last executing test programs:

38.087463319s ago: executing program 4 (id=91):
unshare(0x24020400)
quotactl_fd$Q_SETQUOTA(0xffffffffffffffff, 0xffffffff80000800, 0x0, &(0x7f00000004c0)={0x36, 0x10000, 0x2, 0xfffffffffffffff7, 0x935, 0x8e, 0x10, 0x0, 0x81})
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0500000004000000e47f000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r2}, 0x10)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000800)={'filter\x00', 0xb001, 0x4, 0x3a8, 0x0, 0x1d0, 0x0, 0x2c0, 0x2c0, 0x2c0, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0x1d0}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1d0}}, {{@uncond, 0xc0, 0xe8, 0x0, {0x0, 0x1e03}}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x46e, 0xfffc}}}, {{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x3f8)

37.886397312s ago: executing program 4 (id=96):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100002c34c027000000000000ea048500"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
readlinkat(0xffffffffffffffff, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f00000002c0)=""/198, 0xc6)

37.835934153s ago: executing program 4 (id=98):
socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84) (rerun: 64)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @empty}], 0x1c) (async)
sendto$inet6(r0, &(0x7f0000000500)="a4", 0x34000, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c) (async, rerun: 32)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000006380), 0x0, 0x800) (async, rerun: 32)
r1 = socket(0x10, 0x3, 0x2)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000040)) (async, rerun: 32)
ioctl$SIOCX25GCAUSEDIAG(r1, 0x89e6, &(0x7f0000000040)={0xc, 0xff}) (async, rerun: 32)
getsockopt$inet_sctp_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, 0x0, 0x0) (async)
setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, 0x0, 0x0)
socket$kcm(0x10, 0x3, 0x10) (async)
socket$inet_icmp_raw(0x2, 0x3, 0x1) (async)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) (async)
r3 = getpid() (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r5, 0x0)
r6 = syz_pidfd_open(r3, 0x0)
setns(r6, 0x24020000) (async)
r7 = syz_clone3(&(0x7f00000008c0)={0x15340180, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) (async)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_open_procfs(r7, &(0x7f0000000180)='net/connector\x00') (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10) (async, rerun: 64)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0) (async, rerun: 64)
socket$unix(0x1, 0x1, 0x0)
close(0x4)

37.640598606s ago: executing program 4 (id=99):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x1018ed8, &(0x7f00000005c0)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nodiscard}, {@nodelalloc}, {@usrquota}, {@nolazytime}, {@noblock_validity}, {@block_validity}, {@barrier}]}, 0x5, 0x647, &(0x7f0000000f00)="$eJzs3c9rHG0dAPDvzCZpfvmmr4j4BsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHSQq2FpqABwUFEa9FevEf8C69exNBvXkWqkjFgpauzOxsu9nsZrdNdjfJfD6w2WeeeTbP893ZZ+eZnX12AiituexPGvFJxJsbScRM07rpqK+cK8q9/Nfjm9ktiVrtu/9MIinyGuWT4n6qWBiPiD9GxKcru+vdePjo9lK1Vvck4uzmnftnNx4+OrN2Z+nWyq2Vu4vnvnb+wsLXF88vNjX0w00V91eufufzv/jJD7+6+qfqmSQuxvXRHy9HSxwHZS7m4k0RYnP+SERcyBJtnpej5hiEUGqV4vU4GhGfjZmo5Et1M7H286E2DuirWiWitrekWwHgqNK9oawa44DGsX1vx8HX+zwqGZwXl+oHQLvjHyk+chjPj40mXyZNR0b1zzZOHkD9WR2vH48/ff149mns+Bzi1dutM3IA9XSytR0Rn2sXf5K37WQeaRZ/uuNYP4mIhYgYK9r3rX20IWlK9+NzmL30GH8li795O6QRcbG4z/Ivf2D9rR9rDTp+AMrp+aViR76VLTX2f83nKxr7/3z886SRO73/UzK5Ye//Oo//Gvv78Xzck7aMw7Ixy7X2/3K0NeNvP7vyq07118d/s08bt6z+xlhwEF5sR8y2xP/TLNhi/JPFn7QZ/2ZFblzsrY5v//kfVzqtG3b8tWcRp9oe/7wblWapPc5Pnl1dq64s1P+2reP3f/jBbzvV3z7+E32ItL1s+092iL9p+6etj8uek/vt/+V2a8bvrj2706n+6a7bP/37WFI/3hwrcn60vbm5vhgxllwtihT5S5ub6+d2/v/LUzuX62Ve1fL7xXr8p7/Uvv/veP23RDXReMvswf3v3X7Zad2HvP6b3pzf1HpsQydZ/Ce6b/9d/T/L+2WPdfzn+w++0Gld+/iTfcUEAAAAAAAAZZXm52CTdP5tOk3n5+vzZT8Tk2n13sbml1fvPbi7HHE6/z7kaBppkn9lZKa+nKyuVVcWi+/DNpbPtSx/JSI+johfVyby5fmb96rLww4eAAAAAAAAAAAAAAAAAAAADompYv5/4zrV/67U5/8DJdH9AnO7rv8AHBP9vMAkcLjl/X+vXfxHg2sLMFj2/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMCx9PEXn/81iYitb0zkt8xYsc6kXzjeRt+rdKVv7QAGT4+G8np76t9gH0qnp/H/f4sfB+x/c4AhSNpl5oOD2t6d/3nbR76zvf+2AQAAAAAAAAAAAAB1pz7pPP///eYGA0eNaX9QXvuY/++nA+CI89P/UF6O8YEus/hjvNOKbvP/AQAAAAAAAAAAAIADM53fknS+mAs8HWk6Px/xqYg4GaPJ6lp1ZSEiPoqIv1RGT2TLi8NuNAAAAAAAAAAAAAAAAAAAABwzGw8f3V6qVlfWmxP/25VzvBONq6B2L1zrocyeiW/Gez4qksE/LRMRMfSN0rfESFNOErGVbflD0bD1jTgczcgTQ35jAgAAAAAAAAAAAAAAAACAEmqae9ze7G8G3CIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGLx31//vklierD+gp8I7E8OOEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4mv4fAAD//+uzO4c=")
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000001f80)=""/4098, 0x1002)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000400)=@delchain={0x94, 0x65, 0x4, 0x70bd2b, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xfff1, 0x5}, {0xd, 0x10}, {0x1, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x54, 0x2, [@TCA_FLOWER_KEY_IP_TOS_MASK={0x5, 0x4a, 0xa}, @TCA_FLOWER_KEY_MPLS_BOS={0x5, 0x44, 0xaa}, @TCA_FLOWER_KEY_IPV4_SRC_MASK={0x8, 0xb, 0xff}, @TCA_FLOWER_KEY_SCTP_DST={0x6}, @TCA_FLOWER_KEY_IP_TTL={0x5, 0x4b, 0x9}, @TCA_FLOWER_KEY_UDP_DST={0x6}, @TCA_FLOWER_KEY_CT_MARK_MASK={0x8, 0x60, 0x8}, @TCA_FLOWER_KEY_UDP_SRC_MASK={0x6}, @TCA_FLOWER_KEY_ARP_TIP={0x8, 0x3b, @remote}, @TCA_FLOWER_KEY_CT_STATE={0x6, 0x5b, 0x2fb}]}}, @filter_kind_options=@f_cgroup={{0xb}, {0x4}}]}, 0x94}, 0x1, 0x0, 0x0, 0x4}, 0x40080)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="5000000002060500000000000000000000000000050001000700000005000400000000090000020073797a310000000015000300686173683a69702c706f72742c6e65740000000005e6050002000000"], 0x50}, 0x1, 0x0, 0x0, 0x40001}, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=ANY=[@ANYBLOB="2800000003060102000000000000000005000000050001000700000009ecc0dbe63fce642506f9f2"], 0x28}}, 0x10)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140))
readv(r1, &(0x7f0000000600)=[{&(0x7f0000000080)=""/42, 0x2a}, {0x0}], 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x3, 0x7ffc0002}]})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180a00002c070000000000000000ea048500"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x24, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = getpgrp(0xffffffffffffffff)
ptrace(0x8, r4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001a00)=ANY=[@ANYBLOB="850000002f000000840000000000000095000000000000008560fc2b2062f611fc2f864ef177d634e46e8dcfe61b4fb9f600344d592fee49e176fe6ad28fbcb1f9259bfc63e9030971917e30b6f42e8f9dd6ab0ce07312a135cd363aa7e5bcef8fd0e8c7d2082584156c52ebfd69e8e13b7a8b477abc86468e11b6242133ce882f05e16b91c37b3437347f6058b4489c759783b9d4dfb55d0085a26e41201a6d8c8ced33e10048e756a40538b32bf653fa3c831a4e60599ed7a0f999d18de9984522a7cdb6fc30015633a0132c9578b7da5bd7280a5f7e28fd858ba712020b23ef8a2785b6c146c48b48ca7e232d0489661396e9303b38aa5d26d06e2e676795fd2733f95da570bab301000000ffffffff2a2792a630d8fcdc"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
memfd_secret(0x80000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
sendmsg$NL80211_CMD_GET_KEY(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="08002cbd7000ffdbdf250900000008000300", @ANYRES32=0x0, @ANYBLOB="0c009900030000ac972a17e6dd4369fc64000000"], 0x3c}, 0x1, 0x0, 0x0, 0x2c008065}, 0x840)
pwrite64(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0xfecc)
getdents64(0xffffffffffffffff, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000240)={0x3920e, 0xffffffffffffffff, 0x20000000004, 0x0, 0x0, 0x3})
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESHEX], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
socket$kcm(0x10, 0x3, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r6, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)

35.753145337s ago: executing program 4 (id=116):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1, 0x0, 0x5}, 0x18)
r2 = openat$selinux_validatetrans(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$selinux_validatetrans(r2, 0x0, 0x79)

35.468948202s ago: executing program 4 (id=123):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0)
ioctl$TIOCGPGRP(r0, 0x540f, 0xfffffffffffffffe)
r1 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r1, &(0x7f0000004cc0)={0x2, 0x4e24, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r3=>0x0})
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$can_bcm(r4, &(0x7f0000000280)={&(0x7f00000000c0)={0x1d, r3}, 0x10, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[@ANYBLOB="07000000000100009f81000000000000325d9048681caba7e172078869b95690e1df2495472bb36fff3df58264b86dbffcb0cf707e9838ce1570cb204405bd7b8335a1f58bce646e65cfe8d8a9c568362e81d10422893f2a309dcf8f58aaca60cd3b11e11fa19d0ff8697d9ff1ca60dc7cda5b7b9da4170ee71645c81d1cc646d2bdbd8383aeb0705b6a50206e75a36d3b7dd7a02146594262b2fc02640986807cb7438240010c3de3d3a5db50e02fdffe63dc81c51c0a82", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="000000000100000003000060020200002e1368765ce08ed2"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x80)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002a00)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7, 0x0, 0x8000000000000000}, 0x18)
sendmsg$nl_route(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
close(r5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r8}, 0x18)
mq_open(0x0, 0x42, 0x0, 0x0)
syz_io_uring_setup(0x6581, &(0x7f0000000300)={0x0, 0x90b9, 0x200, 0x3, 0x221}, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0), 0x103a02, 0x0)
ioctl$RTC_UIE_ON(r9, 0x7003)
listen(r1, 0x8)
socket$inet_tcp(0x2, 0x1, 0x0)

35.404735142s ago: executing program 32 (id=123):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0)
ioctl$TIOCGPGRP(r0, 0x540f, 0xfffffffffffffffe)
r1 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r1, &(0x7f0000004cc0)={0x2, 0x4e24, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r3=>0x0})
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$can_bcm(r4, &(0x7f0000000280)={&(0x7f00000000c0)={0x1d, r3}, 0x10, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[@ANYBLOB="07000000000100009f81000000000000325d9048681caba7e172078869b95690e1df2495472bb36fff3df58264b86dbffcb0cf707e9838ce1570cb204405bd7b8335a1f58bce646e65cfe8d8a9c568362e81d10422893f2a309dcf8f58aaca60cd3b11e11fa19d0ff8697d9ff1ca60dc7cda5b7b9da4170ee71645c81d1cc646d2bdbd8383aeb0705b6a50206e75a36d3b7dd7a02146594262b2fc02640986807cb7438240010c3de3d3a5db50e02fdffe63dc81c51c0a82", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="000000000100000003000060020200002e1368765ce08ed2"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x80)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002a00)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7, 0x0, 0x8000000000000000}, 0x18)
sendmsg$nl_route(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
close(r5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r8}, 0x18)
mq_open(0x0, 0x42, 0x0, 0x0)
syz_io_uring_setup(0x6581, &(0x7f0000000300)={0x0, 0x90b9, 0x200, 0x3, 0x221}, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r9 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0), 0x103a02, 0x0)
ioctl$RTC_UIE_ON(r9, 0x7003)
listen(r1, 0x8)
socket$inet_tcp(0x2, 0x1, 0x0)

3.02893211s ago: executing program 2 (id=630):
r0 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$selinux_user(r0, &(0x7f0000000080)=ANY=[@ANYBLOB='s'], 0x27) (fail_nth: 4)

2.969315821s ago: executing program 2 (id=634):
r0 = creat(&(0x7f00000001c0)='./file0\x00', 0x14)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000ff0000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c000280050003001b000000080002400000000d08000440000000040900010073797a30000000000900020073797a32"], 0x80}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$qrtrtun(r0, &(0x7f0000000140)="fbd4e8b2170246c707cd94380afeb27b32ea910bf401af84ef5c496b3daf5a3c52feef80e929e8210e2b0bd9b858adc38d985f0c1fe2a84ae6a32250fbb3ce05eedffc2c9048e2d5942779249c3ddef49a963b", 0x53)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x0, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")
socket$netlink(0x10, 0x3, 0x14)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = socket(0x2, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=ANY=[@ANYBLOB="120000004f003d8d08000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000740)={r5, &(0x7f0000000340), &(0x7f0000000200)=@tcp6=r4}, 0x20)
recvmsg$can_bcm(r4, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000280)=""/158, 0x9e}], 0x1}, 0x102)

2.43095196s ago: executing program 5 (id=644):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000d00)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071105400000000001d400500000000004704000001ed00000f030000000000001d440000000000006b0a00fe000000007313000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff31a8fd3c0fd8b7ff831028e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda82fc9c4d7ecc7a803bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ff616236fd8f2477184bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a83469620c6e74e1f46132559c4f8700a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88f15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a920099c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40fc5d2f55ff07c53147de202ce517b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661061173f359e9052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff26b61aac8aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3ba18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e26534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336dfaa6d5d164301190bc2d4c04087729033342045804a28082abc3b4762302a271722fb515f31e0dd115a292f1e68481a62c49d15ea5460a29c60b1058fb7aa9bf4ee3cbe11b03711a15d730646b72d074dab1e8c429339f3460d324c17a4a8bfc7d7eab45bef00664d6dc823000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x200, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETSTEERINGEBPF(r2, 0x800454e0, &(0x7f0000000080)=r1)
close(r2)

2.389596811s ago: executing program 3 (id=646):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r0, 0x0, 0x8000000000000}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f0000001e00)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = gettid()
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r3, 0x545c, 0x3000000)

2.310173042s ago: executing program 5 (id=647):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socket$kcm(0x10, 0x2, 0x0)
timer_create(0xfffffffffffffffc, 0x0, &(0x7f0000001400))
listen(r0, 0x400)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000100001"], 0x140}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
socket$inet6(0xa, 0x1, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001780)={&(0x7f0000000500)=ANY=[@ANYBLOB="cc020000210a0108fdffffff0000000000000000630003"], 0x2cc}}, 0x0)
memfd_secret(0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000000)={[{@errors_remount}, {@nobh}]}, 0x1, 0x513, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tcuTEXE1f9tURHztyxHfTA7Gbe7sri/WatWtvFxp1TcrzZ3d62v1xdXqanVjfn7ujYU3F15fmM1yT9TOUi/zky99/vanv/W7G3++9u12tT73kShEXztOUrfphc626Glvo63TCDYCE3l7CqOuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//ysA4A0=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
close(r4)
r5 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x4000, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100001040000003f0000000000000000", @ANYRES32=0x0, @ANYBLOB="ef33d47c00b400000071a09b0000000000020018a68cbe87a542218a70bacce60100000000aba3bf2c3770a24f6a86d700008082000000000000", @ANYRES32=0x0, @ANYBLOB], 0x40}, 0x1, 0xd}, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r7, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r7, 0x8916, &(0x7f0000000040)={'vlan0\x00', {0x2, 0x4e22, @remote}})

2.183894064s ago: executing program 1 (id=651):
socket$inet6(0xa, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x20000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x80000}, 0x18)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r2, 0x10e, 0x4, &(0x7f0000000180)=0x8, 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r4, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000140)={0x0, 0x2, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b870341000000400000ff00000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
writev(r6, &(0x7f0000000080)=[{&(0x7f0000000300)='4', 0x1}, {&(0x7f0000000040)='\\', 0x1}], 0x2)

2.059473106s ago: executing program 2 (id=652):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a000000030000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYRES64=r0], 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000780)='mm_page_free\x00', r1}, 0x18)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xc, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="660a00000000000061116d000000000085000000a900000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0xffffffffffffff4f, &(0x7f0000000400)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580), 0x100}, 0x0)
select(0xffffffffffffffcc, 0x0, 0x0, &(0x7f00000003c0)={0x100000003, 0xffffffff80c4601e, 0x9, 0x300, 0x0, 0x20, 0x6}, &(0x7f0000000440))
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
syz_mount_image$iso9660(&(0x7f0000000380), &(0x7f0000000800)='./file0\x00', 0x220c402, &(0x7f0000000b40)=ANY=[], 0x1, 0x6a5, &(0x7f00000013c0)="$eJzs3V1rG9kdx/HfyLKteEtY2hJCyMNJ0gWHpspI3jiYFLrqaGRPK2nEjFxsKCzpxl6C5Wwbp9D4ZuubPsD2DfSuN73oiyj0et9Fb0oLS3tX6M2UeZAsRU9Roji7m+/H7Gp85j9z/jPHmT9ja44EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABkOVXbLlmqe83tHTOeUw38xoT16d4WdStduDW1X8mK/1OhoItp08Vvn66+EP/vhi6n311WIX4p6PidC+/e/1Y+191+QkIvQ7Pu8OjZ8cGDTmfvyQvELmjm3b9JynWXzmVjMiJo0216oe81Kpuu8ULfbKyv23e2aqGpeXU33A3bbsM4gZtr+4FZdW6Z0sbGmnGLu/52c7NaqbvdxnvfK9v2uvnRcjrQkoqhs+XV615zM4mJV8cx98xnP00D3ErDmP1Hnb21aUcSB5VeJKg8Lahsl8ulUrlcWr+7cfeebeeHGuyYZfdoKGLuP7T4ipnPhRuYg1xc//9uSXUV1NS2dmRGfjmqKpCvxpj1mW79f++OO7Hf/vrfrfIXpR9kqy8pqf9X0++ujqv/Y3IxMskGo9ZYY9pn+1pMMjI60jMd60AP1FFHe3oSr40+zY7ipfd/7dUznOEr//KZbspVU55C+fLUUCVpMVmL0YbWtS5bH2pLNYUyqslTXa5C7SpUW27yE+UokKuK2vIVyGhVjm7JqKQNbWhNRq6K2pWvbTW1qaoq+m8URft6lJz3tQk5qhtUGhOw3B9UnrCn8tLo+v+zbMCz+m9T/99W6c/Bcvry+aQY4Esgyu7/++Wmb3bt9WUEAAAAAADmzUp++24lf7u/IilSzau79ptOCwAAAAAAzJGlaFmXZcX3/5KuyOL+HwAAAACArxsrecbOkrSSvKnfOn0S6kV+CbBwBikCAAAAAIBXlDz5f3VJipJJK67Jmun+HwAAAAAAfAX8rm+O/Xx3jt2o+2f9nKSwtWz99d/LChatk9bOd6zDSrymcpjFDL0DoF27ZJ3PJupNXpYkJd857mUr6y2bBLM37+AX+9Pm+reC5xJYWujfwZgErLjn9Xz2nT7T9XST69k88w+Pc0rWpL2s1Ly6W3T8+v2SKpXzuba70/7l40e/koLece4/6uwVP/qk8zDJ5SRuOjmMd/rpQDq50SfjNJenyXwLyTMXo474nGrdLn/fbKxYSb929/gXVDnM9Xc0aQBO+/yNbqRjdmMljV057s24Hx9/IT7+UjEZsoGjDxat0yxKzx/5qIEYk0UhyeJmGnNz9abK/0iXe6OQswrfXZDKxeExGMii3J/F9HNh/WfoXPRlkbx01/Sdi7U4i7/FOxqTxdpsWQyNCAC8Kfu6ouQqdEXJJOa9KlTI6m63PHQvai9Vd6ZX9w8Gq/vTP0ZRssGClM/+NjGxl4LiK/qqldShpfSQ8pdGXNHtrK4UNOaKbr9CdYv7+svpZyBlaQ9l8b8oiu6Xkn7/8FxV/dNAd0P9hvXyQnwK7zw9/HkyAX7s472P9x6Xy2vr9vu2fbesxeQwspcFUXsAAEOmf8bO1AjrfV1PI64//Nd76dJAxftm7y0FRX2kT9TRQ93ufoTAtdF7Xel7G8Lt9K5VfXet5sK795PPpRuMLen22Lu6pJb2xZZ7sYvqbjJYqU9j117zKAAAcLZuTKnDo+t/YaD+39ZqGrF6Kbvvzml0HY1reXZ33LulH1dzS9OT/2DeZwMAgLeDG3xhrbR/awWB1/qwtLFRqrS3XBP4zo9N4FU3XeM1227gbFWam65pBX7bd/y6aQVa9qpuaMLtVssP2qbmB6blh95O8snvJvvo99BtVJptzwlbdbcSusbxm+2K0zZVL3RMa/uHdS/ccoNk47DlOl7Ncyptz2+a0N8OHLdoTOi6fYFe1W22vZoXLzZNK/AalWDX/MSvbzdcU3VDJ/BabT/dYbcvr1nzg0ay22I+GvV+AQAA3jpHz44PHnQ6e0+eXzgX35qnLScaEzO8sKSjZ/FdedySz1YxRxAAAF8ypwV8ho0KrzEhAAAAAAAAAAAAAAAAAAAAAAAwZPojfTMuLI56WFDqtfzifNaiX+v0EcOh/Viad2KzLORm3ar7SMTxwecTgs/1Wrqnvz/m5MwO8J/fkN5JWpS25Off17kJg/s6Fr6/n57RsTHxypGrlntjkZ//P4ejgg4e/3lMTBRF0eTNlwfP4dKkAxxcyEt6svQKQ3D21yIAZ+v/AQAA///OHzLk")
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = io_uring_setup(0x60b6, &(0x7f0000000080))
io_uring_register$IORING_UNREGISTER_PBUF_RING(r5, 0x1c, 0xffffffffffffffff, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r7 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000800)="39000000140081ae10003c000500018311001f9f660fcf066505acb612f691f3bd3508abca1be6eeb89c44ebb37358582bdbb7d553b4e92155", 0x39}], 0x1}, 0x0)
r8 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x2)
preadv(r3, &(0x7f00000007c0)=[{&(0x7f0000000480)=""/246, 0xf6}, {&(0x7f0000000580)=""/234, 0xea}, {&(0x7f0000000680)=""/87, 0x57}, {&(0x7f0000001b40)=""/4096, 0x1000}], 0x4, 0xef03, 0x7)
write$binfmt_script(r8, &(0x7f0000000300)={'#! ', './file0'}, 0xb)
execveat(r8, &(0x7f0000000840)='./file0\x00', 0x0, 0x0, 0x1000)

1.563338144s ago: executing program 1 (id=656):
r0 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000040)={'vlan0\x00', {0x2, 0x4e22, @remote}})

1.515872225s ago: executing program 3 (id=657):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_bp={0x0, 0x4}, 0x1100, 0x5dd8, 0x3a65, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x26ca}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000006ffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0600000004000000008000005c00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000feffffff00000000000000000000e8000000000000000000"], 0x48)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
read(r1, 0x0, 0x0)
r2 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r2, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001500)=[{&(0x7f00000014c0)=""/25, 0x19}], 0x1, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/locks\x00', 0x0, 0x0)
preadv(r3, &(0x7f0000000000)=[{&(0x7f0000000080)=""/4094, 0xffe}], 0x1, 0x33, 0x0)

1.446155016s ago: executing program 3 (id=659):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x72, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0) (async, rerun: 32)
read(r1, &(0x7f0000000840)=""/40, 0x28) (async, rerun: 32)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x40505330, &(0x7f0000000bc0)={0x800180, 0xfffffffd, 0x0, 0x7249, 0x0, 0x1800})
fcntl$notify(r0, 0x402, 0x8000003d) (async)
r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f00000002c0)=[@in6={0xa, 0x4e23, 0x1, @private0, 0xcb4a}, @in={0x2, 0x4e24, @private=0xa010100}, @in={0x2, 0x4e23, @broadcast}], 0x3c) (async, rerun: 64)
fcntl$notify(r2, 0x402, 0x8000003d) (async, rerun: 64)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="000000000000000029007f034947852672899c776dca8aecccbafc50f11003226263d6f8c178a6af32558e91e275f9c9187aeb9c751c12f01ec7afb66e13f9", @ANYBLOB="68531e27cf8111ba4616357883c9e774b6c710180448506826969d9ee3f026d1a0260584466a8a1c2d0101440def00008f281edc25f2220e5413354f8da45e003b82043adca43c46870193882652048b23f3f21f3a81d1391236b0e281cf7d622c63f3abfdc005c8f2bbb55ecf4aa2753117d2e41f996a2f4fb1f103f6f04c6ee8840bed578e790b090fab649d951d69129da92eaf8a7d430051f174539c4bb92bbb4a82b37eee7ac7486ea2610c52380241fc9b5a1009c03a8778a03a7a21199a14637f5b2d3614e804303fe3bcbd9749b2f04a1513a6b3f7bfd72810c422cb0197ce1422fe47c58a7f6c4ed7148fb6257cb5921adb86eaed0445fd3f2ac375ba1e89e592e3b173cfb204574ec9be7ac8977bfa61b9524416c5f8"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[], 0x50) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sys_enter\x00'}, 0x10) (async)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0) (async, rerun: 32)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async, rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async, rerun: 32)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x4000) (async, rerun: 32)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000180)=0x9, 0x8, 0x1) (async, rerun: 64)
mmap(&(0x7f00003ca000/0x2000)=nil, 0x2000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async, rerun: 64)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) (async)
getpgrp(0xffffffffffffffff) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x54cb0000)

1.411943027s ago: executing program 1 (id=660):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000e00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0, 0x0, 0x2}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32, @ANYBLOB="080001"], 0x90}}, 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x43, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)

1.383289107s ago: executing program 5 (id=661):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000b00)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000200000100c280000500030004"], 0x48}}, 0x0)

1.344692767s ago: executing program 1 (id=662):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x1, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x44}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x52b, &(0x7f0000000f40)="$eJzs3V9rLGcZAPBnNrvHk3NymlS90IK12krOQc9u0tg2eFEriF4V1HpfY7IJIZtsyG7ak1BMDn4AQUQFr/TGG8EPIEjBGy9FKOi1oqKInuqFF9qR2Z1Nc5L913aTTZPfDybzvjPvzPO8G2Z2ZmeYCeDKeiIiXoiIt9I0vRMR0/n0Qj7EYXvI2r354LXlbEgiTV/6RxJJPq2zriQf38wXux4RX/tyxDeT03Ebe/sbS7VadSevV5qb25XG3v7d9c2ltepadWthYf7ZxecWn1mcG0k/b0XE81/8y/e/89MvPf/Lz7z6x5f/dvtbWVpT+fzj/XiHiv1mtrtean0WxxfYeZfBLqJiq4e5yW4tJk5NuX/GOQEA0F12jP/BiPhkRNyJ6ZjofzgLAAAAvA+ln5+K/yYRaXfXekwHAAAA3kcKrXtgk0I5vxdgKgqFcrl9D++H40ahVm80P71a391aad8rOxOlwup6rTqX3ys8E6Ukq8+3ym/Xnz5RX4iIRyPie9OTrXp5uV5bGfePHwAAAHBF3Dxx/v/v6fb5f8fBOJMDAAAARmdm3AkAAAAAZ27Y8/8bZ5wHAAAAcHZc/wcAAIBL7SsvvpgNaef91yuv7O1u1F+5u1JtbJQ3d5fLy/Wd7fJavb7Wembf5qD11er17c/G1u69SrPaaFYae9djs7671Xx5/aFXYAMAAADn6NGPv/77JCIOPzfZGjLXhlt0yGbARVU8KiX5uMtm/YdH2uM/n1NSwLmYGHcCwNgUx50AMDalcScAjF0yYH7Pm3d+k48/Mdp8AACA0Zv9aO/r/4W+Sx72nw1ceDZiuLpc/4erq3X9f9g7eR0swKVSGnQE0HebPxhxNsA4vOfr/wOl6TtKCAAAGLmp1pAUysVOvVAolyNutV4LUEpW12vVuYh4JCJ+N136QFafb7VMBp4zAAAAAAAAAAAAAAAAAAAAAAAAAABtaZpECgAAAFxqEYW/Jr9qP8t/dvqpqZO/D1xL/jMd+StCX/3RSz+4t9Rs7sxn0/95NL35w3z60+P4BQMAAACuhAEv8H9Y5zy9cx4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP05oPXljvDecb9+xciYqZb/GJcb42vRykibvwrieKx5ZKImBhB/Mnsz0e6xU+ytI5Cdos/OYL4h/f7xo/D/FPoFv/mCOLDVfZ6tv95odv2V4gnWuPu218x4qH6u9V7/xdH+7+JHtv/rSFjPPbGzys949+PeKx4Kv5BFqETP+kR/8kh43/j6/v7vealP46Y7fr9k3SaZHvIqDQ3tyuNvf2765tLa9W16tbCwvyzi88tPrM4V1ldr1Xzv11jfPdjv3irX/9v9Ig/M6D/T51a27WuMf73xr0HH2oXS93i336yS/xf/yRvcTp+If/u+1RezubPdsqH7fJxj//st4/36/9Kj/4P+v/f7rXSE+589dt/GrIpAHAOGnv7G0u1WnXn0hays/QhG2dHZxciZ4XzKRyMdIVpmqbZNvUe1pPERfhYWoVx75kAAIBRe/ugf9yZAAAAAAAAAAAAAAAAAAAAwNV1Ho8TOxnz8KiUjOIR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/H/AAAA///s19ky")
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
bind$unix(0xffffffffffffffff, &(0x7f0000000240)=@file={0x0, './bus\x00'}, 0x6e)
openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
pipe2(0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
close_range(0xffffffffffffffff, r1, 0x0)

1.1827985s ago: executing program 3 (id=663):
prctl$PR_SET_NAME(0xf, &(0x7f0000000200)='gtp\x00\xe4\xaa\xae\xdf~2\xa6X\x14\x92\xdarV\xf4U\xf7\xa2\xc3l\x1b@\xaf\xf9\xc9\xa9#\xf0S\xd9=q\xd6\x14\xedt\xc8!W\xe9@\xeb\x7f~\tB0EE\x9a:\xb7\xff\xc1\xfc\x9a\x1f\xf2\xfb\x19\xda#x\xc5F\x1c~\x8c\xe1\xdf\xdc\x01k\f\xde0~\x95\r\xa2\x80\b4M\x14\xe7\xd0\t`n!g\x14\xe6\xd1\xc2\xd3\x88\xf8cVtd\xbeY\xa5\xe7\x16sD\x96}7\n\x88e\x00\xf0\xff\xff\xf0\xcb\x94\xb4S\x00\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca674dc190143a0b6f7db3408c0c08011e5d8f54711a0bd410ab53a15b1596cb77d2b58df2d8d8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
r1 = socket(0x2, 0x80805, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r1, 0x84, 0x23, &(0x7f0000000000)={0x0, 0x8}, 0x8)
r2 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4c21, 0x84, @mcast1, 0x5}, 0x1c)
write$binfmt_aout(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="3f4e351eb49e3eda"], 0x28)
recvmsg(r2, 0x0, 0x40002000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f00000015c0)='kmem_cache_free\x00', r0}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r3, &(0x7f0000000100)={0x0, 0x2800, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r4, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)

1.169492101s ago: executing program 2 (id=664):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000040000"], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{r0}, &(0x7f0000004000), &(0x7f0000004040)}, 0x3b)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1008002, &(0x7f0000000100)={[{@grpquota}, {@delalloc}, {@resuid}, {@debug}, {@dioread_nolock}, {@jqfmt_vfsold}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mount(0x0, &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1001, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socket(0x6, 0x2, 0x7)
bind$rds(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0)
socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000001c0)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r2}, 0x10)
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x48100)
close_range(r4, 0xffffffffffffffff, 0x0)

1.046902993s ago: executing program 5 (id=665):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socket$kcm(0x10, 0x2, 0x0)
timer_create(0xfffffffffffffffc, 0x0, &(0x7f0000001400))
listen(r0, 0x400)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000100001"], 0x140}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
socket$inet6(0xa, 0x1, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001780)={&(0x7f0000000500)=ANY=[@ANYBLOB="cc020000210a0108fdffffff0000000000000000630003"], 0x2cc}}, 0x0)
memfd_secret(0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000000)={[{@errors_remount}, {@nobh}]}, 0x1, 0x513, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tcuTEXE1f9tURHztyxHfTA7Gbe7sri/WatWtvFxp1TcrzZ3d62v1xdXqanVjfn7ujYU3F15fmM1yT9TOUi/zky99/vanv/W7G3++9u12tT73kShEXztOUrfphc626Glvo63TCDYCE3l7CqOuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//ysA4A0=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
close(r4)
r5 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x4000, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100001040000003f0000000000000000", @ANYRES32=0x0, @ANYBLOB="ef33d47c00b400000071a09b0000000000020018a68cbe87a542218a70bacce60100000000aba3bf2c3770a24f6a86d700008082000000000000", @ANYRES32=0x0, @ANYBLOB], 0x40}, 0x1, 0xd}, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r7, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r7, 0x8916, &(0x7f0000000040)={'vlan0\x00', {0x2, 0x4e22, @remote}})

1.008865343s ago: executing program 3 (id=666):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socket$kcm(0x10, 0x2, 0x0)
timer_create(0xfffffffffffffffc, 0x0, &(0x7f0000001400))
listen(r0, 0x400)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000000100001"], 0x140}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x1, 0x803, 0x0)
socket$inet6(0xa, 0x1, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$nl_netfilter(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001780)={&(0x7f0000000500)=ANY=[@ANYBLOB="cc020000210a0108fdffffff0000000000000000630003"], 0x2cc}}, 0x0)
memfd_secret(0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000000)={[{@errors_remount}, {@nobh}]}, 0x1, 0x513, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tcuTEXE1f9tURHztyxHfTA7Gbe7sri/WatWtvFxp1TcrzZ3d62v1xdXqanVjfn7ujYU3F15fmM1yT9TOUi/zky99/vanv/W7G3++9u12tT73kShEXztOUrfphc626Glvo63TCDYCE3l7CqOuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//ysA4A0=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
close(r4)
r5 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x8000, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_config_ext={0xf60, 0x40ffffffff}, 0x1100, 0x5, 0x3a65, 0x5, 0x0, 0x5, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000b40)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r5, 0x40042408, r6)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x4000, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="40000000100001040000003f0000000000000000", @ANYRES32=0x0, @ANYBLOB="ef33d47c00b400000071a09b0000000000020018a68cbe87a542218a70bacce60100000000aba3bf2c3770a24f6a86d700008082000000000000", @ANYRES32=0x0, @ANYBLOB], 0x40}, 0x1, 0xd}, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
recvmsg(r7, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
write$cgroup_subtree(r7, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r7, 0x8916, &(0x7f0000000040)={'vlan0\x00', {0x2, 0x4e22, @remote}})

927.885105ms ago: executing program 2 (id=667):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r0, 0x0, 0x8000000000000}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f0000001e00)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = gettid()
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r3, 0x545c, 0x3000000)

731.751127ms ago: executing program 1 (id=668):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, 0x0, &(0x7f0000000400)='GPL\x00', 0xf1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x80000, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0)
syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x80, 0x1, 0x34f}, &(0x7f00000000c0)=<r0=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, 0x0, 0x0, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r1}, 0x10)
r2 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r2, &(0x7f0000000100)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r3 = socket$unix(0x1, 0x2, 0x0)
connect$unix(r3, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
getpeername$unix(r3, 0x0, &(0x7f00000002c0))
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f000000970000005000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdc0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r4}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000001, 0x5d031, 0xffffffffffffffff, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r5, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)

493.271521ms ago: executing program 1 (id=670):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0)
ioctl$TIOCGPGRP(r0, 0x540f, 0xfffffffffffffffe)
r1 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r1, &(0x7f0000004cc0)={0x2, 0x4e24, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r3=>0x0})
r4 = socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$can_bcm(r4, &(0x7f0000000280)={&(0x7f00000000c0)={0x1d, r3}, 0x10, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[@ANYBLOB="07000000000100009f81000000000000325d9048681caba7e172078869b95690e1df2495472bb36fff3df58264b86dbffcb0cf707e9838ce1570cb204405bd7b8335a1f58bce646e65cfe8d8a9c568362e81d10422893f2a309dcf8f58aaca60cd3b11e11fa19d0ff8697d9ff1ca60dc7cda5b7b9da4170ee71645c81d1cc646d2bdbd8383aeb0705b6a50206e75a36d3b7dd7a02146594262b2fc02640986807cb7438240010c3de3d3a5db50e02fdffe63dc81c51c0a82", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x2710, @ANYBLOB="000000000100000003000060020200002e1368765ce08ed2"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x80)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002a00)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7, 0x0, 0x8000000000000000}, 0x18)
sendmsg$nl_route(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
close(r5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r8}, 0x18)
mq_open(0x0, 0x42, 0x0, 0x0)
syz_io_uring_setup(0x6581, &(0x7f0000000300)={0x0, 0x90b9, 0x200, 0x3, 0x221}, 0x0, 0x0)
perf_event_open(&(0x7f0000000480)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5d31, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x1}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6}]})
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
close_range(r9, 0xffffffffffffffff, 0x0)
r10 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0), 0x103a02, 0x0)
ioctl$RTC_UIE_ON(r10, 0x7003)
ioctl$RTC_SET_TIME(r10, 0x4024700a, &(0x7f0000000000)={0x3a, 0x1d, 0x14, 0x18, 0x9, 0x62, 0x3, 0xf5, 0x1})
listen(r1, 0x8)
socket$inet_tcp(0x2, 0x1, 0x0)
accept4(r1, 0x0, 0x0, 0x0)

384.390923ms ago: executing program 0 (id=671):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_bp={0x0, 0x4}, 0x1100, 0x5dd8, 0x3a65, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x26ca}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000006ffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0600000004000000008000005c00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000feffffff00000000000000000000e8000000000000000000"], 0x48)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
read(r1, 0x0, 0x0)
r2 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r2, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001500)=[{&(0x7f00000014c0)=""/25, 0x19}], 0x1, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000080)=""/4094, 0xffe}], 0x1, 0x33, 0x0)

344.486624ms ago: executing program 0 (id=672):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], &(0x7f0000000e00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r0, 0x0, 0x2}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="90000000100003050000", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32, @ANYBLOB="080001"], 0x90}}, 0x0)
pivot_root(&(0x7f00000001c0)='./file0\x00', &(0x7f00000000c0)='./file0\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x43, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)

343.131684ms ago: executing program 0 (id=673):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x1, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x44}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x52b, &(0x7f0000000f40)="$eJzs3V9rLGcZAPBnNrvHk3NymlS90IK12krOQc9u0tg2eFEriF4V1HpfY7IJIZtsyG7ak1BMDn4AQUQFr/TGG8EPIEjBGy9FKOi1oqKInuqFF9qR2Z1Nc5L913aTTZPfDybzvjPvzPO8G2Z2ZmeYCeDKeiIiXoiIt9I0vRMR0/n0Qj7EYXvI2r354LXlbEgiTV/6RxJJPq2zriQf38wXux4RX/tyxDeT03Ebe/sbS7VadSevV5qb25XG3v7d9c2ltepadWthYf7ZxecWn1mcG0k/b0XE81/8y/e/89MvPf/Lz7z6x5f/dvtbWVpT+fzj/XiHiv1mtrtean0WxxfYeZfBLqJiq4e5yW4tJk5NuX/GOQEA0F12jP/BiPhkRNyJ6ZjofzgLAAAAvA+ln5+K/yYRaXfXekwHAAAA3kcKrXtgk0I5vxdgKgqFcrl9D++H40ahVm80P71a391aad8rOxOlwup6rTqX3ys8E6Ukq8+3ym/Xnz5RX4iIRyPie9OTrXp5uV5bGfePHwAAAHBF3Dxx/v/v6fb5f8fBOJMDAAAARmdm3AkAAAAAZ27Y8/8bZ5wHAAAAcHZc/wcAAIBL7SsvvpgNaef91yuv7O1u1F+5u1JtbJQ3d5fLy/Wd7fJavb7Wembf5qD11er17c/G1u69SrPaaFYae9djs7671Xx5/aFXYAMAAADn6NGPv/77JCIOPzfZGjLXhlt0yGbARVU8KiX5uMtm/YdH2uM/n1NSwLmYGHcCwNgUx50AMDalcScAjF0yYH7Pm3d+k48/Mdp8AACA0Zv9aO/r/4W+Sx72nw1ceDZiuLpc/4erq3X9f9g7eR0swKVSGnQE0HebPxhxNsA4vOfr/wOl6TtKCAAAGLmp1pAUysVOvVAolyNutV4LUEpW12vVuYh4JCJ+N136QFafb7VMBp4zAAAAAAAAAAAAAAAAAAAAAAAAAABtaZpECgAAAFxqEYW/Jr9qP8t/dvqpqZO/D1xL/jMd+StCX/3RSz+4t9Rs7sxn0/95NL35w3z60+P4BQMAAACuhAEv8H9Y5zy9cx4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP05oPXljvDecb9+xciYqZb/GJcb42vRykibvwrieKx5ZKImBhB/Mnsz0e6xU+ytI5Cdos/OYL4h/f7xo/D/FPoFv/mCOLDVfZ6tv95odv2V4gnWuPu218x4qH6u9V7/xdH+7+JHtv/rSFjPPbGzys949+PeKx4Kv5BFqETP+kR/8kh43/j6/v7vealP46Y7fr9k3SaZHvIqDQ3tyuNvf2765tLa9W16tbCwvyzi88tPrM4V1ldr1Xzv11jfPdjv3irX/9v9Ig/M6D/T51a27WuMf73xr0HH2oXS93i336yS/xf/yRvcTp+If/u+1RezubPdsqH7fJxj//st4/36/9Kj/4P+v/f7rXSE+589dt/GrIpAHAOGnv7G0u1WnXn0hays/QhG2dHZxciZ4XzKRyMdIVpmqbZNvUe1pPERfhYWoVx75kAAIBRe/ugf9yZAAAAAAAAAAAAAAAAAAAAwNV1Ho8TOxnz8KiUjOIR2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI/H/AAAA///s19ky")
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
bind$unix(0xffffffffffffffff, &(0x7f0000000240)=@file={0x0, './bus\x00'}, 0x6e)
openat$binfmt_register(0xffffffffffffff9c, 0x0, 0x1, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
pipe2(&(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
close_range(r1, r2, 0x0)

226.317406ms ago: executing program 0 (id=674):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r1}, 0x10)
msgget$private(0x0, 0x200)

189.220306ms ago: executing program 5 (id=675):
r0 = openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$F2FS_IOC_GET_FEATURES(r0, 0x8004f50c, &(0x7f0000000200))
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000180)={0x0, 0x2}, 0x8)
r2 = getpid()
move_pages(r2, 0x4, &(0x7f0000000180)=[&(0x7f00002f3000/0x4000)=nil, &(0x7f00005b7000/0x1000)=nil, &(0x7f00003ab000/0x2000)=nil, &(0x7f0000213000/0x4000)=nil], &(0x7f00000001c0)=[0x9, 0x1], &(0x7f0000000200), 0xa)
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='sched\x00')
writev(r3, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)="d1", 0x1}], 0x2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xb, &(0x7f0000000100)=ANY=[@ANYRES16], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r5}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004000001000000"], 0x0, 0x26, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r6 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)
perf_event_open(&(0x7f0000000c00)={0x1, 0x80, 0x7, 0x1, 0xc, 0x16, 0x0, 0x9000000000, 0x200, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x2, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x202, 0x1, @perf_bp={&(0x7f0000000bc0), 0x1}, 0x200, 0x2, 0x7, 0x3, 0x80000001, 0xd, 0x7e64, 0x0, 0x2, 0x0, 0x7}, r2, 0x9, r3, 0x8)
r7 = syz_open_procfs(0x0, &(0x7f0000000000)='smaps\x00')
copy_file_range(r7, 0x0, r7, &(0x7f0000000180)=0xfffffffffffff470, 0x0, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f00000007c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x378, 0x1d8, 0x12, 0x60d, 0x1d8, 0x202, 0x2a8, 0x2e8, 0x2e8, 0x2a8, 0x2c0, 0x4, 0x0, {[{{@ipv6={@local, @mcast1, [0x0, 0x0, 0xc0], [], 'veth0_to_team\x00', 'macsec0\x00', {0xff}}, 0x0, 0x190, 0x1d8, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'kmp\x00', "000000165a8c2e0617ae5119b5135c2aee68d23a465cd431e1ecef50c3234e082555f672225d6147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac05a602061c96baebc989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b5", 0x4, 0x2}}, @inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@SET1={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3d8)
sendto$inet6(r1, &(0x7f0000000080)="be", 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)
shutdown(r1, 0x1)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000940)={'tunl0\x00', &(0x7f0000000800)={'syztnl1\x00', <r9=>0x0, 0x700, 0x700, 0x6f, 0x8, {{0x41, 0x4, 0x3, 0x1a, 0x104, 0x66, 0x0, 0x40, 0x2f, 0x0, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@cipso={0x86, 0x39, 0x1, [{0x6, 0x11, "b706aa36e57f195dfbf399ef9fe442"}, {0x2, 0x7, "24ab6e71c2"}, {0x7, 0xf, "f00b7add9fe97ebc13fce9bce8"}, {0x6, 0xc, "e6ffffff0008000082b3"}]}, @generic={0x82, 0x3, '8'}, @ra={0x94, 0x4, 0x1}, @timestamp_prespec={0x44, 0x24, 0x4c, 0x3, 0xa, [{@empty, 0x2}, {@private=0xa010100, 0x1}, {@broadcast, 0x5}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x80}]}, @rr={0x7, 0xf, 0x89, [@dev={0xac, 0x14, 0x14, 0x19}, @empty, @dev={0xac, 0x14, 0x14, 0xc}]}, @timestamp_addr={0x44, 0x54, 0x48, 0x1, 0x8, [{@private=0xa010101, 0x7}, {@empty, 0x1}, {@loopback, 0xc27d}, {@broadcast, 0x3}, {@loopback, 0x3}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x7}, {@private=0x5, 0x4}, {@multicast2, 0x8}, {@private=0xa010102, 0x3}, {@loopback, 0x3}]}, @timestamp_prespec={0x44, 0x1c, 0x40, 0x3, 0x8, [{@local, 0x1}, {@multicast2, 0x4}, {@initdev={0xac, 0x1e, 0x0, 0x0}}]}, @ssrr={0x89, 0xb, 0xc9, [@remote, @loopback]}]}}}}})
sendmmsg$inet(r1, &(0x7f0000000a00)=[{{&(0x7f00000003c0)={0x2, 0x4e20, @remote}, 0x10, &(0x7f0000000780)=[{&(0x7f0000000400)="e82b88d9409742666de663f2c459d9d2bae98c1c05bef2ee6ec9f07375b5f5f9030a68063a06ae586ad3e3891eb624f40e4ecbeed831665846cec4d2094852dcef4d6e9de8e44072650317c712478ab59de35cc166b498cde7dff15d0c6688bedecf93344127bc50c81416d91c0456078a93461a82eca5074159f036e8722d5abd1eddb8ad0c9988872321e942a85ab92b0f27b9fc2b0eb1503a52f061c3ebd30ee7a683d75b5b1bc75fa0f6ba887812eeadc7d017af33e550b0f68b84454453fdff47d3b9c91be840", 0xc9}, {&(0x7f0000000500)="67e4543e870477b94bbd2eb4b464e2cded6533b998b5e9055160ecea6fe38be133c3dd3a55601bd67599b59a5a6b28c8f59a28ec9a47739a14038399d7064998a6186f6a98804ced4d095d4aa8", 0x4d}, {&(0x7f0000000580)="8eb9254ebe7a54e438756af10d6fe252d3518e2d874ceeec030f7b47ac2a7d44c91d226ce8927241bc67cfb0d3b455b9b5c141f6fb9bb643b3976af3e56f8dfbb50db4404cbe81c0d8ec2e050447047a162df280e06afff2fcd7cc8d2f3bdeb2551b4676ebbfc588c2af4b6d519e5f653ff93e4d4d588711071012f75d114114b16866a99a04275aaf598414d17c13ec2cd2e58905ae7b5608a05e690fafbc36440d2336c35d472798a84ea025ff0e", 0xaf}, {&(0x7f0000000640)="19a99faa8c77fed0b37d528ce6f6dfdbd19b35912d95b87c265fdc1e3bf3114c9d0fefe3f8e7ba93a55471e734e665b3ddc65ae38bd7904bca926198d0890c2d2031ee00a05cb4ed710838f76a95caa0b7dcde892e67fd999a907f9a643de9365f168e98f68a62858be33025b2277a76a55e2bde43a81ff9075e8f3eb49cbd927f15875884ec1b4a6b2586a64063717c8b2a218474f6dbf5fdd8d9496152558ee06e2ad8da867fcadb9ccff4ba7a2f0b26f68a49703af8aa2f376013c4fc687a0f54c5b6ad9eb92907913b167168ad91d62d9abcf670f5478278fa74d8545c3c1e038df6c68e0e48276cf3c3d91f52b590c35998e3bd7ec5f0", 0xf9}, {&(0x7f0000000740)="88d83a9b15aeca0977c9143daf8ff91535f7a7db54d7c87d62398397593ba07476299e3a94fd", 0x26}], 0x5, &(0x7f0000000980)=[@ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {r9, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x10000}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x6}}], 0x68}}], 0x1, 0x800)
timer_create(0x3, 0x0, &(0x7f0000000180)=<r10=>0x0)
timer_settime(r10, 0xc2a9019e9b3c5d83, &(0x7f0000000000)={{0x0, 0x3938700}, {0x0, 0x989680}}, &(0x7f0000000040))

182.352657ms ago: executing program 0 (id=676):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x2, @perf_bp={0x0, 0x4}, 0x1100, 0x5dd8, 0x3a65, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x26ca}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000006ffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=ANY=[@ANYBLOB="0600000004000000008000005c00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000feffffff00000000000000000000e8000000000000000000"], 0x48)
r1 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
read(r1, 0x0, 0x0)
r2 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r2, 0x0, 0x4, &(0x7f0000000000)="8907040400", 0x5)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f00000000c0)='ip6_vti0\x00', 0x10)
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000001500)=[{&(0x7f00000014c0)=""/25, 0x19}], 0x1, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001080)='/proc/locks\x00', 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
preadv(r3, &(0x7f0000000000)=[{&(0x7f0000000080)=""/4094, 0xffe}], 0x1, 0x33, 0x0)

126.530758ms ago: executing program 5 (id=677):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000040000"], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000004080)={{r0}, &(0x7f0000004000), &(0x7f0000004040)}, 0x3b)
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1008002, &(0x7f0000000100)={[{@grpquota}, {@delalloc}, {@resuid}, {@debug}, {@dioread_nolock}, {@jqfmt_vfsold}, {@nomblk_io_submit}, {@noauto_da_alloc}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mount(0x0, &(0x7f0000000040)='./cgroup\x00', 0x0, 0x1001, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socket(0x6, 0x2, 0x7)
bind$rds(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x0)
socket$packet(0x11, 0x3, 0x300)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000001c0)=@framed, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r2}, 0x10)
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x48100)
close_range(r4, 0xffffffffffffffff, 0x0)

120.769318ms ago: executing program 0 (id=678):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x40000000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x7, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x4, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x13, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000040000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000003580)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)="a1", 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB="0000000014"], 0x30, 0x40400d1}}], 0x1, 0x10)
pipe(&(0x7f00000002c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r2, 0x0, r5, 0x0, 0x400000, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000000c0)='sched_switch\x00', r6}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, 0x0, 0x0)
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=<r7=>0xffffffffffffffff, @ANYBLOB="a1ab0000000000000e0032"], 0x40}, 0x1, 0x0, 0x0, 0x40}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYRES64=r7], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
fcntl$setlease(r4, 0x400, 0x0)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x3, 0x0, 0x100005, 0x62000, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x8, 0x3, 0x0, 0x7ff}, 0x0, 0x10, 0xffffffffffffffff, 0x8)
syz_emit_ethernet(0x6e, &(0x7f0000000840)=ANY=[@ANYBLOB="0180c2000003aaaaaaaa8aaa86dd6000000004383a00fe8000000000000000c7009c9b0000bbff0200000000000000000000000000010200907800000500608cb02b00002f0000000000020000000000000000000001fe8000000000000000000000000000aa2b000400001000001d871d56cc77c02d2f6af52aa184c3e0196e8b7ca1466ec3476a05f56732886352355124fc261064bb40a0e7295698a57a6e75e7bd365f90a2ac2ef2cd792941f4f0ef282f17b2225023aa7cd8a784eb42222ebf7626b6b70252d30bc54842fda0bef8738319dc1a52b971"], 0x0)
write$bt_hci(r4, &(0x7f00000003c0)={0x1, @pin_code_neg_reply={{0x40e, 0x6}}}, 0xa)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0xc0200, 0x0)
ioctl$PPPIOCNEWUNIT(r8, 0xc004743e, &(0x7f0000000100)=0x3)
r9 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0xe9503, 0x0)
ioctl$PPPIOCATTACH(r9, 0x4004743d, &(0x7f0000000040)=0x3)
r10 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r9, &(0x7f00000004c0)={0x1000000c})
lremovexattr(0x0, 0x0)

114.972347ms ago: executing program 3 (id=679):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000440)='svcrdma_send_pullup\x00', r0, 0x0, 0x84}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800, &(0x7f0000000880)={[{@errors_remount}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5e}}, {@noauto_da_alloc}, {@bsdgroups}, {@oldalloc}, {@nojournal_checksum}]}, 0x2, 0x459, &(0x7f0000000900)="$eJzs289vFFUcAPDvzLZFfrYi/gBRq8TY+KOlBZWDF40mHjCa6AGPtS2EUKihNRFCpBqDFxNDomfj0cS/wJsXo55MvOrdkBDlAnqqmdmZsrvs9gfd7gr7+STTvjfzdt/77sybeTNvN4CeNZz9SSJ2RMTvETFYzdYXGK7+u3HtwtQ/1y5MJbG09PZfSV7u+rULU2XR8nXbi8xIGpF+mhSV1Js/d/7U5OzszNkiP7Zw+v2x+XPnnzt5evLEzImZMxNHjhw+NP7iCxPPtyXOLK7r+z6a27/39XcvvzF17PJ7P3+XtXdHsb02jnYZzgL/eym3vDKt/nuy3ZV12c6adNLXxYawLpWIyHZXf97/B6MSN3feYLz2SVcbB2yq7Nq0pfXmxSXgLpZEt1sAdEd5oc/uf8ulQ0OP/4WrL1dvgLK4bxRLdUtfeaue3xvt3KT6hyPi2OK/X2dLbNJzCACAWp9PfXU0nm02/kvjgZpyu4o5lKGIuDcidkfEfRGxJyLuj8jLPhgRD61eZVqbaZwaunX8k1657eDWIBv/vVTMbdWP/5abOVQpcjvz+PuT4ydnZw4Wn8lI9G/J8uMr1PHDq7990Wpb7fgvW7L6y7Fg0Y4rfQ0P6KYnFybzQWkbXP04Yl9fs/iT5ZmAJCL2RsS+9b31rjJx8ulv97cqtHr8K2jDPNPSNxFPVff/YjTEX0pWnp8cuydmZw6OlUfFrX759dJbrerfUPxtkO3/bfXHf2ORoaR2vnZ+/XVc+uOzlvc0t3v8DyTv5OejgWLdh5MLC2fHIwaSo3m+bv3EzdeW+bJ8Fv/Igeb9f3fxmiz+hyMiO4gfiYhHI+Kxou2PR8QTEXFghfh/eqX1tvr4t+7oxv6fbnr+Wz7+G/b/+hOVUz9+36r+te3/w3lqpFiTn/9WsdYGbuSzAwAAgDtFmn8HPklHl9NpOjpa/Q7/ntiWzs7NLzxzfO6DM9PV78oPRX9aPukarHkeOp4sFu9YzU8Uz4rL7YeK58ZfVrbm+dGpudnpLscOvW57i/6f+bPS7dYBm67ZPNrEQBcaAnRcY/9P67MX3+xkY4CO8ntt6F2r9P+0U+0AOs/1H3pXs/5/sSFvLgDuTq7/0Lv0f+hd+j/0Lv0fetJqP5KvbPC3/xJ3XCJZW+FIu99Uic1LdPvMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0B7/BQAA//9Ws+s/")
r1 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2, 0x0, 0x7}, 0x18)
recvmmsg(0xffffffffffffffff, &(0x7f0000006940)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000003c0)=""/6, 0x6}], 0x1}, 0x3}], 0x1, 0x2, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$sock(r3, &(0x7f00000044c0), 0x4000000000001c0, 0x0)
recvfrom(r4, &(0x7f0000000040)=""/60, 0x3c, 0x40, 0x0, 0x0)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r1, &(0x7f0000000240)='asymmetric\x00', &(0x7f00000000c0)=@chain)
add_key$keyring(&(0x7f00000001c0), &(0x7f0000000380)={'syz', 0x1}, 0x0, 0x0, r1)
r5 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, r1)
r6 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
r8 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000180)={'geneve1\x00', <r9=>0x0})
sendto$packet(r8, &(0x7f00000002c0)="14419e5465f0006fc8afa8e40800", 0xe, 0x0, &(0x7f00000005c0)={0x11, 0x0, r9, 0x1, 0x40}, 0x14)
r10 = add_key$keyring(&(0x7f0000000300), &(0x7f0000000400)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_MOVE(0x1e, r5, r6, r10, 0x1)

0s ago: executing program 2 (id=680):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x0, 0xf1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
wait4(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0)
syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x80, 0x1, 0x34f}, &(0x7f00000000c0)=<r0=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, 0x0, 0x0, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r1}, 0x10)
socket$unix(0x1, 0x2, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
getpeername$unix(r2, 0x0, &(0x7f00000002c0))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00'}, 0x18)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r3, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0xa}]}], {0x14}}, 0x64}}, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

ld_fail_ex+0x261/0x270
[   49.730116][ T4273]  should_failslab+0x8f/0xb0
[   49.730161][ T4273]  kmem_cache_alloc_node_noprof+0x5c/0x340
[   49.730190][ T4273]  ? perf_event_alloc+0x154/0x1660
[   49.730216][ T4273]  perf_event_alloc+0x154/0x1660
[   49.730246][ T4273]  __se_sys_perf_event_open+0x7f8/0x2220
[   49.730294][ T4273]  ? vfs_write+0x631/0x950
[   49.730315][ T4273]  ? putname+0xe1/0x100
[   49.730346][ T4273]  __x64_sys_perf_event_open+0x67/0x80
[   49.730372][ T4273]  x64_sys_call+0x27bb/0x2e10
[   49.730398][ T4273]  do_syscall_64+0xc9/0x1a0
[   49.730426][ T4273]  ? clear_bhb_loop+0x25/0x80
[   49.730480][ T4273]  ? clear_bhb_loop+0x25/0x80
[   49.730501][ T4273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.730524][ T4273] RIP: 0033:0x7f62adc4e169
[   49.730541][ T4273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.730562][ T4273] RSP: 002b:00007f62ac2b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[   49.730594][ T4273] RAX: ffffffffffffffda RBX: 00007f62ade75fa0 RCX: 00007f62adc4e169
[   49.730606][ T4273] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[   49.730617][ T4273] RBP: 00007f62ac2b7090 R08: 0000000000000000 R09: 0000000000000000
[   49.730628][ T4273] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[   49.730642][ T4273] R13: 0000000000000001 R14: 00007f62ade75fa0 R15: 00007ffe8568fdf8
[   49.730663][ T4273]  </TASK>
[   49.732279][ T4266] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   49.934717][ T4266] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[   49.945541][ T4276] netlink: 7832 bytes leftover after parsing attributes in process `syz.0.209'.
[   49.956028][ T4266] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   49.986195][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.022365][ T4285] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   50.079557][ T4289] netlink: 4 bytes leftover after parsing attributes in process `syz.1.213'.
[   50.142790][   T29] kauditd_printk_skb: 29 callbacks suppressed
[   50.142807][   T29] audit: type=1400 audit(1744999306.750:359): avc:  denied  { create } for  pid=4291 comm="syz.0.214" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   50.150393][ T4292] block device autoloading is deprecated and will be removed.
[   50.172183][   T29] audit: type=1400 audit(1744999306.750:360): avc:  denied  { write } for  pid=4291 comm="syz.0.214" name="file0" dev="tmpfs" ino=298 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   50.200013][   T29] audit: type=1400 audit(1744999306.750:361): avc:  denied  { open } for  pid=4291 comm="syz.0.214" path="/53/file0" dev="tmpfs" ino=298 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   50.223021][   T29] audit: type=1400 audit(1744999306.800:362): avc:  denied  { ioctl } for  pid=4291 comm="syz.0.214" path="/53/file0" dev="tmpfs" ino=298 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   50.223967][ T4289] wg2: entered promiscuous mode
[   50.252138][ T4289] wg2: entered allmulticast mode
[   50.264141][   T29] audit: type=1400 audit(1744999306.870:363): avc:  denied  { unlink } for  pid=3307 comm="syz-executor" name="file0" dev="tmpfs" ino=298 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   50.334969][ T4299] Cannot find add_set index 0 as target
[   50.488277][ T4306] loop0: detected capacity change from 0 to 2048
[   50.519047][ T4306] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.539119][ T4306] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   50.570661][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.605929][ T4310] loop0: detected capacity change from 0 to 512
[   50.624472][ T4310] EXT4-fs (loop0): orphan cleanup on readonly fs
[   50.631413][ T4310] EXT4-fs error (device loop0): ext4_orphan_get:1416: comm syz.0.221: bad orphan inode 13
[   50.641931][ T4310] ext4_test_bit(bit=12, block=18) = 1
[   50.647451][ T4310] is_bad_inode(inode)=0
[   50.651631][ T4310] NEXT_ORPHAN(inode)=2130706432
[   50.656603][ T4310] max_ino=32
[   50.659806][ T4310] i_nlink=1
[   50.663396][ T4310] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   50.678278][ T4310] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[   50.701597][ T4310] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   50.733718][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.750314][ T4323] netlink: 12 bytes leftover after parsing attributes in process `syz.2.225'.
[   50.777732][   T29] audit: type=1400 audit(1744999307.390:364): avc:  denied  { create } for  pid=4321 comm="syz.2.225" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[   50.798333][   T29] audit: type=1326 audit(1744999307.400:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4317 comm="syz.1.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f658620e169 code=0x7ffc0000
[   50.821802][   T29] audit: type=1326 audit(1744999307.400:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4317 comm="syz.1.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f658620e169 code=0x7ffc0000
[   50.845136][   T29] audit: type=1326 audit(1744999307.400:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4317 comm="syz.1.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=91 compat=0 ip=0x7f658620e169 code=0x7ffc0000
[   50.848177][ T4325] loop0: detected capacity change from 0 to 512
[   50.868344][   T29] audit: type=1326 audit(1744999307.400:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4317 comm="syz.1.224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f658620e169 code=0x7ffc0000
[   50.933807][ T4328] netlink: 'syz.3.227': attribute type 27 has an invalid length.
[   50.942337][ T4325] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   50.951205][ T4329] bridge_slave_0: left allmulticast mode
[   50.957102][ T4329] bridge_slave_0: left promiscuous mode
[   50.961044][ T4325] EXT4-fs (loop0): orphan cleanup on readonly fs
[   50.963042][ T4329] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.969806][ T4325] EXT4-fs warning (device loop0): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   50.991556][ T4325] EXT4-fs (loop0): Cannot turn on quotas: error -117
[   50.999186][ T4325] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.226: bg 0: block 40: padding at end of block bitmap is not set
[   51.014173][ T4325] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   51.015484][ T4329] bridge_slave_1: left allmulticast mode
[   51.028887][ T4329] bridge_slave_1: left promiscuous mode
[   51.031779][ T4325] EXT4-fs (loop0): 1 truncate cleaned up
[   51.034579][ T4329] bridge0: port 2(bridge_slave_1) entered disabled state
[   51.040991][ T4325] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   51.061078][ T4335] Cannot find add_set index 0 as target
[   51.068067][ T4329] bond0: (slave bond_slave_0): Releasing backup interface
[   51.079590][ T4329] bond0: (slave bond_slave_1): Releasing backup interface
[   51.089055][ T4329] team0: Port device team_slave_0 removed
[   51.098069][ T4329] team0: Port device team_slave_1 removed
[   51.109394][ T4329] batman_adv: batadv0: Removing interface: batadv_slave_0
[   51.118408][ T4329] batman_adv: batadv0: Removing interface: batadv_slave_1
[   51.124897][ T4340] FAULT_INJECTION: forcing a failure.
[   51.124897][ T4340] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   51.138851][ T4340] CPU: 1 UID: 0 PID: 4340 Comm: syz.1.230 Not tainted 6.15.0-rc2-syzkaller-00278-gfc96b232f8e7 #0 PREEMPT(voluntary) 
[   51.138890][ T4340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   51.138905][ T4340] Call Trace:
[   51.138914][ T4340]  <TASK>
[   51.138923][ T4340]  dump_stack_lvl+0xf6/0x150
[   51.139002][ T4340]  dump_stack+0x15/0x1a
[   51.139031][ T4340]  should_fail_ex+0x261/0x270
[   51.139060][ T4340]  should_fail+0xb/0x10
[   51.139145][ T4340]  should_fail_usercopy+0x1a/0x20
[   51.139175][ T4340]  _copy_from_user+0x1c/0xa0
[   51.139211][ T4340]  __x64_sys_signalfd4+0x8f/0x100
[   51.139245][ T4340]  x64_sys_call+0x29f5/0x2e10
[   51.139322][ T4340]  do_syscall_64+0xc9/0x1a0
[   51.139354][ T4340]  ? clear_bhb_loop+0x25/0x80
[   51.139380][ T4340]  ? clear_bhb_loop+0x25/0x80
[   51.139406][ T4340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.139430][ T4340] RIP: 0033:0x7f658620e169
[   51.139445][ T4340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.139520][ T4340] RSP: 002b:00007f6584877038 EFLAGS: 00000246 ORIG_RAX: 0000000000000121
[   51.139587][ T4340] RAX: ffffffffffffffda RBX: 00007f6586435fa0 RCX: 00007f658620e169
[   51.139602][ T4340] RDX: 0000000000000008 RSI: 0000200000000140 RDI: ffffffffffffffff
[   51.139615][ T4340] RBP: 00007f6584877090 R08: 0000000000000000 R09: 0000000000000000
[   51.139629][ T4340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.139665][ T4340] R13: 0000000000000000 R14: 00007f6586435fa0 R15: 00007ffc378a3f98
[   51.139687][ T4340]  </TASK>
[   51.311499][ T4347] SELinux:  policydb version 576 does not match my version range 15-34
[   51.320111][ T4347] SELinux: failed to load policy
[   51.400892][ T4360] loop3: detected capacity change from 0 to 1024
[   51.423486][ T4360] EXT4-fs: Ignoring removed nomblk_io_submit option
[   51.441087][ T4360] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   51.467386][ T4360] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[   51.516520][ T4360] System zones: 0-1, 3-36
[   51.522554][ T4360] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   51.594510][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.728513][ T4389] netlink: 4 bytes leftover after parsing attributes in process `syz.3.236'.
[   51.780818][ T4389] loop3: detected capacity change from 0 to 128
[   51.826964][ T4389] netlink: 28 bytes leftover after parsing attributes in process `+}[@'.
[   51.989457][ T4400] loop2: detected capacity change from 0 to 1024
[   51.996267][ T4400] EXT4-fs: Ignoring removed nomblk_io_submit option
[   52.008883][ T4403] netlink: 12 bytes leftover after parsing attributes in process `syz.3.238'.
[   52.028993][ T4400] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.084846][ T4400] netlink: 'syz.2.237': attribute type 10 has an invalid length.
[   52.114340][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.130241][ T4414] lo speed is unknown, defaulting to 1000
[   52.224039][ T4423] Cannot find add_set index 0 as target
[   52.449994][ T4452] 8021q: adding VLAN 0 to HW filter on device bond0
[   52.463121][ T4452] 8021q: adding VLAN 0 to HW filter on device team0
[   52.705383][ T4486] loop2: detected capacity change from 0 to 1024
[   52.731188][ T4486] EXT4-fs: Ignoring removed nomblk_io_submit option
[   52.748386][ T4486] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   52.760167][ T4486] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[   52.772805][ T4486] System zones: 0-1, 3-36
[   52.784593][ T4486] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.867814][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.935979][ T4512] loop3: detected capacity change from 0 to 512
[   52.952918][ T4514] netlink: 4 bytes leftover after parsing attributes in process `syz.2.251'.
[   52.977606][ T4512] EXT4-fs (loop3): orphan cleanup on readonly fs
[   53.002084][ T4512] EXT4-fs error (device loop3): ext4_orphan_get:1416: comm syz.3.252: bad orphan inode 13
[   53.036616][ T4512] ext4_test_bit(bit=12, block=18) = 1
[   53.042141][ T4512] is_bad_inode(inode)=0
[   53.046625][ T4512] NEXT_ORPHAN(inode)=2130706432
[   53.051474][ T4512] max_ino=32
[   53.054672][ T4512] i_nlink=1
[   53.067873][ T4512] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   53.089711][ T4512] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[   53.125390][ T4512] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   53.274135][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.366605][ T4546] loop2: detected capacity change from 0 to 2048
[   53.410175][ T4546] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.441513][ T4546] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   53.498445][ T4557] loop3: detected capacity change from 0 to 2048
[   53.517386][ T4558] lo speed is unknown, defaulting to 1000
[   53.537337][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.558543][ T4557] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.605466][ T4557] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   53.651263][ T4563] netlink: 28 bytes leftover after parsing attributes in process `syz.2.260'.
[   53.660252][ T4563] netlink: 36 bytes leftover after parsing attributes in process `syz.2.260'.
[   53.805952][ T4569] netlink: 'syz.2.262': attribute type 10 has an invalid length.
[   53.813853][ T4569] netlink: 40 bytes leftover after parsing attributes in process `syz.2.262'.
[   53.854100][ T4569] batadv0: entered promiscuous mode
[   53.859555][ T4569] batadv0: entered allmulticast mode
[   53.880191][ T4569] 8021q: adding VLAN 0 to HW filter on device batadv0
[   53.895501][ T4569] bridge0: port 1(batadv0) entered blocking state
[   53.902075][ T4569] bridge0: port 1(batadv0) entered disabled state
[   53.920253][ T4569] bridge0: port 1(batadv0) entered blocking state
[   53.926770][ T4569] bridge0: port 1(batadv0) entered forwarding state
[   53.956356][ T4571] dummy0: entered allmulticast mode
[   53.977521][ T4571] batman_adv: batadv0: Adding interface: dummy0
[   53.983848][ T4571] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   54.040288][ T4571] batman_adv: batadv0: Interface activated: dummy0
[   54.249968][ T4583] net_ratelimit: 13 callbacks suppressed
[   54.249988][ T4583] batadv0: mtu less than device minimum
[   54.261916][ T4583] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   54.273242][ T4583] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   54.284200][ T4583] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   54.294910][ T4583] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   54.305744][ T4583] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   54.316679][ T4583] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   54.327463][ T4583] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   54.338335][ T4583] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   54.349092][ T4583] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   54.376579][   T56] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   54.385984][   T56] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   54.496176][ T4596] netlink: 'syz.2.267': attribute type 27 has an invalid length.
[   54.515880][ T4599] loop1: detected capacity change from 0 to 2048
[   54.523894][ T4596] bridge0: port 1(batadv0) entered disabled state
[   54.533912][ T4596] batman_adv: batadv0: Interface deactivated: dummy0
[   54.540896][ T4596] dummy0: left allmulticast mode
[   54.562714][ T4599] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   54.607831][ T4603] Cannot find add_set index 0 as target
[   54.620685][ T4605] netlink: 28 bytes leftover after parsing attributes in process `syz.1.272'.
[   54.629654][ T4605] netlink: 36 bytes leftover after parsing attributes in process `syz.1.272'.
[   54.688456][ T4611] batman_adv: batadv0: Removing interface: dummy0
[   54.695607][ T4611] batadv0: left allmulticast mode
[   54.700821][ T4611] batadv0: left promiscuous mode
[   54.705951][ T4611] bridge0: port 1(batadv0) entered disabled state
[   54.720269][ T4611] Cannot find add_set index 0 as target
[   54.734767][ T4616] netlink: 'syz.1.275': attribute type 27 has an invalid length.
[   54.800379][ T4616] bridge0: port 1(batadv0) entered disabled state
[   54.800776][ T4614] SELinux:  Context Ü is not valid (left unmapped).
[   54.817646][ T4616] batman_adv: batadv0: Interface deactivated: dummy0
[   54.824404][ T4616] dummy0: left allmulticast mode
[   54.878355][ T4621] netlink: 4 bytes leftover after parsing attributes in process `syz.2.278'.
[   54.889573][ T4616] wg2: left promiscuous mode
[   54.894336][ T4616] wg2: left allmulticast mode
[   54.967672][ T4629] FAULT_INJECTION: forcing a failure.
[   54.967672][ T4629] name failslab, interval 1, probability 0, space 0, times 0
[   54.980488][ T4629] CPU: 1 UID: 0 PID: 4629 Comm: syz.0.280 Not tainted 6.15.0-rc2-syzkaller-00278-gfc96b232f8e7 #0 PREEMPT(voluntary) 
[   54.980519][ T4629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   54.980534][ T4629] Call Trace:
[   54.980540][ T4629]  <TASK>
[   54.980595][ T4629]  dump_stack_lvl+0xf6/0x150
[   54.980624][ T4629]  dump_stack+0x15/0x1a
[   54.980685][ T4629]  should_fail_ex+0x261/0x270
[   54.980715][ T4629]  should_failslab+0x8f/0xb0
[   54.980739][ T4629]  kmem_cache_alloc_noprof+0x59/0x340
[   54.980773][ T4629]  ? getname_flags+0x81/0x3b0
[   54.980803][ T4629]  getname_flags+0x81/0x3b0
[   54.980865][ T4629]  __x64_sys_execve+0x42/0x70
[   54.980966][ T4629]  x64_sys_call+0x1362/0x2e10
[   54.980992][ T4629]  do_syscall_64+0xc9/0x1a0
[   54.981023][ T4629]  ? clear_bhb_loop+0x25/0x80
[   54.981048][ T4629]  ? clear_bhb_loop+0x25/0x80
[   54.981120][ T4629]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.981145][ T4629] RIP: 0033:0x7f626069e169
[   54.981163][ T4629] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.981180][ T4629] RSP: 002b:00007f625ed07038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[   54.981198][ T4629] RAX: ffffffffffffffda RBX: 00007f62608c5fa0 RCX: 00007f626069e169
[   54.981209][ T4629] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000400
[   54.981222][ T4629] RBP: 00007f625ed07090 R08: 0000000000000000 R09: 0000000000000000
[   54.981312][ T4629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.981325][ T4629] R13: 0000000000000000 R14: 00007f62608c5fa0 R15: 00007ffdb3784dc8
[   54.981372][ T4629]  </TASK>
[   55.183647][ T4616] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   55.192765][ T4616] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   55.201804][ T4616] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   55.213035][ T4616] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   55.300275][ T4636] lo speed is unknown, defaulting to 1000
[   55.426569][ T4645] netlink: 28 bytes leftover after parsing attributes in process `syz.3.285'.
[   55.435564][ T4645] netlink: 36 bytes leftover after parsing attributes in process `syz.3.285'.
[   55.461023][ T4647] dummy0: entered allmulticast mode
[   55.467528][ T4647] batman_adv: batadv0: Adding interface: dummy0
[   55.473824][ T4647] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.509123][ T4647] batman_adv: batadv0: Interface activated: dummy0
[   55.548843][ T4652] Cannot find add_set index 0 as target
[   55.556292][ T4654] loop1: detected capacity change from 0 to 512
[   55.568456][ T4654] EXT4-fs warning (device loop1): dx_probe:839: inode #2: comm syz.1.289: Unimplemented hash flags: 0x0001
[   55.580182][ T4654] EXT4-fs warning (device loop1): dx_probe:936: inode #2: comm syz.1.289: Corrupt directory, running e2fsck is recommended
[   55.580797][ T4650] lo speed is unknown, defaulting to 1000
[   55.639932][ T4654] EXT4-fs warning (device loop1): dx_probe:839: inode #2: comm syz.1.289: Unimplemented hash flags: 0x0001
[   55.649579][ T4659] loop5: detected capacity change from 0 to 512
[   55.651413][ T4654] EXT4-fs warning (device loop1): dx_probe:936: inode #2: comm syz.1.289: Corrupt directory, running e2fsck is recommended
[   55.672116][ T4654] EXT4-fs warning (device loop1): dx_probe:839: inode #2: comm syz.1.289: Unimplemented hash flags: 0x0001
[   55.683688][ T4654] EXT4-fs warning (device loop1): dx_probe:936: inode #2: comm syz.1.289: Corrupt directory, running e2fsck is recommended
[   55.697607][ T4654] EXT4-fs warning (device loop1): dx_probe:839: inode #2: comm syz.1.289: Unimplemented hash flags: 0x0001
[   55.709150][ T4654] EXT4-fs warning (device loop1): dx_probe:936: inode #2: comm syz.1.289: Corrupt directory, running e2fsck is recommended
[   55.712412][ T4659] EXT4-fs warning (device loop5): dx_probe:839: inode #2: comm syz.5.290: Unimplemented hash flags: 0x0001
[   55.733588][ T4659] EXT4-fs warning (device loop5): dx_probe:936: inode #2: comm syz.5.290: Corrupt directory, running e2fsck is recommended
[   55.767128][ T4659] EXT4-fs warning (device loop5): dx_probe:839: inode #2: comm syz.5.290: Unimplemented hash flags: 0x0001
[   55.778811][ T4659] EXT4-fs warning (device loop5): dx_probe:936: inode #2: comm syz.5.290: Corrupt directory, running e2fsck is recommended
[   55.794059][ T4659] EXT4-fs warning (device loop5): dx_probe:839: inode #2: comm syz.5.290: Unimplemented hash flags: 0x0001
[   55.805701][ T4659] EXT4-fs warning (device loop5): dx_probe:936: inode #2: comm syz.5.290: Corrupt directory, running e2fsck is recommended
[   55.820674][ T4654] EXT4-fs warning (device loop1): dx_probe:839: inode #2: comm syz.1.289: Unimplemented hash flags: 0x0001
[   55.832286][ T4654] EXT4-fs warning (device loop1): dx_probe:936: inode #2: comm syz.1.289: Corrupt directory, running e2fsck is recommended
[   55.848753][ T4664] EXT4-fs warning (device loop5): dx_probe:839: inode #2: comm syz.5.290: Unimplemented hash flags: 0x0001
[   55.855316][ T4663] loop3: detected capacity change from 0 to 8192
[   55.860382][ T4664] EXT4-fs warning (device loop5): dx_probe:936: inode #2: comm syz.5.290: Corrupt directory, running e2fsck is recommended
[   55.915355][ T4659] EXT4-fs warning (device loop5): dx_probe:839: inode #2: comm syz.5.290: Unimplemented hash flags: 0x0001
[   55.927006][ T4659] EXT4-fs warning (device loop5): dx_probe:936: inode #2: comm syz.5.290: Corrupt directory, running e2fsck is recommended
[   55.962128][ T4667] loop1: detected capacity change from 0 to 1024
[   55.982273][ T4667] EXT4-fs: Ignoring removed nomblk_io_submit option
[   56.012700][ T4667] netlink: 'syz.1.293': attribute type 10 has an invalid length.
[   56.025043][ T4667] hsr_slave_0: left promiscuous mode
[   56.048770][ T4667] hsr_slave_1: left promiscuous mode
[   56.077212][ T4684] can: request_module (can-proto-4) failed.
[   56.137503][ T4695] loop0: detected capacity change from 0 to 2048
[   56.158812][ T4695] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   56.180320][ T4699] netlink: 'syz.5.299': attribute type 10 has an invalid length.
[   56.188228][ T4699] netlink: 40 bytes leftover after parsing attributes in process `syz.5.299'.
[   56.197909][ T4699] batadv0: entered promiscuous mode
[   56.203254][ T4699] batadv0: entered allmulticast mode
[   56.210930][ T4699] 8021q: adding VLAN 0 to HW filter on device batadv0
[   56.218722][ T4699] bridge0: port 3(batadv0) entered blocking state
[   56.225297][ T4699] bridge0: port 3(batadv0) entered disabled state
[   56.233681][ T4700] dummy0: entered allmulticast mode
[   56.241542][ T4700] batman_adv: batadv0: Adding interface: dummy0
[   56.247952][ T4700] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   56.274039][ T4700] batman_adv: batadv0: Interface activated: dummy0
[   56.288251][   T29] kauditd_printk_skb: 79 callbacks suppressed
[   56.288268][   T29] audit: type=1400 audit(1744999312.900:447): avc:  denied  { checkpoint_restore } for  pid=4701 comm="syz.0.300" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   56.436519][ T4716] FAULT_INJECTION: forcing a failure.
[   56.436519][ T4716] name failslab, interval 1, probability 0, space 0, times 0
[   56.449464][ T4716] CPU: 1 UID: 0 PID: 4716 Comm: syz.0.306 Not tainted 6.15.0-rc2-syzkaller-00278-gfc96b232f8e7 #0 PREEMPT(voluntary) 
[   56.449492][ T4716] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   56.449504][ T4716] Call Trace:
[   56.449510][ T4716]  <TASK>
[   56.449517][ T4716]  dump_stack_lvl+0xf6/0x150
[   56.449543][ T4716]  dump_stack+0x15/0x1a
[   56.449635][ T4716]  should_fail_ex+0x261/0x270
[   56.449665][ T4716]  should_failslab+0x8f/0xb0
[   56.449712][ T4716]  __kmalloc_noprof+0xad/0x410
[   56.449746][ T4716]  ? genl_family_rcv_msg_attrs_parse+0x75/0x1a0
[   56.449786][ T4716]  genl_family_rcv_msg_attrs_parse+0x75/0x1a0
[   56.449872][ T4716]  ? ns_capable+0x7d/0xb0
[   56.449909][ T4716]  genl_rcv_msg+0x486/0x6f0
[   56.449939][ T4716]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[   56.449963][ T4716]  ? __dev_queue_xmit+0xb76/0x20b0
[   56.450040][ T4716]  ? should_fail_ex+0xd7/0x270
[   56.450093][ T4716]  ? ref_tracker_free+0x3b8/0x420
[   56.450185][ T4716]  netlink_rcv_skb+0x12f/0x230
[   56.450208][ T4716]  ? __pfx_genl_rcv_msg+0x10/0x10
[   56.450242][ T4716]  genl_rcv+0x28/0x40
[   56.450265][ T4716]  netlink_unicast+0x605/0x6c0
[   56.450315][ T4716]  netlink_sendmsg+0x609/0x720
[   56.450352][ T4716]  ? __pfx_netlink_sendmsg+0x10/0x10
[   56.450377][ T4716]  __sock_sendmsg+0x140/0x180
[   56.450484][ T4716]  ____sys_sendmsg+0x350/0x4e0
[   56.450512][ T4716]  __sys_sendmsg+0x1a0/0x240
[   56.450575][ T4716]  __x64_sys_sendmsg+0x46/0x50
[   56.450599][ T4716]  x64_sys_call+0x26f3/0x2e10
[   56.450621][ T4716]  do_syscall_64+0xc9/0x1a0
[   56.450647][ T4716]  ? clear_bhb_loop+0x25/0x80
[   56.450668][ T4716]  ? clear_bhb_loop+0x25/0x80
[   56.450710][ T4716]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   56.450733][ T4716] RIP: 0033:0x7f626069e169
[   56.450748][ T4716] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   56.450765][ T4716] RSP: 002b:00007f625ed07038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   56.450783][ T4716] RAX: ffffffffffffffda RBX: 00007f62608c5fa0 RCX: 00007f626069e169
[   56.450794][ T4716] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[   56.450806][ T4716] RBP: 00007f625ed07090 R08: 0000000000000000 R09: 0000000000000000
[   56.450817][ T4716] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   56.450909][ T4716] R13: 0000000000000000 R14: 00007f62608c5fa0 R15: 00007ffdb3784dc8
[   56.451005][ T4716]  </TASK>
[   56.452291][ T4714] loop2: detected capacity change from 0 to 512
[   56.465966][   T56] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   56.493568][ T4714] EXT4-fs: Ignoring removed nomblk_io_submit option
[   56.495062][   T56] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   56.744800][ T4714] EXT4-fs error (device loop2): ext4_iget_extra_inode:4693: inode #15: comm syz.2.305: corrupted in-inode xattr: invalid ea_ino
[   56.766785][ T4714] EXT4-fs error (device loop2): ext4_orphan_get:1395: comm syz.2.305: couldn't read orphan inode 15 (err -117)
[   56.889179][   T29] audit: type=1326 audit(1744999313.480:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.2.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62adc4e169 code=0x7ffc0000
[   56.912644][   T29] audit: type=1326 audit(1744999313.480:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.2.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62adc4e169 code=0x7ffc0000
[   56.936146][   T29] audit: type=1326 audit(1744999313.480:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.2.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=91 compat=0 ip=0x7f62adc4e169 code=0x7ffc0000
[   56.959656][   T29] audit: type=1326 audit(1744999313.480:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.2.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62adc4e169 code=0x7ffc0000
[   56.982975][   T29] audit: type=1326 audit(1744999313.480:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4733 comm="syz.2.311" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f62adc4e169 code=0x7ffc0000
[   57.022392][ T4744] loop0: detected capacity change from 0 to 1024
[   57.037065][ T4744] EXT4-fs: Ignoring removed nomblk_io_submit option
[   57.044839][   T29] audit: type=1326 audit(1744999313.580:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4738 comm="syz.3.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2e012e169 code=0x7ffc0000
[   57.069337][   T29] audit: type=1326 audit(1744999313.580:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4738 comm="syz.3.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2e012e169 code=0x7ffc0000
[   57.093652][   T29] audit: type=1326 audit(1744999313.580:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4738 comm="syz.3.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2e012e169 code=0x7ffc0000
[   57.117036][   T29] audit: type=1326 audit(1744999313.580:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4738 comm="syz.3.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2e012e169 code=0x7ffc0000
[   57.161809][ T4742] netlink: 'syz.0.313': attribute type 10 has an invalid length.
[   57.171074][ T4742] hsr_slave_0: left promiscuous mode
[   57.179268][ T4742] hsr_slave_1: left promiscuous mode
[   57.261832][ T4765] loop1: detected capacity change from 0 to 2048
[   57.299503][ T4765] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   57.342992][ T4772] loop5: detected capacity change from 0 to 512
[   57.354989][ T4772] EXT4-fs: Ignoring removed nobh option
[   57.386103][ T4772] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #16: comm syz.5.319: corrupted inode contents
[   57.417117][ T4772] EXT4-fs (loop5): Remounting filesystem read-only
[   57.423836][ T4772] EXT4-fs (loop5): 1 truncate cleaned up
[   57.430856][ T4772] ext4 filesystem being mounted at /21/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.446971][   T56] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   57.458793][   T56] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   57.463998][ T4782] netlink: 'syz.1.324': attribute type 27 has an invalid length.
[   57.478210][   T56] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[   57.486662][ T4784] FAULT_INJECTION: forcing a failure.
[   57.486662][ T4784] name failslab, interval 1, probability 0, space 0, times 0
[   57.501478][ T4784] CPU: 0 UID: 0 PID: 4784 Comm: syz.0.327 Not tainted 6.15.0-rc2-syzkaller-00278-gfc96b232f8e7 #0 PREEMPT(voluntary) 
[   57.501512][ T4784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   57.501528][ T4784] Call Trace:
[   57.501537][ T4784]  <TASK>
[   57.501546][ T4784]  dump_stack_lvl+0xf6/0x150
[   57.501577][ T4784]  dump_stack+0x15/0x1a
[   57.501645][ T4784]  should_fail_ex+0x261/0x270
[   57.501674][ T4784]  should_failslab+0x8f/0xb0
[   57.501747][ T4784]  kmem_cache_alloc_noprof+0x59/0x340
[   57.501842][ T4784]  ? skb_clone+0x154/0x1f0
[   57.501930][ T4784]  skb_clone+0x154/0x1f0
[   57.501960][ T4784]  packet_rcv_spkt+0xc7/0x3b0
[   57.501986][ T4784]  ? __pfx_packet_rcv_spkt+0x10/0x10
[   57.502011][ T4784]  __netif_receive_skb_core+0x1b5c/0x2580
[   57.502104][ T4784]  ? __rcu_read_unlock+0x4e/0x70
[   57.502130][ T4784]  ? __skb_flow_dissect+0x3cd9/0x3fa0
[   57.502162][ T4784]  __netif_receive_skb+0x5d/0x290
[   57.502199][ T4784]  netif_receive_skb+0x4f/0x330
[   57.502276][ T4784]  ? tun_vnet_hdr_to_skb+0x56f/0xd90
[   57.502301][ T4784]  ? tun_rx_batched+0xcc/0x450
[   57.502325][ T4784]  tun_rx_batched+0x104/0x450
[   57.502351][ T4784]  tun_get_user+0x1e8d/0x2640
[   57.502429][ T4784]  ? devm_kfree_strarray+0x90/0x90
[   57.502451][ T4784]  ? ref_tracker_alloc+0x1ff/0x310
[   57.502527][ T4784]  tun_chr_write_iter+0x188/0x240
[   57.502613][ T4784]  vfs_write+0x79b/0x950
[   57.502635][ T4784]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   57.502664][ T4784]  ksys_write+0xeb/0x1b0
[   57.502689][ T4784]  __x64_sys_write+0x42/0x50
[   57.502712][ T4784]  x64_sys_call+0x2a45/0x2e10
[   57.502776][ T4784]  do_syscall_64+0xc9/0x1a0
[   57.502808][ T4784]  ? clear_bhb_loop+0x25/0x80
[   57.502835][ T4784]  ? clear_bhb_loop+0x25/0x80
[   57.502861][ T4784]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.502887][ T4784] RIP: 0033:0x7f626069cc1f
[   57.503014][ T4784] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   57.503036][ T4784] RSP: 002b:00007f625ed07000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   57.503058][ T4784] RAX: ffffffffffffffda RBX: 00007f62608c5fa0 RCX: 00007f626069cc1f
[   57.503074][ T4784] RDX: 00000000000000d2 RSI: 0000200000000600 RDI: 00000000000000c8
[   57.503088][ T4784] RBP: 00007f625ed07090 R08: 0000000000000000 R09: 0000000000000000
[   57.503103][ T4784] R10: 00000000000000d2 R11: 0000000000000293 R12: 0000000000000001
[   57.503183][ T4784] R13: 0000000000000000 R14: 00007f62608c5fa0 R15: 00007ffdb3784dc8
[   57.503277][ T4784]  </TASK>
[   57.883225][ T4799] netlink: 'syz.0.331': attribute type 7 has an invalid length.
[   57.891062][ T4799] netlink: 'syz.0.331': attribute type 8 has an invalid length.
[   57.932106][ T4805] siw: device registration error -23
[   58.033505][ T4816] loop2: detected capacity change from 0 to 2048
[   58.054063][ T4819] loop1: detected capacity change from 0 to 512
[   58.098382][ T4819] loop1: detected capacity change from 0 to 1024
[   58.117983][ T4819] EXT4-fs: Ignoring removed nobh option
[   58.123632][ T4819] EXT4-fs: Ignoring removed bh option
[   58.166978][ T4832] batman_adv: batadv0: Interface deactivated: dummy0
[   58.174599][ T4832] batman_adv: batadv0: Removing interface: dummy0
[   58.272936][ T4846] __nla_validate_parse: 9 callbacks suppressed
[   58.273000][ T4846] netlink: 12 bytes leftover after parsing attributes in process `syz.3.340'.
[   58.397060][ T4859] loop3: detected capacity change from 0 to 512
[   58.412053][ T4862] FAULT_INJECTION: forcing a failure.
[   58.412053][ T4862] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   58.425271][ T4862] CPU: 0 UID: 0 PID: 4862 Comm: syz.5.345 Not tainted 6.15.0-rc2-syzkaller-00278-gfc96b232f8e7 #0 PREEMPT(voluntary) 
[   58.425298][ T4862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   58.425310][ T4862] Call Trace:
[   58.425315][ T4862]  <TASK>
[   58.425322][ T4862]  dump_stack_lvl+0xf6/0x150
[   58.425349][ T4862]  dump_stack+0x15/0x1a
[   58.425369][ T4862]  should_fail_ex+0x261/0x270
[   58.425441][ T4862]  should_fail+0xb/0x10
[   58.425571][ T4862]  should_fail_usercopy+0x1a/0x20
[   58.425685][ T4862]  _copy_from_user+0x1c/0xa0
[   58.425722][ T4862]  __se_sys_io_uring_setup+0x122/0x210
[   58.425802][ T4862]  __x64_sys_io_uring_setup+0x31/0x40
[   58.425872][ T4862]  x64_sys_call+0x1741/0x2e10
[   58.425898][ T4862]  do_syscall_64+0xc9/0x1a0
[   58.425953][ T4862]  ? clear_bhb_loop+0x25/0x80
[   58.425979][ T4862]  ? clear_bhb_loop+0x25/0x80
[   58.426006][ T4862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.426030][ T4862] RIP: 0033:0x7f40f68be169
[   58.426046][ T4862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.426063][ T4862] RSP: 002b:00007f40f4f26fc8 EFLAGS: 00000202 ORIG_RAX: 00000000000001a9
[   58.426080][ T4862] RAX: ffffffffffffffda RBX: 00007f40f6ae5fa0 RCX: 00007f40f68be169
[   58.426117][ T4862] RDX: 00002000000005c0 RSI: 0000200000000140 RDI: 00000000000031c7
[   58.426131][ T4862] RBP: 0000200000000140 R08: 0000000000000000 R09: 00002000000005c0
[   58.426152][ T4862] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[   58.426165][ T4862] R13: 00002000000012c0 R14: 00000000000031c7 R15: 00002000000005c0
[   58.426186][ T4862]  </TASK>
[   58.619218][ T4859] EXT4-fs (loop3): orphan cleanup on readonly fs
[   58.634598][ T4859] EXT4-fs error (device loop3): ext4_orphan_get:1416: comm syz.3.344: bad orphan inode 13
[   58.639528][ T4863] netlink: '+}[@': attribute type 1 has an invalid length.
[   58.660451][ T4867] loop5: detected capacity change from 0 to 2048
[   58.662622][ T4863] 8021q: adding VLAN 0 to HW filter on device bond1
[   58.667208][ T4859] ext4_test_bit(bit=12, block=18) = 1
[   58.679149][ T4859] is_bad_inode(inode)=0
[   58.683322][ T4859] NEXT_ORPHAN(inode)=2130706432
[   58.688227][ T4859] max_ino=32
[   58.691446][ T4859] i_nlink=1
[   58.702192][ T4859] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[   58.711804][ T4863] loop1: detected capacity change from 0 to 2048
[   58.727661][ T4863] EXT4-fs (loop1): can't mount with commit=, fs mounted w/o journal
[   58.750898][ T4859] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   58.763132][ T4867] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   58.804979][ T4875] netlink: 8 bytes leftover after parsing attributes in process `syz.0.348'.
[   58.863958][ T4885] Cannot find add_set index 0 as target
[   58.875891][ T4882] lo speed is unknown, defaulting to 1000
[   58.915149][ T4887] netlink: 12 bytes leftover after parsing attributes in process `syz.1.353'.
[   58.942348][ T4892] netlink: 'syz.3.354': attribute type 10 has an invalid length.
[   58.950242][ T4892] netlink: 40 bytes leftover after parsing attributes in process `syz.3.354'.
[   58.962418][ T4892] batadv0: entered promiscuous mode
[   58.967738][ T4892] batadv0: entered allmulticast mode
[   58.973998][ T4892] 8021q: adding VLAN 0 to HW filter on device batadv0
[   58.983094][ T4892] bridge0: port 1(batadv0) entered blocking state
[   58.989674][ T4892] bridge0: port 1(batadv0) entered disabled state
[   59.000254][ T4896] netlink: 8 bytes leftover after parsing attributes in process `syz.3.354'.
[   59.005044][ T4897] loop1: detected capacity change from 0 to 1024
[   59.017124][ T4897] EXT4-fs: Ignoring removed nomblk_io_submit option
[   59.038351][ T4897] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   59.070134][ T4897] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[   59.081283][ T4897] System zones: 0-1, 3-36
[   59.160606][ T4919] loop5: detected capacity change from 0 to 2048
[   59.177785][ T4922] loop0: detected capacity change from 0 to 2048
[   59.291521][ T4934] loop1: detected capacity change from 0 to 2048
[   59.309345][   T51] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   59.319102][   T51] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   59.528938][ T4960] 8021q: VLANs not supported on vxcan0
[   59.548804][ T4959] 8021q: VLANs not supported on vxcan0
[   59.613456][ T4976] netlink: 112 bytes leftover after parsing attributes in process `syz.5.369'.
[   59.663269][ T4984] netlink: 'syz.0.370': attribute type 27 has an invalid length.
[   59.701856][ T4993] tipc: Started in network mode
[   59.706898][ T4993] tipc: Node identity ac14140f, cluster identity 4711
[   59.714092][ T4993] tipc: New replicast peer: 255.255.255.255
[   59.720462][ T4993] tipc: Enabled bearer <udp:syz2>, priority 10
[   59.724182][ T4988] loop3: detected capacity change from 0 to 2048
[   59.748844][ T4997] loop5: detected capacity change from 0 to 2048
[   59.811271][ T5007] Cannot find add_set index 0 as target
[   60.028724][ T5028] Cannot find add_set index 0 as target
[   60.114156][ T5042] netlink: 20 bytes leftover after parsing attributes in process `syz.3.388'.
[   60.151193][ T5047] loop0: detected capacity change from 0 to 1024
[   60.164440][ T5047] EXT4-fs: Ignoring removed nomblk_io_submit option
[   60.197591][ T5047] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   60.229539][ T5047] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[   60.229939][ T5061] Cannot find add_set index 0 as target
[   60.251903][ T5047] System zones: 0-1, 3-36
[   60.440854][ T5092] loop1: detected capacity change from 0 to 512
[   60.454861][ T5092] EXT4-fs warning (device loop1): dx_probe:839: inode #2: comm syz.1.398: Unimplemented hash flags: 0x0001
[   60.466630][ T5092] EXT4-fs warning (device loop1): dx_probe:936: inode #2: comm syz.1.398: Corrupt directory, running e2fsck is recommended
[   60.500296][ T5097] loop3: detected capacity change from 0 to 512
[   60.514061][ T5092] EXT4-fs warning (device loop1): dx_probe:839: inode #2: comm syz.1.398: Unimplemented hash flags: 0x0001
[   60.525584][ T5092] EXT4-fs warning (device loop1): dx_probe:936: inode #2: comm syz.1.398: Corrupt directory, running e2fsck is recommended
[   60.539428][ T5092] EXT4-fs warning (device loop1): dx_probe:839: inode #2: comm syz.1.398: Unimplemented hash flags: 0x0001
[   60.550998][ T5092] EXT4-fs warning (device loop1): dx_probe:936: inode #2: comm syz.1.398: Corrupt directory, running e2fsck is recommended
[   60.564165][ T5092] EXT4-fs warning (device loop1): dx_probe:839: inode #2: comm syz.1.398: Unimplemented hash flags: 0x0001
[   60.568586][ T5097] EXT4-fs warning (device loop3): dx_probe:839: inode #2: comm syz.3.400: Unimplemented hash flags: 0x0001
[   60.575854][ T5092] EXT4-fs warning (device loop1): dx_probe:936: inode #2: comm syz.1.398: Corrupt directory, running e2fsck is recommended
[   60.587177][ T5097] EXT4-fs warning (device loop3): dx_probe:936: inode #2: comm syz.3.400: Corrupt directory, running e2fsck is recommended
[   60.615522][ T5104] netlink: 4 bytes leftover after parsing attributes in process `syz.0.402'.
[   60.624430][ T5104] netlink: 4 bytes leftover after parsing attributes in process `syz.0.402'.
[   60.630513][ T5097] EXT4-fs warning (device loop3): dx_probe:839: inode #2: comm syz.3.400: Unimplemented hash flags: 0x0001
[   60.644810][ T5097] EXT4-fs warning (device loop3): dx_probe:936: inode #2: comm syz.3.400: Corrupt directory, running e2fsck is recommended
[   60.651904][ T5092] EXT4-fs warning (device loop1): dx_probe:839: inode #2: comm syz.1.398: Unimplemented hash flags: 0x0001
[   60.659664][ T5097] EXT4-fs warning (device loop3): dx_probe:839: inode #2: comm syz.3.400: Unimplemented hash flags: 0x0001
[   60.669187][ T5092] EXT4-fs warning (device loop1): dx_probe:936: inode #2: comm syz.1.398: Corrupt directory, running e2fsck is recommended
[   60.680626][ T5097] EXT4-fs warning (device loop3): dx_probe:936: inode #2: comm syz.3.400: Corrupt directory, running e2fsck is recommended
[   60.696424][ T5102] loop0: detected capacity change from 0 to 512
[   60.717660][ T5104] netlink: 4 bytes leftover after parsing attributes in process `syz.0.402'.
[   60.717727][ T5097] EXT4-fs warning (device loop3): dx_probe:839: inode #2: comm syz.3.400: Unimplemented hash flags: 0x0001
[   60.737956][ T5097] EXT4-fs warning (device loop3): dx_probe:936: inode #2: comm syz.3.400: Corrupt directory, running e2fsck is recommended
[   60.753228][ T5102] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[   60.773801][ T5107] FAULT_INJECTION: forcing a failure.
[   60.773801][ T5107] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   60.786950][ T5107] CPU: 0 UID: 0 PID: 5107 Comm: syz.1.403 Not tainted 6.15.0-rc2-syzkaller-00278-gfc96b232f8e7 #0 PREEMPT(voluntary) 
[   60.787060][ T5107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   60.787075][ T5107] Call Trace:
[   60.787082][ T5107]  <TASK>
[   60.787091][ T5107]  dump_stack_lvl+0xf6/0x150
[   60.787120][ T5107]  dump_stack+0x15/0x1a
[   60.787216][ T5107]  should_fail_ex+0x261/0x270
[   60.787244][ T5107]  should_fail+0xb/0x10
[   60.787309][ T5107]  should_fail_usercopy+0x1a/0x20
[   60.787384][ T5107]  _copy_from_user+0x1c/0xa0
[   60.787421][ T5107]  kstrtouint_from_user+0x84/0x100
[   60.787445][ T5107]  ? 0xffffffff81000000
[   60.787458][ T5107]  ? selinux_file_permission+0x22d/0x360
[   60.787482][ T5107]  proc_fail_nth_write+0x54/0x160
[   60.787521][ T5107]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   60.787580][ T5107]  vfs_write+0x295/0x950
[   60.787600][ T5107]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   60.787661][ T5107]  ? __fget_files+0x186/0x1c0
[   60.787689][ T5107]  ksys_write+0xeb/0x1b0
[   60.787711][ T5107]  __x64_sys_write+0x42/0x50
[   60.787733][ T5107]  x64_sys_call+0x2a45/0x2e10
[   60.787776][ T5107]  do_syscall_64+0xc9/0x1a0
[   60.787885][ T5107]  ? clear_bhb_loop+0x25/0x80
[   60.787911][ T5107]  ? clear_bhb_loop+0x25/0x80
[   60.788013][ T5107]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.788039][ T5107] RIP: 0033:0x7f658620cc1f
[   60.788055][ T5107] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   60.788118][ T5107] RSP: 002b:00007f6584877030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   60.788139][ T5107] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f658620cc1f
[   60.788153][ T5107] RDX: 0000000000000001 RSI: 00007f65848770a0 RDI: 0000000000000006
[   60.788167][ T5107] RBP: 00007f6584877090 R08: 0000000000000000 R09: 0000000000000000
[   60.788181][ T5107] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   60.788194][ T5107] R13: 0000000000000000 R14: 00007f6586435fa0 R15: 00007ffc378a3f98
[   60.788256][ T5107]  </TASK>
[   60.803587][ T5097] EXT4-fs warning (device loop3): dx_probe:839: inode #2: comm syz.3.400: Unimplemented hash flags: 0x0001
[   60.856413][   T10] tipc: Node number set to 2886997007
[   60.858348][ T5097] EXT4-fs warning (device loop3): dx_probe:936: inode #2: comm syz.3.400: Corrupt directory, running e2fsck is recommended
[   60.887964][ T5110] lo speed is unknown, defaulting to 1000
[   60.896703][ T5112] loop1: detected capacity change from 0 to 1024
[   60.960847][ T5102] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.402: Failed to acquire dquot type 0
[   60.967654][ T5112] EXT4-fs: Ignoring removed nomblk_io_submit option
[   60.996219][ T5102] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   61.082686][ T5102] EXT4-fs (loop0): 1 truncate cleaned up
[   61.102477][ T5122] loop3: detected capacity change from 0 to 1024
[   61.109169][ T5112] netlink: 'syz.1.404': attribute type 10 has an invalid length.
[   61.109234][ T5122] EXT4-fs: Ignoring removed nomblk_io_submit option
[   61.129358][ T5122] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   61.146204][ T5119] Cannot find add_set index 0 as target
[   61.162519][ T5124] IPVS: Error connecting to the multicast addr
[   61.200174][ T5122] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[   61.211961][ T5127] FAULT_INJECTION: forcing a failure.
[   61.211961][ T5127] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   61.225128][ T5127] CPU: 0 UID: 0 PID: 5127 Comm: syz.0.409 Not tainted 6.15.0-rc2-syzkaller-00278-gfc96b232f8e7 #0 PREEMPT(voluntary) 
[   61.225161][ T5127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   61.225183][ T5127] Call Trace:
[   61.225336][ T5127]  <TASK>
[   61.225343][ T5127]  dump_stack_lvl+0xf6/0x150
[   61.225372][ T5127]  dump_stack+0x15/0x1a
[   61.225393][ T5127]  should_fail_ex+0x261/0x270
[   61.225422][ T5127]  should_fail+0xb/0x10
[   61.225473][ T5127]  should_fail_usercopy+0x1a/0x20
[   61.225504][ T5127]  _copy_to_user+0x20/0xa0
[   61.225540][ T5127]  simple_read_from_buffer+0xb2/0x130
[   61.225627][ T5127]  proc_fail_nth_read+0x103/0x140
[   61.225675][ T5127]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   61.225714][ T5127]  vfs_read+0x1b2/0x710
[   61.225793][ T5127]  ? __rcu_read_unlock+0x4e/0x70
[   61.225819][ T5127]  ? __fget_files+0x186/0x1c0
[   61.225846][ T5127]  ksys_read+0xeb/0x1b0
[   61.225869][ T5127]  __x64_sys_read+0x42/0x50
[   61.225940][ T5127]  x64_sys_call+0x2a3b/0x2e10
[   61.225967][ T5127]  do_syscall_64+0xc9/0x1a0
[   61.225998][ T5127]  ? clear_bhb_loop+0x25/0x80
[   61.226108][ T5127]  ? clear_bhb_loop+0x25/0x80
[   61.226134][ T5127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.226159][ T5127] RIP: 0033:0x7f626069cb7c
[   61.226203][ T5127] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   61.226227][ T5127] RSP: 002b:00007f625ed07030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   61.226250][ T5127] RAX: ffffffffffffffda RBX: 00007f62608c5fa0 RCX: 00007f626069cb7c
[   61.226265][ T5127] RDX: 000000000000000f RSI: 00007f625ed070a0 RDI: 0000000000000004
[   61.226279][ T5127] RBP: 00007f625ed07090 R08: 0000000000000000 R09: 0000000000000000
[   61.226368][ T5127] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.226382][ T5127] R13: 0000000000000000 R14: 00007f62608c5fa0 R15: 00007ffdb3784dc8
[   61.226404][ T5127]  </TASK>
[   61.424979][ T5122] System zones: 0-1, 3-36
[   61.430026][   T29] kauditd_printk_skb: 69 callbacks suppressed
[   61.430041][   T29] audit: type=1400 audit(1744999318.040:518): avc:  denied  { unlink } for  pid=2992 comm="syslogd" name="messages.0" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   61.491155][   T29] audit: type=1400 audit(1744999318.080:519): avc:  denied  { bind } for  pid=5128 comm="syz.1.410" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   61.511408][   T29] audit: type=1400 audit(1744999318.080:520): avc:  denied  { setopt } for  pid=5128 comm="syz.1.410" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   61.532512][ T5138] netlink: 'syz.1.410': attribute type 10 has an invalid length.
[   61.540793][ T5138] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.549559][ T5138] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.558479][ T5138] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.576657][ T5138] team0: Failed to send port change of device geneve1 via netlink (err -105)
[   61.588480][ T5138] team0: Failed to send options change via netlink (err -105)
[   61.596161][ T5138] team0: Port device geneve1 added
[   61.607136][ T5143] loop3: detected capacity change from 0 to 2048
[   61.621608][   T29] audit: type=1326 audit(1744999318.210:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5132 comm="syz.5.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40f68be169 code=0x7ffc0000
[   61.645065][   T29] audit: type=1326 audit(1744999318.210:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5132 comm="syz.5.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40f68be169 code=0x7ffc0000
[   61.668361][   T29] audit: type=1326 audit(1744999318.210:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5132 comm="syz.5.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f40f68be169 code=0x7ffc0000
[   61.691666][   T29] audit: type=1326 audit(1744999318.210:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5132 comm="syz.5.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40f68be169 code=0x7ffc0000
[   61.715116][   T29] audit: type=1326 audit(1744999318.210:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5132 comm="syz.5.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f40f68be169 code=0x7ffc0000
[   61.738480][   T29] audit: type=1326 audit(1744999318.210:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5132 comm="syz.5.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f40f68be169 code=0x7ffc0000
[   61.761861][   T29] audit: type=1326 audit(1744999318.210:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5132 comm="syz.5.412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f40f68be169 code=0x7ffc0000
[   61.809035][ T5129] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.867683][ T5129] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   61.878516][ T5151] loop5: detected capacity change from 0 to 2048
[   61.929789][ T5151] EXT4-fs (loop5): failed to initialize system zone (-117)
[   61.938264][ T5151] EXT4-fs (loop5): mount failed
[   61.941111][ T5129] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   62.018021][ T5129] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.030218][ T5129] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.051850][ T5129] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.064429][ T5129] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.088598][ T5160] 9pnet_fd: Insufficient options for proto=fd
[   62.149672][ T5162] lo speed is unknown, defaulting to 1000
[   62.217202][ T5169] loop5: detected capacity change from 0 to 2048
[   62.242645][ T5169] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   62.303804][ T5173] loop5: detected capacity change from 0 to 256
[   62.498343][ T5180] FAULT_INJECTION: forcing a failure.
[   62.498343][ T5180] name failslab, interval 1, probability 0, space 0, times 0
[   62.511150][ T5180] CPU: 1 UID: 0 PID: 5180 Comm: syz.2.425 Not tainted 6.15.0-rc2-syzkaller-00278-gfc96b232f8e7 #0 PREEMPT(voluntary) 
[   62.511177][ T5180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   62.511188][ T5180] Call Trace:
[   62.511273][ T5180]  <TASK>
[   62.511281][ T5180]  dump_stack_lvl+0xf6/0x150
[   62.511333][ T5180]  dump_stack+0x15/0x1a
[   62.511350][ T5180]  should_fail_ex+0x261/0x270
[   62.511379][ T5180]  should_failslab+0x8f/0xb0
[   62.511405][ T5180]  kmem_cache_alloc_noprof+0x59/0x340
[   62.511439][ T5180]  ? audit_log_start+0x37f/0x6e0
[   62.511513][ T5180]  audit_log_start+0x37f/0x6e0
[   62.511548][ T5180]  ? kstrtouint+0x7b/0xc0
[   62.511572][ T5180]  audit_seccomp+0x49/0x100
[   62.511599][ T5180]  __seccomp_filter+0x694/0x10e0
[   62.511679][ T5180]  ? vfs_write+0x669/0x950
[   62.511706][ T5180]  __secure_computing+0x7e/0x150
[   62.511729][ T5180]  syscall_trace_enter+0xcf/0x1f0
[   62.511756][ T5180]  do_syscall_64+0xaa/0x1a0
[   62.511793][ T5180]  ? clear_bhb_loop+0x25/0x80
[   62.511816][ T5180]  ? clear_bhb_loop+0x25/0x80
[   62.511881][ T5180]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.511905][ T5180] RIP: 0033:0x7f62adc4e169
[   62.511922][ T5180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.511975][ T5180] RSP: 002b:00007f62ac2b7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[   62.511995][ T5180] RAX: ffffffffffffffda RBX: 00007f62ade75fa0 RCX: 00007f62adc4e169
[   62.512009][ T5180] RDX: 0000000000001000 RSI: 0000200000000f80 RDI: 0000000000000006
[   62.512022][ T5180] RBP: 00007f62ac2b7090 R08: 0000000000000000 R09: 0000000000000000
[   62.512035][ T5180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   62.512049][ T5180] R13: 0000000000000000 R14: 00007f62ade75fa0 R15: 00007ffe8568fdf8
[   62.512135][ T5180]  </TASK>
[   62.711574][ T5178] loop5: detected capacity change from 0 to 512
[   62.729325][ T5178] EXT4-fs (loop5): orphan cleanup on readonly fs
[   62.735441][ T5184] Cannot find add_set index 0 as target
[   62.738384][ T5178] EXT4-fs error (device loop5): ext4_orphan_get:1416: comm syz.5.424: bad orphan inode 13
[   62.751720][ T5178] ext4_test_bit(bit=12, block=18) = 1
[   62.757285][ T5178] is_bad_inode(inode)=0
[   62.761513][ T5178] NEXT_ORPHAN(inode)=2130706432
[   62.766906][ T5178] max_ino=32
[   62.770150][ T5178] i_nlink=1
[   62.815002][ T5178] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[   62.827018][ T5178] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   62.940350][ T5195] lo speed is unknown, defaulting to 1000
[   62.986412][ T5197] ref_ctr_offset mismatch. inode: 0x1cf offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x200000000480
[   63.013841][ T5204] xt_hashlimit: max too large, truncated to 1048576
[   63.033487][ T5204] Cannot find set identified by id 0 to match
[   63.090684][ T5211] loop5: detected capacity change from 0 to 1024
[   63.123050][ T5194] lo speed is unknown, defaulting to 1000
[   63.130583][ T5211] EXT4-fs: Ignoring removed nomblk_io_submit option
[   63.145445][ T5211] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   63.193849][ T5204] macvtap0: refused to change device tx_queue_len
[   63.198364][ T5211] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[   63.233008][ T5211] System zones: 0-1, 3-36
[   63.310045][ T5222] netlink: 'syz.2.436': attribute type 27 has an invalid length.
[   63.432408][ T5221] lo speed is unknown, defaulting to 1000
[   63.518717][ T5229] __nla_validate_parse: 3 callbacks suppressed
[   63.518774][ T5229] netlink: 28 bytes leftover after parsing attributes in process `syz.2.439'.
[   63.534000][ T5229] netlink: 52 bytes leftover after parsing attributes in process `syz.2.439'.
[   63.794846][ T5237] loop2: detected capacity change from 0 to 512
[   63.838196][ T5237] EXT4-fs (loop2): orphan cleanup on readonly fs
[   63.856744][ T5237] EXT4-fs error (device loop2): ext4_orphan_get:1416: comm syz.2.442: bad orphan inode 13
[   63.929570][ T5237] ext4_test_bit(bit=12, block=18) = 1
[   63.935021][ T5237] is_bad_inode(inode)=0
[   63.939248][ T5237] NEXT_ORPHAN(inode)=2130706432
[   63.944109][ T5237] max_ino=32
[   63.947357][ T5237] i_nlink=1
[   63.953965][ T5237] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[   63.980070][ T5237] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   64.052911][ T5244] lo speed is unknown, defaulting to 1000
[   64.177186][ T5254] netlink: 4 bytes leftover after parsing attributes in process `syz.2.448'.
[   64.241770][ T5258] netlink: 'syz.1.446': attribute type 27 has an invalid length.
[   64.251949][ T5258] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   64.260557][ T5258] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   64.269005][ T5258] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   64.277413][ T5258] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   64.358605][ T5266] Cannot find add_set index 0 as target
[   64.372926][ T5267] loop5: detected capacity change from 0 to 512
[   64.379792][ T5267] EXT4-fs: Ignoring removed i_version option
[   64.426575][ T5267] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   64.446712][ T5267] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   64.461402][ T5267] EXT4-fs (loop5): 1 truncate cleaned up
[   64.721632][ T5282] loop3: detected capacity change from 0 to 512
[   64.865547][ T5292] loop0: detected capacity change from 0 to 2048
[   64.878262][ T5286] netlink: 28 bytes leftover after parsing attributes in process `syz.2.458'.
[   64.887283][ T5286] netlink: 52 bytes leftover after parsing attributes in process `syz.2.458'.
[   64.908535][ T5282] EXT4-fs warning (device loop3): dx_probe:839: inode #2: comm syz.3.454: Unimplemented hash flags: 0x0001
[   64.920092][ T5282] EXT4-fs warning (device loop3): dx_probe:936: inode #2: comm syz.3.454: Corrupt directory, running e2fsck is recommended
[   64.948950][ T5282] EXT4-fs warning (device loop3): dx_probe:839: inode #2: comm syz.3.454: Unimplemented hash flags: 0x0001
[   64.960550][ T5282] EXT4-fs warning (device loop3): dx_probe:936: inode #2: comm syz.3.454: Corrupt directory, running e2fsck is recommended
[   64.984337][ T5282] EXT4-fs warning (device loop3): dx_probe:839: inode #2: comm syz.3.454: Unimplemented hash flags: 0x0001
[   64.995958][ T5282] EXT4-fs warning (device loop3): dx_probe:936: inode #2: comm syz.3.454: Corrupt directory, running e2fsck is recommended
[   65.029084][ T5297] loop1: detected capacity change from 0 to 2048
[   65.036944][ T5282] EXT4-fs warning (device loop3): dx_probe:839: inode #2: comm syz.3.454: Unimplemented hash flags: 0x0001
[   65.048406][ T5282] EXT4-fs warning (device loop3): dx_probe:936: inode #2: comm syz.3.454: Corrupt directory, running e2fsck is recommended
[   65.050426][ T5299] netlink: 4 bytes leftover after parsing attributes in process `syz.2.460'.
[   65.088207][ T5282] EXT4-fs warning (device loop3): dx_probe:839: inode #2: comm syz.3.454: Unimplemented hash flags: 0x0001
[   65.099686][ T5282] EXT4-fs warning (device loop3): dx_probe:936: inode #2: comm syz.3.454: Corrupt directory, running e2fsck is recommended
[   65.128610][ T5303] Cannot find add_set index 0 as target
[   65.189905][ T5307] siw: device registration error -23
[   65.200563][ T5307] netlink: 12 bytes leftover after parsing attributes in process `syz.0.463'.
[   65.210438][ T5307] netlink: 8 bytes leftover after parsing attributes in process `syz.0.463'.
[   65.269642][ T5319] SELinux:  policydb version 0 does not match my version range 15-34
[   65.282673][ T5318] Cannot find add_set index 0 as target
[   65.291332][ T5321] siw: device registration error -23
[   65.299966][ T5321] netlink: 12 bytes leftover after parsing attributes in process `syz.5.470'.
[   65.311051][ T5321] netlink: 8 bytes leftover after parsing attributes in process `syz.5.470'.
[   65.312800][ T5319] SELinux: failed to load policy
[   65.328529][ T5316] syz.0.469 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   65.379090][ T5327] loop5: detected capacity change from 0 to 2048
[   65.542964][ T5341] loop5: detected capacity change from 0 to 1024
[   65.551128][ T5341] EXT4-fs: Ignoring removed nomblk_io_submit option
[   65.649361][ T5349] Cannot find add_set index 0 as target
[   65.655267][ T5348] loop5: detected capacity change from 0 to 2048
[   65.748271][ T5355] loop0: detected capacity change from 0 to 512
[   65.777280][ T5355] EXT4-fs warning (device loop0): dx_probe:839: inode #2: comm syz.0.480: Unimplemented hash flags: 0x0001
[   65.788885][ T5355] EXT4-fs warning (device loop0): dx_probe:936: inode #2: comm syz.0.480: Corrupt directory, running e2fsck is recommended
[   65.807989][ T5355] EXT4-fs warning (device loop0): dx_probe:839: inode #2: comm syz.0.480: Unimplemented hash flags: 0x0001
[   65.819569][ T5355] EXT4-fs warning (device loop0): dx_probe:936: inode #2: comm syz.0.480: Corrupt directory, running e2fsck is recommended
[   65.838230][ T5355] EXT4-fs warning (device loop0): dx_probe:839: inode #2: comm syz.0.480: Unimplemented hash flags: 0x0001
[   65.849722][ T5355] EXT4-fs warning (device loop0): dx_probe:936: inode #2: comm syz.0.480: Corrupt directory, running e2fsck is recommended
[   65.863914][ T5355] EXT4-fs warning (device loop0): dx_probe:839: inode #2: comm syz.0.480: Unimplemented hash flags: 0x0001
[   65.875382][ T5355] EXT4-fs warning (device loop0): dx_probe:936: inode #2: comm syz.0.480: Corrupt directory, running e2fsck is recommended
[   65.892369][ T5355] EXT4-fs warning (device loop0): dx_probe:839: inode #2: comm syz.0.480: Unimplemented hash flags: 0x0001
[   65.903915][ T5355] EXT4-fs warning (device loop0): dx_probe:936: inode #2: comm syz.0.480: Corrupt directory, running e2fsck is recommended
[   65.958811][ T5367] Cannot find add_set index 0 as target
[   66.009550][ T5369] loop0: detected capacity change from 0 to 2048
[   66.032140][ T5369] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   66.066245][ T5375] netlink: 'syz.1.484': attribute type 27 has an invalid length.
[   66.091322][ T5377] loop3: detected capacity change from 0 to 2048
[   66.118450][ T5379] loop0: detected capacity change from 0 to 2048
[   66.306816][ T5398] FAULT_INJECTION: forcing a failure.
[   66.306816][ T5398] name failslab, interval 1, probability 0, space 0, times 0
[   66.319586][ T5398] CPU: 1 UID: 0 PID: 5398 Comm: syz.0.490 Not tainted 6.15.0-rc2-syzkaller-00278-gfc96b232f8e7 #0 PREEMPT(voluntary) 
[   66.319619][ T5398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   66.319634][ T5398] Call Trace:
[   66.319641][ T5398]  <TASK>
[   66.319651][ T5398]  dump_stack_lvl+0xf6/0x150
[   66.319686][ T5398]  dump_stack+0x15/0x1a
[   66.319704][ T5398]  should_fail_ex+0x261/0x270
[   66.319860][ T5398]  should_failslab+0x8f/0xb0
[   66.319888][ T5398]  __kmalloc_noprof+0xad/0x410
[   66.319921][ T5398]  ? process_preds+0x33c/0x29c0
[   66.319990][ T5398]  process_preds+0x33c/0x29c0
[   66.320029][ T5398]  ? _parse_integer_limit+0x167/0x180
[   66.320117][ T5398]  ? avc_has_perm_noaudit+0x1cc/0x210
[   66.320206][ T5398]  ? __kmalloc_cache_noprof+0x292/0x320
[   66.320241][ T5398]  ? ftrace_profile_set_filter+0xbb/0x180
[   66.320317][ T5398]  ftrace_profile_set_filter+0xd9/0x180
[   66.320354][ T5398]  perf_ioctl+0xed8/0x1590
[   66.320374][ T5398]  ? ioctl_has_perm+0x2c6/0x2f0
[   66.320397][ T5398]  ? do_vfs_ioctl+0x977/0x1570
[   66.320468][ T5398]  ? selinux_file_ioctl+0x2f9/0x380
[   66.320491][ T5398]  ? __fget_files+0x186/0x1c0
[   66.320515][ T5398]  ? __pfx_perf_ioctl+0x10/0x10
[   66.320535][ T5398]  __se_sys_ioctl+0xc9/0x140
[   66.320568][ T5398]  __x64_sys_ioctl+0x43/0x50
[   66.320599][ T5398]  x64_sys_call+0x168d/0x2e10
[   66.320705][ T5398]  do_syscall_64+0xc9/0x1a0
[   66.320766][ T5398]  ? clear_bhb_loop+0x25/0x80
[   66.320792][ T5398]  ? clear_bhb_loop+0x25/0x80
[   66.320846][ T5398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.320882][ T5398] RIP: 0033:0x7f626069e169
[   66.320899][ T5398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.320919][ T5398] RSP: 002b:00007f625ed07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   66.320941][ T5398] RAX: ffffffffffffffda RBX: 00007f62608c5fa0 RCX: 00007f626069e169
[   66.321036][ T5398] RDX: 0000200000000000 RSI: 0000000040082406 RDI: 0000000000000003
[   66.321051][ T5398] RBP: 00007f625ed07090 R08: 0000000000000000 R09: 0000000000000000
[   66.321065][ T5398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.321080][ T5398] R13: 0000000000000000 R14: 00007f62608c5fa0 R15: 00007ffdb3784dc8
[   66.321103][ T5398]  </TASK>
[   66.637350][ T5405] loop1: detected capacity change from 0 to 2048
[   66.692485][ T5407] siw: device registration error -23
[   66.782398][   T29] kauditd_printk_skb: 211 callbacks suppressed
[   66.782446][   T29] audit: type=1400 audit(1744999323.390:737): avc:  denied  { listen } for  pid=5415 comm="syz.5.494" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   66.837071][ T5414] netlink: 'syz.0.499': attribute type 10 has an invalid length.
[   66.845007][   T29] audit: type=1400 audit(1744999323.450:738): avc:  denied  { create } for  pid=5410 comm="syz.2.498" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   66.864479][   T29] audit: type=1400 audit(1744999323.450:739): avc:  denied  { write } for  pid=5410 comm="syz.2.498" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   66.890869][ T5417] loop5: detected capacity change from 0 to 512
[   66.906931][ T5414] batadv0: entered promiscuous mode
[   66.912257][ T5414] batadv0: entered allmulticast mode
[   66.926885][ T5417] EXT4-fs: Ignoring removed nobh option
[   66.961276][   T29] audit: type=1400 audit(1744999323.500:740): avc:  denied  { write } for  pid=5415 comm="syz.5.494" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   66.962851][ T5414] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.000211][ T5422] netlink: 'syz.1.500': attribute type 10 has an invalid length.
[   67.009325][ T5414] bridge0: port 1(batadv0) entered blocking state
[   67.015896][ T5414] bridge0: port 1(batadv0) entered disabled state
[   67.021809][ T5421] loop2: detected capacity change from 0 to 2048
[   67.025200][ T5419] dummy0: entered allmulticast mode
[   67.034912][ T5419] batman_adv: batadv0: Adding interface: dummy0
[   67.041252][ T5419] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   67.043047][ T5417] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #16: comm syz.5.494: corrupted inode contents
[   67.066914][ T5419] batman_adv: batadv0: Interface activated: dummy0
[   67.090495][   T29] audit: type=1400 audit(1744999323.650:741): avc:  denied  { ioctl } for  pid=5413 comm="syz.0.499" path="socket:[10021]" dev="sockfs" ino=10021 ioctlcmd=0x8922 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   67.116727][   T12] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   67.126044][   T12] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   67.137387][ T5423] net_ratelimit: 52 callbacks suppressed
[   67.137404][ T5423] batadv0: mtu less than device minimum
[   67.143708][ T5417] EXT4-fs (loop5): Remounting filesystem read-only
[   67.149154][ T5423] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   67.155967][ T5417] EXT4-fs (loop5): 1 truncate cleaned up
[   67.167014][ T5423] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   67.174000][ T5417] ext4 filesystem being mounted at /55/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.182977][ T5423] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   67.203765][ T5423] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   67.214758][ T5423] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   67.225561][ T5423] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   67.236350][ T5423] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   67.247296][ T5423] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   67.258084][ T5423] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   67.273405][   T29] audit: type=1400 audit(1744999323.750:742): avc:  denied  { write } for  pid=5413 comm="syz.0.499" name="ip_vs_stats" dev="proc" ino=4026532648 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   67.274276][ T5422] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.307630][   T12] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   67.318279][   T12] Quota error (device loop5): write_blk: dquota write failed
[   67.325674][   T12] Quota error (device loop5): remove_free_dqentry: Can't write block (5) with free entries
[   67.335853][   T12] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   67.346479][   T12] Quota error (device loop5): write_blk: dquota write failed
[   67.353873][   T12] Quota error (device loop5): free_dqentry: Can't move quota data block (5) to free list
[   67.363750][   T12] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[   67.365911][ T5426] dummy0: entered allmulticast mode
[   67.393827][ T5426] batman_adv: batadv0: Interface activated: dummy0
[   67.464959][ T3319] EXT4-fs unmount: 88 callbacks suppressed
[   67.464976][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.546061][ T5434] loop3: detected capacity change from 0 to 512
[   67.561505][ T5434] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.502: bg 0: block 131: padding at end of block bitmap is not set
[   67.582635][ T5434] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   67.592124][ T5434] EXT4-fs (loop3): 1 truncate cleaned up
[   67.600356][ T5434] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   67.647035][ T3847] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.659366][ T5442] Cannot find add_set index 0 as target
[   67.794531][ T5457] loop2: detected capacity change from 0 to 2048
[   67.804537][ T5460] Cannot find add_set index 0 as target
[   67.840083][ T5457] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.858876][ T5457] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   67.885786][ T5468] loop0: detected capacity change from 0 to 2048
[   67.895303][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.907364][ T5468] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.931378][ T5474] netlink: 'syz.2.516': attribute type 10 has an invalid length.
[   67.939924][ T5474] batadv0: entered promiscuous mode
[   67.945162][ T5474] batadv0: entered allmulticast mode
[   67.951329][ T5474] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.957832][ T5475] netlink: 'syz.1.515': attribute type 27 has an invalid length.
[   67.959400][ T5474] bridge0: port 1(batadv0) entered blocking state
[   67.972508][ T5474] bridge0: port 1(batadv0) entered disabled state
[   67.985189][ T5475] batman_adv: batadv0: Interface deactivated: dummy0
[   67.991964][ T5475] dummy0: left allmulticast mode
[   67.997351][ T5468] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   68.001563][ T5474] dummy0: entered allmulticast mode
[   68.012396][ T5468] EXT4-fs (loop0): Delayed block allocation failed for inode 16 at logical offset 512 with max blocks 32 with error 28
[   68.029864][ T5468] EXT4-fs (loop0): This should not happen!! Data will be lost
[   68.029864][ T5468] 
[   68.039618][ T5468] EXT4-fs (loop0): Total free blocks count 0
[   68.045754][ T5468] EXT4-fs (loop0): Free/Dirty block details
[   68.051809][ T5468] EXT4-fs (loop0): free_blocks=2415919104
[   68.057650][ T5468] EXT4-fs (loop0): dirty_blocks=32
[   68.062793][ T5468] EXT4-fs (loop0): Block reservation details
[   68.063022][ T5480] Cannot find add_set index 0 as target
[   68.068796][ T5468] EXT4-fs (loop0): i_reserved_data_blocks=2
[   68.100794][ T5468] syz.0.514 (5468) used greatest stack depth: 9192 bytes left
[   68.119849][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.166997][ T5486] netlink: 'syz.1.518': attribute type 27 has an invalid length.
[   68.293247][ T2056] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[   68.302549][ T2056] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[   68.312545][ T5498] loop1: detected capacity change from 0 to 2048
[   68.325424][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.351407][ T5500] Cannot find add_set index 0 as target
[   68.359418][ T5498] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.409635][ T5508] loop3: detected capacity change from 0 to 2048
[   68.429399][ T5508] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.544775][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.559083][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.588655][ T5518] Cannot find add_set index 0 as target
[   68.662308][ T5524] __nla_validate_parse: 12 callbacks suppressed
[   68.662324][ T5524] netlink: 4 bytes leftover after parsing attributes in process `syz.5.533'.
[   68.684963][ T5524] bond0: (slave bond_slave_0): Releasing backup interface
[   68.885000][ T5542] FAULT_INJECTION: forcing a failure.
[   68.885000][ T5542] name failslab, interval 1, probability 0, space 0, times 0
[   68.897847][ T5542] CPU: 0 UID: 0 PID: 5542 Comm: syz.2.541 Not tainted 6.15.0-rc2-syzkaller-00278-gfc96b232f8e7 #0 PREEMPT(voluntary) 
[   68.897876][ T5542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   68.897970][ T5542] Call Trace:
[   68.897977][ T5542]  <TASK>
[   68.897985][ T5542]  dump_stack_lvl+0xf6/0x150
[   68.898014][ T5542]  dump_stack+0x15/0x1a
[   68.898031][ T5542]  should_fail_ex+0x261/0x270
[   68.898055][ T5542]  should_failslab+0x8f/0xb0
[   68.898149][ T5542]  __kmalloc_noprof+0xad/0x410
[   68.898183][ T5542]  ? sock_kmalloc+0x83/0xc0
[   68.898214][ T5542]  sock_kmalloc+0x83/0xc0
[   68.898244][ T5542]  ____sys_sendmsg+0x12c/0x4e0
[   68.898272][ T5542]  ? copy_msghdr_from_user+0x25d/0x2b0
[   68.898325][ T5542]  __sys_sendmsg+0x1a0/0x240
[   68.898387][ T5542]  __x64_sys_sendmsg+0x46/0x50
[   68.898426][ T5542]  x64_sys_call+0x26f3/0x2e10
[   68.898447][ T5542]  do_syscall_64+0xc9/0x1a0
[   68.898472][ T5542]  ? clear_bhb_loop+0x25/0x80
[   68.898521][ T5542]  ? clear_bhb_loop+0x25/0x80
[   68.898547][ T5542]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.898572][ T5542] RIP: 0033:0x7f62adc4e169
[   68.898588][ T5542] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   68.898605][ T5542] RSP: 002b:00007f62ac2b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   68.898623][ T5542] RAX: ffffffffffffffda RBX: 00007f62ade75fa0 RCX: 00007f62adc4e169
[   68.898635][ T5542] RDX: 0000000000000000 RSI: 0000200000001600 RDI: 0000000000000003
[   68.898712][ T5542] RBP: 00007f62ac2b7090 R08: 0000000000000000 R09: 0000000000000000
[   68.898760][ T5542] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.898772][ T5542] R13: 0000000000000000 R14: 00007f62ade75fa0 R15: 00007ffe8568fdf8
[   68.898794][ T5542]  </TASK>
[   69.163811][ T5548] loop0: detected capacity change from 0 to 2048
[   69.222827][ T5548] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.455240][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.473908][ T5561] FAULT_INJECTION: forcing a failure.
[   69.473908][ T5561] name failslab, interval 1, probability 0, space 0, times 0
[   69.486646][ T5561] CPU: 0 UID: 0 PID: 5561 Comm: syz.3.546 Not tainted 6.15.0-rc2-syzkaller-00278-gfc96b232f8e7 #0 PREEMPT(voluntary) 
[   69.486746][ T5561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   69.486762][ T5561] Call Trace:
[   69.486769][ T5561]  <TASK>
[   69.486777][ T5561]  dump_stack_lvl+0xf6/0x150
[   69.486806][ T5561]  dump_stack+0x15/0x1a
[   69.486827][ T5561]  should_fail_ex+0x261/0x270
[   69.486919][ T5561]  should_failslab+0x8f/0xb0
[   69.486946][ T5561]  kmem_cache_alloc_noprof+0x59/0x340
[   69.486995][ T5561]  ? prepare_creds+0x39/0x4e0
[   69.487032][ T5561]  prepare_creds+0x39/0x4e0
[   69.487052][ T5561]  __sys_setfsuid+0x93/0x210
[   69.487174][ T5561]  __x64_sys_setfsuid+0x1e/0x30
[   69.487279][ T5561]  x64_sys_call+0x27c5/0x2e10
[   69.487301][ T5561]  do_syscall_64+0xc9/0x1a0
[   69.487337][ T5561]  ? clear_bhb_loop+0x25/0x80
[   69.487465][ T5561]  ? clear_bhb_loop+0x25/0x80
[   69.487487][ T5561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.487593][ T5561] RIP: 0033:0x7fb2e012e169
[   69.487611][ T5561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.487630][ T5561] RSP: 002b:00007fb2de797038 EFLAGS: 00000246 ORIG_RAX: 000000000000007a
[   69.487650][ T5561] RAX: ffffffffffffffda RBX: 00007fb2e0355fa0 RCX: 00007fb2e012e169
[   69.487665][ T5561] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   69.487679][ T5561] RBP: 00007fb2de797090 R08: 0000000000000000 R09: 0000000000000000
[   69.487693][ T5561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   69.487707][ T5561] R13: 0000000000000000 R14: 00007fb2e0355fa0 R15: 00007ffd09b92608
[   69.487792][ T5561]  </TASK>
[   69.687958][ T5563] siw: device registration error -23
[   69.696588][ T5563] netlink: 12 bytes leftover after parsing attributes in process `syz.2.548'.
[   69.713372][ T5563] netlink: 8 bytes leftover after parsing attributes in process `syz.2.548'.
[   69.729473][ T5567] loop0: detected capacity change from 0 to 512
[   69.791325][ T5567] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   69.805442][ T5567] EXT4-fs warning (device loop0): dx_probe:839: inode #2: comm syz.0.550: Unimplemented hash flags: 0x0001
[   69.817012][ T5567] EXT4-fs warning (device loop0): dx_probe:936: inode #2: comm syz.0.550: Corrupt directory, running e2fsck is recommended
[   69.834902][ T5567] EXT4-fs warning (device loop0): dx_probe:839: inode #2: comm syz.0.550: Unimplemented hash flags: 0x0001
[   69.847403][ T5576] loop5: detected capacity change from 0 to 2048
[   69.847410][ T5567] EXT4-fs warning (device loop0): dx_probe:936: inode #2: comm syz.0.550: Corrupt directory, running e2fsck is recommended
[   69.867143][ T5573] loop2: detected capacity change from 0 to 2048
[   69.901330][ T5567] EXT4-fs warning (device loop0): dx_probe:839: inode #2: comm syz.0.550: Unimplemented hash flags: 0x0001
[   69.912889][ T5567] EXT4-fs warning (device loop0): dx_probe:936: inode #2: comm syz.0.550: Corrupt directory, running e2fsck is recommended
[   69.926904][ T5567] EXT4-fs warning (device loop0): dx_probe:839: inode #2: comm syz.0.550: Unimplemented hash flags: 0x0001
[   69.938429][ T5567] EXT4-fs warning (device loop0): dx_probe:936: inode #2: comm syz.0.550: Corrupt directory, running e2fsck is recommended
[   69.962700][ T5580] loop1: detected capacity change from 0 to 512
[   69.962937][ T5576] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.989214][ T5573] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.002033][ T5580] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   70.024725][ T5567] EXT4-fs warning (device loop0): dx_probe:839: inode #2: comm syz.0.550: Unimplemented hash flags: 0x0001
[   70.029155][ T5580] EXT4-fs warning (device loop1): dx_probe:839: inode #2: comm syz.1.553: Unimplemented hash flags: 0x0001
[   70.036247][ T5567] EXT4-fs warning (device loop0): dx_probe:936: inode #2: comm syz.0.550: Corrupt directory, running e2fsck is recommended
[   70.047655][ T5580] EXT4-fs warning (device loop1): dx_probe:936: inode #2: comm syz.1.553: Corrupt directory, running e2fsck is recommended
[   70.085197][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.088907][ T5576] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   70.095319][ T5585] EXT4-fs warning (device loop1): dx_probe:839: inode #2: comm syz.1.553: Unimplemented hash flags: 0x0001
[   70.120559][ T5585] EXT4-fs warning (device loop1): dx_probe:936: inode #2: comm syz.1.553: Corrupt directory, running e2fsck is recommended
[   70.134087][ T5576] EXT4-fs (loop5): Delayed block allocation failed for inode 16 at logical offset 320 with max blocks 32 with error 28
[   70.146589][ T5576] EXT4-fs (loop5): This should not happen!! Data will be lost
[   70.146589][ T5576] 
[   70.156234][ T5576] EXT4-fs (loop5): Total free blocks count 0
[   70.162445][ T5576] EXT4-fs (loop5): Free/Dirty block details
[   70.168415][ T5576] EXT4-fs (loop5): free_blocks=2415919104
[   70.174152][ T5576] EXT4-fs (loop5): dirty_blocks=32
[   70.179328][ T5576] EXT4-fs (loop5): Block reservation details
[   70.185331][ T5576] EXT4-fs (loop5): i_reserved_data_blocks=2
[   70.219356][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.245261][ T5580] EXT4-fs warning (device loop1): dx_probe:839: inode #2: comm syz.1.553: Unimplemented hash flags: 0x0001
[   70.257048][ T5580] EXT4-fs warning (device loop1): dx_probe:936: inode #2: comm syz.1.553: Corrupt directory, running e2fsck is recommended
[   70.281931][ T5580] EXT4-fs warning (device loop1): dx_probe:839: inode #2: comm syz.1.553: Unimplemented hash flags: 0x0001
[   70.293503][ T5580] EXT4-fs warning (device loop1): dx_probe:936: inode #2: comm syz.1.553: Corrupt directory, running e2fsck is recommended
[   70.307506][ T3847] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.338805][ T5596] loop2: detected capacity change from 0 to 512
[   70.355308][ T5580] EXT4-fs warning (device loop1): dx_probe:839: inode #2: comm syz.1.553: Unimplemented hash flags: 0x0001
[   70.366899][ T5580] EXT4-fs warning (device loop1): dx_probe:936: inode #2: comm syz.1.553: Corrupt directory, running e2fsck is recommended
[   70.422662][ T5596] EXT4-fs (loop2): orphan cleanup on readonly fs
[   70.429487][ T5596] EXT4-fs error (device loop2): ext4_orphan_get:1416: comm syz.2.558: bad orphan inode 13
[   70.440611][ T5596] ext4_test_bit(bit=12, block=18) = 1
[   70.446005][ T5596] is_bad_inode(inode)=0
[   70.450214][ T5596] NEXT_ORPHAN(inode)=2130706432
[   70.455135][ T5596] max_ino=32
[   70.458388][ T5596] i_nlink=1
[   70.464877][ T5596] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   70.492193][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.502130][ T5596] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[   70.526991][ T5596] EXT4-fs (loop2): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   70.540204][ T5606] siw: device registration error -23
[   70.550067][ T5606] netlink: 12 bytes leftover after parsing attributes in process `syz.1.560'.
[   70.559789][ T5606] netlink: 8 bytes leftover after parsing attributes in process `syz.1.560'.
[   70.601987][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.740008][ T5618] loop1: detected capacity change from 0 to 1024
[   70.757821][ T5618] EXT4-fs: Ignoring removed nomblk_io_submit option
[   70.799476][ T5620] Cannot find add_set index 0 as target
[   70.819045][ T5618] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.940225][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.944187][ T5627] loop2: detected capacity change from 0 to 2048
[   70.980645][ T5627] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.104778][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.140553][ T5636] bridge0: port 1(batadv0) entered disabled state
[   71.208851][ T5636] Cannot find add_set index 0 as target
[   71.279664][ T5646] loop2: detected capacity change from 0 to 1024
[   71.288530][ T5644] mmap: syz.0.574 (5644) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   71.322250][ T5646] EXT4-fs: Ignoring removed nomblk_io_submit option
[   71.325510][ T5651] loop0: detected capacity change from 0 to 2048
[   71.336839][ T5652] netlink: 596 bytes leftover after parsing attributes in process `syz.1.572'.
[   71.346819][ T5646] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   71.367876][ T5646] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[   71.376453][ T5646] System zones: 0-1, 3-36
[   71.380644][ T5652] loop1: detected capacity change from 0 to 512
[   71.391552][ T5646] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.401655][ T5652] EXT4-fs: Ignoring removed nobh option
[   71.422343][ T5651] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.466417][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.568624][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.591937][ T5652] EXT4-fs error (device loop1): ext4_do_update_inode:5211: inode #16: comm syz.1.572: corrupted inode contents
[   71.616278][ T5652] EXT4-fs (loop1): Remounting filesystem read-only
[   71.623196][ T5652] EXT4-fs (loop1): 1 truncate cleaned up
[   71.642592][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   71.648225][ T5652] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.653196][   T12] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   71.665725][ T5652] ext4 filesystem being mounted at /123/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.740669][ T5667] loop2: detected capacity change from 0 to 2048
[   71.766403][   T12] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[   71.778499][ T5667] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.786669][   T12] __quota_error: 242 callbacks suppressed
[   71.786688][   T12] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   71.827219][ T5675] netlink: 'syz.3.581': attribute type 27 has an invalid length.
[   71.845351][ T5675] dummy0: left allmulticast mode
[   71.948751][   T29] audit: type=1326 audit(1744999328.560:976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5677 comm="syz.3.583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2e012e169 code=0x7ffc0000
[   71.972160][   T29] audit: type=1326 audit(1744999328.560:977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5677 comm="syz.3.583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7fb2e012e169 code=0x7ffc0000
[   71.995497][   T29] audit: type=1326 audit(1744999328.560:978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5677 comm="syz.3.583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2e012e169 code=0x7ffc0000
[   72.064450][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.078789][   T29] audit: type=1326 audit(1744999328.560:979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5677 comm="syz.3.583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fb2e012e169 code=0x7ffc0000
[   72.102162][   T29] audit: type=1326 audit(1744999328.560:980): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5677 comm="syz.3.583" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2e012e169 code=0x7ffc0000
[   72.106543][ T5681] hub 2-0:1.0: USB hub found
[   72.131463][ T5681] hub 2-0:1.0: 8 ports detected
[   72.137242][ T5683] loop3: detected capacity change from 0 to 2048
[   72.169230][ T5683] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.209084][   T29] audit: type=1400 audit(1744999328.820:981): avc:  denied  { bind } for  pid=5684 comm="syz.1.586" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   72.250155][   T29] audit: type=1400 audit(1744999328.820:982): avc:  denied  { read write } for  pid=3847 comm="syz-executor" name="loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   72.274375][   T29] audit: type=1400 audit(1744999328.820:983): avc:  denied  { open } for  pid=3847 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   72.298591][   T29] audit: type=1400 audit(1744999328.820:984): avc:  denied  { ioctl } for  pid=3847 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=105 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   72.333164][ T5696] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   72.350875][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.364960][ T5698] batman_adv: batadv0: Interface deactivated: dummy0
[   72.371773][ T5698] batman_adv: batadv0: Removing interface: dummy0
[   72.382164][ T5698] bridge0: port 3(batadv0) entered disabled state
[   72.403441][ T5698] bridge_slave_0: left allmulticast mode
[   72.409155][ T5698] bridge_slave_0: left promiscuous mode
[   72.414902][ T5698] bridge0: port 1(bridge_slave_0) entered disabled state
[   72.422889][ T5699] Cannot find add_set index 0 as target
[   72.429209][ T5698] bridge_slave_1: left allmulticast mode
[   72.434908][ T5698] bridge_slave_1: left promiscuous mode
[   72.440907][ T5698] bridge0: port 2(bridge_slave_1) entered disabled state
[   72.456843][ T5698] bond0: (slave bond_slave_1): Releasing backup interface
[   72.479230][ T5705] loop1: detected capacity change from 0 to 2048
[   72.493220][ T5698] team0: Port device team_slave_0 removed
[   72.499987][ T5698] team0: Port device team_slave_1 removed
[   72.508127][ T5698] batman_adv: batadv0: Removing interface: batadv_slave_0
[   72.516743][ T5705] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.521446][ T5709] Cannot find add_set index 0 as target
[   72.535679][ T5698] batman_adv: batadv0: Removing interface: batadv_slave_1
[   72.544887][ T5703] batadv0: left allmulticast mode
[   72.550035][ T5703] batadv0: left promiscuous mode
[   72.555125][ T5703] bridge0: port 1(batadv0) entered disabled state
[   72.717811][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.762976][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.844347][ T5731] loop3: detected capacity change from 0 to 2048
[   72.900163][ T5731] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.950982][ T5724] loop5: detected capacity change from 0 to 8192
[   73.019973][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.129654][ T5747] netlink: 'syz.1.604': attribute type 27 has an invalid length.
[   73.235018][ T5754] batman_adv: batadv0: Removing interface: dummy0
[   73.331147][ T5754] batadv0: left allmulticast mode
[   73.336262][ T5754] batadv0: left promiscuous mode
[   73.341375][ T5754] bridge0: port 1(batadv0) entered disabled state
[   73.349677][ T5755] Cannot find add_set index 0 as target
[   73.359581][ T5754] team0: Port device geneve1 removed
[   73.387249][ T5757] netlink: 'syz.1.608': attribute type 10 has an invalid length.
[   73.395078][ T5757] netlink: 40 bytes leftover after parsing attributes in process `syz.1.608'.
[   73.413488][ T5757] batadv0: entered promiscuous mode
[   73.418832][ T5757] batadv0: entered allmulticast mode
[   73.425827][ T5757] 8021q: adding VLAN 0 to HW filter on device batadv0
[   73.434017][ T5757] bridge0: port 1(batadv0) entered blocking state
[   73.440688][ T5757] bridge0: port 1(batadv0) entered disabled state
[   73.455293][ T5757] dummy0: entered allmulticast mode
[   73.464822][ T5757] netlink: 8 bytes leftover after parsing attributes in process `syz.1.608'.
[   73.704747][ T5763] netlink: 'syz.0.611': attribute type 10 has an invalid length.
[   73.712693][ T5763] netlink: 40 bytes leftover after parsing attributes in process `syz.0.611'.
[   73.725037][ T5763] netlink: 8 bytes leftover after parsing attributes in process `syz.0.611'.
[   73.743948][ T5765] loop2: detected capacity change from 0 to 2048
[   73.758190][ T5765] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.839581][ T5765] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   73.854708][ T5765] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 1952 with max blocks 32 with error 28
[   73.867327][ T5765] EXT4-fs (loop2): This should not happen!! Data will be lost
[   73.867327][ T5765] 
[   73.877186][ T5765] EXT4-fs (loop2): Total free blocks count 0
[   73.883236][ T5765] EXT4-fs (loop2): Free/Dirty block details
[   73.889422][ T5765] EXT4-fs (loop2): free_blocks=2415919104
[   73.895165][ T5765] EXT4-fs (loop2): dirty_blocks=32
[   73.900329][ T5765] EXT4-fs (loop2): Block reservation details
[   73.906408][ T5765] EXT4-fs (loop2): i_reserved_data_blocks=2
[   73.929625][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.012514][ T5776] loop3: detected capacity change from 0 to 2048
[   74.042996][ T5776] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.044244][ T5777] netlink: 'syz.5.615': attribute type 27 has an invalid length.
[   74.064762][ T5776] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   74.073006][ T5777] dummy0: left allmulticast mode
[   74.091413][ T5777] batadv0: left promiscuous mode
[   74.096481][ T5777] batadv0: left allmulticast mode
[   74.106467][ T3311] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.139204][ T5786] FAULT_INJECTION: forcing a failure.
[   74.139204][ T5786] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   74.152955][ T5786] CPU: 1 UID: 0 PID: 5786 Comm: syz.3.617 Not tainted 6.15.0-rc2-syzkaller-00278-gfc96b232f8e7 #0 PREEMPT(voluntary) 
[   74.153019][ T5786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   74.153155][ T5786] Call Trace:
[   74.153162][ T5786]  <TASK>
[   74.153168][ T5786]  dump_stack_lvl+0xf6/0x150
[   74.153193][ T5786]  dump_stack+0x15/0x1a
[   74.153269][ T5786]  should_fail_ex+0x261/0x270
[   74.153361][ T5786]  should_fail+0xb/0x10
[   74.153391][ T5786]  should_fail_usercopy+0x1a/0x20
[   74.153422][ T5786]  _copy_from_user+0x1c/0xa0
[   74.153507][ T5786]  move_addr_to_kernel+0x8c/0x130
[   74.153539][ T5786]  copy_msghdr_from_user+0x280/0x2b0
[   74.153574][ T5786]  __sys_sendmsg+0x141/0x240
[   74.153621][ T5786]  __x64_sys_sendmsg+0x46/0x50
[   74.153685][ T5786]  x64_sys_call+0x26f3/0x2e10
[   74.153711][ T5786]  do_syscall_64+0xc9/0x1a0
[   74.153736][ T5786]  ? clear_bhb_loop+0x25/0x80
[   74.153762][ T5786]  ? clear_bhb_loop+0x25/0x80
[   74.153789][ T5786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.153831][ T5786] RIP: 0033:0x7fb2e012e169
[   74.153848][ T5786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.153870][ T5786] RSP: 002b:00007fb2de797038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   74.153891][ T5786] RAX: ffffffffffffffda RBX: 00007fb2e0355fa0 RCX: 00007fb2e012e169
[   74.153905][ T5786] RDX: 0000000000000000 RSI: 0000200000001600 RDI: 0000000000000003
[   74.153966][ T5786] RBP: 00007fb2de797090 R08: 0000000000000000 R09: 0000000000000000
[   74.153978][ T5786] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.154036][ T5786] R13: 0000000000000000 R14: 00007fb2e0355fa0 R15: 00007ffd09b92608
[   74.154058][ T5786]  </TASK>
[   74.375148][ T5792] netlink: 16 bytes leftover after parsing attributes in process `syz.2.620'.
[   74.423468][ T5792] netlink: 'syz.2.620': attribute type 27 has an invalid length.
[   74.464740][ T5804] loop1: detected capacity change from 0 to 1024
[   74.477059][ T5804] EXT4-fs: Ignoring removed nomblk_io_submit option
[   74.487993][ T5804] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   74.495299][ T5802] loop2: detected capacity change from 0 to 2048
[   74.515647][ T5804] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[   74.524603][ T5804] System zones: 0-1, 3-36
[   74.531535][ T5802] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.567876][ T5804] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.596146][ T5810] loop0: detected capacity change from 0 to 2048
[   74.623215][ T5810] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.676236][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.688560][ T3319] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.708855][ T5820] FAULT_INJECTION: forcing a failure.
[   74.708855][ T5820] name failslab, interval 1, probability 0, space 0, times 0
[   74.721672][ T5820] CPU: 1 UID: 0 PID: 5820 Comm: syz.2.629 Not tainted 6.15.0-rc2-syzkaller-00278-gfc96b232f8e7 #0 PREEMPT(voluntary) 
[   74.721702][ T5820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   74.721751][ T5820] Call Trace:
[   74.721758][ T5820]  <TASK>
[   74.721767][ T5820]  dump_stack_lvl+0xf6/0x150
[   74.721805][ T5820]  dump_stack+0x15/0x1a
[   74.721826][ T5820]  should_fail_ex+0x261/0x270
[   74.721857][ T5820]  should_failslab+0x8f/0xb0
[   74.721883][ T5820]  kmem_cache_alloc_noprof+0x59/0x340
[   74.721918][ T5820]  ? skb_clone+0x154/0x1f0
[   74.721986][ T5820]  skb_clone+0x154/0x1f0
[   74.722016][ T5820]  nfnetlink_rcv+0x30b/0x1610
[   74.722045][ T5820]  ? xas_load+0x3ba/0x3d0
[   74.722074][ T5820]  ? __rcu_read_unlock+0x4e/0x70
[   74.722136][ T5820]  ? memcg_list_lru_alloc+0xde/0x4a0
[   74.722165][ T5820]  ? __d_rehash+0x151/0x210
[   74.722235][ T5820]  ? obj_cgroup_charge+0xc6/0x170
[   74.722317][ T5820]  ? should_fail_ex+0x31/0x270
[   74.722339][ T5820]  ? __rcu_read_unlock+0x4e/0x70
[   74.722358][ T5820]  ? avc_has_perm_noaudit+0x1cc/0x210
[   74.722385][ T5820]  ? avc_has_perm+0xd6/0x150
[   74.722410][ T5820]  ? should_fail_ex+0xd7/0x270
[   74.722476][ T5820]  netlink_unicast+0x605/0x6c0
[   74.722512][ T5820]  netlink_sendmsg+0x609/0x720
[   74.722599][ T5820]  ? __pfx_netlink_sendmsg+0x10/0x10
[   74.722622][ T5820]  __sock_sendmsg+0x140/0x180
[   74.722733][ T5820]  ____sys_sendmsg+0x350/0x4e0
[   74.722761][ T5820]  __sys_sendmsg+0x1a0/0x240
[   74.722846][ T5820]  __x64_sys_sendmsg+0x46/0x50
[   74.722879][ T5820]  x64_sys_call+0x26f3/0x2e10
[   74.722972][ T5820]  do_syscall_64+0xc9/0x1a0
[   74.723004][ T5820]  ? clear_bhb_loop+0x25/0x80
[   74.723112][ T5820]  ? clear_bhb_loop+0x25/0x80
[   74.723139][ T5820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.723165][ T5820] RIP: 0033:0x7f62adc4e169
[   74.723183][ T5820] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.723215][ T5820] RSP: 002b:00007f62ac2b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   74.723312][ T5820] RAX: ffffffffffffffda RBX: 00007f62ade75fa0 RCX: 00007f62adc4e169
[   74.723324][ T5820] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[   74.723335][ T5820] RBP: 00007f62ac2b7090 R08: 0000000000000000 R09: 0000000000000000
[   74.723347][ T5820] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.723358][ T5820] R13: 0000000000000000 R14: 00007f62ade75fa0 R15: 00007ffe8568fdf8
[   74.723437][ T5820]  </TASK>
[   75.005280][ T5825] SELinux: syz.2.630 (5825) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[   75.020362][ T5825] FAULT_INJECTION: forcing a failure.
[   75.020362][ T5825] name failslab, interval 1, probability 0, space 0, times 0
[   75.033100][ T5825] CPU: 1 UID: 0 PID: 5825 Comm: syz.2.630 Not tainted 6.15.0-rc2-syzkaller-00278-gfc96b232f8e7 #0 PREEMPT(voluntary) 
[   75.033162][ T5825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   75.033176][ T5825] Call Trace:
[   75.033184][ T5825]  <TASK>
[   75.033193][ T5825]  dump_stack_lvl+0xf6/0x150
[   75.033220][ T5825]  dump_stack+0x15/0x1a
[   75.033237][ T5825]  should_fail_ex+0x261/0x270
[   75.033309][ T5825]  should_failslab+0x8f/0xb0
[   75.033335][ T5825]  __kmalloc_noprof+0xad/0x410
[   75.033368][ T5825]  ? sel_write_user+0x1b0/0x430
[   75.033425][ T5825]  sel_write_user+0x1b0/0x430
[   75.033527][ T5825]  selinux_transaction_write+0xba/0x100
[   75.033564][ T5825]  ? __pfx_selinux_transaction_write+0x10/0x10
[   75.033593][ T5825]  vfs_write+0x295/0x950
[   75.033611][ T5825]  ? putname+0xe1/0x100
[   75.033671][ T5825]  ? __fget_files+0x186/0x1c0
[   75.033699][ T5825]  ksys_write+0xeb/0x1b0
[   75.033723][ T5825]  __x64_sys_write+0x42/0x50
[   75.033746][ T5825]  x64_sys_call+0x2a45/0x2e10
[   75.033775][ T5825]  do_syscall_64+0xc9/0x1a0
[   75.033886][ T5825]  ? clear_bhb_loop+0x25/0x80
[   75.033913][ T5825]  ? clear_bhb_loop+0x25/0x80
[   75.033939][ T5825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.033964][ T5825] RIP: 0033:0x7f62adc4e169
[   75.033982][ T5825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.034082][ T5825] RSP: 002b:00007f62ac2b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   75.034105][ T5825] RAX: ffffffffffffffda RBX: 00007f62ade75fa0 RCX: 00007f62adc4e169
[   75.034120][ T5825] RDX: 0000000000000027 RSI: 0000200000000080 RDI: 0000000000000003
[   75.034134][ T5825] RBP: 00007f62ac2b7090 R08: 0000000000000000 R09: 0000000000000000
[   75.034148][ T5825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.034222][ T5825] R13: 0000000000000000 R14: 00007f62ade75fa0 R15: 00007ffe8568fdf8
[   75.034243][ T5825]  </TASK>
[   75.246196][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.298277][ T5831] loop2: detected capacity change from 0 to 512
[   75.327785][ T5831] EXT4-fs (loop2): too many log groups per flexible block group
[   75.329393][ T5838] netlink: 'syz.3.636': attribute type 1 has an invalid length.
[   75.335505][ T5831] EXT4-fs (loop2): failed to initialize mballoc (-12)
[   75.350150][ T5831] EXT4-fs (loop2): mount failed
[   75.362819][ T5838] bond1: entered promiscuous mode
[   75.374843][ T5837] loop5: detected capacity change from 0 to 2048
[   75.389455][ T5838] 8021q: adding VLAN 0 to HW filter on device bond1
[   75.422937][ T5846] netlink: 'syz.0.639': attribute type 1 has an invalid length.
[   75.430898][ T5838] bond1: (slave bridge1): making interface the new active one
[   75.438435][ T5838] bridge1: entered promiscuous mode
[   75.443966][ T5844] loop1: detected capacity change from 0 to 1024
[   75.445710][ T5838] bond1: (slave bridge1): Enslaving as an active interface with an up link
[   75.451239][ T5844] EXT4-fs: Ignoring removed nomblk_io_submit option
[   75.467509][ T5844] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   75.477016][ T5837] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.482920][ T5850] FAULT_INJECTION: forcing a failure.
[   75.482920][ T5850] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   75.502227][ T5850] CPU: 0 UID: 0 PID: 5850 Comm: syz.0.639 Not tainted 6.15.0-rc2-syzkaller-00278-gfc96b232f8e7 #0 PREEMPT(voluntary) 
[   75.502316][ T5850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   75.502331][ T5850] Call Trace:
[   75.502340][ T5850]  <TASK>
[   75.502350][ T5850]  dump_stack_lvl+0xf6/0x150
[   75.502400][ T5850]  dump_stack+0x15/0x1a
[   75.502457][ T5850]  should_fail_ex+0x261/0x270
[   75.502484][ T5850]  should_fail+0xb/0x10
[   75.502552][ T5850]  should_fail_usercopy+0x1a/0x20
[   75.502578][ T5850]  _copy_from_user+0x1c/0xa0
[   75.502612][ T5850]  copy_msghdr_from_user+0x54/0x2b0
[   75.502703][ T5850]  ? __fget_files+0x186/0x1c0
[   75.502740][ T5850]  __sys_sendmsg+0x141/0x240
[   75.502785][ T5850]  __x64_sys_sendmsg+0x46/0x50
[   75.502814][ T5850]  x64_sys_call+0x26f3/0x2e10
[   75.502842][ T5850]  do_syscall_64+0xc9/0x1a0
[   75.502932][ T5850]  ? clear_bhb_loop+0x25/0x80
[   75.502960][ T5850]  ? clear_bhb_loop+0x25/0x80
[   75.502985][ T5850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.503080][ T5850] RIP: 0033:0x7f626069e169
[   75.503099][ T5850] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.503121][ T5850] RSP: 002b:00007f625ece6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   75.503195][ T5850] RAX: ffffffffffffffda RBX: 00007f62608c6080 RCX: 00007f626069e169
[   75.503208][ T5850] RDX: 000000000000c0b0 RSI: 0000200000000280 RDI: 0000000000000004
[   75.503227][ T5850] RBP: 00007f625ece6090 R08: 0000000000000000 R09: 0000000000000000
[   75.503240][ T5850] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.503254][ T5850] R13: 0000000000000001 R14: 00007f62608c6080 R15: 00007ffdb3784dc8
[   75.503277][ T5850]  </TASK>
[   75.506185][ T5846] bond1: entered promiscuous mode
[   75.514969][ T5844] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[   75.518887][ T5846] 8021q: adding VLAN 0 to HW filter on device bond1
[   75.554312][ T5844] System zones: 0-1, 3-36
[   75.712026][ T5853] bond1: (slave bridge1): Releasing backup interface
[   75.719051][ T5853] bridge1: left promiscuous mode
[   75.728429][ T5844] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.762494][ T5853] Cannot find add_set index 0 as target
[   75.818202][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.829874][ T3847] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.880543][ T5866] loop1: detected capacity change from 0 to 2048
[   75.900943][ T5866] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.902185][ T5869] netlink: 'syz.0.642': attribute type 27 has an invalid length.
[   75.921405][ T5869] batman_adv: batadv0: Interface deactivated: dummy0
[   75.928276][ T5869] dummy0: left allmulticast mode
[   75.938969][ T5869] bond1: left promiscuous mode
[   75.998331][ T3315] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.022258][ T5875] netlink: 596 bytes leftover after parsing attributes in process `syz.5.647'.
[   76.049999][ T5875] loop5: detected capacity change from 0 to 512
[   76.057881][ T5875] EXT4-fs: Ignoring removed nobh option
[   76.089328][ T5881] loop0: detected capacity change from 0 to 2048
[   76.111609][ T5875] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #16: comm syz.5.647: corrupted inode contents
[   76.123193][ T5881] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.123733][ T5875] EXT4-fs (loop5): Remounting filesystem read-only
[   76.143721][ T5875] EXT4-fs (loop5): 1 truncate cleaned up
[   76.149919][ T5875] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.162834][ T5875] ext4 filesystem being mounted at /74/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.174715][ T5888] netlink: 'syz.1.651': attribute type 10 has an invalid length.
[   76.182547][ T5888] netlink: 40 bytes leftover after parsing attributes in process `syz.1.651'.
[   76.192615][ T2056] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   76.203328][ T2056] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   76.216519][ T2056] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[   76.217837][ T5881] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   76.242192][ T5888] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.250531][ T5888] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.261919][ T5888] team0: Failed to send port change of device geneve1 via netlink (err -105)
[   76.271391][ T5888] team0: Failed to send options change via netlink (err -105)
[   76.271484][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.278990][ T5888] team0: Port device geneve1 added
[   76.295007][ T5891] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.647'.
[   76.306079][ T5883] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.335815][ T5896] loop0: detected capacity change from 0 to 1024
[   76.343621][ T5896] EXT4-fs: Ignoring removed nomblk_io_submit option
[   76.350432][ T5893] loop2: detected capacity change from 0 to 164
[   76.352131][ T5896] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   76.363239][ T5875] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.647'.
[   76.368499][ T5896] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[   76.385176][ T5896] System zones: 0-1, 3-36
[   76.392124][ T5883] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.398286][ T5896] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.441532][ T5883] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.456375][ T5883] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.469900][ T3307] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.473235][ T5883] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.500382][ T5883] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.574507][ T5902] wg0: entered promiscuous mode
[   76.579545][ T5902] wg0: entered allmulticast mode
[   76.660251][ T5904] loop0: detected capacity change from 0 to 512
[   76.671331][ T5904] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   76.680215][ T5904] EXT4-fs (loop0): orphan cleanup on readonly fs
[   76.689028][ T5904] EXT4-fs error (device loop0): ext4_iget_extra_inode:4693: inode #15: comm syz.0.655: corrupted in-inode xattr: overlapping e_value 
[   76.704138][ T5904] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.655: couldn't read orphan inode 15 (err -117)
[   76.723997][ T5904] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   76.777168][ T5911] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.656'.
[   76.787785][ T5908] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.656'.
[   76.867498][ T5915] loop0: detected capacity change from 0 to 2048
[   76.885978][   T29] kauditd_printk_skb: 513 callbacks suppressed
[   76.885996][   T29] audit: type=1400 audit(1744999333.490:1492): avc:  denied  { write } for  pid=5913 comm="syz.0.658" name="/" dev="loop0" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   76.921286][   T29] audit: type=1400 audit(1744999333.490:1493): avc:  denied  { add_name } for  pid=5913 comm="syz.0.658" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   76.929210][ T5924] loop1: detected capacity change from 0 to 512
[   76.942167][   T29] audit: type=1400 audit(1744999333.490:1494): avc:  denied  { create } for  pid=5913 comm="syz.0.658" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   76.969333][   T29] audit: type=1400 audit(1744999333.490:1495): avc:  denied  { read write } for  pid=5913 comm="syz.0.658" name="file2" dev="loop0" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   76.992113][   T29] audit: type=1400 audit(1744999333.490:1496): avc:  denied  { open } for  pid=5913 comm="syz.0.658" path="/155/file2/file2" dev="loop0" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   77.016079][   T29] audit: type=1400 audit(1744999333.560:1497): avc:  denied  { create } for  pid=5913 comm="syz.0.658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   77.036143][   T29] audit: type=1400 audit(1744999333.560:1498): avc:  denied  { bind } for  pid=5913 comm="syz.0.658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   77.055925][   T29] audit: type=1400 audit(1744999333.560:1499): avc:  denied  { setopt } for  pid=5913 comm="syz.0.658" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   77.091071][   T29] audit: type=1400 audit(1744999333.700:1500): avc:  denied  { unmount } for  pid=3319 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[   77.094408][ T5924] EXT4-fs (loop1): orphan cleanup on readonly fs
[   77.126700][ T5928] tipc: Started in network mode
[   77.131623][ T5928] tipc: Node identity ac14140f, cluster identity 4711
[   77.134160][ T5931] loop2: detected capacity change from 0 to 1024
[   77.138630][   T29] audit: type=1400 audit(1744999333.700:1501): avc:  denied  { connect } for  pid=5926 comm="gtp" lport=255 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   77.145227][ T5928] tipc: New replicast peer: 255.255.255.255
[   77.165588][ T5931] EXT4-fs: Ignoring removed nomblk_io_submit option
[   77.171276][ T5928] tipc: Enabled bearer <udp:syz2>, priority 10
[   77.198452][ T5924] EXT4-fs error (device loop1): ext4_orphan_get:1416: comm syz.1.662: bad orphan inode 13
[   77.241573][ T5931] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   77.253815][ T5924] ext4_test_bit(bit=12, block=18) = 1
[   77.256569][ T5931] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[   77.259287][ T5924] is_bad_inode(inode)=0
[   77.268729][ T5931] System zones: 
[   77.271551][ T5924] NEXT_ORPHAN(inode)=2130706432
[   77.271563][ T5924] max_ino=32
[   77.271571][ T5924] i_nlink=1
[   77.275100][ T5931] 0-1, 3-36
[   77.361968][ T5924] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   77.373650][ T5939] netlink: 596 bytes leftover after parsing attributes in process `syz.3.666'.
[   77.383142][ T5940] loop5: detected capacity change from 0 to 512
[   77.393441][ T5940] EXT4-fs: Ignoring removed nobh option
[   77.412909][ T5939] loop3: detected capacity change from 0 to 512
[   77.427127][ T5939] EXT4-fs: Ignoring removed nobh option
[   77.434464][ T5940] EXT4-fs error (device loop5): ext4_do_update_inode:5211: inode #16: comm syz.5.665: corrupted inode contents
[   77.434545][ T5924] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   77.447861][ T5940] EXT4-fs (loop5): Remounting filesystem read-only
[   77.461766][ T5940] EXT4-fs (loop5): 1 truncate cleaned up
[   77.469310][ T5940] ext4 filesystem being mounted at /76/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.480108][   T51] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   77.490727][   T51] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   77.515712][   T51] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[   77.560284][ T5939] EXT4-fs error (device loop3): ext4_do_update_inode:5211: inode #16: comm syz.3.666: corrupted inode contents
[   77.580168][ T5939] EXT4-fs (loop3): Remounting filesystem read-only
[   77.587828][ T5939] EXT4-fs (loop3): 1 truncate cleaned up
[   77.594195][ T5939] ext4 filesystem being mounted at /128/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.607015][ T1740] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   77.617691][ T1740] EXT4-fs (loop3): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   77.628595][ T1740] EXT4-fs (loop3): Quota write (off=8, len=24) cancelled because transaction is not started
[   77.672100][ T5953] netlink: 'syz.1.668': attribute type 27 has an invalid length.
[   77.680468][ T5953] dummy0: left allmulticast mode
[   77.700403][ T5953] netdevsim netdevsim1 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[   77.708885][ T5953] netdevsim netdevsim1 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[   77.717488][ T5953] netdevsim netdevsim1 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[   77.725909][ T5953] netdevsim netdevsim1 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[   77.837950][ T5958] team0: Port device netdevsim0 added
[   77.925152][ T5965] loop0: detected capacity change from 0 to 512
[   77.937767][ T5965] EXT4-fs (loop0): orphan cleanup on readonly fs
[   77.952099][ T5965] EXT4-fs error (device loop0): ext4_orphan_get:1416: comm syz.0.673: bad orphan inode 13
[   77.962344][ T5965] ext4_test_bit(bit=12, block=18) = 1
[   77.967893][ T5965] is_bad_inode(inode)=0
[   77.972087][ T5965] NEXT_ORPHAN(inode)=2130706432
[   77.977141][ T5965] max_ino=32
[   77.980358][ T5965] i_nlink=1
[   77.986237][ T5965] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[   78.006756][ T5965] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   78.092976][ T5971] Cannot find add_set index 0 as target
[   78.166915][ T5977] loop5: detected capacity change from 0 to 1024
[   78.173395][ T5979] loop3: detected capacity change from 0 to 512
[   78.173845][ T5977] EXT4-fs: Ignoring removed nomblk_io_submit option
[   78.180462][ T5979] EXT4-fs: Ignoring removed oldalloc option
[   78.194248][ T5977] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   78.204503][ T5979] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.679: Parent and EA inode have the same ino 15
[   78.211356][ T5977] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[   78.226763][ T5977] System zones: 0-1, 3-36
[   78.236366][ T5979] EXT4-fs (loop3): Remounting filesystem read-only
[   78.242940][ T5979] EXT4-fs warning (device loop3): ext4_evict_inode:262: couldn't mark inode dirty (err -30)
[   78.255485][ T5979] EXT4-fs (loop3): 1 orphan inode deleted
[   78.286426][ T3444] tipc: Node number set to 2886997007
[   78.294903][ T3010] ==================================================================
[   78.303038][ T3010] BUG: KCSAN: data-race in dont_mount / lookup_fast
[   78.309758][ T3010] 
[   78.312087][ T3010] read-write to 0xffff888104ebed80 of 4 bytes by task 3591 on cpu 0:
[   78.320342][ T3010]  dont_mount+0x2a/0x40
[   78.324527][ T3010]  vfs_unlink+0x298/0x430
[   78.328887][ T3010]  do_unlinkat+0x21b/0x4b0
[   78.333330][ T3010]  __x64_sys_unlink+0x2e/0x40
[   78.338015][ T3010]  x64_sys_call+0x2358/0x2e10
[   78.342731][ T3010]  do_syscall_64+0xc9/0x1a0
[   78.347256][ T3010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.353268][ T3010] 
[   78.355596][ T3010] read to 0xffff888104ebed80 of 4 bytes by task 3010 on cpu 1:
[   78.363211][ T3010]  lookup_fast+0xf0/0x310
[   78.367556][ T3010]  walk_component+0x3f/0x240
[   78.372155][ T3010]  path_lookupat+0x103/0x2a0
[   78.376755][ T3010]  filename_lookup+0x14b/0x340
[   78.381529][ T3010]  do_readlinkat+0x8b/0x210
[   78.386049][ T3010]  __x64_sys_readlink+0x47/0x60
[   78.390911][ T3010]  x64_sys_call+0x2a81/0x2e10
[   78.395687][ T3010]  do_syscall_64+0xc9/0x1a0
[   78.400257][ T3010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.406164][ T3010] 
[   78.408486][ T3010] value changed: 0x00300008 -> 0x00004008
[   78.414208][ T3010] 
[   78.416528][ T3010] Reported by Kernel Concurrency Sanitizer on:
[   78.422680][ T3010] CPU: 1 UID: 0 PID: 3010 Comm: udevd Not tainted 6.15.0-rc2-syzkaller-00278-gfc96b232f8e7 #0 PREEMPT(voluntary) 
[   78.434765][ T3010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   78.444844][ T3010] ==================================================================
[   78.461414][ T5987] validate_nla: 1 callbacks suppressed
[   78.461431][ T5987] netlink: 'syz.2.680': attribute type 27 has an invalid length.
[   78.475924][ T5987] dummy0: left allmulticast mode
[   78.481386][ T5987] batadv0: left promiscuous mode
[   78.486415][ T5987] batadv0: left allmulticast mode