source'
[  627.752224][   T29] audit: type=1400 audit(2000000022.020:19702): avc:  denied  { read write } for  pid=22161 comm="syz.6.5090" name="virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  627.779585][   T29] audit: type=1400 audit(2000000022.020:19703): avc:  denied  { open } for  pid=22161 comm="syz.6.5090" path="/dev/virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  627.803715][   T29] audit: type=1400 audit(2000000022.040:19704): avc:  denied  { ioctl } for  pid=22156 comm="syz.7.5088" path="/dev/loop5" dev="devtmpfs" ino=1213 ioctlcmd=0x4c02 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  627.828490][   T29] audit: type=1400 audit(2000000022.050:19705): avc:  denied  { prog_load } for  pid=22156 comm="syz.7.5088" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  627.847759][   T29] audit: type=1400 audit(2000000022.050:19706): avc:  denied  { bpf } for  pid=22156 comm="syz.7.5088" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  627.868559][   T29] audit: type=1400 audit(2000000022.060:19707): avc:  denied  { perfmon } for  pid=22156 comm="syz.7.5088" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  627.889998][   T29] audit: type=1400 audit(2000000022.060:19708): avc:  denied  { read } for  pid=22161 comm="syz.6.5090" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  628.161206][T22176] loop8: detected capacity change from 0 to 512
[  628.188972][T22176] EXT4-fs error (device loop8): ext4_orphan_get:1392: inode #15: comm syz.8.5091: casefold flag without casefold feature
[  628.213093][T22176] EXT4-fs (loop8): Remounting filesystem read-only
[  628.220043][T22176] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  628.562013][T22192] $Hÿ: renamed from bond0
[  628.570949][T22192] $Hÿ: entered promiscuous mode
[  628.576122][T22192] bond_slave_0: entered promiscuous mode
[  628.582063][T22192] bond_slave_1: entered promiscuous mode
[  628.614824][T22193] loop5: detected capacity change from 0 to 1024
[  628.633642][T22193] EXT4-fs: Ignoring removed orlov option
[  628.633664][T22194] loop9: detected capacity change from 0 to 256
[  628.655206][T22193] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  628.694736][T20126] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  628.979643][T22221] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  629.030509][T22221] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  629.037680][   T10] IPVS: starting estimator thread 0...
[  629.060571][T22225] loop9: detected capacity change from 0 to 128
[  629.132230][T22223] IPVS: using max 1920 ests per chain, 96000 per kthread
[  629.407113][T16614] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  629.458210][T22229] loop5: detected capacity change from 0 to 512
[  629.471311][T22229] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  629.486902][T22229] EXT4-fs warning (device loop5): dx_probe:837: inode #2: comm syz.5.5111: Unimplemented hash flags: 0x0001
[  629.498607][T22229] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.5111: Corrupt directory, running e2fsck is recommended
[  629.513784][T22229] EXT4-fs error (device loop5): ext4_readdir:264: inode #2: block 3: comm syz.5.5111: path /256/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=4294967295, rec_len=7, size=1024 fake=0
[  629.647116][T16614] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  629.692363][ T3399] IPVS: starting estimator thread 0...
[  629.709410][T22239] $Hÿ: renamed from bond0 (while UP)
[  629.719510][T22239] $Hÿ: entered promiscuous mode
[  629.724704][T22239] bond_slave_0: entered promiscuous mode
[  629.730637][T22239] bond_slave_1: entered promiscuous mode
[  629.765816][T22246] loop8: detected capacity change from 0 to 256
[  629.782484][T22237] IPVS: using max 2016 ests per chain, 100800 per kthread
[  629.799220][T22245] netlink: 132 bytes leftover after parsing attributes in process `syz.9.5119'.
[  629.932926][T22264] netlink: 'syz.7.5125': attribute type 10 has an invalid length.
[  629.933939][T22252] lo speed is unknown, defaulting to 1000
[  629.940815][T22264] netlink: 55 bytes leftover after parsing attributes in process `syz.7.5125'.
[  629.970402][T22252] lo speed is unknown, defaulting to 1000
[  629.977006][T22252] lo speed is unknown, defaulting to 1000
[  629.987368][T22252] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  630.008349][T22266] lo speed is unknown, defaulting to 1000
[  630.020808][T22252] lo speed is unknown, defaulting to 1000
[  630.038295][T22252] lo speed is unknown, defaulting to 1000
[  630.047641][T22252] lo speed is unknown, defaulting to 1000
[  630.054231][T22252] lo speed is unknown, defaulting to 1000
[  630.060558][T22252] lo speed is unknown, defaulting to 1000
[  630.068415][T22252] lo speed is unknown, defaulting to 1000
[  630.120271][T22279] loop8: detected capacity change from 0 to 128
[  630.155381][T22282] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5131'.
[  630.164815][T22282] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5131'.
[  630.552197][T22290] bridge0: port 3(gretap0) entered blocking state
[  630.558673][T22290] bridge0: port 3(gretap0) entered disabled state
[  630.582236][T22290] gretap0: entered allmulticast mode
[  630.588076][T22290] gretap0: entered promiscuous mode
[  630.736334][T22296] lo speed is unknown, defaulting to 1000
[  630.858956][T22300] netlink: 100 bytes leftover after parsing attributes in process `syz.5.5135'.
[  631.031358][T22304] nfs4: Bad value for 'source'
[  631.095260][T22311] netlink: 'syz.8.5137': attribute type 29 has an invalid length.
[  631.112891][T22311] netlink: 'syz.8.5137': attribute type 29 has an invalid length.
[  631.124083][T22311] netlink: 'syz.8.5137': attribute type 29 has an invalid length.
[  631.138665][T22311] netlink: 'syz.8.5137': attribute type 29 has an invalid length.
[  631.223732][T22317] loop5: detected capacity change from 0 to 128
[  631.239461][T22319] loop9: detected capacity change from 0 to 164
[  631.264496][T22319] rock: corrupted directory entry. extent=28, offset=0, size=16777216
[  631.292328][T22319] rock: corrupted directory entry. extent=28, offset=0, size=16777216
[  631.325781][T22319] iso9660: Corrupted directory entry in block 4 of inode 1792
[  631.343209][T22321] SELinux:  Context system_u:object_r:wireless_device_t:s0 is not valid (left unmapped).
[  631.635267][T22337] loop7: detected capacity change from 0 to 512
[  631.773819][T22337] EXT4-fs error (device loop7): ext4_orphan_get:1392: inode #15: comm syz.7.5146: casefold flag without casefold feature
[  631.802711][T22337] EXT4-fs (loop7): Remounting filesystem read-only
[  631.816354][T22337] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  631.898544][T22347] nfs4: Bad value for 'source'
[  632.291464][   T29] kauditd_printk_skb: 244 callbacks suppressed
[  632.291482][   T29] audit: type=1400 audit(2000000026.580:19953): avc:  denied  { mounton } for  pid=22354 comm="syz.8.5153" path="/101/file0" dev="tmpfs" ino=557 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  632.320535][   T29] audit: type=1400 audit(2000000026.580:19954): avc:  denied  { mount } for  pid=22354 comm="syz.8.5153" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  632.344596][   T29] audit: type=1400 audit(2000000026.580:19955): avc:  denied  { mounton } for  pid=22354 comm="syz.8.5153" path="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[  632.371077][T18144] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  632.391369][   T29] audit: type=1400 audit(2000000026.660:19956): avc:  denied  { unmount } for  pid=18144 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  632.411490][   T29] audit: type=1400 audit(2000000026.660:19957): avc:  denied  { unmount } for  pid=20126 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  632.431890][   T29] audit: type=1400 audit(2000000026.660:19958): avc:  denied  { unmount } for  pid=20126 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
[  632.487675][   T29] audit: type=1400 audit(2000000026.800:19959): avc:  denied  { read write } for  pid=22356 comm="syz.9.5156" name="rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  632.512456][   T29] audit: type=1400 audit(2000000026.800:19960): avc:  denied  { open } for  pid=22356 comm="syz.9.5156" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  632.600284][T22359] nfs4: Bad value for 'source'
[  632.614725][   T29] audit: type=1400 audit(2000000026.930:19961): avc:  denied  { bind } for  pid=22367 comm="syz.6.5158" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  632.634783][   T29] audit: type=1400 audit(2000000026.930:19962): avc:  denied  { name_bind } for  pid=22367 comm="syz.6.5158" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  632.726792][T16242] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  632.764684][T22357] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5156'.
[  632.773908][T22357] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5156'.
[  632.790685][T16242] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  632.817236][T22383] siw: device registration error -23
[  632.839779][T22383] lo speed is unknown, defaulting to 1000
[  632.870572][T16242] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  632.902105][T22397] loop7: detected capacity change from 0 to 512
[  632.909781][T22397] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  632.924428][T22397] EXT4-fs (loop7): orphan cleanup on readonly fs
[  632.931966][T22397] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.5170: bg 0: block 248: padding at end of block bitmap is not set
[  632.946953][T22397] EXT4-fs error (device loop7): ext4_acquire_dquot:6937: comm syz.7.5170: Failed to acquire dquot type 1
[  632.947811][T16242] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  632.971032][T22397] EXT4-fs (loop7): 1 truncate cleaned up
[  632.978137][T22397] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  632.996043][T22397] netlink: 'syz.7.5170': attribute type 4 has an invalid length.
[  633.022826][T18144] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  633.339147][T16242] $Hÿ (unregistering): (slave bond_slave_0): Releasing backup interface
[  633.348208][T16242] bond_slave_0: left promiscuous mode
[  633.356079][T16242] $Hÿ (unregistering): (slave bond_slave_1): Releasing backup interface
[  633.364970][T16242] bond_slave_1: left promiscuous mode
[  633.371046][T22439] loop5: detected capacity change from 0 to 256
[  633.381420][T16242] $Hÿ (unregistering): Released all slaves
[  633.616989][T16242] hsr_slave_0: left promiscuous mode
[  633.629674][T16242] hsr_slave_1: left promiscuous mode
[  633.644330][T16242] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  633.651906][T16242] batman_adv: batadv0: Removing interface: batadv_slave_0
[  633.692323][T16242] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  633.699816][T16242] batman_adv: batadv0: Removing interface: batadv_slave_1
[  633.750443][T16242] veth1_macvtap: left promiscuous mode
[  633.772070][T16242] veth0_macvtap: left promiscuous mode
[  633.798306][T16242] veth1_vlan: left promiscuous mode
[  633.822264][T16242] veth0_vlan: left promiscuous mode
[  634.427442][T22496] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5181'.
[  634.436531][T22496] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5181'.
[  634.462319][T16242] team0 (unregistering): Port device team_slave_1 removed
[  634.521323][T22498] loop5: detected capacity change from 0 to 512
[  634.623033][T16242] team0 (unregistering): Port device team_slave_0 removed
[  634.751125][T22393] lo speed is unknown, defaulting to 1000
[  634.759075][T22498] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  634.813289][T22498] EXT4-fs (loop5): orphan cleanup on readonly fs
[  634.820367][T22498] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.5182: bg 0: block 248: padding at end of block bitmap is not set
[  634.836242][T22498] EXT4-fs error (device loop5): ext4_acquire_dquot:6937: comm syz.5.5182: Failed to acquire dquot type 1
[  634.849413][T22498] EXT4-fs (loop5): 1 truncate cleaned up
[  634.856433][T22498] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  634.873974][T22498] netlink: 'syz.5.5182': attribute type 4 has an invalid length.
[  634.894124][T16614] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  635.004718][T22509] loop9: detected capacity change from 0 to 128
[  635.028630][T22510] nfs: Unknown parameter '
[  635.028630][T22510] '
[  635.060877][T22393] chnl_net:caif_netlink_parms(): no params data found
[  635.120964][T22513] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5188'.
[  635.204397][T16242] IPVS: stop unused estimator thread 0...
[  635.210472][T22393] bridge0: port 1(bridge_slave_0) entered blocking state
[  635.217626][T22393] bridge0: port 1(bridge_slave_0) entered disabled state
[  635.244443][T22393] bridge_slave_0: entered allmulticast mode
[  635.251482][T22393] bridge_slave_0: entered promiscuous mode
[  635.267885][T22393] bridge0: port 2(bridge_slave_1) entered blocking state
[  635.275114][T22393] bridge0: port 2(bridge_slave_1) entered disabled state
[  635.292976][T22393] bridge_slave_1: entered allmulticast mode
[  635.415799][T22393] bridge_slave_1: entered promiscuous mode
[  635.462758][T22532] loop7: detected capacity change from 0 to 164
[  635.576400][T22538] loop7: detected capacity change from 0 to 164
[  635.612929][T22538] rock: corrupted directory entry. extent=28, offset=0, size=16777216
[  635.640086][T22538] rock: corrupted directory entry. extent=28, offset=0, size=16777216
[  635.669691][T22538] iso9660: Corrupted directory entry in block 4 of inode 1792
[  635.871673][T22546] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5198'.
[  635.880719][T22546] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5198'.
[  635.914418][T22393] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  635.953528][T22393] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  636.000324][T22548] nfs: Unknown parameter '
[  636.000324][T22548] '
[  636.008594][T22393] team0: Port device team_slave_0 added
[  636.022972][T22548] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  636.033244][T22393] team0: Port device team_slave_1 added
[  636.080481][T22393] batman_adv: batadv0: Adding interface: batadv_slave_0
[  636.087660][T22393] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  636.114166][T22393] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  636.184618][T22393] batman_adv: batadv0: Adding interface: batadv_slave_1
[  636.191627][T22393] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  636.217915][T22393] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  636.366137][T22393] hsr_slave_0: entered promiscuous mode
[  636.376724][T22564] loop7: detected capacity change from 0 to 164
[  636.403469][T22393] hsr_slave_1: entered promiscuous mode
[  636.409589][T22393] debugfs: 'hsr0' already exists in 'hsr'
[  636.415595][T22393] Cannot create hsr debugfs directory
[  636.421150][T22564] rock: corrupted directory entry. extent=28, offset=0, size=16777216
[  636.432732][T22564] rock: corrupted directory entry. extent=28, offset=0, size=16777216
[  636.459131][T22564] iso9660: Corrupted directory entry in block 4 of inode 1792
[  636.682382][T22587] loop9: detected capacity change from 0 to 512
[  636.689617][T22587] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  636.721662][T22587] EXT4-fs (loop9): write access unavailable, skipping orphan cleanup
[  636.730323][T22587] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  636.753512][T22590] netlink: 100 bytes leftover after parsing attributes in process `syz.6.5214'.
[  636.763606][T22587] netlink: 'syz.9.5211': attribute type 4 has an invalid length.
[  636.821281][T22594] netlink: 100 bytes leftover after parsing attributes in process `syz.6.5215'.
[  636.837807][T22595] loop7: detected capacity change from 0 to 164
[  636.855399][T22595] rock: corrupted directory entry. extent=28, offset=0, size=16777216
[  636.888589][T22595] rock: corrupted directory entry. extent=28, offset=0, size=16777216
[  636.907218][T22393] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  636.917703][T22595] iso9660: Corrupted directory entry in block 4 of inode 1792
[  636.934963][T22393] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  636.961556][T22393] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  636.987405][T22393] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  637.075662][T22612] loop7: detected capacity change from 0 to 128
[  637.128373][T22393] 8021q: adding VLAN 0 to HW filter on device bond0
[  637.150285][T22615] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5222'.
[  637.159601][T22615] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5222'.
[  637.182709][T22393] 8021q: adding VLAN 0 to HW filter on device team0
[  637.206674][T16239] bridge0: port 1(bridge_slave_0) entered blocking state
[  637.213828][T16239] bridge0: port 1(bridge_slave_0) entered forwarding state
[  637.259649][T16239] bridge0: port 2(bridge_slave_1) entered blocking state
[  637.267125][T16239] bridge0: port 2(bridge_slave_1) entered forwarding state
[  637.326554][T22393] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  637.337527][T22393] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  637.434581][   T29] kauditd_printk_skb: 237 callbacks suppressed
[  637.434641][   T29] audit: type=1400 audit(2000000031.750:20196): avc:  denied  { sys_module } for  pid=22393 comm="syz-executor" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  637.535872][T22627] netlink: 100 bytes leftover after parsing attributes in process `syz.6.5226'.
[  637.625834][T22393] 8021q: adding VLAN 0 to HW filter on device batadv0
[  637.684029][   T29] audit: type=1400 audit(2000000032.000:20197): avc:  denied  { prog_load } for  pid=22632 comm="syz.5.5229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  637.703394][   T29] audit: type=1400 audit(2000000032.000:20198): avc:  denied  { bpf } for  pid=22632 comm="syz.5.5229" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  637.743201][T22635] loop6: detected capacity change from 0 to 2048
[  637.831780][T22635] EXT4-fs (loop6): failed to initialize system zone (-117)
[  637.855273][T22635] EXT4-fs (loop6): mount failed
[  637.893764][   T29] audit: type=1400 audit(2000000032.050:20199): avc:  denied  { module_request } for  pid=22393 comm="syz-executor" kmod="netdev-virt_wifi0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  637.916664][   T29] audit: type=1400 audit(2000000032.050:20200): avc:  denied  { map_create } for  pid=22632 comm="syz.5.5229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  637.936156][   T29] audit: type=1400 audit(2000000032.050:20201): avc:  denied  { map_read map_write } for  pid=22632 comm="syz.5.5229" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  637.956221][   T29] audit: type=1400 audit(2000000032.060:20202): avc:  denied  { read write } for  pid=22634 comm="syz.6.5230" name="loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  637.980769][   T29] audit: type=1400 audit(2000000032.060:20203): avc:  denied  { open } for  pid=22634 comm="syz.6.5230" path="/dev/loop6" dev="devtmpfs" ino=106 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  638.005055][   T29] audit: type=1400 audit(2000000032.060:20204): avc:  denied  { ioctl } for  pid=22634 comm="syz.6.5230" path="/dev/loop6" dev="devtmpfs" ino=106 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  638.030793][   T29] audit: type=1400 audit(2000000032.060:20205): avc:  denied  { perfmon } for  pid=22632 comm="syz.5.5229" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  638.197907][T21024] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  638.201492][T22393] veth0_vlan: entered promiscuous mode
[  638.230445][T22393] veth1_vlan: entered promiscuous mode
[  638.247235][T22393] veth0_macvtap: entered promiscuous mode
[  638.256688][T22393] veth1_macvtap: entered promiscuous mode
[  638.267764][T22393] batman_adv: batadv0: Interface activated: batadv_slave_0
[  638.293681][T22393] batman_adv: batadv0: Interface activated: batadv_slave_1
[  638.314163][T16227] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  638.333938][T16227] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  638.354139][T16227] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  638.393407][T16227] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  638.601968][T22669] lo speed is unknown, defaulting to 1000
[  638.800076][T22675] netlink: 100 bytes leftover after parsing attributes in process `syz.7.5239'.
[  638.888678][T22680] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5241'.
[  638.900602][T22681] nfs4: Bad value for 'source'
[  638.955613][T22688] netlink: 'syz.7.5244': attribute type 1 has an invalid length.
[  638.969443][T22688] 8021q: adding VLAN 0 to HW filter on device bond2
[  639.171570][T22700] loop5: detected capacity change from 0 to 128
[  639.191584][T22702] loop6: detected capacity change from 0 to 164
[  639.238858][T22702] rock: corrupted directory entry. extent=28, offset=0, size=16777216
[  639.310431][T22708] loop7: detected capacity change from 0 to 2048
[  639.345537][T22708] EXT4-fs (loop7): failed to initialize system zone (-117)
[  639.364626][T22711] nfs4: Bad value for 'source'
[  639.370412][T22708] EXT4-fs (loop7): mount failed
[  639.396162][T22719] FAULT_INJECTION: forcing a failure.
[  639.396162][T22719] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  639.409491][T22719] CPU: 0 UID: 0 PID: 22719 Comm: syz.6.5254 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  639.409598][T22719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  639.409611][T22719] Call Trace:
[  639.409618][T22719]  <TASK>
[  639.409627][T22719]  __dump_stack+0x1d/0x30
[  639.409648][T22719]  dump_stack_lvl+0xe8/0x140
[  639.409670][T22719]  dump_stack+0x15/0x1b
[  639.409691][T22719]  should_fail_ex+0x265/0x280
[  639.409758][T22719]  should_fail+0xb/0x20
[  639.409780][T22719]  should_fail_usercopy+0x1a/0x20
[  639.409807][T22719]  _copy_from_user+0x1c/0xb0
[  639.409835][T22719]  sctp_setsockopt+0x154/0xe30
[  639.409969][T22719]  sock_common_setsockopt+0x69/0x80
[  639.410000][T22719]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  639.410038][T22719]  __sys_setsockopt+0x184/0x200
[  639.410066][T22719]  __x64_sys_setsockopt+0x64/0x80
[  639.410087][T22719]  x64_sys_call+0x20ec/0x2ff0
[  639.410162][T22719]  do_syscall_64+0xd2/0x200
[  639.410194][T22719]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  639.410223][T22719]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  639.410328][T22719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  639.410349][T22719] RIP: 0033:0x7f96f41debe9
[  639.410364][T22719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  639.410443][T22719] RSP: 002b:00007f96f2c26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  639.410463][T22719] RAX: ffffffffffffffda RBX: 00007f96f4406090 RCX: 00007f96f41debe9
[  639.410478][T22719] RDX: 0000000000000077 RSI: 0000000000000084 RDI: 0000000000000003
[  639.410493][T22719] RBP: 00007f96f2c26090 R08: 0000000000000008 R09: 0000000000000000
[  639.410509][T22719] R10: 0000200000000400 R11: 0000000000000246 R12: 0000000000000001
[  639.410524][T22719] R13: 00007f96f4406128 R14: 00007f96f4406090 R15: 00007ffc8fed8698
[  639.410547][T22719]  </TASK>
[  640.254931][T22746] nfs: Unknown parameter '
[  640.254931][T22746] '
[  640.322385][T22748] nfs: Unknown parameter '
[  640.322385][T22748] '
[  640.332986][T22748] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  640.403943][T22755] loop5: detected capacity change from 0 to 2048
[  640.415237][T22755] EXT4-fs (loop5): failed to initialize system zone (-117)
[  640.423657][T22755] EXT4-fs (loop5): mount failed
[  640.484994][T22750] __nla_validate_parse: 3 callbacks suppressed
[  640.485014][T22750] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5266'.
[  640.500269][T22750] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5266'.
[  640.541035][T22766] netlink: 100 bytes leftover after parsing attributes in process `syz.5.5272'.
[  640.633295][T22780] loop6: detected capacity change from 0 to 128
[  640.654202][T22783] nfs: Unknown parameter '
[  640.654202][T22783] '
[  640.666940][T22783] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  641.218512][T22838] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5280'.
[  641.227654][T22838] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5280'.
[  641.333701][T22847] bridge0: port 3(gretap0) entered blocking state
[  641.340326][T22847] bridge0: port 3(gretap0) entered disabled state
[  641.361037][T22847] gretap0: entered allmulticast mode
[  641.376976][T22847] gretap0: entered promiscuous mode
[  641.455119][T22847] bridge0: port 3(gretap0) entered blocking state
[  641.461649][T22847] bridge0: port 3(gretap0) entered forwarding state
[  641.538024][T22881] loop9: detected capacity change from 0 to 512
[  641.553066][T22881] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  641.568400][T22881] EXT4-fs (loop9): write access unavailable, skipping orphan cleanup
[  641.577153][T22881] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  641.644504][T22886] netlink: 'syz.9.5282': attribute type 4 has an invalid length.
[  642.065914][T22907] netlink: 108 bytes leftover after parsing attributes in process `syz.6.5287'.
[  642.168743][T22911] loop0: detected capacity change from 0 to 2048
[  642.193153][T22911] EXT4-fs (loop0): failed to initialize system zone (-117)
[  642.206826][T22911] EXT4-fs (loop0): mount failed
[  642.410179][T22922] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5291'.
[  642.419348][T22922] batman_adv: batadv0: Removing interface: batadv_slave_0
[  642.428843][T22922] batman_adv: batadv0: Removing interface: batadv_slave_1
[  642.459312][   T29] kauditd_printk_skb: 246 callbacks suppressed
[  642.459348][   T29] audit: type=1400 audit(2000000036.770:20452): avc:  denied  { ioctl } for  pid=22887 comm="syz.7.5284" path="socket:[62899]" dev="sockfs" ino=62899 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  642.545800][   T29] audit: type=1400 audit(2000000036.810:20453): avc:  denied  { sys_module } for  pid=22887 comm="syz.7.5284" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  642.567293][   T29] audit: type=1326 audit(2000000036.840:20454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22887 comm="syz.7.5284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1f069ebe9 code=0x7ffc0000
[  642.591158][   T29] audit: type=1326 audit(2000000036.840:20455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22887 comm="syz.7.5284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1f069ebe9 code=0x7ffc0000
[  642.614848][   T29] audit: type=1326 audit(2000000036.840:20456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22887 comm="syz.7.5284" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb1f069d550 code=0x7ffc0000
[  642.638476][   T29] audit: type=1400 audit(2000000036.840:20457): avc:  denied  { write } for  pid=22887 comm="syz.7.5284" name="001" dev="devtmpfs" ino=168 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  642.661935][   T29] audit: type=1400 audit(2000000036.850:20458): avc:  denied  { read write } for  pid=22936 comm="syz.6.5292" name="rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  642.686456][   T29] audit: type=1400 audit(2000000036.850:20459): avc:  denied  { open } for  pid=22936 comm="syz.6.5292" path="/dev/infiniband/rdma_cm" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:infiniband_device_t tclass=chr_file permissive=1
[  642.850795][T22946] audit: audit_backlog=65 > audit_backlog_limit=64
[  642.857535][T22946] audit: audit_lost=8 audit_rate_limit=0 audit_backlog_limit=64
[  642.883942][T22946] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5296'.
[  642.917932][T22946] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5296'.
[  642.927493][T16230] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  642.940024][T22951] nfs4: Bad value for 'source'
[  642.946459][T16230] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  642.993309][T16230] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  643.043852][T22966] netlink: 'syz.0.5302': attribute type 1 has an invalid length.
[  643.053510][T16230] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  643.174517][T21024] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  643.228640][T22983] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5309'.
[  643.325454][T16227] netdevsim netdevsim9 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  643.337269][T16227] netdevsim netdevsim9 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  643.346855][T16227] netdevsim netdevsim9 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  643.356953][T16227] netdevsim netdevsim9 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  643.406663][T23003] nfs4: Bad value for 'source'
[  643.500476][T23022] loop7: detected capacity change from 0 to 1024
[  643.541779][T23022] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  643.584403][T23022] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4183: comm syz.7.5326: Allocating blocks 481-513 which overlap fs metadata
[  643.657438][T23038] netlink: 'syz.9.5332': attribute type 10 has an invalid length.
[  643.672327][T23038] team0: entered promiscuous mode
[  643.677703][T23038] team_slave_0: entered promiscuous mode
[  643.680047][T23043] EXT4-fs error (device loop7): ext4_mb_mark_diskspace_used:4183: comm syz.7.5326: Allocating blocks 465-513 which overlap fs metadata
[  643.683573][T23038] team_slave_1: entered promiscuous mode
[  643.702996][T23038] team0: entered allmulticast mode
[  643.708173][T23038] team_slave_0: entered allmulticast mode
[  643.714097][T23038] team_slave_1: entered allmulticast mode
[  643.731170][T23038] 8021q: adding VLAN 0 to HW filter on device team0
[  643.738908][T23038] bridge0: port 4(team0) entered blocking state
[  643.745512][T23038] bridge0: port 4(team0) entered disabled state
[  643.754688][T18144] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  643.965024][T23080] nfs4: Bad value for 'source'
[  644.010150][T23082] netlink: 'syz.6.5352': attribute type 3 has an invalid length.
[  644.138131][T23106] loop6: detected capacity change from 0 to 1024
[  644.152603][T23106] EXT4-fs: Ignoring removed orlov option
[  644.173015][T23106] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  644.191311][T23110] loop0: detected capacity change from 0 to 2048
[  644.208883][T23110] EXT4-fs (loop0): failed to initialize system zone (-117)
[  644.221963][T23110] EXT4-fs (loop0): mount failed
[  644.320742][T23125] veth1: entered promiscuous mode
[  644.330839][T23127] netlink: 'syz.9.5368': attribute type 10 has an invalid length.
[  644.345110][T23127] bridge_slave_1: left allmulticast mode
[  644.350810][T23127] bridge_slave_1: left promiscuous mode
[  644.356706][T23127] bridge0: port 2(bridge_slave_1) entered disabled state
[  644.381494][T23129] loop0: detected capacity change from 0 to 512
[  644.389125][T23129] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  644.398501][T23129] EXT4-fs (loop0): orphan cleanup on readonly fs
[  644.405545][T23129] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.5370: bg 0: block 248: padding at end of block bitmap is not set
[  644.420358][T23129] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.5370: Failed to acquire dquot type 1
[  644.433416][T23129] EXT4-fs (loop0): 1 truncate cleaned up
[  644.439965][T23129] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  644.456246][T23127] bridge_slave_1: entered promiscuous mode
[  644.462673][T23127] $Hÿ: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  644.479308][T23129] netlink: 'syz.0.5370': attribute type 4 has an invalid length.
[  644.492502][T18655] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  644.588130][T23135] lo speed is unknown, defaulting to 1000
[  645.166455][T22393] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  645.561860][T23203] loop0: detected capacity change from 0 to 2048
[  645.576692][T23203] EXT4-fs: inline encryption not supported
[  645.623232][T23203] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  645.647875][T23201] EXT4-fs error (device loop0): ext4_ext_precache:632: inode #2: comm syz.0.5390: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 5(5)
[  645.690377][T22393] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  645.728433][T23214] loop9: detected capacity change from 0 to 1024
[  645.766423][T23218] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  645.774235][T23218] IPv6: NLM_F_CREATE should be set when creating new route
[  645.781557][T23218] IPv6: NLM_F_CREATE should be set when creating new route
[  645.808261][T23222] nfs4: Bad value for 'source'
[  645.939024][T23257] netlink: 'syz.9.5396': attribute type 3 has an invalid length.
[  646.001622][T23266] netlink: 'syz.0.5401': attribute type 1 has an invalid length.
[  646.030492][T23266] 8021q: adding VLAN 0 to HW filter on device bond1
[  646.060961][T23273] __nla_validate_parse: 23 callbacks suppressed
[  646.060980][T23273] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5403'.
[  646.076336][T23273] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5403'.
[  646.170667][T23279] loop0: detected capacity change from 0 to 2048
[  646.213221][T23285] nfs4: Bad value for 'source'
[  646.218624][T23279] EXT4-fs (loop0): failed to initialize system zone (-117)
[  646.236197][T23279] EXT4-fs (loop0): mount failed
[  646.402017][T23317] nfs4: Bad value for 'source'
[  646.435690][T23322] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5422'.
[  646.466771][T23326] loop6: detected capacity change from 0 to 128
[  646.478538][T23324] loop0: detected capacity change from 0 to 2048
[  646.482751][T23326] vfat: Unknown parameter '00000000000000000000000184467440737095516150xffffffffffffffff'
[  646.503723][T23324] EXT4-fs (loop0): failed to initialize system zone (-117)
[  646.524488][T23324] EXT4-fs (loop0): mount failed
[  646.723318][T23353] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5434'.
[  646.733155][T23347] nfs4: Bad value for 'source'
[  646.806224][T23360] loop6: detected capacity change from 0 to 2048
[  646.865443][T23370] netlink: 'syz.6.5442': attribute type 1 has an invalid length.
[  646.893687][T23370] 8021q: adding VLAN 0 to HW filter on device bond2
[  646.964077][T23379] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5446'.
[  646.974173][T23375] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5444'.
[  646.983113][T23375] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5444'.
[  646.994658][T23377] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5445'.
[  647.003774][T23377] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5445'.
[  647.064149][T23382] nfs4: Bad value for 'source'
[  647.147635][T23399] loop5: detected capacity change from 0 to 2048
[  647.166703][T23401] netlink: 'syz.9.5456': attribute type 1 has an invalid length.
[  647.197862][T23401] 8021q: adding VLAN 0 to HW filter on device bond0
[  647.226078][T23399] EXT4-fs (loop5): failed to initialize system zone (-117)
[  647.240907][T23399] EXT4-fs (loop5): mount failed
[  647.248675][T23411] netlink: 12 bytes leftover after parsing attributes in process `syz.9.5458'.
[  647.432095][T23404] loop7: detected capacity change from 0 to 512
[  647.439582][T23404] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  647.449253][T23404] EXT4-fs (loop7): orphan cleanup on readonly fs
[  647.456337][T23404] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.5457: bg 0: block 248: padding at end of block bitmap is not set
[  647.471164][T23404] __quota_error: 480 callbacks suppressed
[  647.471183][T23404] Quota error (device loop7): write_blk: dquota write failed
[  647.484476][T23404] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[  647.494518][T23404] EXT4-fs error (device loop7): ext4_acquire_dquot:6937: comm syz.7.5457: Failed to acquire dquot type 1
[  647.507215][T23404] EXT4-fs (loop7): 1 truncate cleaned up
[  647.513908][T23404] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  647.528732][T23404] netlink: 'syz.7.5457': attribute type 4 has an invalid length.
[  647.586493][T23423] lo speed is unknown, defaulting to 1000
[  647.685618][   T29] audit: type=1326 audit(2000000042.000:20916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23432 comm="syz.6.5467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f41debe9 code=0x7ffc0000
[  647.746242][   T29] audit: type=1326 audit(2000000042.020:20917): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23432 comm="syz.6.5467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f41debe9 code=0x7ffc0000
[  647.770228][   T29] audit: type=1326 audit(2000000042.030:20918): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23432 comm="syz.6.5467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96f41debe9 code=0x7ffc0000
[  647.793899][   T29] audit: type=1326 audit(2000000042.030:20919): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23432 comm="syz.6.5467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f41debe9 code=0x7ffc0000
[  647.817566][   T29] audit: type=1326 audit(2000000042.030:20920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23432 comm="syz.6.5467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f41debe9 code=0x7ffc0000
[  647.842080][   T29] audit: type=1326 audit(2000000042.030:20921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23432 comm="syz.6.5467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f96f41debe9 code=0x7ffc0000
[  647.865836][   T29] audit: type=1326 audit(2000000042.030:20922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23432 comm="syz.6.5467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f41debe9 code=0x7ffc0000
[  647.889722][   T29] audit: type=1326 audit(2000000042.030:20923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23432 comm="syz.6.5467" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f41debe9 code=0x7ffc0000
[  647.992924][T23450] loop5: detected capacity change from 0 to 2048
[  648.014637][T23450] EXT4-fs (loop5): failed to initialize system zone (-117)
[  648.030015][T23450] EXT4-fs (loop5): mount failed
[  648.037414][T18144] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  648.195652][T23476] nfs4: Bad value for 'source'
[  648.256881][T23489] loop6: detected capacity change from 0 to 512
[  648.269312][T23489] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  648.279779][T23489] EXT4-fs (loop6): orphan cleanup on readonly fs
[  648.287165][T23489] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.5487: bg 0: block 248: padding at end of block bitmap is not set
[  648.301886][T23489] EXT4-fs error (device loop6): ext4_acquire_dquot:6937: comm syz.6.5487: Failed to acquire dquot type 1
[  648.314321][T23489] EXT4-fs (loop6): 1 truncate cleaned up
[  648.320646][T23489] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  648.335145][T23489] netlink: 'syz.6.5487': attribute type 4 has an invalid length.
[  648.730048][T23499] netlink: 'syz.0.5493': attribute type 10 has an invalid length.
[  648.997241][T23511] nfs4: Bad value for 'source'
[  649.037092][T18655] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  649.123857][T23527] FAULT_INJECTION: forcing a failure.
[  649.123857][T23527] name failslab, interval 1, probability 0, space 0, times 0
[  649.136622][T23527] CPU: 0 UID: 0 PID: 23527 Comm: syz.0.5505 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  649.136649][T23527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  649.136662][T23527] Call Trace:
[  649.136669][T23527]  <TASK>
[  649.136678][T23527]  __dump_stack+0x1d/0x30
[  649.136719][T23527]  dump_stack_lvl+0xe8/0x140
[  649.136744][T23527]  dump_stack+0x15/0x1b
[  649.136766][T23527]  should_fail_ex+0x265/0x280
[  649.136793][T23527]  should_failslab+0x8c/0xb0
[  649.136854][T23527]  kmem_cache_alloc_node_noprof+0x57/0x320
[  649.136887][T23527]  ? __alloc_skb+0x101/0x320
[  649.136906][T23527]  __alloc_skb+0x101/0x320
[  649.136991][T23527]  netlink_alloc_large_skb+0xba/0xf0
[  649.137093][T23527]  netlink_sendmsg+0x3cf/0x6b0
[  649.137124][T23527]  ? __pfx_netlink_sendmsg+0x10/0x10
[  649.137152][T23527]  __sock_sendmsg+0x145/0x180
[  649.137206][T23527]  ____sys_sendmsg+0x31e/0x4e0
[  649.137231][T23527]  ___sys_sendmsg+0x17b/0x1d0
[  649.137322][T23527]  __x64_sys_sendmsg+0xd4/0x160
[  649.137358][T23527]  x64_sys_call+0x191e/0x2ff0
[  649.137382][T23527]  do_syscall_64+0xd2/0x200
[  649.137409][T23527]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  649.137458][T23527]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  649.137494][T23527]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  649.137521][T23527] RIP: 0033:0x7f7d603aebe9
[  649.137540][T23527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  649.137559][T23527] RSP: 002b:00007f7d5ee17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  649.137595][T23527] RAX: ffffffffffffffda RBX: 00007f7d605d5fa0 RCX: 00007f7d603aebe9
[  649.137607][T23527] RDX: 0000000000048090 RSI: 0000200000000100 RDI: 0000000000000004
[  649.137619][T23527] RBP: 00007f7d5ee17090 R08: 0000000000000000 R09: 0000000000000000
[  649.137631][T23527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  649.137647][T23527] R13: 00007f7d605d6038 R14: 00007f7d605d5fa0 R15: 00007ffcb28b95d8
[  649.137669][T23527]  </TASK>
[  649.404501][T23533] loop6: detected capacity change from 0 to 2048
[  649.424768][T23533] EXT4-fs (loop6): failed to initialize system zone (-117)
[  649.440874][T23533] EXT4-fs (loop6): mount failed
[  649.447129][T23538] vhci_hcd: invalid port number 96
[  649.452349][T23538] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  649.589179][T23556] netlink: 'syz.6.5517': attribute type 1 has an invalid length.
[  649.605338][T23556] 8021q: adding VLAN 0 to HW filter on device bond3
[  649.692011][T23566] loop6: detected capacity change from 0 to 2048
[  649.720800][T23568] nfs4: Bad value for 'source'
[  649.740466][T23566] Alternate GPT is invalid, using primary GPT.
[  649.746981][T23566]  loop6: p2 p3 p7
[  649.781095][T23575] team0 (unregistering): Port device team_slave_0 removed
[  649.790755][T23575] team0 (unregistering): Port device team_slave_1 removed
[  649.829933][T23576] syzkaller0: entered allmulticast mode
[  649.838044][T23574] syzkaller0: left allmulticast mode
[  649.871871][T23578] loop0: detected capacity change from 0 to 2048
[  649.893810][T23578] EXT4-fs (loop0): failed to initialize system zone (-117)
[  649.901777][T23578] EXT4-fs (loop0): mount failed
[  650.525720][T23610] loop7: detected capacity change from 0 to 2048
[  650.563632][T23610] EXT4-fs (loop7): failed to initialize system zone (-117)
[  650.571115][T23610] EXT4-fs (loop7): mount failed
[  650.899199][T23637] nfs4: Bad value for 'source'
[  650.937820][T23646] loop0: detected capacity change from 0 to 2048
[  650.953503][T23646] EXT4-fs (loop0): failed to initialize system zone (-117)
[  650.961107][T23646] EXT4-fs (loop0): mount failed
[  651.220962][T23671] nfs4: Bad value for 'source'
[  651.263240][T23678] netdevsim netdevsim5 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  651.273484][T23678] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  651.314154][T23678] netdevsim netdevsim5 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  651.324088][T23678] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  651.356287][T23681] __nla_validate_parse: 10 callbacks suppressed
[  651.356361][T23681] netlink: 88 bytes leftover after parsing attributes in process `syz.9.5563'.
[  651.395599][T23678] netdevsim netdevsim5 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  651.405801][T23678] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  651.454014][T23678] netdevsim netdevsim5 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  651.464158][T23678] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  651.515208][T23687] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub
[  651.530591][T16235] netdevsim netdevsim5 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  651.538890][T16235] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  651.550656][T23689] netlink: 12 bytes leftover after parsing attributes in process `gtp'.
[  651.559426][T23689] netlink: 28 bytes leftover after parsing attributes in process `gtp'.
[  651.567864][T23689] netlink: 12 bytes leftover after parsing attributes in process `gtp'.
[  651.576518][T23689] netlink: 28 bytes leftover after parsing attributes in process `gtp'.
[  651.584989][T23689] netlink: 'gtp': attribute type 6 has an invalid length.
[  651.592409][T16235] netdevsim netdevsim5 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  651.600671][T16235] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  651.612060][T16235] netdevsim netdevsim5 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  651.620772][T16235] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  651.635966][T23687] lo speed is unknown, defaulting to 1000
[  651.649703][T16240] netdevsim netdevsim5 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  651.658031][T16240] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  651.910658][T23707] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5574'.
[  651.929757][T23707] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5574'.
[  651.950526][T23707] vhci_hcd: invalid port number 96
[  651.955748][T23707] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  652.119728][T23717] loop6: detected capacity change from 0 to 128
[  652.480019][   T29] kauditd_printk_skb: 312 callbacks suppressed
[  652.480036][   T29] audit: type=1326 audit(2000000046.790:21234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23713 comm="syz.0.5577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7d603a5ba7 code=0x7ffc0000
[  652.517857][   T29] audit: type=1326 audit(2000000046.790:21235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23713 comm="syz.0.5577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7d6034ade9 code=0x7ffc0000
[  652.541651][   T29] audit: type=1326 audit(2000000046.790:21236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23713 comm="syz.0.5577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f7d603aebe9 code=0x7ffc0000
[  652.565955][   T29] audit: type=1326 audit(2000000046.800:21237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23713 comm="syz.0.5577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7d603a5ba7 code=0x7ffc0000
[  652.589731][   T29] audit: type=1326 audit(2000000046.800:21238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23713 comm="syz.0.5577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7d6034ade9 code=0x7ffc0000
[  652.613590][   T29] audit: type=1326 audit(2000000046.800:21239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23713 comm="syz.0.5577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f7d603aebe9 code=0x7ffc0000
[  652.637656][   T29] audit: type=1326 audit(2000000046.810:21240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23713 comm="syz.0.5577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7d603a5ba7 code=0x7ffc0000
[  652.661393][   T29] audit: type=1326 audit(2000000046.810:21241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23713 comm="syz.0.5577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7d6034ade9 code=0x7ffc0000
[  652.685627][   T29] audit: type=1326 audit(2000000046.810:21242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23713 comm="syz.0.5577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=243 compat=0 ip=0x7f7d603aebe9 code=0x7ffc0000
[  652.709503][   T29] audit: type=1326 audit(2000000046.820:21243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23713 comm="syz.0.5577" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7d603a5ba7 code=0x7ffc0000
[  652.735681][T23767] netlink: 'syz.9.5582': attribute type 298 has an invalid length.
[  652.754523][T23767] SELinux: failed to load policy
[  652.765055][T23782] netlink: 100 bytes leftover after parsing attributes in process `syz.7.5583'.
[  652.797491][T23786] nfs4: Bad value for 'source'
[  653.012735][T23820] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5588'.
[  653.021847][T23820] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5588'.
[  653.150294][T23842] vhci_hcd: invalid port number 96
[  653.155652][T23842] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  653.204391][T23856] nfs4: Bad value for 'source'
[  653.487178][T23901] netlink: 'syz.5.5602': attribute type 1 has an invalid length.
[  653.512795][T23901] 8021q: adding VLAN 0 to HW filter on device bond1
[  653.577562][T23914] FAULT_INJECTION: forcing a failure.
[  653.577562][T23914] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  653.590950][T23914] CPU: 1 UID: 0 PID: 23914 Comm: syz.5.5604 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  653.590987][T23914] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  653.591004][T23914] Call Trace:
[  653.591013][T23914]  <TASK>
[  653.591024][T23914]  __dump_stack+0x1d/0x30
[  653.591050][T23914]  dump_stack_lvl+0xe8/0x140
[  653.591069][T23914]  dump_stack+0x15/0x1b
[  653.591118][T23914]  should_fail_ex+0x265/0x280
[  653.591147][T23914]  should_fail_alloc_page+0xf2/0x100
[  653.591173][T23914]  __alloc_frozen_pages_noprof+0xff/0x360
[  653.591371][T23914]  alloc_pages_mpol+0xb3/0x250
[  653.591479][T23914]  alloc_frozen_pages_noprof+0x90/0x110
[  653.591522][T23914]  ___kmalloc_large_node+0x52/0x100
[  653.591641][T23914]  __kmalloc_large_node_noprof+0x16/0xa0
[  653.591674][T23914]  __kmalloc_noprof+0x2ab/0x3e0
[  653.591708][T23914]  ? tcf_em_tree_validate+0x13f/0x890
[  653.591740][T23914]  tcf_em_tree_validate+0x13f/0x890
[  653.591769][T23914]  ? flow_change+0x1bf/0xc80
[  653.591804][T23914]  ? __kmalloc_cache_noprof+0x189/0x320
[  653.591844][T23914]  flow_change+0x1e8/0xc80
[  653.591872][T23914]  ? flow_init+0x31/0x80
[  653.591975][T23914]  ? __pfx_flow_change+0x10/0x10
[  653.591998][T23914]  tc_new_tfilter+0xde1/0x10a0
[  653.592025][T23914]  ? __rcu_read_unlock+0x4f/0x70
[  653.592067][T23914]  ? ns_capable+0x7d/0xb0
[  653.592093][T23914]  ? __pfx_tc_new_tfilter+0x10/0x10
[  653.592136][T23914]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  653.592178][T23914]  netlink_rcv_skb+0x123/0x220
[  653.592205][T23914]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  653.592249][T23914]  rtnetlink_rcv+0x1c/0x30
[  653.592305][T23914]  netlink_unicast+0x5bd/0x690
[  653.592352][T23914]  netlink_sendmsg+0x58b/0x6b0
[  653.592385][T23914]  ? __pfx_netlink_sendmsg+0x10/0x10
[  653.592455][T23914]  __sock_sendmsg+0x145/0x180
[  653.592513][T23914]  ____sys_sendmsg+0x31e/0x4e0
[  653.592590][T23914]  ___sys_sendmsg+0x17b/0x1d0
[  653.592639][T23914]  __x64_sys_sendmsg+0xd4/0x160
[  653.592691][T23914]  x64_sys_call+0x191e/0x2ff0
[  653.592742][T23914]  do_syscall_64+0xd2/0x200
[  653.592778][T23914]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  653.592820][T23914]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  653.592905][T23914]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  653.592934][T23914] RIP: 0033:0x7f9c009debe9
[  653.592954][T23914] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  653.592978][T23914] RSP: 002b:00007f9bff43f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  653.593002][T23914] RAX: ffffffffffffffda RBX: 00007f9c00c05fa0 RCX: 00007f9c009debe9
[  653.593018][T23914] RDX: 0000000020040054 RSI: 0000200000006040 RDI: 0000000000000005
[  653.593105][T23914] RBP: 00007f9bff43f090 R08: 0000000000000000 R09: 0000000000000000
[  653.593118][T23914] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  653.593137][T23914] R13: 00007f9c00c06038 R14: 00007f9c00c05fa0 R15: 00007ffeb0fc6f98
[  653.593162][T23914]  </TASK>
[  653.900237][T23923] nfs4: Bad value for 'source'
[  654.192766][T23983] netlink: 'syz.7.5615': attribute type 1 has an invalid length.
[  654.208436][T23983] 8021q: adding VLAN 0 to HW filter on device bond3
[  654.260354][T23994] nfs4: Bad value for 'source'
[  654.265710][T23993] loop7: detected capacity change from 0 to 1024
[  654.301290][T23993] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  654.334455][T18144] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  654.550419][T24037] netlink: 'syz.5.5629': attribute type 1 has an invalid length.
[  654.573723][T24037] 8021q: adding VLAN 0 to HW filter on device bond2
[  654.591464][T24043] nfs4: Bad value for 'source'
[  654.887130][T24103] netlink: 'syz.5.5643': attribute type 1 has an invalid length.
[  654.905027][T24103] 8021q: adding VLAN 0 to HW filter on device bond3
[  655.296457][T24170] loop9: detected capacity change from 0 to 2048
[  655.375051][T24187] netlink: 'syz.9.5655': attribute type 1 has an invalid length.
[  655.393964][T24187] 8021q: adding VLAN 0 to HW filter on device bond1
[  655.404468][T24190] loop7: detected capacity change from 0 to 512
[  655.420930][T24190] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  655.434813][T24190] ext4 filesystem being mounted at /268/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  655.458035][T18144] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  655.536017][T24209] loop7: detected capacity change from 0 to 2048
[  655.563011][T24209] EXT4-fs (loop7): failed to initialize system zone (-117)
[  655.570363][T24209] EXT4-fs (loop7): mount failed
[  655.675867][T24236] netlink: 'syz.7.5668': attribute type 1 has an invalid length.
[  655.717925][T24236] 8021q: adding VLAN 0 to HW filter on device bond4
[  655.780261][T24249] loop9: detected capacity change from 0 to 1024
[  655.787057][T24249] ext4: Unknown parameter 'euid<00000000000000000000'
[  655.801813][T24249] openvswitch: netlink: Message has 6 unknown bytes.
[  655.904719][T24274] loop9: detected capacity change from 0 to 2048
[  656.463370][T24381] loop0: detected capacity change from 0 to 1024
[  656.474556][T24381] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  656.497166][T22393] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  656.572522][T24389] loop9: detected capacity change from 0 to 512
[  656.581038][T24389] netlink: 'syz.9.5700': attribute type 13 has an invalid length.
[  656.589290][T24390] loop0: detected capacity change from 0 to 512
[  656.596625][T24390] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  656.609492][T24390] EXT4-fs (loop0): 1 truncate cleaned up
[  656.615910][T24390] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  656.691201][T24393] loop9: detected capacity change from 0 to 1024
[  656.704180][T22393] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  656.723420][T24393] __nla_validate_parse: 20 callbacks suppressed
[  656.723463][T24393] netlink: 32 bytes leftover after parsing attributes in process `syz.9.5700'.
[  656.744096][T16205] netdevsim netdevsim9 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  656.753270][T24399] netlink: 100 bytes leftover after parsing attributes in process `syz.0.5702'.
[  656.763068][T16205] netdevsim netdevsim9 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  656.773079][T16205] netdevsim netdevsim9 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  656.782058][T16205] netdevsim netdevsim9 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  656.847908][T24407] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5707'.
[  656.857073][T24407] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5707'.
[  656.871064][T24407] netlink: 24 bytes leftover after parsing attributes in process `syz.9.5707'.
[  656.880405][T24407] netlink: 48 bytes leftover after parsing attributes in process `syz.9.5707'.
[  656.889868][T24407] netlink: 8 bytes leftover after parsing attributes in process `syz.9.5707'.
[  656.907774][T24409] netlink: 'syz.0.5708': attribute type 1 has an invalid length.
[  656.967573][T24418] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5713'.
[  656.985839][T24418] veth3: entered promiscuous mode
[  656.997248][T24418] loop7: detected capacity change from 0 to 1024
[  657.004226][T24418] EXT4-fs: Invalid want_extra_isize 131
[  657.291771][T24460] netlink: 8 bytes leftover after parsing attributes in process `syz.7.5730'.
[  657.300836][T24460] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5730'.
[  657.353427][T24463] loop7: detected capacity change from 0 to 2048
[  657.360013][T24461] loop5: detected capacity change from 0 to 1024
[  657.373120][T24463] EXT4-fs (loop7): failed to initialize system zone (-117)
[  657.380717][T24463] EXT4-fs (loop7): mount failed
[  657.387214][T24461] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  657.701019][   T29] kauditd_printk_skb: 462 callbacks suppressed
[  657.701078][   T29] audit: type=1400 audit(2000000052.010:21706): avc:  denied  { read append } for  pid=24484 comm="syz.9.5740" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  657.706821][T24486] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=58384 sclass=netlink_route_socket pid=24486 comm=syz.9.5740
[  657.731267][   T29] audit: type=1400 audit(2000000052.010:21707): avc:  denied  { open } for  pid=24484 comm="syz.9.5740" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  657.767427][   T29] audit: type=1400 audit(2000000052.010:21708): avc:  denied  { ioctl } for  pid=24484 comm="syz.9.5740" path="/dev/ppp" dev="devtmpfs" ino=140 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  657.792613][   T29] audit: type=1400 audit(2000000052.010:21709): avc:  denied  { create } for  pid=24484 comm="syz.9.5740" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  657.812438][   T29] audit: type=1400 audit(2000000052.010:21710): avc:  denied  { getopt } for  pid=24484 comm="syz.9.5740" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  657.876022][   T29] audit: type=1400 audit(2000000052.190:21711): avc:  denied  { setopt } for  pid=24488 comm="syz.0.5742" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  657.913273][   T29] audit: type=1400 audit(2000000052.230:21712): avc:  denied  { execute } for  pid=24496 comm="syz.9.5745" name="file1" dev="tmpfs" ino=918 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  657.937129][   T29] audit: type=1400 audit(2000000052.250:21713): avc:  denied  { execute_no_trans } for  pid=24496 comm="syz.9.5745" path="/173/file1" dev="tmpfs" ino=918 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  657.962758][T24498] netlink: 'syz.9.5745': attribute type 21 has an invalid length.
[  657.972491][   T29] audit: type=1400 audit(2000000052.290:21714): avc:  denied  { create } for  pid=24496 comm="syz.9.5745" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  658.003214][   T29] audit: type=1400 audit(2000000052.310:21715): avc:  denied  { bind } for  pid=24496 comm="syz.9.5745" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  658.117239][T16614] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  658.142838][T24521] loop5: detected capacity change from 0 to 256
[  658.290054][T24546] loop7: detected capacity change from 0 to 2048
[  658.305813][T24546] EXT4-fs (loop7): failed to initialize system zone (-117)
[  658.322046][T24546] EXT4-fs (loop7): mount failed
[  658.757657][T24582] loop9: detected capacity change from 0 to 2048
[  659.085571][T24605] syz_tun: entered allmulticast mode
[  659.095571][T24605] loop9: detected capacity change from 0 to 512
[  659.589564][T24659] lo speed is unknown, defaulting to 1000
[  659.697437][T24671] loop5: detected capacity change from 0 to 128
[  659.711944][T24671] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  659.768533][T24671] ext4 filesystem being mounted at /424/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  659.781448][T24673] lo speed is unknown, defaulting to 1000
[  659.818962][T24671] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  659.926340][T24688] loop9: detected capacity change from 0 to 512
[  659.937705][T24688] EXT4-fs: Ignoring removed bh option
[  660.416088][T24735] loop6: detected capacity change from 0 to 128
[  660.668499][T24741] lo speed is unknown, defaulting to 1000
[  660.712586][T24743] loop0: detected capacity change from 0 to 2048
[  660.775296][T24743] Alternate GPT is invalid, using primary GPT.
[  660.781731][T24743]  loop0: p2 p3 p7
[  661.084262][T24750] netlink: 'syz.5.5853': attribute type 10 has an invalid length.
[  661.095478][T24750] dummy0: entered promiscuous mode
[  661.100733][T24750] dummy0: entered allmulticast mode
[  661.106257][T24750] team0: Port device dummy0 added
[  661.244188][T24757] loop5: detected capacity change from 0 to 512
[  661.284832][T24757] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.5855: iget: bad i_size value: 38620345925642
[  661.309967][T24757] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.5855: couldn't read orphan inode 15 (err -117)
[  661.334393][T24757] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  661.367251][T24754] bond4: entered promiscuous mode
[  661.372375][T24754] bond4: entered allmulticast mode
[  661.378659][T24754] 8021q: adding VLAN 0 to HW filter on device bond4
[  661.388721][T24754] bond4 (unregistering): Released all slaves
[  661.466203][T16614] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  661.755318][T24815] nfs4: Bad value for 'source'
[  661.762828][T24820] netlink: 'syz.7.5868': attribute type 1 has an invalid length.
[  661.784267][T24820] 8021q: adding VLAN 0 to HW filter on device bond5
[  661.881001][T24842] __nla_validate_parse: 27 callbacks suppressed
[  661.881020][T24842] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5873'.
[  661.896628][T24842] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5873'.
[  662.047186][T24876] netlink: 'syz.5.5881': attribute type 1 has an invalid length.
[  662.061539][T24876] 8021q: adding VLAN 0 to HW filter on device bond4
[  662.127035][T24890] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5884'.
[  662.189947][T24900] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5887'.
[  662.199027][T24900] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5887'.
[  662.236755][T24907] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5889'.
[  662.391552][T24943] netlink: 'syz.7.5897': attribute type 39 has an invalid length.
[  662.409965][T24945] FAULT_INJECTION: forcing a failure.
[  662.409965][T24945] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  662.423225][T24945] CPU: 1 UID: 0 PID: 24945 Comm: syz.6.5898 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  662.423257][T24945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  662.423273][T24945] Call Trace:
[  662.423281][T24945]  <TASK>
[  662.423291][T24945]  __dump_stack+0x1d/0x30
[  662.423395][T24945]  dump_stack_lvl+0xe8/0x140
[  662.423420][T24945]  dump_stack+0x15/0x1b
[  662.423437][T24945]  should_fail_ex+0x265/0x280
[  662.423462][T24945]  should_fail+0xb/0x20
[  662.423485][T24945]  should_fail_usercopy+0x1a/0x20
[  662.423573][T24945]  _copy_to_user+0x20/0xa0
[  662.423611][T24945]  simple_read_from_buffer+0xb5/0x130
[  662.423641][T24945]  proc_fail_nth_read+0x10e/0x150
[  662.423678][T24945]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  662.423853][T24945]  vfs_read+0x1a8/0x770
[  662.423877][T24945]  ? __rcu_read_unlock+0x4f/0x70
[  662.423903][T24945]  ? __fget_files+0x184/0x1c0
[  662.423986][T24945]  ksys_read+0xda/0x1a0
[  662.424016][T24945]  __x64_sys_read+0x40/0x50
[  662.424042][T24945]  x64_sys_call+0x27bc/0x2ff0
[  662.424069][T24945]  do_syscall_64+0xd2/0x200
[  662.424180][T24945]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  662.424274][T24945]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  662.424307][T24945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  662.424334][T24945] RIP: 0033:0x7f96f41dd5fc
[  662.424352][T24945] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  662.424420][T24945] RSP: 002b:00007f96f2c47030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  662.424446][T24945] RAX: ffffffffffffffda RBX: 00007f96f4405fa0 RCX: 00007f96f41dd5fc
[  662.424462][T24945] RDX: 000000000000000f RSI: 00007f96f2c470a0 RDI: 0000000000000004
[  662.424504][T24945] RBP: 00007f96f2c47090 R08: 0000000000000000 R09: 0000000000000000
[  662.424519][T24945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  662.424535][T24945] R13: 00007f96f4406038 R14: 00007f96f4405fa0 R15: 00007ffc8fed8698
[  662.424560][T24945]  </TASK>
[  662.457203][T24949] loop5: detected capacity change from 0 to 2048
[  662.654489][T24949] EXT4-fs (loop5): failed to initialize system zone (-117)
[  662.673241][T24949] EXT4-fs (loop5): mount failed
[  662.712643][T24976] netlink: 4 bytes leftover after parsing attributes in process `syz.7.5906'.
[  662.754728][   T29] kauditd_printk_skb: 214 callbacks suppressed
[  662.754746][   T29] audit: type=1400 audit(2000000057.070:21930): avc:  denied  { nlmsg_write } for  pid=24984 comm="syz.5.5908" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  662.765339][T24986] netlink: 108 bytes leftover after parsing attributes in process `syz.5.5908'.
[  662.792778][   T29] audit: type=1326 audit(2000000057.080:21931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24988 comm="syz.7.5910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1f069ebe9 code=0x7ffc0000
[  662.816485][   T29] audit: type=1326 audit(2000000057.080:21932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24988 comm="syz.7.5910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1f069ebe9 code=0x7ffc0000
[  662.840383][   T29] audit: type=1326 audit(2000000057.080:21933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24988 comm="syz.7.5910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb1f069ebe9 code=0x7ffc0000
[  662.864111][   T29] audit: type=1326 audit(2000000057.080:21934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24988 comm="syz.7.5910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1f069ebe9 code=0x7ffc0000
[  662.888013][   T29] audit: type=1326 audit(2000000057.080:21935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24988 comm="syz.7.5910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1f069ebe9 code=0x7ffc0000
[  662.911884][   T29] audit: type=1326 audit(2000000057.080:21936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24988 comm="syz.7.5910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb1f069ebe9 code=0x7ffc0000
[  662.936204][   T29] audit: type=1326 audit(2000000057.080:21937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24988 comm="syz.7.5910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1f069ebe9 code=0x7ffc0000
[  662.960191][   T29] audit: type=1326 audit(2000000057.080:21938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24988 comm="syz.7.5910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb1f069ebe9 code=0x7ffc0000
[  662.984531][   T29] audit: type=1326 audit(2000000057.080:21939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=24988 comm="syz.7.5910" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb1f069ebe9 code=0x7ffc0000
[  663.059907][T24999] loop7: detected capacity change from 0 to 8192
[  663.150825][T25021] FAULT_INJECTION: forcing a failure.
[  663.150825][T25021] name failslab, interval 1, probability 0, space 0, times 0
[  663.163775][T25021] CPU: 0 UID: 0 PID: 25021 Comm: syz.7.5916 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  663.163852][T25021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  663.163868][T25021] Call Trace:
[  663.163876][T25021]  <TASK>
[  663.163886][T25021]  __dump_stack+0x1d/0x30
[  663.163914][T25021]  dump_stack_lvl+0xe8/0x140
[  663.163980][T25021]  dump_stack+0x15/0x1b
[  663.164015][T25021]  should_fail_ex+0x265/0x280
[  663.164044][T25021]  ? audit_log_d_path+0x8d/0x150
[  663.164083][T25021]  should_failslab+0x8c/0xb0
[  663.164117][T25021]  __kmalloc_cache_noprof+0x4c/0x320
[  663.164227][T25021]  audit_log_d_path+0x8d/0x150
[  663.164276][T25021]  audit_log_d_path_exe+0x42/0x70
[  663.164310][T25021]  audit_log_task+0x1e9/0x250
[  663.164358][T25021]  audit_seccomp+0x61/0x100
[  663.164391][T25021]  ? __seccomp_filter+0x68c/0x10d0
[  663.164436][T25021]  __seccomp_filter+0x69d/0x10d0
[  663.164465][T25021]  ? cred_has_capability+0x210/0x280
[  663.164503][T25021]  __secure_computing+0x82/0x150
[  663.164570][T25021]  syscall_trace_enter+0xcf/0x1e0
[  663.164603][T25021]  do_syscall_64+0xac/0x200
[  663.164633][T25021]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  663.164663][T25021]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  663.164726][T25021]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.164755][T25021] RIP: 0033:0x7fb1f069d5fc
[  663.164774][T25021] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  663.164798][T25021] RSP: 002b:00007fb1ef107030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  663.164823][T25021] RAX: ffffffffffffffda RBX: 00007fb1f08c5fa0 RCX: 00007fb1f069d5fc
[  663.164838][T25021] RDX: 000000000000000f RSI: 00007fb1ef1070a0 RDI: 0000000000000006
[  663.164869][T25021] RBP: 00007fb1ef107090 R08: 0000000000000000 R09: 0000000000000000
[  663.164880][T25021] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  663.164892][T25021] R13: 00007fb1f08c6038 R14: 00007fb1f08c5fa0 R15: 00007fff8bb1fd38
[  663.164912][T25021]  </TASK>
[  663.501563][T25052] loop6: detected capacity change from 0 to 2048
[  663.533276][T25052] EXT4-fs (loop6): failed to initialize system zone (-117)
[  663.542299][T25052] EXT4-fs (loop6): mount failed
[  663.595052][T25070] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5926'.
[  663.604351][T25070] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5926'.
[  664.070749][T25154] FAULT_INJECTION: forcing a failure.
[  664.070749][T25154] name failslab, interval 1, probability 0, space 0, times 0
[  664.083487][T25154] CPU: 1 UID: 0 PID: 25154 Comm: syz.0.5940 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  664.083561][T25154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  664.083645][T25154] Call Trace:
[  664.083655][T25154]  <TASK>
[  664.083665][T25154]  __dump_stack+0x1d/0x30
[  664.083691][T25154]  dump_stack_lvl+0xe8/0x140
[  664.083711][T25154]  dump_stack+0x15/0x1b
[  664.083734][T25154]  should_fail_ex+0x265/0x280
[  664.083812][T25154]  should_failslab+0x8c/0xb0
[  664.083846][T25154]  __kmalloc_noprof+0xa5/0x3e0
[  664.083881][T25154]  ? start_sync_thread+0x604/0x1650
[  664.083912][T25154]  ? netdev_name_node_lookup+0xa4/0xd0
[  664.084061][T25154]  start_sync_thread+0x604/0x1650
[  664.084095][T25154]  ? __pfx_sync_thread_backup+0x10/0x10
[  664.084137][T25154]  ? __nla_validate_parse+0x1652/0x1d00
[  664.084235][T25154]  ip_vs_genl_set_daemon+0x44c/0x490
[  664.084288][T25154]  genl_family_rcv_msg_doit+0x143/0x1b0
[  664.084343][T25154]  genl_rcv_msg+0x422/0x460
[  664.084379][T25154]  ? __pfx_ip_vs_genl_set_daemon+0x10/0x10
[  664.084493][T25154]  netlink_rcv_skb+0x123/0x220
[  664.084518][T25154]  ? __pfx_genl_rcv_msg+0x10/0x10
[  664.084626][T25154]  genl_rcv+0x28/0x40
[  664.084656][T25154]  netlink_unicast+0x5bd/0x690
[  664.084702][T25154]  netlink_sendmsg+0x58b/0x6b0
[  664.084815][T25154]  ? __pfx_netlink_sendmsg+0x10/0x10
[  664.084935][T25154]  __sock_sendmsg+0x145/0x180
[  664.084971][T25154]  ____sys_sendmsg+0x31e/0x4e0
[  664.085011][T25154]  ___sys_sendmsg+0x17b/0x1d0
[  664.085069][T25154]  __x64_sys_sendmsg+0xd4/0x160
[  664.085104][T25154]  x64_sys_call+0x191e/0x2ff0
[  664.085132][T25154]  do_syscall_64+0xd2/0x200
[  664.085222][T25154]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  664.085253][T25154]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  664.085339][T25154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  664.085364][T25154] RIP: 0033:0x7f7d603aebe9
[  664.085383][T25154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  664.085407][T25154] RSP: 002b:00007f7d5ee17038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  664.085431][T25154] RAX: ffffffffffffffda RBX: 00007f7d605d5fa0 RCX: 00007f7d603aebe9
[  664.085450][T25154] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000006
[  664.085465][T25154] RBP: 00007f7d5ee17090 R08: 0000000000000000 R09: 0000000000000000
[  664.085481][T25154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  664.085494][T25154] R13: 00007f7d605d6038 R14: 00007f7d605d5fa0 R15: 00007ffcb28b95d8
[  664.085516][T25154]  </TASK>
[  664.626333][T25235] loop6: detected capacity change from 0 to 2048
[  664.664962][T25235] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  664.709960][T25235] FAULT_INJECTION: forcing a failure.
[  664.709960][T25235] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  664.723452][T25235] CPU: 1 UID: 0 PID: 25235 Comm: syz.6.5952 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  664.723485][T25235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  664.723557][T25235] Call Trace:
[  664.723566][T25235]  <TASK>
[  664.723577][T25235]  __dump_stack+0x1d/0x30
[  664.723617][T25235]  dump_stack_lvl+0xe8/0x140
[  664.723637][T25235]  dump_stack+0x15/0x1b
[  664.723654][T25235]  should_fail_ex+0x265/0x280
[  664.723680][T25235]  should_fail+0xb/0x20
[  664.723766][T25235]  should_fail_usercopy+0x1a/0x20
[  664.723796][T25235]  copy_folio_from_iter_atomic+0x278/0x11b0
[  664.723845][T25235]  generic_perform_write+0x2c2/0x490
[  664.723964][T25235]  ext4_buffered_write_iter+0x1ee/0x3c0
[  664.724041][T25235]  ext4_file_write_iter+0x383/0xf00
[  664.724081][T25235]  ? path_openat+0x1bf8/0x2170
[  664.724135][T25235]  ? _parse_integer_limit+0x170/0x190
[  664.724170][T25235]  do_iter_readv_writev+0x499/0x540
[  664.724209][T25235]  vfs_writev+0x2df/0x8b0
[  664.724285][T25235]  __se_sys_pwritev2+0xfc/0x1c0
[  664.724376][T25235]  __x64_sys_pwritev2+0x67/0x80
[  664.724408][T25235]  x64_sys_call+0x2c55/0x2ff0
[  664.724435][T25235]  do_syscall_64+0xd2/0x200
[  664.724472][T25235]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  664.724559][T25235]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  664.724588][T25235]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  664.724616][T25235] RIP: 0033:0x7f96f41debe9
[  664.724636][T25235] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  664.724659][T25235] RSP: 002b:00007f96f2c47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  664.724687][T25235] RAX: ffffffffffffffda RBX: 00007f96f4405fa0 RCX: 00007f96f41debe9
[  664.724745][T25235] RDX: 0000000000000001 RSI: 0000200000000100 RDI: 0000000000000005
[  664.724762][T25235] RBP: 00007f96f2c47090 R08: 0000000000000000 R09: 0000000000000000
[  664.724778][T25235] R10: 0000000000005405 R11: 0000000000000246 R12: 0000000000000001
[  664.724794][T25235] R13: 00007f96f4406038 R14: 00007f96f4405fa0 R15: 00007ffc8fed8698
[  664.724820][T25235]  </TASK>
[  664.731483][T25235] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.5952: bg 0: block 234: padding at end of block bitmap is not set
[  664.960883][T25235] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 22 with error 117
[  664.973482][T25235] EXT4-fs (loop6): This should not happen!! Data will be lost
[  664.973482][T25235] 
[  665.012937][T16236] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  665.025456][T16236] EXT4-fs (loop6): This should not happen!! Data will be lost
[  665.025456][T16236] 
[  665.035536][T16236] EXT4-fs (loop6): Total free blocks count 0
[  665.041656][T16236] EXT4-fs (loop6): Free/Dirty block details
[  665.047611][T16236] EXT4-fs (loop6): free_blocks=0
[  665.052825][T16236] EXT4-fs (loop6): dirty_blocks=32
[  665.058132][T16236] EXT4-fs (loop6): Block reservation details
[  665.093313][T25298] loop7: detected capacity change from 0 to 1024
[  665.106042][T25298] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  665.144281][T25298] syz.7.5960 (25298): attempted to duplicate a private mapping with mremap.  This is not supported.
[  665.287532][T18144] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  665.344032][T25345] nfs4: Bad value for 'source'
[  665.501133][T25385] loop5: detected capacity change from 0 to 512
[  665.515628][T25384] loop9: detected capacity change from 0 to 2048
[  665.528034][T25385] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  665.585150][T16614] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  665.660774][T25405] nfs4: Bad value for 'source'
[  665.859442][T25445] loop7: detected capacity change from 0 to 2048
[  665.893543][T25452] IPv6: NLM_F_CREATE should be specified when creating new route
[  665.905250][T25445] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  665.907292][T25452] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  665.933356][T25452] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  666.169822][ T6354] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm kworker/u8:9: bg 0: block 234: padding at end of block bitmap is not set
[  666.196529][ T6354] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  666.209194][ T6354] EXT4-fs (loop7): This should not happen!! Data will be lost
[  666.209194][ T6354] 
[  666.221987][T16237] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 1 with error 28
[  666.234630][T16237] EXT4-fs (loop7): This should not happen!! Data will be lost
[  666.234630][T16237] 
[  666.244915][T16237] EXT4-fs (loop7): Total free blocks count 0
[  666.250920][T16237] EXT4-fs (loop7): Free/Dirty block details
[  666.257110][T16237] EXT4-fs (loop7): free_blocks=0
[  666.262272][T16237] EXT4-fs (loop7): dirty_blocks=16
[  666.267506][T16237] EXT4-fs (loop7): Block reservation details
[  666.690525][T25554] lo speed is unknown, defaulting to 1000
[  666.775336][T25566] loop7: detected capacity change from 0 to 2048
[  666.804128][T25566] EXT4-fs (loop7): failed to initialize system zone (-117)
[  666.821754][T25566] EXT4-fs (loop7): mount failed
[  667.200363][T25506] loop6: detected capacity change from 0 to 2048
[  667.277198][T25506]  loop6: p2 p3 p7
[  667.373694][T25615] __nla_validate_parse: 14 callbacks suppressed
[  667.373711][T25615] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6019'.
[  667.389474][T25615] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6019'.
[  667.456675][T25619] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6020'.
[  667.465746][T25619] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6020'.
[  667.695800][T25654] nfs4: Bad value for 'source'
[  667.833731][T25676] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6029'.
[  667.844695][   T29] kauditd_printk_skb: 127 callbacks suppressed
[  667.844712][   T29] audit: type=1400 audit(2000000062.160:22067): avc:  denied  { tracepoint } for  pid=25668 comm="syz.5.6026" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  667.887571][T25678] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6030'.
[  667.896626][T25678] netlink: 8 bytes leftover after parsing attributes in process `syz.9.6030'.
[  667.979626][T25686] netlink: 88 bytes leftover after parsing attributes in process `syz.7.6033'.
[  668.221346][   T29] audit: type=1400 audit(2000000062.530:22068): avc:  denied  { ioctl } for  pid=25710 comm="syz.9.6040" path="time:[4026531834]" dev="nsfs" ino=4026531834 ioctlcmd=0x941b scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1
[  668.305282][T25717] loop6: detected capacity change from 0 to 2048
[  668.343710][T25717] EXT4-fs (loop6): failed to initialize system zone (-117)
[  668.354453][T25717] EXT4-fs (loop6): mount failed
[  668.418788][T25715] loop9: detected capacity change from 0 to 8192
[  668.427785][   T29] audit: type=1400 audit(2000000062.740:22069): avc:  denied  { read } for  pid=25727 comm="syz.6.6043" name="rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  668.451209][   T29] audit: type=1400 audit(2000000062.740:22070): avc:  denied  { open } for  pid=25727 comm="syz.6.6043" path="/dev/rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  668.537108][   T29] audit: type=1400 audit(2000000062.740:22071): avc:  denied  { read write } for  pid=25727 comm="syz.6.6043" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  668.543947][T25733] loop6: detected capacity change from 0 to 736
[  668.562279][   T29] audit: type=1400 audit(2000000062.740:22072): avc:  denied  { open } for  pid=25727 comm="syz.6.6043" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  668.593080][   T29] audit: type=1400 audit(2000000062.750:22073): avc:  denied  { ioctl } for  pid=25727 comm="syz.6.6043" path="/dev/rtc0" dev="devtmpfs" ino=244 ioctlcmd=0x7007 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  668.618709][   T29] audit: type=1400 audit(2000000062.750:22074): avc:  denied  { ioctl } for  pid=25727 comm="syz.6.6043" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x2275 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  668.644664][   T29] audit: type=1326 audit(2000000062.840:22075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25732 comm="syz.6.6044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f96f41debe9 code=0x7ffc0000
[  668.668555][   T29] audit: type=1326 audit(2000000062.840:22076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=25732 comm="syz.6.6044" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f96f41debe9 code=0x7ffc0000
[  668.719424][T25733] rock: directory entry would overflow storage
[  668.725713][T25733] rock: sig=0x3b10, size=4, remaining=3
[  668.835323][T25743] netlink: 108 bytes leftover after parsing attributes in process `syz.6.6045'.
[  668.885509][T25747] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6046'.
[  669.160641][T25791] loop7: detected capacity change from 0 to 1024
[  669.205123][T25791] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  669.238106][T25791] ext4 filesystem being mounted at /354/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  669.276929][T25791] EXT4-fs error (device loop7): ext4_map_blocks:814: inode #15: block 3: comm syz.7.6052: lblock 3 mapped to illegal pblock 3 (length 13)
[  669.340464][T25791] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 13 with error 117
[  669.353163][T25791] EXT4-fs (loop7): This should not happen!! Data will be lost
[  669.353163][T25791] 
[  669.440970][T18144] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  669.553852][T25821] loop6: detected capacity change from 0 to 512
[  669.612642][T25821] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  669.635350][T25821] ext4 filesystem being mounted at /332/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  669.684562][T18655] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  669.791273][T25838] netlink: 'syz.9.6070': attribute type 5 has an invalid length.
[  669.825788][T25845] loop6: detected capacity change from 0 to 1024
[  669.856166][T25845] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  669.915474][T25845] loop6: detected capacity change from 0 to 1024
[  669.962692][T25845] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  670.016272][T25845] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4183: comm syz.6.6072: Allocating blocks 385-513 which overlap fs metadata
[  670.084779][T25866] EXT4-fs (loop6): pa ffff888107a8ae70: logic 16, phys. 129, len 24
[  670.092939][T25866] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  670.241542][T25870] loop7: detected capacity change from 0 to 2048
[  670.293370][T25870] EXT4-fs (loop7): failed to initialize system zone (-117)
[  670.300641][T25870] EXT4-fs (loop7): mount failed
[  670.324188][T18655] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  670.566625][T25903] loop9: detected capacity change from 0 to 2048
[  670.584758][T25909] netlink: 'syz.7.6099': attribute type 10 has an invalid length.
[  670.810355][T25925] lo speed is unknown, defaulting to 1000
[  670.911245][T25951] nfs4: Bad value for 'source'
[  670.991137][T25963] loop7: detected capacity change from 0 to 2048
[  671.016042][T25963] EXT4-fs (loop7): failed to initialize system zone (-117)
[  671.044411][T25963] EXT4-fs (loop7): mount failed
[  671.092303][T25980] nfs4: Bad value for 'source'
[  671.195743][T26003] loop9: detected capacity change from 0 to 764
[  671.218937][T26003] rock: directory entry would overflow storage
[  671.225218][T26003] rock: sig=0x5245, size=8, remaining=5
[  671.257938][T26014] FAULT_INJECTION: forcing a failure.
[  671.257938][T26014] name failslab, interval 1, probability 0, space 0, times 0
[  671.265459][T26003] lo speed is unknown, defaulting to 1000
[  671.270720][T26014] CPU: 1 UID: 0 PID: 26014 Comm: syz.0.6127 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  671.270757][T26014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  671.270775][T26014] Call Trace:
[  671.270784][T26014]  <TASK>
[  671.270796][T26014]  __dump_stack+0x1d/0x30
[  671.270849][T26014]  dump_stack_lvl+0xe8/0x140
[  671.270878][T26014]  dump_stack+0x15/0x1b
[  671.270900][T26014]  should_fail_ex+0x265/0x280
[  671.270930][T26014]  should_failslab+0x8c/0xb0
[  671.270977][T26014]  kmem_cache_alloc_node_noprof+0x57/0x320
[  671.271019][T26014]  ? __alloc_skb+0x101/0x320
[  671.271045][T26014]  __alloc_skb+0x101/0x320
[  671.271070][T26014]  ? audit_log_start+0x365/0x6c0
[  671.271111][T26014]  audit_log_start+0x380/0x6c0
[  671.271151][T26014]  ? cap_capable+0x6c/0x210
[  671.271221][T26014]  selinux_inode_setxattr+0x613/0x6e0
[  671.271274][T26014]  ? trace_buffer_unlock_commit_regs+0x111/0x310
[  671.271310][T26014]  security_inode_setxattr+0x13a/0x1b0
[  671.271365][T26014]  __vfs_setxattr_locked+0x83/0x1d0
[  671.271454][T26014]  vfs_setxattr+0x132/0x270
[  671.271487][T26014]  file_setxattr+0x139/0x1b0
[  671.271659][T26014]  path_setxattrat+0x290/0x310
[  671.271785][T26014]  __x64_sys_fsetxattr+0x6b/0x80
[  671.271831][T26014]  x64_sys_call+0x1ced/0x2ff0
[  671.271998][T26014]  do_syscall_64+0xd2/0x200
[  671.272038][T26014]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  671.272075][T26014]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  671.272111][T26014] RIP: 0033:0x7f7d603aebe9
[  671.272133][T26014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  671.272236][T26014] RSP: 002b:00007f7d5ee17038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[  671.272263][T26014] RAX: ffffffffffffffda RBX: 00007f7d605d5fa0 RCX: 00007f7d603aebe9
[  671.272281][T26014] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  671.272299][T26014] RBP: 00007f7d5ee17090 R08: 0000000000000000 R09: 0000000000000000
[  671.272316][T26014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  671.272334][T26014] R13: 00007f7d605d6038 R14: 00007f7d605d5fa0 R15: 00007ffcb28b95d8
[  671.272361][T26014]  </TASK>
[  671.636103][T26050] loop6: detected capacity change from 0 to 2048
[  671.667014][T26050] EXT4-fs (loop6): failed to initialize system zone (-117)
[  671.676395][T26050] EXT4-fs (loop6): mount failed
[  671.689893][T26059] nfs4: Bad value for 'source'
[  672.047589][T26115] nfs4: Bad value for 'source'
[  672.213584][T26146] loop7: detected capacity change from 0 to 164
[  672.258756][T26157] FAULT_INJECTION: forcing a failure.
[  672.258756][T26157] name failslab, interval 1, probability 0, space 0, times 0
[  672.271482][T26157] CPU: 0 UID: 0 PID: 26157 Comm: syz.0.6155 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  672.271528][T26157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  672.271544][T26157] Call Trace:
[  672.271552][T26157]  <TASK>
[  672.271561][T26157]  __dump_stack+0x1d/0x30
[  672.271641][T26157]  dump_stack_lvl+0xe8/0x140
[  672.271662][T26157]  dump_stack+0x15/0x1b
[  672.271679][T26157]  should_fail_ex+0x265/0x280
[  672.271702][T26157]  should_failslab+0x8c/0xb0
[  672.271766][T26157]  __kmalloc_noprof+0xa5/0x3e0
[  672.271830][T26157]  ? fib6_info_alloc+0x2e/0x90
[  672.271863][T26157]  ? atomic_notifier_call_chain+0x19c/0x1c0
[  672.271901][T26157]  fib6_info_alloc+0x2e/0x90
[  672.271931][T26157]  ip6_route_info_create+0xe7/0x390
[  672.272017][T26157]  ip6_route_add+0x49/0x170
[  672.272051][T26157]  inet6_addr_add+0x4d3/0x6a0
[  672.272109][T26157]  addrconf_add_ifaddr+0x1ab/0x270
[  672.272149][T26157]  inet6_ioctl+0xb0/0x190
[  672.272180][T26157]  ? ioctl_has_perm+0x257/0x2a0
[  672.272217][T26157]  sock_do_ioctl+0x70/0x220
[  672.272249][T26157]  sock_ioctl+0x41b/0x610
[  672.272277][T26157]  ? __pfx_sock_ioctl+0x10/0x10
[  672.272351][T26157]  __se_sys_ioctl+0xce/0x140
[  672.272371][T26157]  __x64_sys_ioctl+0x43/0x50
[  672.272404][T26157]  x64_sys_call+0x1816/0x2ff0
[  672.272435][T26157]  do_syscall_64+0xd2/0x200
[  672.272463][T26157]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  672.272488][T26157]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  672.272516][T26157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  672.272582][T26157] RIP: 0033:0x7f7d603aebe9
[  672.272605][T26157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  672.272658][T26157] RSP: 002b:00007f7d5ee17038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  672.272677][T26157] RAX: ffffffffffffffda RBX: 00007f7d605d5fa0 RCX: 00007f7d603aebe9
[  672.272690][T26157] RDX: 0000200000005b80 RSI: 0000000000008916 RDI: 0000000000000006
[  672.272703][T26157] RBP: 00007f7d5ee17090 R08: 0000000000000000 R09: 0000000000000000
[  672.272715][T26157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  672.272727][T26157] R13: 00007f7d605d6038 R14: 00007f7d605d5fa0 R15: 00007ffcb28b95d8
[  672.272828][T26157]  </TASK>
[  672.560230][T26166] __nla_validate_parse: 29 callbacks suppressed
[  672.560252][T26166] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6156'.
[  672.575845][T26166] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6156'.
[  672.624417][T26158] lo speed is unknown, defaulting to 1000
[  672.640799][T26173] nfs4: Bad value for 'source'
[  672.816487][T26219] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6163'.
[  672.868215][   T29] kauditd_printk_skb: 237 callbacks suppressed
[  672.868234][   T29] audit: type=1326 audit(2000000067.180:22312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26210 comm="syz.0.6162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d603aebe9 code=0x7ffc0000
[  672.869168][T26224] netlink: 'syz.0.6162': attribute type 9 has an invalid length.
[  672.878832][   T29] audit: type=1326 audit(2000000067.180:22313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26210 comm="syz.0.6162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d603aebe9 code=0x7ffc0000
[  672.915539][T26230] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6170'.
[  672.930098][   T29] audit: type=1326 audit(2000000067.180:22314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26210 comm="syz.0.6162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f7d603aebe9 code=0x7ffc0000
[  672.938865][T26230] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6170'.
[  672.962842][   T29] audit: type=1326 audit(2000000067.180:22315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26210 comm="syz.0.6162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d603aebe9 code=0x7ffc0000
[  672.962886][   T29] audit: type=1326 audit(2000000067.180:22316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26210 comm="syz.0.6162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7d603aebe9 code=0x7ffc0000
[  672.962918][   T29] audit: type=1326 audit(2000000067.180:22317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26210 comm="syz.0.6162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d603aebe9 code=0x7ffc0000
[  673.043439][   T29] audit: type=1326 audit(2000000067.180:22318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26210 comm="syz.0.6162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f7d603aebe9 code=0x7ffc0000
[  673.067386][   T29] audit: type=1326 audit(2000000067.220:22319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26210 comm="syz.0.6162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d603aebe9 code=0x7ffc0000
[  673.091247][   T29] audit: type=1326 audit(2000000067.220:22320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26210 comm="syz.0.6162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=199 compat=0 ip=0x7f7d603aebe9 code=0x7ffc0000
[  673.115306][   T29] audit: type=1326 audit(2000000067.220:22321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=26210 comm="syz.0.6162" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d603aebe9 code=0x7ffc0000
[  673.352298][T26268] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6180'.
[  673.404007][T26277] 8021q: adding VLAN 0 to HW filter on device bond5
[  673.449737][T26288] netlink: 180 bytes leftover after parsing attributes in process `syz.5.6184'.
[  673.465129][T26288] netlink: 180 bytes leftover after parsing attributes in process `syz.5.6184'.
[  673.648801][T26323] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6191'.
[  673.657764][T26323] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6191'.
[  673.729792][T26337] can0: slcan on ttyS3.
[  673.792837][T26337] can0 (unregistered): slcan off ttyS3.
[  674.126514][T26409] lo speed is unknown, defaulting to 1000
[  674.509899][T26489] FAULT_INJECTION: forcing a failure.
[  674.509899][T26489] name failslab, interval 1, probability 0, space 0, times 0
[  674.522823][T26489] CPU: 0 UID: 0 PID: 26489 Comm: syz.6.6223 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  674.522852][T26489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  674.522915][T26489] Call Trace:
[  674.522924][T26489]  <TASK>
[  674.522934][T26489]  __dump_stack+0x1d/0x30
[  674.522961][T26489]  dump_stack_lvl+0xe8/0x140
[  674.522986][T26489]  dump_stack+0x15/0x1b
[  674.523008][T26489]  should_fail_ex+0x265/0x280
[  674.523036][T26489]  should_failslab+0x8c/0xb0
[  674.523128][T26489]  __kmalloc_noprof+0xa5/0x3e0
[  674.523162][T26489]  ? nfc_llcp_build_tlv+0xac/0x100
[  674.523220][T26489]  nfc_llcp_build_tlv+0xac/0x100
[  674.523259][T26489]  nfc_llcp_build_gb+0x11b/0x2f0
[  674.523289][T26489]  nfc_llcp_general_bytes+0xd9/0x1e0
[  674.523389][T26489]  nfc_dep_link_up+0xdd/0x260
[  674.523424][T26489]  nfc_genl_dep_link_up+0xdd/0x120
[  674.523469][T26489]  genl_family_rcv_msg_doit+0x143/0x1b0
[  674.523522][T26489]  genl_rcv_msg+0x422/0x460
[  674.523559][T26489]  ? __pfx_nfc_genl_dep_link_up+0x10/0x10
[  674.523595][T26489]  netlink_rcv_skb+0x123/0x220
[  674.523673][T26489]  ? __pfx_genl_rcv_msg+0x10/0x10
[  674.523708][T26489]  genl_rcv+0x28/0x40
[  674.523746][T26489]  netlink_unicast+0x5bd/0x690
[  674.523790][T26489]  netlink_sendmsg+0x58b/0x6b0
[  674.523870][T26489]  ? __pfx_netlink_sendmsg+0x10/0x10
[  674.523900][T26489]  __sock_sendmsg+0x145/0x180
[  674.523937][T26489]  ____sys_sendmsg+0x31e/0x4e0
[  674.523969][T26489]  ___sys_sendmsg+0x17b/0x1d0
[  674.524045][T26489]  __x64_sys_sendmsg+0xd4/0x160
[  674.524081][T26489]  x64_sys_call+0x191e/0x2ff0
[  674.524108][T26489]  do_syscall_64+0xd2/0x200
[  674.524143][T26489]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  674.524170][T26489]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  674.524262][T26489]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  674.524315][T26489] RIP: 0033:0x7f96f41debe9
[  674.524333][T26489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  674.524358][T26489] RSP: 002b:00007f96f2c47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  674.524379][T26489] RAX: ffffffffffffffda RBX: 00007f96f4405fa0 RCX: 00007f96f41debe9
[  674.524408][T26489] RDX: 0000000000000040 RSI: 0000200000000600 RDI: 0000000000000004
[  674.524424][T26489] RBP: 00007f96f2c47090 R08: 0000000000000000 R09: 0000000000000000
[  674.524440][T26489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  674.524463][T26489] R13: 00007f96f4406038 R14: 00007f96f4405fa0 R15: 00007ffc8fed8698
[  674.524516][T26489]  </TASK>
[  674.961013][T26529] nfs4: Bad value for 'source'
[  674.998424][T26537] loop9: detected capacity change from 0 to 2048
[  675.184194][T26578] netlink: 'syz.5.6243': attribute type 2 has an invalid length.
[  675.244962][T26590] nfs4: Bad value for 'source'
[  675.270844][T26597] gretap0: left allmulticast mode
[  675.276080][T26597] gretap0: left promiscuous mode
[  675.281278][T26597] bridge0: port 3(gretap0) entered disabled state
[  675.296209][T26597] bridge_slave_0: left allmulticast mode
[  675.302014][T26597] bridge_slave_0: left promiscuous mode
[  675.308008][T26597] bridge0: port 1(bridge_slave_0) entered disabled state
[  675.316867][T26597] bridge_slave_1: left allmulticast mode
[  675.322764][T26597] bridge_slave_1: left promiscuous mode
[  675.328592][T26597] bridge0: port 2(bridge_slave_1) entered disabled state
[  675.346379][T26597] bond0: (slave bond_slave_0): Releasing backup interface
[  675.364214][T26597] bond0: (slave bond_slave_1): Releasing backup interface
[  675.377651][T26597] team0: Port device team_slave_0 removed
[  675.392434][T26597] team0: Port device 
2
6±ÿ removed
[  675.399038][T26597] batman_adv: batadv0: Removing interface: batadv_slave_0
[  675.407291][T26597] batman_adv: batadv0: Removing interface: batadv_slave_1
[  675.416551][T26597] bond1: (slave vxcan3): Releasing backup interface
[  675.423540][T26597] vxcan3: left promiscuous mode
[  675.849719][T26667] loop5: detected capacity change from 0 to 2048
[  675.886158][T26667] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  675.914397][T26666] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  675.937960][T26667] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  675.950211][T26667] EXT4-fs (loop5): This should not happen!! Data will be lost
[  675.950211][T26667] 
[  675.959923][T26667] EXT4-fs (loop5): Total free blocks count 0
[  675.965950][T26667] EXT4-fs (loop5): Free/Dirty block details
[  675.972137][T26667] EXT4-fs (loop5): free_blocks=4096
[  675.977473][T26667] EXT4-fs (loop5): dirty_blocks=16
[  675.982664][T26667] EXT4-fs (loop5): Block reservation details
[  675.988683][T26667] EXT4-fs (loop5): i_reserved_data_blocks=1
[  676.042181][T26667] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  676.446220][T26759] loop9: detected capacity change from 0 to 2048
[  676.842280][T26831] loop9: detected capacity change from 0 to 2048
[  676.876444][T26840] netlink: 'syz.9.6288': attribute type 1 has an invalid length.
[  676.884326][T26840] netlink: 'syz.9.6288': attribute type 2 has an invalid length.
[  677.189242][T26889] ipvlan2: entered promiscuous mode
[  677.196799][T26889] bridge0: port 4(ipvlan2) entered blocking state
[  677.203424][T26889] bridge0: port 4(ipvlan2) entered disabled state
[  677.210765][T26889] ipvlan2: entered allmulticast mode
[  677.216239][T26889] bridge0: entered allmulticast mode
[  677.222217][T26889] ipvlan2: left allmulticast mode
[  677.227324][T26889] bridge0: left allmulticast mode
[  677.235377][T26891] loop7: detected capacity change from 0 to 1024
[  677.242594][T26891] EXT4-fs: Ignoring removed orlov option
[  677.250072][T26891] EXT4-fs (loop7): invalid inodes per group: 0
[  677.250072][T26891] 
[  677.300605][T26905] 9pnet: Could not find request transport: r
[  677.345694][T26913] loop7: detected capacity change from 0 to 512
[  677.352934][T26913] EXT4-fs: Ignoring removed orlov option
[  677.358691][T26913] EXT4-fs: Ignoring removed nomblk_io_submit option
[  677.369819][T26913] ext4: Unknown parameter 'fsname'
[  677.519590][T26948] loop5: detected capacity change from 0 to 1024
[  677.528587][T26948] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  677.539639][T26948] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  677.568094][T26948] JBD2: no valid journal superblock found
[  677.574068][T26948] EXT4-fs (loop5): Could not load journal inode
[  677.633613][T26966] loop7: detected capacity change from 0 to 2048
[  677.654065][T26966] EXT4-fs (loop7): failed to initialize system zone (-117)
[  677.662377][T26966] EXT4-fs (loop7): mount failed
[  677.852691][T27002] loop0: detected capacity change from 0 to 512
[  677.873241][   T29] kauditd_printk_skb: 438 callbacks suppressed
[  677.873378][   T29] audit: type=1400 audit(2000000072.190:22760): avc:  denied  { mounton } for  pid=27001 comm="syz.0.6315" path="/207/bus" dev="devtmpfs" ino=1198 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  677.903387][T27002] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  677.930182][T27002] EXT4-fs (loop0): 1 truncate cleaned up
[  677.936406][T27002] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  677.954939][   T29] audit: type=1400 audit(2000000072.270:22761): avc:  denied  { execute } for  pid=26986 comm="syz.7.6312" dev="tmpfs" ino=837 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  677.962926][T27002] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  677.984999][   T29] audit: type=1400 audit(2000000072.270:22762): avc:  denied  { execute_no_trans } for  pid=26986 comm="syz.7.6312" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=837 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  678.017344][   T29] audit: type=1400 audit(2000000072.330:22763): avc:  denied  { ioctl } for  pid=26986 comm="syz.7.6312" path="socket:[71361]" dev="sockfs" ino=71361 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  678.091043][   T29] audit: type=1400 audit(2000000072.400:22764): avc:  denied  { unmount } for  pid=22393 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  678.148436][   T29] audit: type=1400 audit(2000000072.460:22765): avc:  denied  { read write } for  pid=27025 comm="syz.7.6317" name="virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  678.161593][T27024] lo speed is unknown, defaulting to 1000
[  678.172564][   T29] audit: type=1400 audit(2000000072.460:22766): avc:  denied  { open } for  pid=27025 comm="syz.7.6317" path="/dev/virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  678.402018][   T29] audit: type=1400 audit(2000000072.650:22767): avc:  denied  { read append } for  pid=27061 comm="syz.7.6320" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  678.431393][   T29] audit: type=1400 audit(2000000072.650:22768): avc:  denied  { open } for  pid=27061 comm="syz.7.6320" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  678.459009][   T29] audit: type=1400 audit(2000000072.670:22769): avc:  denied  { ioctl } for  pid=27061 comm="syz.7.6320" path="socket:[71426]" dev="sockfs" ino=71426 ioctlcmd=0x48cb scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  678.496594][T27069] __nla_validate_parse: 21 callbacks suppressed
[  678.496610][T27069] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6323'.
[  679.146209][T27089] loop6: detected capacity change from 0 to 2048
[  679.189976][T27089] EXT4-fs (loop6): failed to initialize system zone (-117)
[  679.213658][T27089] EXT4-fs (loop6): mount failed
[  679.355616][T27110] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6333'.
[  679.364660][T27110] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6333'.
[  679.449198][T27121] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6336'.
[  679.514799][T27129] netlink: 8 bytes leftover after parsing attributes in process `syz.7.6338'.
[  679.568898][T27133] netlink: 'syz.6.6339': attribute type 10 has an invalid length.
[  679.598065][T27133] team0: Port device dummy0 added
[  679.617764][T27133] netlink: 'syz.6.6339': attribute type 10 has an invalid length.
[  679.637021][T27133] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  679.664272][T27133] team0: Failed to send options change via netlink (err -105)
[  679.686574][T27133] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  679.714787][T27133] team0: Port device dummy0 removed
[  679.731553][T27133] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  680.012620][T27187] loop6: detected capacity change from 0 to 1024
[  680.029023][T27187] EXT4-fs: Ignoring removed oldalloc option
[  680.037233][T27187] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  680.114822][T27187] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  680.721305][T27258] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6349'.
[  680.821791][T18655] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  680.852456][T27264] nfs4: Bad value for 'source'
[  681.089920][T27293] lo speed is unknown, defaulting to 1000
[  681.096167][T27307] netlink: 'syz.7.6353': attribute type 21 has an invalid length.
[  681.104154][T27307] netlink: 'syz.7.6353': attribute type 4 has an invalid length.
[  681.288681][T27327] loop0: detected capacity change from 0 to 2048
[  681.296268][T27330] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6358'.
[  681.305408][T27330] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6358'.
[  681.325131][T27327] EXT4-fs (loop0): failed to initialize system zone (-117)
[  681.339480][T27327] EXT4-fs (loop0): mount failed
[  681.426250][T27342] loop0: detected capacity change from 0 to 2048
[  681.459226][T27347] netlink: 'syz.7.6361': attribute type 10 has an invalid length.
[  681.468992][T27342] EXT4-fs (loop0): failed to initialize system zone (-117)
[  681.479669][T27347] netlink: 'syz.7.6361': attribute type 10 has an invalid length.
[  681.487707][T27342] EXT4-fs (loop0): mount failed
[  681.531007][T27356] netlink: 4 bytes leftover after parsing attributes in process `syz.7.6372'.
[  681.537064][T27357] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6362'.
[  681.599946][T27362] nfs4: Bad value for 'source'
[  682.032535][T27441] loop9: detected capacity change from 0 to 2048
[  682.065189][T27444] nfs4: Bad value for 'source'
[  682.073958][T27452] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  682.162585][T27463] loop5: detected capacity change from 0 to 128
[  682.426399][T27498] nfs4: Bad value for 'source'
[  682.907164][   T29] kauditd_printk_skb: 140 callbacks suppressed
[  682.907182][   T29] audit: type=1400 audit(2000000077.220:22910): avc:  denied  { read write } for  pid=21024 comm="syz-executor" name="loop9" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  682.938055][   T29] audit: type=1400 audit(2000000077.220:22911): avc:  denied  { open } for  pid=21024 comm="syz-executor" path="/dev/loop9" dev="devtmpfs" ino=109 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  682.970377][   T29] audit: type=1400 audit(2000000077.280:22912): avc:  denied  { ioctl } for  pid=21024 comm="syz-executor" path="/dev/loop9" dev="devtmpfs" ino=109 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  683.013344][   T29] audit: type=1400 audit(2000000077.330:22913): avc:  denied  { create } for  pid=27596 comm="syz.9.6392" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  683.059631][   T29] audit: type=1400 audit(2000000077.350:22914): avc:  denied  { bind } for  pid=27596 comm="syz.9.6392" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  683.080657][   T29] audit: type=1400 audit(2000000077.370:22915): avc:  denied  { create } for  pid=27592 comm="syz.0.6403" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  683.104042][   T29] audit: type=1400 audit(2000000077.420:22916): avc:  denied  { write } for  pid=27592 comm="syz.0.6403" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  683.125140][   T29] audit: type=1400 audit(2000000077.420:22917): avc:  denied  { read } for  pid=27592 comm="syz.0.6403" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  683.154874][   T29] audit: type=1400 audit(2000000077.420:22918): avc:  denied  { unmount } for  pid=16614 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  683.209250][   T29] audit: type=1400 audit(2000000077.520:22919): avc:  denied  { name_bind } for  pid=27614 comm="syz.9.6397" src=3618 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[  683.284786][T27626] nfs4: Bad value for 'source'
[  683.410098][T27648] loop9: detected capacity change from 0 to 2048
[  683.510374][T27674] nfs4: Bad value for 'source'
[  683.698791][T27714] __nla_validate_parse: 18 callbacks suppressed
[  683.698812][T27714] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6425'.
[  683.714262][T27714] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6425'.
[  683.890662][T27746] nfs4: Bad value for 'source'
[  683.951179][T27764] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6435'.
[  684.149939][T27795] netlink: 100 bytes leftover after parsing attributes in process `syz.0.6440'.
[  684.262774][T27819] netlink: 24 bytes leftover after parsing attributes in process `syz.7.6443'.
[  684.280620][T27812] lo speed is unknown, defaulting to 1000
[  684.303888][T27822] nfs4: Bad value for 'source'
[  684.350961][T27833] loop7: detected capacity change from 0 to 2048
[  684.376616][T27841] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6449'.
[  684.388571][T27833] EXT4-fs (loop7): failed to initialize system zone (-117)
[  684.402267][T27833] EXT4-fs (loop7): mount failed
[  684.453451][T27847] loop0: detected capacity change from 0 to 2048
[  684.460264][T27849] netlink: 100 bytes leftover after parsing attributes in process `syz.7.6451'.
[  684.473248][T27847] EXT4-fs (loop0): failed to initialize system zone (-117)
[  684.485480][T27847] EXT4-fs (loop0): mount failed
[  684.507571][T27853] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6452'.
[  684.516654][T27853] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6452'.
[  684.591961][T27870] nfs4: Bad value for 'source'
[  684.707095][T27890] loop6: detected capacity change from 0 to 2048
[  684.723568][T27897] loop0: detected capacity change from 0 to 128
[  684.744272][T27890] EXT4-fs (loop6): failed to initialize system zone (-117)
[  684.762070][T27890] EXT4-fs (loop6): mount failed
[  685.096261][T27954] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6466'.
[  685.197930][T27974] nfs4: Bad value for 'source'
[  685.429405][T28020] loop7: detected capacity change from 0 to 1024
[  685.440057][T28020] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  685.450644][T28020] EXT4-fs (loop7): can't mount with commit=, fs mounted w/o journal
[  685.514628][T28031] loop5: detected capacity change from 0 to 2048
[  685.543385][T28031] EXT4-fs (loop5): failed to initialize system zone (-117)
[  685.550897][T28031] EXT4-fs (loop5): mount failed
[  685.739919][T28069] nfs4: Bad value for 'source'
[  685.800852][T28081] loop6: detected capacity change from 0 to 2048
[  685.823720][T28081] EXT4-fs (loop6): failed to initialize system zone (-117)
[  685.833052][T28081] EXT4-fs (loop6): mount failed
[  685.880406][T28100] loop6: detected capacity change from 0 to 128
[  686.386924][T28188] loop9: detected capacity change from 0 to 2048
[  686.395601][T28191] bridge0: port 1(gretap0) entered blocking state
[  686.402142][T28191] bridge0: port 1(gretap0) entered disabled state
[  686.417081][T28191] gretap0: entered allmulticast mode
[  686.423319][T28191] gretap0: entered promiscuous mode
[  686.825673][T28270] loop0: detected capacity change from 0 to 2048
[  686.843857][T28270] EXT4-fs (loop0): failed to initialize system zone (-117)
[  686.858854][T28270] EXT4-fs (loop0): mount failed
[  687.023306][T28314] loop9: detected capacity change from 0 to 128
[  687.046158][T28312] loop6: detected capacity change from 0 to 2048
[  687.075338][T28312] EXT4-fs (loop6): failed to initialize system zone (-117)
[  687.093317][T28312] EXT4-fs (loop6): mount failed
[  687.495805][    T2] ==================================================================
[  687.503944][    T2] BUG: KCSAN: data-race in memcpy_and_pad / release_task
[  687.511001][    T2] 
[  687.513370][    T2] write to 0xffff888100211638 of 8 bytes by task 28392 on cpu 1:
[  687.521115][    T2]  release_task+0x779/0xb60
[  687.525677][    T2]  do_exit+0xd81/0x15c0
[  687.529878][    T2]  kthread_exit+0x94/0x190
[  687.534371][    T2]  kthread+0xc7/0x510
[  687.538386][    T2]  ret_from_fork+0xda/0x150
[  687.542929][    T2]  ret_from_fork_asm+0x1a/0x30
[  687.547747][    T2] 
[  687.550103][    T2] read to 0xffff888100211080 of 3264 bytes by task 2 on cpu 0:
[  687.557764][    T2]  memcpy_and_pad+0x48/0x80
[  687.562745][    T2]  arch_dup_task_struct+0x2c/0x40
[  687.567809][    T2]  dup_task_struct+0x83/0x6a0
[  687.572632][    T2]  copy_process+0x399/0x2000
[  687.577310][    T2]  kernel_clone+0x16c/0x5c0
[  687.581873][    T2]  kernel_thread+0xac/0xe0
[  687.586377][    T2]  kthreadd+0x28d/0x360
[  687.590576][    T2]  ret_from_fork+0xda/0x150
[  687.595121][    T2]  ret_from_fork_asm+0x1a/0x30
[  687.599925][    T2] 
[  687.602263][    T2] Reported by Kernel Concurrency Sanitizer on:
[  687.608428][    T2] CPU: 0 UID: 0 PID: 2 Comm: kthreadd Not tainted syzkaller #0 PREEMPT(voluntary) 
[  687.617935][    T2] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  687.628002][    T2] ==================================================================