last executing test programs:

7.737763507s ago: executing program 0 (id=1820):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=@newtfilter={0x34, 0x2c, 0x1, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r4, {0xc, 0x4}, {0x0, 0x256f1e108f6ca557}, {0x5, 0xf}}, [@filter_kind_options=@f_flow={{0x9}, {0x4}}]}, 0x34}}, 0x20040054)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r5}, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
unshare(0x44040200)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f0000000000)='./file0\x00', 0x1018000, &(0x7f00000003c0)=ANY=[@ANYRES8=0x0, @ANYRES16, @ANYRES16=0x0, @ANYRESOCT, @ANYRES32, @ANYRESDEC], 0x1, 0x2ee, &(0x7f00000006c0)="$eJzs3M9PE1sUwPHTH5S2BMri5b28l7xwoxvdTKC6VhoDibGJBKnxR2IywFSbji2ZaTA1RnTl1vhHuCAs2ZEo/wAbd7px446NiQtZGMd0OkNpGUBKaRG+n4TMYe49nXtnBnLuhGHzzuvHxbyt5fWKhONKQiIiWyLDEhZfyNuG3TgmO72QiwPfPv5/6+69G5lsdmJaqcnMzKW0Umpo5N2TZwmv21q/bAw/2Pya/rLx98a/mz9nHhVsVbBVqVxRupotf67os6ah5gt2UVNqyjR021CFkm1Y9fZyvT1vlhcWqkovzQ8mFyzDtpVeqqqiUVWVsqpYVRV5qBdKStM0NZgUHCS3PD2tZ9pMnuvwYHBMLCujR0Qksaslt9yTAQEAgJ5qrf/DojpZ/6+cW68M3F4d8ur/tVhQ/X/5U/2zmur/uIgE1v/+8QPrf/1w9f/uiuhsOVL9j5NhJLZrV6gR1hqtjJ70fn5dL++vjLoB9T8AAAAAAAAAAAAAAAAAAAAAAH+CLcdJOY6T8rf+V7+IxEXE/z4gNSIiV3swZHTQEa4/ToHGi3vRIRHz1WJuMVffeh3WRcQUQ0YlJT/c+8FTi/03j1TNsLw3l7z8pcVcxG3J5KXg5o9Jqk9a8x1n8np2YkzVNef3SXJnflpS8ldwfjowPyYXzu/I1yQlH+akLKbMu+No5D8fU+razWxLfsLtBwAAAADAaaCpbYHrd03bq72ev72+bn0+EGmsr0cD1+dR+S/a27kDAAAAAHBW2NWnRd00DWufICEH92k/iB7TJ/sz/N0s/28Zjm+m+wT+wZua4t7Ojp+W0CFOyx5BWNrJGqnNRh11Fv5jo736yNR4965g0zD+efP2e+cOcWU1fsBM2w8i+98AfV37BQQAAACgaxpFv79nvLcDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAADgDOrGv0nr9RwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAk+JXAAAA//+qDgR1")
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpu.stat\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
r7 = openat$nci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r7, 0x0, &(0x7f00000000c0))
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_DEV_UP(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x4800}, 0x8004)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r9=>0x0})
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)=ANY=[@ANYBLOB="2000003e24705700e16e0ee903dd4900", @ANYRES16=0x0, @ANYBLOB="010328bd7000fedbdf251c0000000c00018008000100", @ANYRES32=r9, @ANYBLOB], 0x20}}, 0x10)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000000600)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000400)={&(0x7f0000002f80)=ANY=[@ANYBLOB="b1a7545975fe51a883712cd64ec2064f86da602a41a872fb893b63d5153866802833ea400268f46156c8fb93e9e226f2852a12c0b750a75c1e18cee9c7706456191199f5b8f242ef83ab7ab4fdda03755b59dc22fd95457358545207dad5bdeec330f363f460dc1953d8a909ae8b5a9074a8ed93e5dc794096483d88ab10de76a28fb949540379e625828eed85e1ceeea309c64f49fed1085be1f09ca005578fda0c9c51b15b00"/177, @ANYRES16=0x0, @ANYBLOB="040002000000ffdbdf25080000002800018008000100", @ANYRES32=0x0, @ANYBLOB="140002006970766c616e3100000000000000000008000100", @ANYRES32=0x0, @ANYBLOB="141102800800020002000000040001006700040032c8ecb543984c15e632a44c4240e64a018e337c3d5c12e4d4a7d6908cecb4abb34479afda71d41b2fe1919b5dbabbcb691c786ea32353a9c31958617cb20ee156676c7b727e9a32be262f7898dc3be45ab749ed1b712a30d15d511fe9f62d543591470004100400dd260418fe6fcc7fafe0d537a7808bf79d989a32161ffa3c7f941a8707ce59a618032b3e61ff6006c44c24c338dd924daeec0a8041532e099196f770ff98e525b11ebb5a51e317c1e710bb05c93b4a3753b51d9268d64dcddbcd73f6145a8adaa78fb77a825300a520e34321e3531f6aa08f120f07c827d72f3d2d7bbfbeadf1b4bcac188af392b1fecfedc939db722e281221b158c7cad3b59ab361d669ec1ecefdf0acbecc02e660850c1c2a5041201f9db5bad54b9d7bfb62994658c1fe3a4c4c63eec721c47728fc8fd85f846e64839d39eb1ab94a007fbfa7d62986271e087cc45be8b2dfc4e719ec921a557d6e135353edd7078236bbf0e651e3f98b71674a5b7499e55da8b08fc73e711b37c90173c5f486f9ffde408eff90e15392c2c85b65e51bc4ce2f77c78aa3a75dfbbdcf3d8fc0dcab442752ccd7624cd5d03e4a564fc22e83df2e4ab696ade07ff9405025d1fabd33b9f7413e86aac7af13f0751ee189db3e10b0cadea6775669b2f802e302f36cff3abdfc9a410ff51dd26abb64185009d836dcbc69555d320507b7146fe0d704fec367ada97c757292e2e2309c1f83731704b162644516bef15b6109f8f396df1176442d48b8f9ca15774c8e88f3f0c8c6a98a368149a74fe23ad1fa5a96f9b3eb3d0a3a5654760f9b79156a7e952036046806b2f17753c2a3d14bda8ba1f74e4be5a7b19d5d84df2f3baf12609693d421081169372e4363c8cd3247f7d748294599a2215f6a39138c4a185a9cd07fb051621c56ae3222e48b17ab1a29d818f4fd1a359bf339093dda1b22ec48d66cfbc006fc703fe8488c7da62d906a4045ef82b87075dab7e3bbaccfd666543dd06a89b269d716762e2a52a6b1891051f8a9d67a9044e565ae45b010cafc2d2164f3cc06fe0a215e79ec886a8157c6e45aa438e2c873b4da55f5172bb9d5cfca31ba1bbfaa7768ae45b1bdc936974d2f875ac1e5e07fd65a5a7049cb02f1c07375e9dfb6962771699c4de97f18dca198fab9ef9ed8c763fd0965fcd4ee8ea77221ed459d3bda27208d5282caa1288b30ede700d71da165524dbdafc19f49cb375fc35131462dbeba88d421505a4cc71a6bde729c0373037e86046202197eabe69e69edbcc19eb038c9be82f1ceb69488ea39fa52e1dcfe845ba90ba91f28de85c0cbd3c1024f8885535eba482f754035ad737ef7c2ed5791cc4117ee0e77ecded92b4d2b69003d1928fef375d0492c49c4ca6a68f3f7d7a75881bc146f0ceef56cbc7705f258ce880d0c416ddf088bedfd0f38f359cbe183ab4fbdc6b5d7a68812de83662d7e0962bad4ee587bdea7ca8765741300e9fe1275f5c5ad3f5579d70ac66a71b0bf254eb1c42342cde5f3b3df75239db33168815eb920543b7cf5f2a1d3efcc5b421dc1300e6db3e85e6e7e761fb0ad4be4569c92203464fa3e470fa305ecb23a81e67b113e1810ca973d6117703a955f8ee5b7849d4c6ddee340b8e23287fcd285bdaacd693f34fd7414a59a8aa6f8f618f327486437985b4c4bb4bfeea20104d2535247ff7a5784aacad6d40bb17b739fad0c648399695a8f0bd30acf7b8f60f91c9af4940f4936054f34071fc4ef4cc86a772db5490cd06d19acf9152d86bea129fa8be399682e99e506ea6ad6aca1e591d8c6e727635a27dff7e9be15346498b3290f28f5ea571f17ec789596f3dc0735ed1e67a4c4bfd01c78341118ddea175f2d3cc89c76364fa67280e141fbb59525d39361d4ee3efb0657a7ac7c22a7d48fe26ee624a1ac02614f96dab5b73f101c72b648392689b729a03992de5b24b3929c4e4fe96afc486dcf6965ebcc3111dc41ec5b0a1a028b0ab34af726d1bdd1f781056e1d6549807b3a71d1d160c43682c610ca3d2ec2a4e63592df28e1d31e388079ca2ed9c0e77c399bc0c6bfa26a25a00ff6c019a050e2299a253df7a8315935e185d4f4b622a977b17c6b7f036478a29f569729c8e1ecee9df5db868dfd013335afa617c364f604e5f4680e62bd2685a3978db8910d1ea5d2bd2bd8fc296be536803057d99a5d8d6a68b5d722bb29806b2617046244fef118c5c0fff419215eec12dd740eeb19e0429e790bd5c2beb7aef9dc0b832545132ef7e73353841e32dfd4ceb4f6c9e80467dfa0d5ed88573b322badda78538a732d1941e2364972d747a4a0b5053182b105ada5df4423c6089113fd28bf75207895d4d69b8b565f8e050f9dd7fff53fea286e94da022552563b25c258e13f721d0d619d2ca2e1f8b3d47d7e268c30235d55438d73c629bbcba0ad2e291808f6203e8872004189e637df27078bb1ddb1f999d4ba9c858ee9ded22ef3b3d8f7db8baa39793e04c00e460cde8a949ddd86867844eed29e802449986c4701640e18b5f387f56ce1b6106d841dee12635be3f3b183399f78a936cf69d0ea8be6e46d685de6f716d13e561e147a704e0ab1790510dcb40dc85e904e13351eade2289713f66f2438adfebc4a9b47610ba4682c2f7d05a48819e55ce41a073729dcd6c1d2c27d14046ea1b26663281505fa903f0309c40d1dea6c36913eeb695f8522aab6c21d8b90f6a45002d02d8a347866e8a059d7cf8c31b02af2efdafddcd2064de696a5903bae9208c03c60c66e5a428f09f8c319dd3dbf54aefb0ea407deb6d15cef349eb22759c6091b8a182a7185d760852954a4111ecad293e9420916bc91fcf1c0a5776e7d0fef4cef933d3354314d5d7b993d7587861f104a0c4d3983131966a125c1f1d6019e13c64608e9e048b475b94798d707571f6445378f6245847e18ee7ae1d1d2de18553dc5a1ad905c1ee5c865fb7a4ae1f575aca33930f69f16fbec62420aca92c6feba4ce111d82d7d075e7e87f5d3845fe22900f319c30efeeca9dda0b284cb93644b5f10c33a642b3a785536bf98211d8d7b2c7849f88257c8c9c302370cca22a31b60784b9e02ec543c296052b55bfffcad390e59bd791698400a23114fe30ac6be8ff4a5bb0bb4c5367a7ec406cd3aebea3a3fc2e5b6bc2339a55027af979b539bc3a9396067d60a9413e3d5ed61571d18b3d8a091fe6d345cc5e0fa71accfe130c142fe56a6ba6a859ba89dc0d34b140e48747ca6723faefba83c1f6d3a5b9c8e70997e5ce1685cf314ebebaca1a24c42f05e10df01863ce8ba8921bd3f36476bd1e86d143f1e52d28b0070bbb0b14648f09d98881c06585e076abb8991eed400404116b77d185ae9bf00c32f132a3346bbb1f02a8e2004fdcb603e0541097dd03b644efdb6bf812648564ae95435634fd646f530a3c111328f267516b63697fec93629c2fe93347dd78c60c85ade58c1c942a1e2b2f95c7974d65f0efff7475eb9dd7786ecf61b3dc924096d33fe12fee76cca668dcd31da3ae820766d316201ef34d001e8bf81305790bc5d41d587bdfb49cbe3162af495240a8726f03285a74d2c3e8832574404e8f69125639baade0d94484c3c3d5ffbc1493ba68110abdb7da3b70baf6a02c8d8e5fb731c366a41964e4f4fb8d09dfba63b44b1b6bc2d646c61e4e83f86b0918ccca7eb8fd2208975e8a4fe1031dff84af97d7faafca0d98624f1cad57a82f19c7df242a9a238e04e7ac42ad0e4b980aab0d7c4cd27f1794ea49138df04da4c95a2689525a64fb45f9eaad37bceadfc071a282801aa7328f183d6524f888a772d0a71560b2ce33b37fa2cc9d9f98097bfe156f38e5898a5a3db1bce5fba57db016aaae36ee2204851d2a18585d99ff9de7ca9d501984a710faaa72f92c8468610fa804193faad8e7a392d5359b18945338e9c8680e4f1e83546e8ced06a671df577bfe226ecdfbeb6a7e9b79fcb984f27f94675302a5a39d2b35053000273da79864f09e06dfae61b3f886ec8d3a4a818ff95920f6fd22eead0afb725c265b0de7b28a608d3d5e13c0df3e25674e37572873d53bb7003e2cb743e4ab87bb77aa1e8ba51cbbe0be94e02ca640984752a2dbbea2d9e4531a97accd6a5922dd7ce6c955d78671969e1d85f8493bf1cec95d5b75fa8cc6d12209cccb2e9f2cda139fd78d5d9d947f264c68a0cf358a7e691e2e9940245e02d247c4eb1aae234e33f9882116a1ec19e54569405a9ee64b7233b3f70ebedebb25baca0cf584506ffe8502865fd0a64e820b705db4af0a4fad5ad861037782bf977c4a4fc2be68e2e60d19357f765d8a6ba2bd6299ac72ce3dbf35585bfda6d4a989c2d2dd6aebb08617331677973422941a69d1add2132dcaec29afcbc3a436fea1aec41712d4904fb38d55dd668972dcd78b6b4c5e21a588aba66a218d88e7b220d7b9625399b78cb6c03ada1ef654f107614c07b87177678c4dc8e3b61779a898c060e7acf0b4d4e10292f07630986c7f8ca1b8f762f287d09b1471334957ed643bc48c41a6fae79627da2ef7aecf6870841cac21bd1c6eb327bf87fd57a217888b854e26dda99820ed42c3da47dc17b9e4178818e9bb58eef6f47df91103bedf9e8cce5adc9b14dc5a4d496923c9f12f956734a27f2030703795166a77d8dd9a48e572bd27a1b27df1fdd1c645b673171f16dd6256625ed422887e54ffd7e4a9546a589541f08e4469d38f3a1fab59c6a3db2b2af4eb5e6dd1c066812bdb438ec4dccaca568b8eda943db90b7e8d2e924473f9b22b78e378ad55cdebb597f63146085843049374e017a49c805b84c31c9f63335f0d2ea9fc5b278ddcb499f21c3c668c07efbf1f0ff14e56fa85c5db6c81574d64d73b4664ea5bc3f7635377198a7814152dbe007f932574fe70976bbe4369e9e38fde520009fd05e607ecfc2fb478c833ed24c67d3ecccc33ee163707b531c5e67e205c73ef901ca83d6263b4774e70bae666921244ce7aff8fbf1134d7d7b8c019a5e8705254ca003a45c3cdfac406518c82c007fd8522aad9ae25364b081b0d2b90cfd10732222fc917fe37f229b4f0b08a6bd705492a5a7ee51d4de9bf093ed0c424324b68926df5455623c3a96f7b9af37050f421a10cdfade6b3dc897bd509f3d6674ba7b54bcb15f978d21732629501860cbe1ccc1b76114aa3a3efb4db114242ba3873923364f50e95ef6cde1f0f8345ed12c2bec20f48b45bfdea48af25baab48afcd120b3174778a20a86a220516eec3bac7c24d6a303af284c6c635baa669b6d9c4b30dd622c83367a5bd839b0c95123ad41c0c4af8f46d7bbc2139ab54b104362282e3ad96af07689ceeb6ab43115f06d0064d40a9d1e0563035d3bd7e473d36b601c4477d235d0954195fbaf13c004a814c78dfa2b657daa6e5b37deb45e7b775828a5cf136a0bb893ee8b6c3b1bd13cb0c79fbe0c1e25f7a329ebc096962cb73324b5e2dc4abcab809e5c9e5a08e7f84c1b627e664fb8af85bdeabcb73a7e60a9c28e5ad482fa95f369376cc71d8551d6dfb023e2d088faf8988d4e3e5a8852c71cbf35aba9f1dfc7506db9f86bc8db7bdb1debebbb2711a87d2fa6df127bd7953eaad42d78928b8a4af2ab4853f7668c880885006bc0e2a5a959ae89f9c2978a377e56061710aed09dac93f86715b66450e82a94f57a69b04cab24508e039c8b0c0964d1530d407c400f8ca54a2429d1d18a978f3305eb5f1c5e1e1a7fbbadac77990c7b35c587a456391bdedda52abb4726ba32b66b6e347a93e1d01460d40674455cbd27ac092dad2d8346884b483b9609093f8ebe2816fad190337a15d307339dc6f954920c02528f55e1bae313672b1fa7f629c838378238bb255f2d349850bfbfbb45fbf9159e8616bd3712d18b565c70ae38337b4595000400a874d370300761f2244a03a1330caeaf1bf86f0b110a8a44e172b55cb0fd1c2152025a2f724e28f6bd09622c66abee5496e8623888406b402a48dbea3012bd0d73bb493a681c8e8d3309cff9710f54da8e594198920141550bfb82b1d1be9bef4fd99a9f3913f3eb474ba044df8321bb2f89ab0195aa9031b1ca6e9bb9403046f54a84e8d10f323d8c8d806ecd0b562b370000003000018014000200626f6e645f736c6176655f310000000008000100", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r4, @ANYBLOB="d80402800800020003000000980003802400018004000300040003000800010001000000050002000000000004000300040003002800018008000100040000001100020073636865645f7377697463680000000005000200000000001400018008000100ff0f0000080001009e000000200001800b0002006d756c746971000009000200666c6f77000000000400030014000180080001000b000000050002000000000054000380280001800a0002002a402b292b00000005000200000000000400030008000100ff0700000400030008000180040003002000018008000100060000000400030004000300080001000100000004000300e50005008b5666d5a84835f28561140260dcff0eb741820712d1431c1782cfc3c3c182ea01033965fe99e207c03c6166d9740f1c760cda8bd1e1395ce8de8ba5f2ac4ccd0d5e56481024ff6d47b88a7917e619aebe2d2494dbbd00ec1a000bdc1bb3fcda55b4e76c453eb646f9b6c4b289df3f82b8c39c747e2bcad4886dca2ae67bb39f11b62981cf81d492d2b81938c65ed979c45969d4b3ebf70ef6f1e1f2134694e1b3a5bcc19b4d676597e7ed2ca11bab521cb8bb2778cb031eb22f583e4ba15c47f707e3db630ad74ed481695394f71bdd79e07cd73232011d8158d1159ca5651af9000000660004009fcd4ce7933909aefd412dd31d31e48b2ef71640aa1fad99a418a86fa45ef2dd715ded431055cb5e3b7a36a8a43dd90f7c60afbd47f6237d94d9db16259cf54161e47afb634dae34f8607076331b1625f6886f3e088bc08a47f8b447bf8b8878a39a0000f40004007d79b050330ecf2fcda07a0506a41e2915d4091849cdca275539973b8116ca1ef60a7b24c226360521172c1523ee9e21af964a40eba1d8c1180a4ca594634d5df24e639e854904465462266fd11edccd47de9def2bdb8b66720315d5831d6244ed5771b3c8fb9c81fbe5df983bc4b0fffebf89d5f3cc0150cfb5d06725d6f24407606f4c1fcd832733b7102ba6da0b6145d4ff6c711138c7c698c87cc31495f6d24d7adf4116a1155e5ce830f4ccd0dd2d504b1710ec46c7c115260d06770d6308f4f2ca2470b145ae09f1e64bdc58aa9e7f3d75ef5e10ba226ff32ba87c87702c3208d13ed57154f18e3782be1c006b08000200030000001c01038028000180080001000200000009000200766661740000000008000100000000000800010000000000100001800800010009000000040003000c000180080001000800000034000180080001000800000008000100fa0b000009000200666c6f770000000004000300080001000600000008000100020000001c00018008000100ff0100000500020000000000080001000600000034000180110002002f6465762f6e65742f74756e00000000040003000400030004000300050002000000000008000100060000000c0001800800010007000000100001800800010001000000040003003400018008000100ffffff7f08000200265e230008000100f6ffffff08000100657d00000800010007000000080001000900000078000380500001800800010008000000060002007b000000060002002d000000170002005e25295c3a402b2bd828252f2323403a5c250000110002002f6465762f6e65742f74756e0000000008000100060000000c0001800800020047504c001800018004000300040003000400030008000100810000005c000180140002007866726d300000000000000000000000140002006e657464657673696d3000000000000008000100", @ANYRES32=r4, @ANYBLOB="1400020070696d726567000000000000000000001400020069705f767469300000000000000000001c00018008000100", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r9, @ANYBLOB="0800030004000000200001801400020069703665727370616e300000000000000800030000000000"], 0x16f0}, 0x1, 0x0, 0x0, 0x4004}, 0x1)
write$nci(r7, &(0x7f0000000140)=ANY=[@ANYBLOB="4cff42", @ANYRES32=r8], 0x4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mlock2(&(0x7f0000004000/0x4000)=nil, 0x40ef, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)

7.090689036s ago: executing program 0 (id=1825):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={0x0, 0x13}, 0x2, 0xffffffff, 0x6, 0x6, 0x4, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x56)
connect$inet(r1, &(0x7f0000000380)={0x2, 0x4e24, @local}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000840)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r6, 0xc004743e, &(0x7f0000000100))
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRES32], 0x5c}}, 0x0)

6.344538257s ago: executing program 0 (id=1843):
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='\\)-\xad\x00')
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180), 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x4}, 0x18)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r2, &(0x7f0000002080)={0xfc, {"a2e3ad09ed0d09f91b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383142030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b2f38f0106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f330000000000000003d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9870af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xa75}}, 0x1006)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffbfff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
syz_usb_connect(0x5, 0x0, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="5c0000000206030000000000000000000000000005000100070000000900020073797a31000000001400078005001500070000000800124000000000050005000200000005000400000000000d000300686173683a6e"], 0x5c}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)
keyctl$KEYCTL_MOVE(0x1e, r5, 0xffffffffffffffff, 0x0, 0x1)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)="b429538e848febabe4d22f083089b0818da0087cda7a61ba95be955a5f", &(0x7f0000000140), 0x5, r4}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000b80)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce935b0f327cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1525320e716660000000000b02b001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d3294000000000000000000000000000000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1c77a211bfa02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0843b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080)={r9, r10}, 0xc)
sendmmsg$inet6(r3, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x0)

5.875144784s ago: executing program 1 (id=1854):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
r2 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={0x0, 0x13}, 0x2, 0xffffffff, 0x6, 0x6, 0x4, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r2, 0x40042408, r3)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x56)
connect$inet(r1, &(0x7f0000000380)={0x2, 0x4e24, @local}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x10, &(0x7f0000000840)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRES32], 0x5c}}, 0x0)

5.797484095s ago: executing program 1 (id=1856):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
ioprio_set$uid(0x3, 0x0, 0x0)

5.761974776s ago: executing program 1 (id=1857):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f0000000480)='mm_page_alloc\x00', r0}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)=ANY=[], 0x48)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000440)='kmem_cache_free\x00', r2}, 0x10)
ioctl$USBDEVFS_CONNECTINFO(0xffffffffffffffff, 0x40085511, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000009d000000010001000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000039a152e00000ff0f00"/28], 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000c"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x18)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={0x0, 0x50}}, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f000000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x0)
sendmmsg(r6, &(0x7f0000000000), 0x4000000000001f2, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001400)={{r3}, &(0x7f0000001380), &(0x7f00000013c0)='%-010d \x00'}, 0x20)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

5.761353326s ago: executing program 1 (id=1858):
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000f00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
fsopen(&(0x7f00000004c0)='ramfs\x00', 0x0)
symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffffff, &(0x7f0000000140)='./file0\x00')
readlinkat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=""/95, 0x5f)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f00000001c0)=ANY=[], 0x0, 0x2d, 0x0, 0x0, 0x7, 0x10000, @value}, 0x28)
r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r1, 0x84, 0x19, &(0x7f0000000300), 0x8)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='net/igmp6\x00')
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
write$UHID_CREATE2(r3, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value=0x2000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r5, &(0x7f0000000100)={0x0, 0xffffffffffffff57, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r6, 0x1, 0x3, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x0, 0x8c, 0x4}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
write$P9_RSTATFS(r2, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0), r2)
sendmsg$TIPC_NL_BEARER_ENABLE(r5, &(0x7f0000000840)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000400)={&(0x7f0000000580)={0x284, r7, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x400}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x48}]}, @TIPC_NLA_BEARER={0xf4, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x800, @dev={0xfe, 0x80, '\x00', 0x39}, 0x61}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x80, @private0, 0x1}}}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xf}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @broadcast}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x1, @private0, 0x4}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x200}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x69}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xe}}}, {0x14, 0x2, @in={0x2, 0x4e22, @rand_addr=0xeb8f}}}}]}, @TIPC_NLA_NODE={0xa0, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x43, 0x4, {'gcm(aes)\x00', 0x1b, "d907dafe62003b7ea48198b47eab0773fb4bd1a6ec6c434b3dccbe"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x47, 0x4, {'gcm(aes)\x00', 0x1f, "a6940edd6a632ee3e48c7d8b8ea7ae5d85d2f0c26de9a3c0a2e553bbb1da1c"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x80000001}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xfffffffb}]}, @TIPC_NLA_LINK={0x1c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}]}]}, @TIPC_NLA_MEDIA={0x6c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8eda}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_SOCK={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7359}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfffffffe}]}]}, 0x284}, 0x1, 0x0, 0x0, 0x20000840}, 0x4000000)

3.318450551s ago: executing program 0 (id=1870):
socket$packet(0x11, 0x3, 0x300)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e0b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0xcc, &(0x7f00000008c0)=ANY=[@ANYBLOB="e90c610faca20180c200000e0800450000be0000e0000011907800000000ac1e010100004e2400aa9078a20c000100000000a4ed345562ddd9ce960000000000000008d668e0838e1deadf9ed04974eeaac81eaa63332adbbf35c4f6776d5b87331f94526983a38ac6e2b97ec4e7033110a0442c5fd58d6833c8768db8432f72ede4e507c94698758d3ba0f99517c84370b372845e9ace40591a15cac4b2fb92ba15ad556a5bb93557543743de9f7a55ec52f4fc3383c155bd61dcbb5e5c90c111fb8bf76b5bc61940b7ca03"], 0x0)
syz_emit_ethernet(0xbe, &(0x7f00000001c0)=ANY=[@ANYBLOB="0180c2000002bbbbbbbbbbbb0800450000b00000000200119078000000000000000000000000009c907801000000040000009e188a80c32aa9b86ed6ce56992732d9f7fc6cda762c07530a038941764a92bb074336477e9205df5f47f7da965c25c746ba7f8ca07841d3da17308a6df3f54855ecedd6d866090025e3972a48e8103900d87a5be360cdf553bd6f25601ce33d79a57a3873e0b4e6553e2c444cf02a016458a5f67aa497153eddc6a19a3f9661ac468177dc130be49bdd8eb5"], 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
pipe(&(0x7f00000002c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$MON_IOCG_STATS(r5, 0x80089203, &(0x7f00000000c0))
vmsplice(r5, &(0x7f0000000400)=[{&(0x7f0000000080)="7cd1f2", 0x3}], 0x1, 0xc)
r7 = signalfd4(r5, &(0x7f0000000080)={[0xfffffffffffffff8]}, 0x8, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r8}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0), &(0x7f00000002c0), 0x9, r8}, 0x38)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000280)={'pimreg1\x00', <r9=>0x0})
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800"], 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r10}, &(0x7f0000000080), &(0x7f0000000200)=r11}, 0x20)
r12 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="e9ffffff00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r12, @ANYBLOB="0000000000000000b7080000100000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000200)='mm_page_alloc\x00', r13}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001d00)={{r12}, &(0x7f0000000800), &(0x7f0000001cc0)=r13}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x1b, 0x16, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000ffffffff0000000001000000851000000500320018570000000000000000000000000000b7080000e5ff00007b8af8ff00000000b7080000ffffffff7b8af0ff00000000bfa100000000000007010000f8ffff01000000000000800007040000f0ffffffb70200e069a4300018230000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70500000800000085000000a500000018180000", @ANYRES32=r7, @ANYBLOB="000000000000000085000000080000009500000000000000"], &(0x7f0000000240)='syzkaller\x00', 0x3, 0x9c, &(0x7f0000000680)=""/156, 0x0, 0x28, '\x00', r9, @fallback=0x21, r5, 0x8, &(0x7f0000000300)={0x4, 0x1}, 0x8, 0x10, &(0x7f0000000380)={0x4, 0x0, 0x4, 0x8000008}, 0x10, 0xffffffffffffffff, r3, 0x6, &(0x7f00000003c0)=[r7, r10, r5, r7, r6, r2, r12], &(0x7f0000000500)=[{0x200, 0x3, 0x3, 0x9}, {0x0, 0x3, 0x5, 0x8}, {0x0, 0x4, 0x3}, {0x5, 0x4, 0x0, 0x7}, {0x3, 0x5, 0x0, 0x1}, {0x4, 0x2, 0x0, 0x8}], 0x10, 0x3ff, @void, @value}, 0x94)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00'})
socket$inet(0x2, 0x3, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000200"/15], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

3.180992673s ago: executing program 1 (id=1874):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x1, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x0, 0x4, 0x0, 0x1, 0x10}], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
capset(&(0x7f00000001c0)={0x20080522}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x2)

3.107911274s ago: executing program 1 (id=1875):
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000f00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = fsopen(&(0x7f00000004c0)='ramfs\x00', 0x0)
r2 = fsmount(r1, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r2, &(0x7f0000000140)='./file0\x00')
readlinkat(r2, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=""/95, 0x5f)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f00000001c0)=ANY=[], 0x0, 0x2d, 0x0, 0x0, 0x7, 0x10000, @value}, 0x28)
r3 = accept$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r3, 0x84, 0x19, &(0x7f0000000300), 0x8)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='net/igmp6\x00')
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r5 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
write$UHID_CREATE2(r5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value=0x2000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r7}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r8, &(0x7f0000000100)={0x0, 0xffffffffffffff57, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r9, 0x1, 0x3, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x0, 0x8c, 0x4}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
write$P9_RSTATFS(r4, 0x0, 0x0)
r10 = syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0), r4)
sendmsg$TIPC_NL_BEARER_ENABLE(r8, &(0x7f0000000840)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000400)={&(0x7f0000000580)={0x264, r10, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x400}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x48}]}, @TIPC_NLA_BEARER={0xf4, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x800, @dev={0xfe, 0x80, '\x00', 0x39}, 0x61}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x80, @private0, 0x1}}}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xf}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @broadcast}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x1, @private0, 0x4}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x200}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x69}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xe}}}, {0x14, 0x2, @in={0x2, 0x4e22, @rand_addr=0xeb8f}}}}]}, @TIPC_NLA_NODE={0xa0, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x43, 0x4, {'gcm(aes)\x00', 0x1b, "d907dafe62003b7ea48198b47eab0773fb4bd1a6ec6c434b3dccbe"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x47, 0x4, {'gcm(aes)\x00', 0x1f, "a6940edd6a632ee3e48c7d8b8ea7ae5d85d2f0c26de9a3c0a2e553bbb1da1c"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x80000001}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xfffffffb}]}, @TIPC_NLA_LINK={0x1c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}]}]}, @TIPC_NLA_MEDIA={0x6c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8eda}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_SOCK={0x4}]}, 0x264}, 0x1, 0x0, 0x0, 0x20000840}, 0x4000000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, @void, @value}, 0x94)

2.893306928s ago: executing program 4 (id=1876):
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000dc0)=ANY=[@ANYBLOB="1201000000008040341d0a00000000000001923109040000010300000009210000000122ecfcd0e24568ab6e000000000000000000"], 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050b6850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e24, 0x8, @remote, 0x3}, 0x1c)
r2 = syz_io_uring_setup(0x7d9b, &(0x7f00000008c0)={0x0, 0x92af, 0x10100, 0x1, 0x21a}, &(0x7f0000000640)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x8241, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
epoll_create1(0x0)
pidfd_getfd(r5, r6, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_COALESCE(r8, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0)
getsockname$packet(r8, &(0x7f0000000200)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x3c}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newtfilter={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r9, {0xffe0}, {}, {0xa, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x39, 0x1}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x0, 0x4004140}, 0x0)

2.844075838s ago: executing program 3 (id=1877):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0xe, 0x7fff0000}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000007000000020000000400000005", @ANYRES32=0x0, @ANYBLOB], 0x48)
openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/fscaps', 0x10001, 0x90)
socket$inet(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000018000000181100", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000010400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000059c0)='./bus\x00', 0x1400e, &(0x7f0000000540)={[{@jqfmt_vfsv0}]}, 0x1, 0x439, &(0x7f0000000100)="$eJzs28tvG8UfAPDvrp3219cvpiqPPoBAQVQ8kiYtpQcuIJA4gIQEh3IMSVqVug1qgkSrCgJC5YgqcUcckfgLOMEFASckrnBHlSqUSwsno7V3G8exncY4ccGfj7TtzO5EM1/PTjyzkw1gaI1l/yQRuyPi14gYbWRXFxhr/Hdr+crMn8tXZpKo1d74I6mXu7l8ZaYoWvzcriJTjkg/SeJgm3oXLl0+N12tzl3M8xOL59+dWLh0+Zmz56fPzJ2ZuzB18uTxY5PPnZh6ti9xZnHdPPDB/KH9r7x17bWZU9fe/vHrpIi/JY4+Get28fFarc/VDdaepnRSHmBD2JBSY5jGSH38j0YpVjpvNF7+eKCNAzZVrVar3df58lIN+A9LYtAtAAaj+KLP1r/FsUVTj7vCjRcaC6As7lv50bhSjjQvM9Kyvu2nsYg4tfTXF9kRm/McAgBglW+z+c/T7eZ/aTQ/F/p/vodSiYh7ImJvRJyIiH0RcW9Evez9EfHAButv3SRZO/9Jr/cU2B3K5n/P53tbq+d/xewvKqU8t6ce/0hy+mx17mj+mRyJke1ZfrJLHd+99Mtnna41z/+yI6u/mAvm7bhe3t6nYNu48VHEgXK7+JPbOwFJROyPiAM91nH2ya8Odbq2fvxd9GGfqfZlxBON/l+KlvgLSff9yYn/RXXu6ERxV6z1089XX+9U/z+Kvw+y/t/Z9v4v4t9TSZr3axc2XsfV3z7tuKbp5f6fnV6c3pa8uerc+9OLixcnI7Ylr9bzlebzUy3lplbKZ/EfOdx+/O+NlU/iYERkN/GDEfFQRDyct/2RiHg0Ig53if+HFx97p/f4N1cW/2zX/o+W/l9JbIvWM+0TpXPff7Oq0spG4s/6/3g9dSQ/k/X/enHdSbt6u5sBAADg3yeNiN2RpOO302k6Pt74G/59sTOtzi8sPnV6/r0Ls413BCoxkhZPukabnodO5sv6Ij/Vkj+WPzf+vLSjnh+fma/ODjp4GHK7Ooz/zO+lQbcO2HTe14LhZfzD8DL+YXgZ/zC82oz/HYNoB7D12n3/fziAdgBbr2X82/aDIWL9D8OrbL0PQ8v3PwylhR2x/kvyEhJrEpHeFc2Q6DGRRkS3MoP+zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAffwcAAP//KvHjlA==")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000d80)='./file1\x00', 0x143042, 0x0)
pwritev2(r5, &(0x7f0000000800)=[{&(0x7f0000000080)="ff", 0x1}, {&(0x7f0000000880)="7ccc6f1671f34fc3279dafb5436dfb3641e9ce3e153162accd7d2abd4f815c5da8ed04891a36646f71d76f9a22316665f7b87cfb792bd85e8736bb1d2468b96e65ddb2f2b446594f555f45e628a48833bc2136c9fb0414e71efecb47173a0eaea8e8db4044c634cd0d6eb036afc28ad87d535cc34d53a12832c14edb43295343843421fe05ef298a7a875264c75c2f3122a75bb634f9de49772d5e3a1d3f87be0604b72e3bfb6254335f88d42691bb63a07ff84485af8517abb59c070310e60c68ee541abdac31f711ac9fd9b52c8a195bea3bb643609242c9f826e31956d784f529e2625ca071d0fb65d637c02faabe8137", 0xf2}, {&(0x7f00000007c0)="bcfb939c8bde2ad8fce696e02405f73df9f736adea800230b7e64353c582ff246eeb", 0x22}], 0x3, 0xe7b, 0x0, 0x2)
removexattr(&(0x7f0000000040)='./cgroup.cpu/cgroup.procs\x00', 0x0)

2.454668934s ago: executing program 0 (id=1881):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x154a3000)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
remap_file_pages(&(0x7f000057a000/0x1000)=nil, 0x1000, 0x0, 0x4, 0x1c0000)
remap_file_pages(&(0x7f00005fd000/0x4000)=nil, 0x4000, 0x0, 0x5, 0x20000)
getpid()
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r2, &(0x7f0000000140)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, &(0x7f0000000800)=[{&(0x7f00000018c0)='\t', 0x1}], 0x1}, 0x2000c015)
recvmmsg(r2, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000240)=""/130, 0x82}], 0x1, &(0x7f0000000600)=""/212, 0xd4}}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xfe5a)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f00000003c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0006}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x15, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="85100000010000009500000000000000850000007600000095"], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="0bfec2b77388ad0000", @ANYRES32, @ANYBLOB="0000000000000000b70800000e0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket$inet(0x2, 0x3, 0x8)
setsockopt$inet_int(r4, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
r5 = dup3(r4, 0xffffffffffffffff, 0x0)
setsockopt$inet_int(r5, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r6, &(0x7f0000001200), 0x10)

2.284041596s ago: executing program 0 (id=1882):
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
prctl$PR_SET_NAME(0xf, &(0x7f0000000000)='\\)-\xad\x00')
r0 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180), 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r1, 0x0, 0x4}, 0x18)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r2, &(0x7f0000002080)={0xfc, {"a2e3ad09ed0d09f91b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383142030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b2f38f0106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f330000000000000003d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9870af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xa75}}, 0x1006)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='-)-}@^%,@%\x00')
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffbfff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
syz_usb_connect(0x5, 0x0, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)
keyctl$KEYCTL_MOVE(0x1e, r5, 0xffffffffffffffff, 0x0, 0x1)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)="b429538e848febabe4d22f083089b0818da0087cda7a61ba95be955a5f", &(0x7f0000000140), 0x5, r4}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000810018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000b80)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce935b0f327cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1525320e716660000000000b02b001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d3294000000000000000000000000000000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1c77a211bfa02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0843b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000080)={r9, r10}, 0xc)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0xfc, @loopback}], 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x0)

2.241286547s ago: executing program 4 (id=1883):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
rename(&(0x7f0000000400)='./file0\x00', 0x0)
socket$inet6(0xa, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

2.162584488s ago: executing program 4 (id=1884):
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000f00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
fsopen(&(0x7f00000004c0)='ramfs\x00', 0x0)
symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffffff, &(0x7f0000000140)='./file0\x00')
readlinkat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=""/95, 0x5f)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f00000001c0)=ANY=[], 0x0, 0x2d, 0x0, 0x0, 0x7, 0x10000, @value}, 0x28)
r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r1, 0x84, 0x19, &(0x7f0000000300), 0x8)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='net/igmp6\x00')
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
write$UHID_CREATE2(r3, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value=0x2000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r5, &(0x7f0000000100)={0x0, 0xffffffffffffff57, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r6, 0x1, 0x3, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x0, 0x8c, 0x4}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
write$P9_RSTATFS(r2, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0), r2)
sendmsg$TIPC_NL_BEARER_ENABLE(r5, &(0x7f0000000840)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000400)={&(0x7f0000000580)={0x284, r7, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x400}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x48}]}, @TIPC_NLA_BEARER={0xf4, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x800, @dev={0xfe, 0x80, '\x00', 0x39}, 0x61}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x80, @private0, 0x1}}}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xf}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @broadcast}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x1, @private0, 0x4}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x200}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x69}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xe}}}, {0x14, 0x2, @in={0x2, 0x4e22, @rand_addr=0xeb8f}}}}]}, @TIPC_NLA_NODE={0xa0, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x43, 0x4, {'gcm(aes)\x00', 0x1b, "d907dafe62003b7ea48198b47eab0773fb4bd1a6ec6c434b3dccbe"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x47, 0x4, {'gcm(aes)\x00', 0x1f, "a6940edd6a632ee3e48c7d8b8ea7ae5d85d2f0c26de9a3c0a2e553bbb1da1c"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x80000001}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xfffffffb}]}, @TIPC_NLA_LINK={0x1c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}]}]}, @TIPC_NLA_MEDIA={0x6c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8eda}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_SOCK={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7359}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfffffffe}]}]}, 0x284}, 0x1, 0x0, 0x0, 0x20000840}, 0x4000000)

1.853852913s ago: executing program 4 (id=1885):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x1, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x0, 0x4, 0x0, 0x1, 0x10}], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
capset(&(0x7f00000001c0)={0x20080522}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x2)

1.775948754s ago: executing program 4 (id=1886):
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
ioctl$MON_IOCX_MFETCH(r3, 0xc0109207, &(0x7f0000000180)={0x0, 0x0, 0xfffffffd})
ioctl$MON_IOCH_MFLUSH(r3, 0x9208, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x9}, 0x10)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x400000, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r5}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
r8 = syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, &(0x7f0000000140)=<r9=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r9, 0x4, &(0x7f0000000080)=0x200, 0x0, 0x4)
io_uring_enter(r8, 0x1e76, 0x0, 0x6, 0x0, 0x0)
syz_open_dev$sg(&(0x7f00000001c0), 0x0, 0x42880)
r10 = socket(0x400000000010, 0x3, 0x0)
r11 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r12, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x20008850)
sendmsg$nl_route_sched(r10, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r12, {0x0, 0x7}, {}, {0x7}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x401, 0x4, 0x7, 0x200}]}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x20000800)
write(r0, &(0x7f00000000c0)="240000001e005f0214fffffffffffff8070000000100000000000000080009000b000000", 0x24)

1.775199014s ago: executing program 2 (id=1887):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)

1.576256107s ago: executing program 4 (id=1888):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r0}, 0x18)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="280100000000000001000000"], 0x128}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=[@rights={{0x10}}, @cred={{0x1c}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}, @rights={{0x10}}], 0x70}, 0x10100)
syz_usb_connect(0x0, 0x24, &(0x7f0000000380)=ANY=[], 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
r4 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={0x0, 0x13}, 0x400, 0xffffffff, 0x6, 0x6, 0x0, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
ioctl$PERF_EVENT_IOC_SET_BPF(r4, 0x40042408, 0xffffffffffffffff)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r3, 0x84, 0x6d, &(0x7f0000000240)={0x0, 0xd, "d656c9a61490b7e8773ca55437"}, &(0x7f0000000180)=0x15)

1.148900653s ago: executing program 2 (id=1889):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
close(0xffffffffffffffff)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller0\x00', 0x1})
r1 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="380000000314010000000000000008000900020073797a310000000008004100736977001400330073797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)

906.785876ms ago: executing program 2 (id=1890):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f0000000480)='mm_page_alloc\x00', r0}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)=ANY=[], 0x48)
r1 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000440)='kmem_cache_free\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000009d000000010001000900000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000039a152e00000ff0f00"/28], 0x50)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000080000000c"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x18)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={0x0, 0x50}}, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800019f000000000000000002000000000000000800010001000000040004"], 0x24}, 0x1, 0x0, 0x0, 0x4005}, 0x0)
sendmmsg(r6, &(0x7f0000000000), 0x4000000000001f2, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000001400)={{r3}, &(0x7f0000001380), &(0x7f00000013c0)='%-010d \x00'}, 0x20)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)

885.437987ms ago: executing program 2 (id=1891):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008002010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000002c0)=0x1)
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000100)=0x2)

799.543588ms ago: executing program 2 (id=1892):
perf_event_open(&(0x7f0000000140)={0x3, 0x80, 0x3f, 0x1, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, @perf_config_ext={0xfffffffffffff7e4, 0x2}, 0x8002, 0x0, 0x0, 0x4, 0x71, 0x1, 0xc, 0x0, 0x0, 0x0, 0x2007}, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f00000005c0)='syzkaller\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r1}, 0x10)
r2 = open(&(0x7f0000000180)='./bus\x00', 0x143162, 0x140)
fchdir(r2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00000000000000120000f1850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
inotify_init()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = dup3(r5, r4, 0x0)
fcntl$dupfd(r3, 0x406, r5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00'}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='trans=fd,rfdno', @ANYRESHEX=r6, @ANYBLOB, @ANYBLOB])
mount(&(0x7f0000000940)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x1000000, &(0x7f0000000300)='trans=rdma,')
setsockopt$sock_int(r0, 0x1, 0x22, &(0x7f0000000080)=0xb, 0x4)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6)
recvmmsg(r0, &(0x7f0000000100)=[{{0x0, 0xff32, 0x0, 0x0, &(0x7f0000000000)=""/10, 0x17}}], 0x400000000000078, 0x0, 0x0)

763.969448ms ago: executing program 2 (id=1893):
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000dc0)=ANY=[@ANYBLOB="1201000000008040341d0a00000000000001923109040000010300000009210000000122ecfcd0e24568ab6e000000000000000000"], 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050b6850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$inet6(0xa, 0x6, 0x0)
connect$inet6(r1, &(0x7f00000001c0)={0xa, 0x4e24, 0x8, @remote, 0x3}, 0x1c)
r2 = syz_io_uring_setup(0x7d9b, &(0x7f00000008c0)={0x0, 0x92af, 0x10100, 0x1, 0x21a}, &(0x7f0000000640)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x8241, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
socket$netlink(0x10, 0x3, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
epoll_create1(0x0)
pidfd_getfd(r5, r6, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_COALESCE(r8, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0)
getsockname$packet(r8, &(0x7f0000000200)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x3c}}, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newtfilter={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r9, {0xffe0}, {}, {0xa, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x39, 0x1}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x0, 0x4004140}, 0x0)

535.473112ms ago: executing program 3 (id=1894):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
clock_settime(0x3, 0x0)

519.143732ms ago: executing program 3 (id=1895):
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESOCT=r0, @ANYRESOCT], &(0x7f0000000240)='GPL\x00', 0x400004, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x7, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000240)=ANY=[@ANYRESHEX=0x0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r4 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c5902, 0x0)
write(r6, &(0x7f0000004200)='t', 0x1)
sendfile(r6, r5, 0x0, 0x3ffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000680)={'tunl0\x00', &(0x7f0000000800)={'tunl0\x00', <r7=>0x0, 0x8000, 0x7800, 0x5, 0x8, {{0x1d, 0x4, 0x0, 0x5, 0x74, 0x66, 0x0, 0x1, 0x2f, 0x0, @empty, @dev={0xac, 0x14, 0x14, 0x32}, {[@lsrr={0x83, 0x23, 0xa1, [@broadcast, @remote, @empty, @private=0xa010101, @rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0x42}, @remote, @broadcast]}, @lsrr={0x83, 0x2b, 0x94, [@loopback, @broadcast, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, @remote, @empty, @rand_addr=0x64010101]}, @generic={0x82, 0xd, "f93b0b25c035e97ede7237"}, @end, @end]}}}}})
sendmsg$ETHTOOL_MSG_COALESCE_GET(r5, &(0x7f0000000980)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000940)={&(0x7f0000000b00)={0x108, 0x0, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x108}, 0x1, 0x0, 0x0, 0x20000000}, 0x40010)
sendfile(r6, r5, 0x0, 0x7ffff000)
fallocate(r4, 0x0, 0x0, 0x1001f0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3, 0x0, 0xfffffffff7ffffe9}, 0x18)

336.706965ms ago: executing program 3 (id=1896):
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000850000000f00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = fsmount(0xffffffffffffffff, 0x0, 0x0)
symlinkat(&(0x7f0000000000)='.\x00', r1, &(0x7f0000000140)='./file0\x00')
readlinkat(r1, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=""/95, 0x5f)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={&(0x7f00000001c0)=ANY=[], 0x0, 0x2d, 0x0, 0x0, 0x7, 0x10000, @value}, 0x28)
r2 = accept$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r2, 0x84, 0x19, &(0x7f0000000300), 0x8)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000980)='net/igmp6\x00')
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000900)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x100000000000600d, 0x1)
r4 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
write$UHID_CREATE2(r4, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value=0x2000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r6, &(0x7f0000000100)={0x0, 0xffffffffffffff57, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r7, 0x1, 0x3, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x0, 0x8c, 0x4}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
write$P9_RSTATFS(r3, 0x0, 0x0)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f00000003c0), r3)
sendmsg$TIPC_NL_BEARER_ENABLE(r6, &(0x7f0000000840)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000400)={&(0x7f0000000580)={0x284, r8, 0x400, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x400}, @TIPC_NLA_PUBL_UPPER={0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xffffffff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x48}]}, @TIPC_NLA_BEARER={0xf4, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x800, @dev={0xfe, 0x80, '\x00', 0x39}, 0x61}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x80, @private0, 0x1}}}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xf}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @broadcast}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x1, @private0, 0x4}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x16}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x200}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x69}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xe}}}, {0x14, 0x2, @in={0x2, 0x4e22, @rand_addr=0xeb8f}}}}]}, @TIPC_NLA_NODE={0xa0, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x43, 0x4, {'gcm(aes)\x00', 0x1b, "d907dafe62003b7ea48198b47eab0773fb4bd1a6ec6c434b3dccbe"}}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x47, 0x4, {'gcm(aes)\x00', 0x1f, "a6940edd6a632ee3e48c7d8b8ea7ae5d85d2f0c26de9a3c0a2e553bbb1da1c"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x80000001}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_PUBL={0xc, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xfffffffb}]}, @TIPC_NLA_LINK={0x1c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}]}]}, @TIPC_NLA_MEDIA={0x6c, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8eda}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}]}, @TIPC_NLA_SOCK={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_CON={0x14, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7359}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x5}]}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xfffffffe}]}]}, 0x284}, 0x1, 0x0, 0x0, 0x20000840}, 0x4000000)

54.930029ms ago: executing program 3 (id=1897):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x1, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x0, 0x4, 0x0, 0x1, 0x10}], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
capset(&(0x7f00000001c0)={0x20080522}, &(0x7f0000000280)={0x0, 0x3, 0x7, 0x0, 0x10040, 0x8f})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x2)

0s ago: executing program 3 (id=1898):
r0 = syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESOCT=r0, @ANYRESOCT], &(0x7f0000000240)='GPL\x00', 0x400004, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x7, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000240)=ANY=[@ANYRESHEX=0x0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
r3 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x88882, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c5902, 0x0)
write(r5, &(0x7f0000004200)='t', 0x1)
sendfile(r5, r4, 0x0, 0x3ffff)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000680)={'tunl0\x00', &(0x7f0000000800)={'tunl0\x00', <r6=>0x0, 0x8000, 0x7800, 0x5, 0x8, {{0x2a, 0x4, 0x0, 0x5, 0xa8, 0x66, 0x0, 0x1, 0x2f, 0x0, @empty, @dev={0xac, 0x14, 0x14, 0x32}, {[@lsrr={0x83, 0x23, 0xa1, [@broadcast, @remote, @empty, @private=0xa010101, @rand_addr=0x64010102, @dev={0xac, 0x14, 0x14, 0x42}, @remote, @broadcast]}, @lsrr={0x83, 0x2b, 0x94, [@loopback, @broadcast, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast2, @remote, @empty, @rand_addr=0x64010101]}, @generic={0x82, 0xd, "f93b0b25c035e97ede7237"}, @timestamp_addr={0x44, 0x34, 0x24, 0x1, 0x9, [{@multicast1, 0x7}, {@rand_addr=0x64010101, 0x226}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x9}, {@loopback, 0xff}, {@dev={0xac, 0x14, 0x14, 0x24}, 0x2}, {@rand_addr=0x64010102, 0xc}]}, @end, @end]}}}}})
sendmsg$ETHTOOL_MSG_COALESCE_GET(r4, &(0x7f0000000980)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000940)={&(0x7f0000000b00)={0x108, 0x0, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6gretap0\x00'}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'rose0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x6c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}]}, 0x108}, 0x1, 0x0, 0x0, 0x20000000}, 0x40010)
sendfile(r5, r4, 0x0, 0x7ffff000)
fallocate(r3, 0x0, 0x0, 0x1001f0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0xfffffffff7ffffe9}, 0x18)

kernel console output (not intermixed with test programs):

 111.220332][ T6864] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended
[  111.229985][ T6864] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  111.238184][ T6864] System zones: 0-2, 18-18, 34-34
[  111.243595][ T6864] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  111.258722][ T6864] EXT4-fs (loop3): 1 truncate cleaned up
[  111.267500][ T6869] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  111.313129][ T6838] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  111.333823][ T6838] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  111.353811][ T6838] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  111.369155][ T6838] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  111.437920][ T6887] loop3: detected capacity change from 0 to 764
[  111.460568][ T6887] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  111.486511][ T6891] loop0: detected capacity change from 0 to 2048
[  111.491135][ T6892] siw: device registration error -23
[  111.500938][ T6893] FAULT_INJECTION: forcing a failure.
[  111.500938][ T6893] name failslab, interval 1, probability 0, space 0, times 0
[  111.513731][ T6893] CPU: 0 UID: 0 PID: 6893 Comm: syz.2.1221 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(voluntary) 
[  111.513764][ T6893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  111.513843][ T6893] Call Trace:
[  111.513851][ T6893]  <TASK>
[  111.513858][ T6893]  dump_stack_lvl+0xf6/0x150
[  111.513883][ T6893]  dump_stack+0x15/0x1a
[  111.513902][ T6893]  should_fail_ex+0x261/0x270
[  111.513927][ T6893]  should_failslab+0x8f/0xb0
[  111.514125][ T6893]  __kmalloc_cache_noprof+0x55/0x320
[  111.514165][ T6893]  ? __se_sys_memfd_create+0x1ea/0x5a0
[  111.514236][ T6893]  __se_sys_memfd_create+0x1ea/0x5a0
[  111.514263][ T6893]  __x64_sys_memfd_create+0x31/0x40
[  111.514285][ T6893]  x64_sys_call+0x1163/0x2e10
[  111.514315][ T6893]  do_syscall_64+0xc9/0x1c0
[  111.514336][ T6893]  ? clear_bhb_loop+0x25/0x80
[  111.514358][ T6893]  ? clear_bhb_loop+0x25/0x80
[  111.514380][ T6893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.514407][ T6893] RIP: 0033:0x7f562792d169
[  111.514421][ T6893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.514439][ T6893] RSP: 002b:00007f5625f8ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  111.514457][ T6893] RAX: ffffffffffffffda RBX: 00000000000007dc RCX: 00007f562792d169
[  111.514474][ T6893] RDX: 00007f5625f8eef0 RSI: 0000000000000000 RDI: 00007f56279aec3c
[  111.514486][ T6893] RBP: 0000200000000d80 R08: 00007f5625f8ebb7 R09: 00007f5625f8ee40
[  111.514498][ T6893] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000280
[  111.514510][ T6893] R13: 00007f5625f8eef0 R14: 00007f5625f8eeb0 R15: 0000200000000500
[  111.514528][ T6893]  </TASK>
[  111.711612][ T6895] loop3: detected capacity change from 0 to 2048
[  111.759684][ T6908] FAULT_INJECTION: forcing a failure.
[  111.759684][ T6908] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  111.772987][ T6908] CPU: 1 UID: 0 PID: 6908 Comm: syz.2.1227 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(voluntary) 
[  111.773093][ T6908] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  111.773107][ T6908] Call Trace:
[  111.773115][ T6908]  <TASK>
[  111.773123][ T6908]  dump_stack_lvl+0xf6/0x150
[  111.773149][ T6908]  dump_stack+0x15/0x1a
[  111.773164][ T6908]  should_fail_ex+0x261/0x270
[  111.773185][ T6908]  should_fail+0xb/0x10
[  111.773202][ T6908]  should_fail_usercopy+0x1a/0x20
[  111.773300][ T6908]  _copy_from_user+0x1c/0xa0
[  111.773333][ T6908]  __x64_sys_signalfd4+0x8f/0x100
[  111.773354][ T6908]  x64_sys_call+0x29f5/0x2e10
[  111.773435][ T6908]  do_syscall_64+0xc9/0x1c0
[  111.773460][ T6908]  ? clear_bhb_loop+0x25/0x80
[  111.773486][ T6908]  ? clear_bhb_loop+0x25/0x80
[  111.773510][ T6908]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  111.773530][ T6908] RIP: 0033:0x7f562792d169
[  111.773544][ T6908] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  111.773562][ T6908] RSP: 002b:00007f5625f8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000121
[  111.773582][ T6908] RAX: ffffffffffffffda RBX: 00007f5627b45fa0 RCX: 00007f562792d169
[  111.773596][ T6908] RDX: 0000000000000008 RSI: 0000200000001140 RDI: ffffffffffffffff
[  111.773691][ T6908] RBP: 00007f5625f8f090 R08: 0000000000000000 R09: 0000000000000000
[  111.773706][ T6908] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  111.773720][ T6908] R13: 0000000000000000 R14: 00007f5627b45fa0 R15: 00007ffc926af4a8
[  111.773742][ T6908]  </TASK>
[  112.050363][ T6914] bridge0: entered promiscuous mode
[  112.066227][ T6914] bridge0: port 3(macsec1) entered blocking state
[  112.072778][ T6914] bridge0: port 3(macsec1) entered disabled state
[  112.079838][ T6914] macsec1: entered allmulticast mode
[  112.085278][ T6914] bridge0: entered allmulticast mode
[  112.091757][ T6914] macsec1: left allmulticast mode
[  112.096958][ T6914] bridge0: left allmulticast mode
[  112.104771][ T6914] bridge0: left promiscuous mode
[  112.126475][ T6915] __nla_validate_parse: 12 callbacks suppressed
[  112.126495][ T6915] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1228'.
[  112.141756][ T6915] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1228'.
[  112.150681][ T6915] netlink: 2 bytes leftover after parsing attributes in process `syz.4.1228'.
[  112.161355][ T6921] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1228'.
[  112.207107][ T6924] loop2: detected capacity change from 0 to 8192
[  112.214634][ T6924] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  112.261089][ T6922] Falling back ldisc for ttyS3.
[  112.278259][ T6711] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  112.308946][ T6711] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  112.326893][ T6711] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  112.339044][ T6711] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  112.382523][ T6936] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  112.398570][ T6936] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  112.404071][ T6940] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1240'.
[  112.425232][ T6936] loop0: detected capacity change from 0 to 138
[  112.443821][ T6936] EXT4-fs error (device loop0): __ext4_fill_super:5502: inode #2: comm syz.0.1237: iget: special inode unallocated
[  112.476894][ T6936] EXT4-fs (loop0): get root inode failed
[  112.482708][ T6936] EXT4-fs (loop0): mount failed
[  112.515040][ T6945] loop1: detected capacity change from 0 to 8192
[  112.522630][ T6945] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  112.706030][ T6968] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=48596 sclass=netlink_route_socket pid=6968 comm=syz.1.1242
[  112.809054][ T6979] loop4: detected capacity change from 0 to 512
[  112.835023][ T6979] ext4 filesystem being mounted at /211/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.181256][ T7025] FAULT_INJECTION: forcing a failure.
[  113.181256][ T7025] name failslab, interval 1, probability 0, space 0, times 0
[  113.193968][ T7025] CPU: 1 UID: 0 PID: 7025 Comm: syz.0.1248 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(voluntary) 
[  113.194002][ T7025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  113.194018][ T7025] Call Trace:
[  113.194026][ T7025]  <TASK>
[  113.194044][ T7025]  dump_stack_lvl+0xf6/0x150
[  113.194076][ T7025]  dump_stack+0x15/0x1a
[  113.194091][ T7025]  should_fail_ex+0x261/0x270
[  113.194115][ T7025]  should_failslab+0x8f/0xb0
[  113.194155][ T7025]  kmem_cache_alloc_noprof+0x59/0x340
[  113.194199][ T7025]  ? mas_alloc_nodes+0x1e3/0x490
[  113.194228][ T7025]  mas_alloc_nodes+0x1e3/0x490
[  113.194257][ T7025]  mas_preallocate+0x48d/0x6b0
[  113.194286][ T7025]  mmap_region+0x978/0x1630
[  113.194347][ T7025]  do_mmap+0x9ef/0xc80
[  113.194381][ T7025]  vm_mmap_pgoff+0x16d/0x2d0
[  113.194417][ T7025]  ksys_mmap_pgoff+0xd0/0x340
[  113.194444][ T7025]  ? fpregs_assert_state_consistent+0x83/0xa0
[  113.194480][ T7025]  x64_sys_call+0x1945/0x2e10
[  113.194503][ T7025]  do_syscall_64+0xc9/0x1c0
[  113.194527][ T7025]  ? clear_bhb_loop+0x25/0x80
[  113.194551][ T7025]  ? clear_bhb_loop+0x25/0x80
[  113.194570][ T7025]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.194589][ T7025] RIP: 0033:0x7f75bff6d1a3
[  113.194602][ T7025] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  113.194621][ T7025] RSP: 002b:00007f75be5cee18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  113.194643][ T7025] RAX: ffffffffffffffda RBX: 0000000000000512 RCX: 00007f75bff6d1a3
[  113.194658][ T7025] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  113.194677][ T7025] RBP: 0000200000000342 R08: 00000000ffffffff R09: 0000000000000000
[  113.194688][ T7025] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000005
[  113.194698][ T7025] R13: 00007f75be5ceef0 R14: 00007f75be5ceeb0 R15: 0000200000000300
[  113.194714][ T7025]  </TASK>
[  113.440220][ T7035] loop0: detected capacity change from 0 to 256
[  113.658264][ T7083] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1256'.
[  113.667358][ T7083] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1256'.
[  113.676387][ T7083] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1256'.
[  113.741489][ T7098] loop0: detected capacity change from 0 to 512
[  113.748896][ T7098] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  113.758000][ T7098] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  113.785706][ T7098] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended
[  113.795609][ T7098] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  113.808129][ T7098] System zones: 0-2, 18-18, 34-34
[  113.814555][ T7098] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  113.828161][ T7107] loop2: detected capacity change from 0 to 512
[  113.836254][ T7107] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  113.845434][ T7107] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  113.854489][ T7098] EXT4-fs (loop0): 1 truncate cleaned up
[  113.873457][ T7107] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended
[  113.883035][ T7107] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  113.892898][ T7107] System zones: 0-2, 18-18, 34-34
[  113.899749][ T7107] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  113.915002][ T7107] EXT4-fs (loop2): 1 truncate cleaned up
[  113.985380][ T7127] Falling back ldisc for ttyS3.
[  113.994425][ T7119] FAULT_INJECTION: forcing a failure.
[  113.994425][ T7119] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  114.007625][ T7119] CPU: 0 UID: 0 PID: 7119 Comm: syz.0.1260 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(voluntary) 
[  114.007666][ T7119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  114.007731][ T7119] Call Trace:
[  114.007739][ T7119]  <TASK>
[  114.007749][ T7119]  dump_stack_lvl+0xf6/0x150
[  114.007778][ T7119]  dump_stack+0x15/0x1a
[  114.007798][ T7119]  should_fail_ex+0x261/0x270
[  114.007824][ T7119]  should_fail+0xb/0x10
[  114.007892][ T7119]  should_fail_usercopy+0x1a/0x20
[  114.007920][ T7119]  _copy_to_user+0x20/0xa0
[  114.007964][ T7119]  simple_read_from_buffer+0xb2/0x130
[  114.008070][ T7119]  proc_fail_nth_read+0x103/0x140
[  114.008100][ T7119]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  114.008136][ T7119]  vfs_read+0x1b2/0x710
[  114.008161][ T7119]  ? __rcu_read_unlock+0x4e/0x70
[  114.008233][ T7119]  ? __fget_files+0x186/0x1c0
[  114.008341][ T7119]  ksys_read+0xeb/0x1b0
[  114.008370][ T7119]  __x64_sys_read+0x42/0x50
[  114.008397][ T7119]  x64_sys_call+0x2a3b/0x2e10
[  114.008424][ T7119]  do_syscall_64+0xc9/0x1c0
[  114.008448][ T7119]  ? clear_bhb_loop+0x25/0x80
[  114.008471][ T7119]  ? clear_bhb_loop+0x25/0x80
[  114.008491][ T7119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.008533][ T7119] RIP: 0033:0x7f75bff6bb7c
[  114.008550][ T7119] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  114.008572][ T7119] RSP: 002b:00007f75be5cf030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  114.008594][ T7119] RAX: ffffffffffffffda RBX: 00007f75c0185fa0 RCX: 00007f75bff6bb7c
[  114.008608][ T7119] RDX: 000000000000000f RSI: 00007f75be5cf0a0 RDI: 0000000000000005
[  114.008623][ T7119] RBP: 00007f75be5cf090 R08: 0000000000000000 R09: 0000000000000000
[  114.008716][ T7119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  114.008729][ T7119] R13: 0000000000000000 R14: 00007f75c0185fa0 R15: 00007ffc902f5058
[  114.008746][ T7119]  </TASK>
[  114.215981][ T7134] netlink: 148 bytes leftover after parsing attributes in process `syz.2.1262'.
[  114.229705][ T7137] serio: Serial port ptm0
[  114.265057][ T7144] RDS: rds_bind could not find a transport for ::c000:0:20:0, load rds_tcp or rds_rdma?
[  114.278063][ T7144] SELinux:  Context Ü is not valid (left unmapped).
[  114.295549][ T7145] loop0: detected capacity change from 0 to 2048
[  114.306757][ T7147] loop2: detected capacity change from 0 to 512
[  114.344089][ T7147] EXT4-fs (loop2): orphan cleanup on readonly fs
[  114.352428][ T7147] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1266: bg 0: block 248: padding at end of block bitmap is not set
[  114.370212][ T7147] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.1266: Failed to acquire dquot type 1
[  114.383796][ T7147] EXT4-fs (loop2): 1 truncate cleaned up
[  114.429226][ T7155] Falling back ldisc for ttyS3.
[  114.473935][   T29] kauditd_printk_skb: 340 callbacks suppressed
[  114.473951][   T29] audit: type=1400 audit(1743547153.327:6519): avc:  denied  { create } for  pid=7158 comm="syz.2.1270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  114.475008][   T29] audit: type=1400 audit(1743547153.327:6520): avc:  denied  { write } for  pid=7158 comm="syz.2.1270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  114.492306][ T7159] loop2: detected capacity change from 0 to 2048
[  114.517754][   T29] audit: type=1400 audit(1743547153.337:6521): avc:  denied  { read } for  pid=7158 comm="syz.2.1270" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  114.548322][   T29] audit: type=1400 audit(1743547153.367:6522): avc:  denied  { getopt } for  pid=7136 comm="gtp" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  114.549771][   T29] audit: type=1400 audit(1743547153.377:6523): avc:  denied  { create } for  pid=7156 comm="syz.4.1269" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  114.586755][   T29] audit: type=1400 audit(1743547153.377:6524): avc:  denied  { create } for  pid=7156 comm="-)-}@^%,@%" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  114.586858][   T29] audit: type=1400 audit(1743547153.377:6525): avc:  denied  { write } for  pid=7156 comm="-)-}@^%,@%" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  114.592973][   T29] audit: type=1400 audit(1743547153.448:6526): avc:  denied  { setopt } for  pid=7156 comm="syz.4.1269" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  114.650339][   T29] audit: type=1400 audit(1743547153.448:6527): avc:  denied  { bind } for  pid=7156 comm="syz.4.1269" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  114.650368][   T29] audit: type=1400 audit(1743547153.448:6528): avc:  denied  { name_bind } for  pid=7156 comm="syz.4.1269" src=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  114.914553][ T7171] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1274'.
[  115.044079][ T7160] Set syz1 is full, maxelem 65536 reached
[  115.122326][ T7185] xt_hashlimit: size too large, truncated to 1048576
[  115.186085][ T7190] loop1: detected capacity change from 0 to 512
[  115.194236][ T7190] EXT4-fs error (device loop1): ext4_get_journal_inode:5798: inode #32: comm syz.1.1278: iget: special inode unallocated
[  115.208367][ T7190] EXT4-fs (loop1): Remounting filesystem read-only
[  115.215226][ T7190] EXT4-fs (loop1): no journal found
[  115.220537][ T7190] EXT4-fs (loop1): can't get journal size
[  115.226645][ T7189] Falling back ldisc for ttyS3.
[  115.233302][ T7190] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  115.259848][ T7190] EXT4-fs (loop1): failed to initialize system zone (-117)
[  115.268592][ T7190] EXT4-fs (loop1): mount failed
[  115.278967][ T7193] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  115.287236][ T7178] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  115.296770][ T7178] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  115.310836][ T7178] loop2: detected capacity change from 0 to 1024
[  115.319147][ T7178] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  115.331574][ T7178] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.1276: Invalid block bitmap block 0 in block_group 0
[  115.346591][ T7178] EXT4-fs (loop2): Remounting filesystem read-only
[  115.353613][ T7178] EXT4-fs (loop2): 1 orphan inode deleted
[  115.375692][ T7193] netlink: 'syz.0.1281': attribute type 10 has an invalid length.
[  115.385099][ T7193] geneve1: entered promiscuous mode
[  115.482427][ T7199] loop3: detected capacity change from 0 to 2048
[  116.140154][ T7212] loop3: detected capacity change from 0 to 512
[  116.155872][ T7212] EXT4-fs (loop3): orphan cleanup on readonly fs
[  116.171575][ T7212] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1284: bg 0: block 248: padding at end of block bitmap is not set
[  116.201346][ T7212] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.1284: Failed to acquire dquot type 1
[  116.214778][ T7212] EXT4-fs (loop3): 1 truncate cleaned up
[  116.389527][ T7217] loop0: detected capacity change from 0 to 512
[  116.396981][ T7217] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  116.406148][ T7217] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  116.426731][ T7217] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended
[  116.443358][ T7217] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  116.462613][ T7217] System zones: 0-2, 18-18, 34-34
[  116.515850][ T7217] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  116.564813][ T7217] EXT4-fs (loop0): 1 truncate cleaned up
[  116.657677][ T7230] FAULT_INJECTION: forcing a failure.
[  116.657677][ T7230] name failslab, interval 1, probability 0, space 0, times 0
[  116.670460][ T7230] CPU: 0 UID: 0 PID: 7230 Comm: syz.0.1289 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(voluntary) 
[  116.670493][ T7230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  116.670508][ T7230] Call Trace:
[  116.670516][ T7230]  <TASK>
[  116.670523][ T7230]  dump_stack_lvl+0xf6/0x150
[  116.670550][ T7230]  dump_stack+0x15/0x1a
[  116.670565][ T7230]  should_fail_ex+0x261/0x270
[  116.670586][ T7230]  should_failslab+0x8f/0xb0
[  116.670610][ T7230]  kmem_cache_alloc_noprof+0x59/0x340
[  116.670650][ T7230]  ? __mpol_dup+0x48/0x1b0
[  116.670675][ T7230]  __mpol_dup+0x48/0x1b0
[  116.670700][ T7230]  __se_sys_set_mempolicy_home_node+0x2bb/0x570
[  116.670745][ T7230]  __x64_sys_set_mempolicy_home_node+0x55/0x70
[  116.670779][ T7230]  x64_sys_call+0x108f/0x2e10
[  116.670802][ T7230]  do_syscall_64+0xc9/0x1c0
[  116.670821][ T7230]  ? clear_bhb_loop+0x25/0x80
[  116.670840][ T7230]  ? clear_bhb_loop+0x25/0x80
[  116.670863][ T7230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  116.670889][ T7230] RIP: 0033:0x7f75bff6d169
[  116.670904][ T7230] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  116.670920][ T7230] RSP: 002b:00007f75be5cf038 EFLAGS: 00000246 ORIG_RAX: 00000000000001c2
[  116.670938][ T7230] RAX: ffffffffffffffda RBX: 00007f75c0185fa0 RCX: 00007f75bff6d169
[  116.670949][ T7230] RDX: 0000000000000000 RSI: 000000000000a000 RDI: 0000200000349000
[  116.670962][ T7230] RBP: 00007f75be5cf090 R08: 0000000000000000 R09: 0000000000000000
[  116.670976][ T7230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  116.670990][ T7230] R13: 0000000000000000 R14: 00007f75c0185fa0 R15: 00007ffc902f5058
[  116.671013][ T7230]  </TASK>
[  116.885415][ T7234] loop0: detected capacity change from 0 to 512
[  116.892693][ T7234] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  116.902363][ T7234] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  116.913621][ T7234] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended
[  116.923029][ T7234] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  116.932449][ T7234] System zones: 0-2, 18-18, 34-34
[  116.938139][ T7234] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  116.954255][ T7234] EXT4-fs (loop0): 1 truncate cleaned up
[  117.019606][ T7239] sd 0:0:1:0: device reset
[  117.075757][ T7241] Falling back ldisc for ttyS3.
[  117.103811][ T7243] siw: device registration error -23
[  117.315777][ T7249] loop1: detected capacity change from 0 to 512
[  117.342587][ T7249] EXT4-fs (loop1): orphan cleanup on readonly fs
[  117.352855][ T7249] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1297: bg 0: block 248: padding at end of block bitmap is not set
[  117.382842][ T7249] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.1297: Failed to acquire dquot type 1
[  117.400107][ T7249] EXT4-fs (loop1): 1 truncate cleaned up
[  117.466818][ T7258] loop3: detected capacity change from 0 to 2048
[  117.592318][ T7266] Falling back ldisc for ttyS3.
[  117.664281][ T7270] loop1: detected capacity change from 0 to 512
[  117.732509][ T7276] Falling back ldisc for ttyS3.
[  117.781402][ T7279] __nla_validate_parse: 10 callbacks suppressed
[  117.781420][ T7279] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1309'.
[  117.827175][ T7283] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1308'.
[  117.843788][ T7283] FAULT_INJECTION: forcing a failure.
[  117.843788][ T7283] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  117.856964][ T7283] CPU: 1 UID: 0 PID: 7283 Comm: syz.3.1308 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(voluntary) 
[  117.856998][ T7283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  117.857010][ T7283] Call Trace:
[  117.857017][ T7283]  <TASK>
[  117.857024][ T7283]  dump_stack_lvl+0xf6/0x150
[  117.857051][ T7283]  dump_stack+0x15/0x1a
[  117.857079][ T7283]  should_fail_ex+0x261/0x270
[  117.857101][ T7283]  should_fail+0xb/0x10
[  117.857168][ T7283]  should_fail_usercopy+0x1a/0x20
[  117.857196][ T7283]  _copy_from_user+0x1c/0xa0
[  117.857229][ T7283]  copy_msghdr_from_user+0x54/0x2b0
[  117.857256][ T7283]  ? __fget_files+0x186/0x1c0
[  117.857295][ T7283]  __sys_sendmsg+0x141/0x240
[  117.857336][ T7283]  __x64_sys_sendmsg+0x46/0x50
[  117.857362][ T7283]  x64_sys_call+0x26f3/0x2e10
[  117.857383][ T7283]  do_syscall_64+0xc9/0x1c0
[  117.857402][ T7283]  ? clear_bhb_loop+0x25/0x80
[  117.857464][ T7283]  ? clear_bhb_loop+0x25/0x80
[  117.857490][ T7283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  117.857513][ T7283] RIP: 0033:0x7fd32757d169
[  117.857531][ T7283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  117.857552][ T7283] RSP: 002b:00007fd325be7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  117.857654][ T7283] RAX: ffffffffffffffda RBX: 00007fd327795fa0 RCX: 00007fd32757d169
[  117.857667][ T7283] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000007
[  117.857749][ T7283] RBP: 00007fd325be7090 R08: 0000000000000000 R09: 0000000000000000
[  117.857760][ T7283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  117.857782][ T7283] R13: 0000000000000000 R14: 00007fd327795fa0 R15: 00007ffe960da3e8
[  117.857798][ T7283]  </TASK>
[  117.928872][ T7293] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1311'.
[  118.067781][ T7290] bridge0: entered promiscuous mode
[  118.087654][ T7290] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1311'.
[  118.182918][ T7289] bridge0: left promiscuous mode
[  118.219200][ T7308] loop1: detected capacity change from 0 to 2048
[  118.252990][ T7316] FAULT_INJECTION: forcing a failure.
[  118.252990][ T7316] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  118.266189][ T7316] CPU: 1 UID: 0 PID: 7316 Comm: syz.2.1322 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(voluntary) 
[  118.266219][ T7316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  118.266268][ T7316] Call Trace:
[  118.266273][ T7316]  <TASK>
[  118.266280][ T7316]  dump_stack_lvl+0xf6/0x150
[  118.266350][ T7316]  dump_stack+0x15/0x1a
[  118.266370][ T7316]  should_fail_ex+0x261/0x270
[  118.266397][ T7316]  should_fail+0xb/0x10
[  118.266414][ T7316]  should_fail_usercopy+0x1a/0x20
[  118.266438][ T7316]  _copy_to_user+0x20/0xa0
[  118.266537][ T7316]  simple_read_from_buffer+0xb2/0x130
[  118.266571][ T7316]  proc_fail_nth_read+0x103/0x140
[  118.266609][ T7316]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  118.266655][ T7316]  vfs_read+0x1b2/0x710
[  118.266680][ T7316]  ? __rcu_read_unlock+0x4e/0x70
[  118.266711][ T7316]  ? __fget_files+0x186/0x1c0
[  118.266827][ T7316]  ksys_read+0xeb/0x1b0
[  118.266851][ T7316]  __x64_sys_read+0x42/0x50
[  118.266873][ T7316]  x64_sys_call+0x2a3b/0x2e10
[  118.266975][ T7316]  do_syscall_64+0xc9/0x1c0
[  118.267069][ T7316]  ? clear_bhb_loop+0x25/0x80
[  118.267147][ T7316]  ? clear_bhb_loop+0x25/0x80
[  118.267169][ T7316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  118.267188][ T7316] RIP: 0033:0x7f562792bb7c
[  118.267206][ T7316] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  118.267226][ T7316] RSP: 002b:00007f5625f8f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  118.267244][ T7316] RAX: ffffffffffffffda RBX: 00007f5627b45fa0 RCX: 00007f562792bb7c
[  118.267309][ T7316] RDX: 000000000000000f RSI: 00007f5625f8f0a0 RDI: 0000000000000007
[  118.267331][ T7316] RBP: 00007f5625f8f090 R08: 0000000000000000 R09: 0000000000000000
[  118.267345][ T7316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  118.267359][ T7316] R13: 0000000000000000 R14: 00007f5627b45fa0 R15: 00007ffc926af4a8
[  118.267379][ T7316]  </TASK>
[  118.467655][ T7311] Falling back ldisc for ttyS3.
[  118.511968][ T7322] loop3: detected capacity change from 0 to 2048
[  118.580906][ T7332] loop0: detected capacity change from 0 to 512
[  118.594002][ T7332] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  118.611638][ T7332] EXT4-fs (loop0): orphan cleanup on readonly fs
[  118.619805][ T7332] EXT4-fs warning (device loop0): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  118.634883][ T7332] EXT4-fs (loop0): Cannot turn on quotas: error -22
[  118.644856][ T7332] EXT4-fs error (device loop0): ext4_orphan_get:1390: inode #16: comm syz.0.1326: iget: immutable or append flags not allowed on symlinks
[  118.663038][ T7332] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.1326: couldn't read orphan inode 16 (err -117)
[  118.944691][ T7364] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1339'.
[  118.955526][ T7364] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.972562][ T7366] loop2: detected capacity change from 0 to 2048
[  119.023464][ T7364] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.074013][ T7364] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.133529][ T7364] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.199298][ T7364] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  119.210879][ T7364] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  119.222784][ T7364] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  119.234157][ T7364] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  119.431724][ T7393] loop0: detected capacity change from 0 to 256
[  119.477067][ T7396] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1346'.
[  119.486117][ T7396] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1346'.
[  119.519409][   T29] kauditd_printk_skb: 516 callbacks suppressed
[  119.519427][   T29] audit: type=1400 audit(1743547157.403:7039): avc:  denied  { create } for  pid=7386 comm="syz.1.1346" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  119.552282][ T7396] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1346'.
[  119.561321][ T7396] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1346'.
[  119.570304][ T7396] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1346'.
[  119.589486][   T29] audit: type=1400 audit(1743547157.423:7040): avc:  denied  { setopt } for  pid=7401 comm="syz.0.1351" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  119.609208][   T29] audit: type=1400 audit(1743547157.433:7041): avc:  denied  { bind } for  pid=7386 comm="syz.1.1346" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  119.628716][   T29] audit: type=1400 audit(1743547157.433:7042): avc:  denied  { name_bind } for  pid=7386 comm="syz.1.1346" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  119.649547][   T29] audit: type=1326 audit(1743547157.433:7043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7401 comm="syz.0.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75bff6d169 code=0x7ffc0000
[  119.673034][   T29] audit: type=1326 audit(1743547157.433:7044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7401 comm="syz.0.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75bff6d169 code=0x7ffc0000
[  119.696463][   T29] audit: type=1400 audit(1743547157.433:7045): avc:  denied  { node_bind } for  pid=7386 comm="syz.1.1346" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1
[  119.717321][   T29] audit: type=1326 audit(1743547157.433:7046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7401 comm="syz.0.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f75bff6d169 code=0x7ffc0000
[  119.740648][   T29] audit: type=1326 audit(1743547157.433:7047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7401 comm="syz.0.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f75bff6d169 code=0x7ffc0000
[  119.764123][   T29] audit: type=1326 audit(1743547157.433:7048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7403 comm="syz.0.1351" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f75bff9fa25 code=0x7ffc0000
[  119.828131][ T7417] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.884266][ T7417] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.922303][ T7419] Falling back ldisc for ttyS3.
[  119.965252][ T7417] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.000602][ T7426] loop0: detected capacity change from 0 to 2048
[  120.033930][ T7417] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  120.071682][ T7433] netlink: 'syz.0.1357': attribute type 11 has an invalid length.
[  120.083133][ T7432] Falling back ldisc for ttyS3.
[  120.095913][ T7417] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  120.107609][ T7417] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  120.130460][ T7417] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  120.148306][ T7441] loop0: detected capacity change from 0 to 512
[  120.159318][ T7417] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  120.164275][ T7441] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm +}[@: Failed to acquire dquot type 1
[  120.179597][ T7441] EXT4-fs (loop0): 1 truncate cleaned up
[  120.180252][ T7441] ext4 filesystem being mounted at /276/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.256187][ T7448] batman_adv: batadv0: Removing interface: batadv_slave_1
[  120.303010][ T7450] loop3: detected capacity change from 0 to 8192
[  120.343706][ T7450] dccp_invalid_packet: P.Data Offset(4) too small
[  120.422739][ T7459] Falling back ldisc for ttyS3.
[  120.438564][ T7465] siw: device registration error -23
[  120.601127][ T7483] loop0: detected capacity change from 0 to 128
[  120.607946][ T7483] vfat: Unknown parameter ''
[  120.633969][ T7487] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  120.778499][ T7495] loop2: detected capacity change from 0 to 512
[  120.785181][ T7495] EXT4-fs: Ignoring removed oldalloc option
[  120.791514][ T7495] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  120.803475][ T7495] EXT4-fs (loop2): 1 truncate cleaned up
[  120.811164][ T7495] FAULT_INJECTION: forcing a failure.
[  120.811164][ T7495] name failslab, interval 1, probability 0, space 0, times 0
[  120.823969][ T7495] CPU: 1 UID: 0 PID: 7495 Comm: syz.2.1380 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(voluntary) 
[  120.824049][ T7495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  120.824064][ T7495] Call Trace:
[  120.824072][ T7495]  <TASK>
[  120.824081][ T7495]  dump_stack_lvl+0xf6/0x150
[  120.824110][ T7495]  dump_stack+0x15/0x1a
[  120.824130][ T7495]  should_fail_ex+0x261/0x270
[  120.824156][ T7495]  ? __pfx_cgroup_show_path+0x10/0x10
[  120.824233][ T7495]  should_failslab+0x8f/0xb0
[  120.824266][ T7495]  __kmalloc_cache_noprof+0x55/0x320
[  120.824304][ T7495]  ? cgroup_show_path+0x6b/0x2a0
[  120.824333][ T7495]  ? __pfx_cgroup_show_path+0x10/0x10
[  120.824409][ T7495]  cgroup_show_path+0x6b/0x2a0
[  120.824433][ T7495]  ? __pfx_cgroup_show_path+0x10/0x10
[  120.824455][ T7495]  kernfs_sop_show_path+0xa8/0xe0
[  120.824481][ T7495]  ? __pfx_kernfs_sop_show_path+0x10/0x10
[  120.824512][ T7495]  show_path+0x57/0x80
[  120.824542][ T7495]  show_mountinfo+0xd9/0x620
[  120.824562][ T7495]  m_show+0x3b/0x50
[  120.824582][ T7495]  seq_read_iter+0x661/0x970
[  120.824607][ T7495]  copy_splice_read+0x390/0x5d0
[  120.824705][ T7495]  ? __pfx_copy_splice_read+0x10/0x10
[  120.824727][ T7495]  splice_direct_to_actor+0x26c/0x680
[  120.824755][ T7495]  ? __pfx_direct_splice_actor+0x10/0x10
[  120.824832][ T7495]  do_splice_direct+0xd9/0x150
[  120.824934][ T7495]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  120.824963][ T7495]  do_sendfile+0x40a/0x690
[  120.824999][ T7495]  __x64_sys_sendfile64+0x113/0x160
[  120.825108][ T7495]  x64_sys_call+0xfc3/0x2e10
[  120.825129][ T7495]  do_syscall_64+0xc9/0x1c0
[  120.825150][ T7495]  ? clear_bhb_loop+0x25/0x80
[  120.825254][ T7495]  ? clear_bhb_loop+0x25/0x80
[  120.825275][ T7495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  120.825296][ T7495] RIP: 0033:0x7f562792d169
[  120.825310][ T7495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  120.825400][ T7495] RSP: 002b:00007f5625f8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  120.825417][ T7495] RAX: ffffffffffffffda RBX: 00007f5627b45fa0 RCX: 00007f562792d169
[  120.825429][ T7495] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005
[  120.825445][ T7495] RBP: 00007f5625f8f090 R08: 0000000000000000 R09: 0000000000000000
[  120.825456][ T7495] R10: 0000000080000000 R11: 0000000000000246 R12: 0000000000000001
[  120.825468][ T7495] R13: 0000000000000000 R14: 00007f5627b45fa0 R15: 00007ffc926af4a8
[  120.825487][ T7495]  </TASK>
[  121.100605][ T7506] siw: device registration error -23
[  121.145569][ T7512] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.190757][ T7516] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.203593][ T7512] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.233448][ T7516] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.263890][ T7512] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.303794][ T7516] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.323707][ T7512] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.373748][ T7516] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.431283][ T7512] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.443499][ T7512] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.459005][ T7512] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.471062][ T7516] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.484595][ T7512] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.497342][ T7516] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.511849][ T7516] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.524583][ T7516] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.569530][ T7534] FAULT_INJECTION: forcing a failure.
[  121.569530][ T7534] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  121.569566][ T7534] CPU: 0 UID: 0 PID: 7534 Comm: syz.4.1396 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(voluntary) 
[  121.569657][ T7534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  121.569673][ T7534] Call Trace:
[  121.569682][ T7534]  <TASK>
[  121.569692][ T7534]  dump_stack_lvl+0xf6/0x150
[  121.569724][ T7534]  dump_stack+0x15/0x1a
[  121.569779][ T7534]  should_fail_ex+0x261/0x270
[  121.569806][ T7534]  should_fail+0xb/0x10
[  121.569829][ T7534]  should_fail_usercopy+0x1a/0x20
[  121.569859][ T7534]  _copy_from_user+0x1c/0xa0
[  121.569893][ T7534]  memdup_user+0x6b/0xd0
[  121.569988][ T7534]  strndup_user+0x68/0xa0
[  121.570065][ T7534]  __se_sys_request_key+0x119/0x290
[  121.570090][ T7534]  ? fput+0x99/0xd0
[  121.570125][ T7534]  __x64_sys_request_key+0x55/0x70
[  121.570150][ T7534]  x64_sys_call+0x2b17/0x2e10
[  121.570209][ T7534]  do_syscall_64+0xc9/0x1c0
[  121.570235][ T7534]  ? clear_bhb_loop+0x25/0x80
[  121.570263][ T7534]  ? clear_bhb_loop+0x25/0x80
[  121.570318][ T7534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.570344][ T7534] RIP: 0033:0x7f585ba3d169
[  121.570405][ T7534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  121.570435][ T7534] RSP: 002b:00007f585a09f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[  121.570458][ T7534] RAX: ffffffffffffffda RBX: 00007f585bc55fa0 RCX: 00007f585ba3d169
[  121.570469][ T7534] RDX: 00002000000003c0 RSI: 0000200000000380 RDI: 0000200000000340
[  121.570480][ T7534] RBP: 00007f585a09f090 R08: 0000000000000000 R09: 0000000000000000
[  121.570490][ T7534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  121.570502][ T7534] R13: 0000000000000000 R14: 00007f585bc55fa0 R15: 00007ffe35e40ef8
[  121.570527][ T7534]  </TASK>
[  121.803934][ T7542] Falling back ldisc for ttyS3.
[  121.883422][ T7555] loop3: detected capacity change from 0 to 256
[  121.896986][ T7555] FAT-fs (loop3): Directory bread(block 64) failed
[  121.904716][ T7555] FAT-fs (loop3): Directory bread(block 65) failed
[  121.911417][ T7555] FAT-fs (loop3): Directory bread(block 66) failed
[  121.918912][ T7553] Falling back ldisc for ttyS3.
[  121.938920][ T7555] FAT-fs (loop3): Directory bread(block 67) failed
[  121.953865][ T7555] FAT-fs (loop3): Directory bread(block 68) failed
[  121.967630][ T7555] FAT-fs (loop3): Directory bread(block 69) failed
[  121.980300][ T7561] loop1: detected capacity change from 0 to 512
[  121.988736][ T7555] FAT-fs (loop3): Directory bread(block 70) failed
[  121.997109][ T7561] /dev/loop1: Can't open blockdev
[  122.002554][ T7555] FAT-fs (loop3): Directory bread(block 71) failed
[  122.010761][ T7555] FAT-fs (loop3): Directory bread(block 72) failed
[  122.019273][ T7555] FAT-fs (loop3): Directory bread(block 73) failed
[  122.137175][ T7538] Set syz1 is full, maxelem 65536 reached
[  122.392230][ T7579] Falling back ldisc for ttyS3.
[  122.681135][ T7591] siw: device registration error -23
[  122.719499][ T7595] loop0: detected capacity change from 0 to 4096
[  122.764687][ T7600] loop4: detected capacity change from 0 to 2048
[  122.840895][ T7613] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  122.858978][ T7616] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_to_bond, syncid = 0, id = 0
[  122.922129][ T7611] Falling back ldisc for ttyS3.
[  122.970928][ T7622] loop3: detected capacity change from 0 to 512
[  122.989055][ T7622] EXT4-fs (loop3): orphan cleanup on readonly fs
[  122.997576][ T7622] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1427: bg 0: block 248: padding at end of block bitmap is not set
[  123.022495][ T7622] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.1427: Failed to acquire dquot type 1
[  123.034501][ T7622] EXT4-fs (loop3): 1 truncate cleaned up
[  123.076180][ T7626] loop0: detected capacity change from 0 to 512
[  123.122329][ T7626] EXT4-fs (loop0): orphan cleanup on readonly fs
[  123.138696][ T7626] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1428: bg 0: block 248: padding at end of block bitmap is not set
[  123.155349][ T7631] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=7631 comm=syz.2.1430
[  123.158128][ T7626] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.1428: Failed to acquire dquot type 1
[  123.168541][ T7628] Falling back ldisc for ttyS3.
[  123.186547][ T7626] EXT4-fs (loop0): 1 truncate cleaned up
[  123.235090][ T7631] netlink: 'syz.2.1430': attribute type 3 has an invalid length.
[  123.353659][ T7645] loop2: detected capacity change from 0 to 512
[  123.418475][ T7650] SELinux: security_context_str_to_sid ({ÿ) failed with errno=-22
[  123.427123][ T7650] __nla_validate_parse: 12 callbacks suppressed
[  123.427141][ T7650] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1438'.
[  123.483068][ T7652] Falling back ldisc for ttyS3.
[  123.523705][ T7661] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65535 sclass=netlink_route_socket pid=7661 comm=syz.0.1442
[  123.562284][ T7663] Falling back ldisc for ttyS3.
[  123.586372][ T7661] netlink: 'syz.0.1442': attribute type 3 has an invalid length.
[  123.616966][ T7670] loop2: detected capacity change from 0 to 512
[  123.617519][ T7669] loop0: detected capacity change from 0 to 512
[  123.632016][ T7671] loop1: detected capacity change from 0 to 1024
[  123.639004][ T7671] EXT4-fs: Ignoring removed nobh option
[  123.644789][ T7671] EXT4-fs: Ignoring removed bh option
[  123.650268][ T7671] ext3: Unknown parameter 'hash'
[  123.672967][ T7669] EXT4-fs (loop0): orphan cleanup on readonly fs
[  123.679456][ T7670] EXT4-fs (loop2): orphan cleanup on readonly fs
[  123.686755][ T7669] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1446: bg 0: block 248: padding at end of block bitmap is not set
[  123.702372][ T7670] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1445: bg 0: block 248: padding at end of block bitmap is not set
[  123.717459][ T7670] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.1445: Failed to acquire dquot type 1
[  123.721078][ T7669] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.1446: Failed to acquire dquot type 1
[  123.732701][ T7670] EXT4-fs (loop2): 1 truncate cleaned up
[  123.761235][ T7669] EXT4-fs (loop0): 1 truncate cleaned up
[  123.814586][ T7684] siw: device registration error -23
[  123.822168][ T7686] loop3: detected capacity change from 0 to 512
[  123.831016][ T7686] EXT4-fs (loop3): orphan cleanup on readonly fs
[  123.839811][ T7686] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1452: bg 0: block 248: padding at end of block bitmap is not set
[  123.854655][ T7686] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.1452: Failed to acquire dquot type 1
[  123.868896][ T7686] EXT4-fs (loop3): 1 truncate cleaned up
[  123.881063][ T7689] team_slave_0: entered promiscuous mode
[  123.886784][ T7689] team_slave_1: entered promiscuous mode
[  123.892554][ T7689] macsec1: entered allmulticast mode
[  123.897870][ T7689] team0: entered allmulticast mode
[  123.903137][ T7689] team_slave_0: entered allmulticast mode
[  123.908875][ T7689] team_slave_1: entered allmulticast mode
[  123.915575][ T7689] team0: Device macsec1 is already an upper device of the team interface
[  123.928544][ T7689] team0: left allmulticast mode
[  123.933513][ T7689] team_slave_0: left allmulticast mode
[  123.939114][ T7689] team_slave_1: left allmulticast mode
[  123.944632][ T7689] team_slave_0: left promiscuous mode
[  123.950064][ T7689] team_slave_1: left promiscuous mode
[  124.033020][ T7697] Falling back ldisc for ttyS3.
[  124.069611][ T7707] loop0: detected capacity change from 0 to 2048
[  124.152461][ T7716] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1458'.
[  124.161381][ T7716] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1458'.
[  124.184740][ T7722] loop1: detected capacity change from 0 to 512
[  124.193898][ T7716] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1458'.
[  124.203034][ T7716] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1458'.
[  124.212017][ T7716] netlink: 2 bytes leftover after parsing attributes in process `syz.2.1458'.
[  124.236897][ T7716] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1458'.
[  124.250644][ T7719] FAULT_INJECTION: forcing a failure.
[  124.250644][ T7719] name failslab, interval 1, probability 0, space 0, times 0
[  124.263447][ T7719] CPU: 1 UID: 0 PID: 7719 Comm: syz.4.1465 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(voluntary) 
[  124.263496][ T7719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  124.263510][ T7719] Call Trace:
[  124.263587][ T7719]  <TASK>
[  124.263596][ T7719]  dump_stack_lvl+0xf6/0x150
[  124.263624][ T7719]  dump_stack+0x15/0x1a
[  124.263645][ T7719]  should_fail_ex+0x261/0x270
[  124.263672][ T7719]  should_failslab+0x8f/0xb0
[  124.263700][ T7719]  kmem_cache_alloc_node_noprof+0x5c/0x340
[  124.263830][ T7719]  ? __alloc_skb+0x10d/0x320
[  124.263866][ T7719]  __alloc_skb+0x10d/0x320
[  124.263899][ T7719]  ? audit_log_start+0x37f/0x6e0
[  124.263921][ T7719]  audit_log_start+0x39a/0x6e0
[  124.263947][ T7719]  ? audit_log_end+0x1d0/0x1e0
[  124.264029][ T7719]  audit_seccomp+0x4b/0x130
[  124.264114][ T7719]  __seccomp_filter+0x694/0x10e0
[  124.264148][ T7719]  ? vfs_write+0x669/0x950
[  124.264174][ T7719]  ? putname+0xe1/0x100
[  124.264223][ T7719]  __secure_computing+0x7e/0x160
[  124.264300][ T7719]  syscall_trace_enter+0xcf/0x1f0
[  124.264334][ T7719]  ? fpregs_assert_state_consistent+0x83/0xa0
[  124.264379][ T7719]  do_syscall_64+0xaa/0x1c0
[  124.264399][ T7719]  ? clear_bhb_loop+0x25/0x80
[  124.264419][ T7719]  ? clear_bhb_loop+0x25/0x80
[  124.264439][ T7719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.264461][ T7719] RIP: 0033:0x7f585ba3bb7c
[  124.264478][ T7719] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  124.264576][ T7719] RSP: 002b:00007f585a09f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  124.264611][ T7719] RAX: ffffffffffffffda RBX: 00007f585bc55fa0 RCX: 00007f585ba3bb7c
[  124.264625][ T7719] RDX: 000000000000000f RSI: 00007f585a09f0a0 RDI: 0000000000000005
[  124.264638][ T7719] RBP: 00007f585a09f090 R08: 0000000000000000 R09: 0000000000000000
[  124.264653][ T7719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  124.264668][ T7719] R13: 0000000000000000 R14: 00007f585bc55fa0 R15: 00007ffe35e40ef8
[  124.264690][ T7719]  </TASK>
[  124.266536][ T7722] EXT4-fs (loop1): orphan cleanup on readonly fs
[  124.482526][ T7722] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1463: bg 0: block 248: padding at end of block bitmap is not set
[  124.499373][ T7722] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.1463: Failed to acquire dquot type 1
[  124.514213][ T7722] EXT4-fs (loop1): 1 truncate cleaned up
[  124.525849][   T29] kauditd_printk_skb: 428 callbacks suppressed
[  124.525865][   T29] audit: type=1400 audit(1743547162.413:7461): avc:  denied  { setcheckreqprot } for  pid=7728 comm="syz.3.1467" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  124.569715][ T7734] siw: device registration error -23
[  124.576452][ T7735] loop4: detected capacity change from 0 to 512
[  124.585411][ T7735] EXT4-fs (loop4): orphan cleanup on readonly fs
[  124.593691][ T7735] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1470: bg 0: block 248: padding at end of block bitmap is not set
[  124.608358][ T7735] Quota error (device loop4): write_blk: dquota write failed
[  124.615896][ T7735] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  124.625966][ T7735] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.1470: Failed to acquire dquot type 1
[  124.637861][ T7735] EXT4-fs (loop4): 1 truncate cleaned up
[  124.652224][   T29] audit: type=1400 audit(1743547162.543:7462): avc:  denied  { mount } for  pid=7738 comm="syz.1.1471" name="/" dev="ramfs" ino=25699 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  124.718146][   T29] audit: type=1400 audit(1743547162.603:7463): avc:  denied  { compute_member } for  pid=7744 comm="syz.0.1474" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  124.758771][   T29] audit: type=1400 audit(1743547162.643:7464): avc:  denied  { write } for  pid=7742 comm=5C292DAD scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  124.782988][   T29] audit: type=1400 audit(1743547162.643:7465): avc:  denied  { connect } for  pid=7742 comm=5C292DAD scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  124.802459][   T29] audit: type=1400 audit(1743547162.643:7466): avc:  denied  { name_connect } for  pid=7742 comm=5C292DAD dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  124.857975][ T7753] loop0: detected capacity change from 0 to 512
[  124.882093][ T7751] Falling back ldisc for ttyS3.
[  124.888485][ T7753] Quota error (device loop0): v2_read_file_info: Free block number 1 out of range (1, 6).
[  124.899929][ T7753] EXT4-fs warning (device loop0): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  124.941468][ T7762] loop2: detected capacity change from 0 to 512
[  124.945260][ T7753] EXT4-fs (loop0): mount failed
[  124.962441][ T7766] siw: device registration error -23
[  124.968517][ T7762] EXT4-fs (loop2): orphan cleanup on readonly fs
[  124.975724][ T7762] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1481: bg 0: block 248: padding at end of block bitmap is not set
[  124.978355][   T29] audit: type=1400 audit(1743547162.863:7467): avc:  denied  { read } for  pid=7767 comm="syz.3.1484" name="event0" dev="devtmpfs" ino=242 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  124.991590][ T7762] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.1481: Failed to acquire dquot type 1
[  125.026346][ T7762] EXT4-fs (loop2): 1 truncate cleaned up
[  125.038739][ T7753] loop0: detected capacity change from 0 to 512
[  125.053909][ T7753] ext4 filesystem being mounted at /309/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  125.232023][ T7784] Falling back ldisc for ttyS3.
[  125.271540][ T7794] siw: device registration error -23
[  125.280149][ T7768] syzkaller1: entered promiscuous mode
[  125.285829][ T7768] syzkaller1: entered allmulticast mode
[  125.293533][ T7792] Falling back ldisc for ttyS3.
[  125.317993][ T7802] FAULT_INJECTION: forcing a failure.
[  125.317993][ T7802] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  125.331251][ T7802] CPU: 0 UID: 0 PID: 7802 Comm: syz.2.1499 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(voluntary) 
[  125.331277][ T7802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  125.331363][ T7802] Call Trace:
[  125.331369][ T7802]  <TASK>
[  125.331378][ T7802]  dump_stack_lvl+0xf6/0x150
[  125.331406][ T7802]  dump_stack+0x15/0x1a
[  125.331423][ T7802]  should_fail_ex+0x261/0x270
[  125.331502][ T7802]  should_fail+0xb/0x10
[  125.331523][ T7802]  should_fail_usercopy+0x1a/0x20
[  125.331551][ T7802]  _copy_to_user+0x20/0xa0
[  125.331644][ T7802]  simple_read_from_buffer+0xb2/0x130
[  125.331675][ T7802]  proc_fail_nth_read+0x103/0x140
[  125.331713][ T7802]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  125.331827][ T7802]  vfs_read+0x1b2/0x710
[  125.331866][ T7802]  ? __rcu_read_unlock+0x4e/0x70
[  125.331909][ T7802]  ? __fget_files+0x186/0x1c0
[  125.332007][ T7802]  ksys_read+0xeb/0x1b0
[  125.332035][ T7802]  __x64_sys_read+0x42/0x50
[  125.332089][ T7802]  x64_sys_call+0x2a3b/0x2e10
[  125.332142][ T7802]  do_syscall_64+0xc9/0x1c0
[  125.332168][ T7802]  ? clear_bhb_loop+0x25/0x80
[  125.332193][ T7802]  ? clear_bhb_loop+0x25/0x80
[  125.332219][ T7802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.332243][ T7802] RIP: 0033:0x7f562792bb7c
[  125.332299][ T7802] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  125.332321][ T7802] RSP: 002b:00007f5625f8f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  125.332342][ T7802] RAX: ffffffffffffffda RBX: 00007f5627b45fa0 RCX: 00007f562792bb7c
[  125.332356][ T7802] RDX: 000000000000000f RSI: 00007f5625f8f0a0 RDI: 0000000000000008
[  125.332369][ T7802] RBP: 00007f5625f8f090 R08: 0000000000000000 R09: 0000000000000000
[  125.332382][ T7802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.332396][ T7802] R13: 0000000000000000 R14: 00007f5627b45fa0 R15: 00007ffc926af4a8
[  125.332485][ T7802]  </TASK>
[  125.560080][ T7806] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1501'.
[  125.578375][ T7810] loop0: detected capacity change from 0 to 512
[  125.612786][ T7810] EXT4-fs (loop0): orphan cleanup on readonly fs
[  125.627568][ T7810] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1500: bg 0: block 248: padding at end of block bitmap is not set
[  125.642427][ T7810] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.1500: Failed to acquire dquot type 1
[  125.654320][ T7818] loop4: detected capacity change from 0 to 512
[  125.661554][ T7810] EXT4-fs (loop0): 1 truncate cleaned up
[  125.670853][ T7818] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  125.679995][ T7818] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  125.691195][ T7818] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[  125.702136][ T7823] Falling back ldisc for ttyS3.
[  125.709836][ T7818] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  125.718291][ T7818] System zones: 0-2, 18-18, 34-34
[  125.724252][ T7818] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  125.740838][ T7818] EXT4-fs (loop4): 1 truncate cleaned up
[  125.769246][ T7832] loop2: detected capacity change from 0 to 512
[  125.776152][ T7832] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  125.781658][ T7834] siw: device registration error -23
[  125.785282][ T7832] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  125.800094][ T7832] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended
[  125.809960][ T7832] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  125.818239][ T7832] System zones: 0-2, 18-18, 34-34
[  125.823958][ T7832] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  125.838854][ T7832] EXT4-fs (loop2): 1 truncate cleaned up
[  125.864184][ T7839] FAULT_INJECTION: forcing a failure.
[  125.864184][ T7839] name failslab, interval 1, probability 0, space 0, times 0
[  125.876962][ T7839] CPU: 0 UID: 0 PID: 7839 Comm: syz.0.1515 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(voluntary) 
[  125.877011][ T7839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  125.877027][ T7839] Call Trace:
[  125.877034][ T7839]  <TASK>
[  125.877044][ T7839]  dump_stack_lvl+0xf6/0x150
[  125.877124][ T7839]  dump_stack+0x15/0x1a
[  125.877144][ T7839]  should_fail_ex+0x261/0x270
[  125.877171][ T7839]  should_failslab+0x8f/0xb0
[  125.877196][ T7839]  __kmalloc_node_noprof+0xaf/0x420
[  125.877272][ T7839]  ? crypto_create_tfm_node+0x59/0x240
[  125.877312][ T7839]  crypto_create_tfm_node+0x59/0x240
[  125.877344][ T7839]  ? crypto_alg_mod_lookup+0x1ff/0x4d0
[  125.877378][ T7839]  crypto_alloc_tfm_node+0xd1/0x290
[  125.877468][ T7839]  crypto_alloc_ahash+0x2f/0x40
[  125.877495][ T7839]  tcp_sigpool_alloc_ahash+0x43e/0x6d0
[  125.877528][ T7839]  tcp_md5_alloc_sigpool+0x1b/0x60
[  125.877613][ T7839]  tcp_md5_do_add+0x86/0x1c0
[  125.877706][ T7839]  tcp_v6_parse_md5_keys+0x3ec/0x440
[  125.877749][ T7839]  do_tcp_setsockopt+0xf6c/0x1710
[  125.877786][ T7839]  ? selinux_socket_setsockopt+0x1d9/0x210
[  125.877848][ T7839]  tcp_setsockopt+0x50/0xb0
[  125.877876][ T7839]  sock_common_setsockopt+0x64/0x80
[  125.877970][ T7839]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  125.878004][ T7839]  __sys_setsockopt+0x187/0x200
[  125.878063][ T7839]  __x64_sys_setsockopt+0x66/0x80
[  125.878083][ T7839]  x64_sys_call+0x2a09/0x2e10
[  125.878104][ T7839]  do_syscall_64+0xc9/0x1c0
[  125.878124][ T7839]  ? clear_bhb_loop+0x25/0x80
[  125.878147][ T7839]  ? clear_bhb_loop+0x25/0x80
[  125.878173][ T7839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.878236][ T7839] RIP: 0033:0x7f75bff6d169
[  125.878254][ T7839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  125.878275][ T7839] RSP: 002b:00007f75be5cf038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  125.878357][ T7839] RAX: ffffffffffffffda RBX: 00007f75c0185fa0 RCX: 00007f75bff6d169
[  125.878371][ T7839] RDX: 000000000000000e RSI: 0000000000000006 RDI: 0000000000000003
[  125.878382][ T7839] RBP: 00007f75be5cf090 R08: 00000000000000d8 R09: 0000000000000000
[  125.878393][ T7839] R10: 0000200000000300 R11: 0000000000000246 R12: 0000000000000001
[  125.878477][ T7839] R13: 0000000000000000 R14: 00007f75c0185fa0 R15: 00007ffc902f5058
[  125.878497][ T7839]  </TASK>
[  126.118879][ T7828] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  126.128483][ T7828] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  126.144825][ T7828] loop1: detected capacity change from 0 to 1024
[  126.145516][ T7828] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  126.166394][ T7828] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.1510: Invalid block bitmap block 0 in block_group 0
[  126.166549][ T7828] EXT4-fs (loop1): Remounting filesystem read-only
[  126.166617][ T7828] EXT4-fs (loop1): 1 orphan inode deleted
[  126.823147][ T7863] Falling back ldisc for ttyS3.
[  126.860556][ T7866] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1524'.
[  126.871249][ T7866] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.914195][ T7866] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.059835][ T7866] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.877777][ T7875] SELinux: security_context_str_to_sid ({ÿ) failed with errno=-22
[  127.888026][ T7875] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1525'.
[  128.144325][ T7866] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.551135][ T7866] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.594865][ T7866] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.621243][ T7878] siw: device registration error -23
[  128.631685][ T7866] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.661423][ T7866] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.783715][ T3307] EXT4-fs unmount: 93 callbacks suppressed
[  128.783733][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.841096][ T7892] loop4: detected capacity change from 0 to 512
[  128.881153][ T7892] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  128.889739][ T7894] netlink: 32 bytes leftover after parsing attributes in process `\)-­'.
[  128.899506][ T7892] EXT4-fs (loop4): orphan cleanup on readonly fs
[  128.899792][ T7892] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  128.899942][ T7892] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  128.900027][ T7892] EXT4-fs error (device loop4): ext4_orphan_get:1390: inode #16: comm syz.4.1536: iget: immutable or append flags not allowed on symlinks
[  128.900192][ T7892] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.1536: couldn't read orphan inode 16 (err -117)
[  128.900660][ T7892] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  129.331694][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.400385][ T7898] Set syz1 is full, maxelem 65536 reached
[  129.452338][ T7902] Falling back ldisc for ttyS3.
[  129.526824][ T7909] loop3: detected capacity change from 0 to 2048
[  129.554679][ T7911] siw: device registration error -23
[  129.573553][ T7909] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.851429][ T7904] Set syz1 is full, maxelem 65536 reached
[  129.864036][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.962933][ T7921] Falling back ldisc for ttyS3.
[  130.012078][ T7927] Falling back ldisc for ttyS3.
[  130.242215][ T7934] Falling back ldisc for ttyS3.
[  131.504354][ T7941] loop2: detected capacity change from 0 to 512
[  131.536015][ T7941] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  131.545220][ T7941] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  131.592208][ T7941] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended
[  131.608259][ T7941] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  131.624055][ T7941] System zones: 0-2, 18-18, 34-34
[  131.629893][ T7941] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  131.648129][ T7941] EXT4-fs (loop2): 1 truncate cleaned up
[  131.654935][ T7941] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.721977][   T29] kauditd_printk_skb: 99 callbacks suppressed
[  131.721994][   T29] audit: type=1400 audit(1743547169.613:7561): avc:  denied  { map_create } for  pid=7940 comm="syz.2.1552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  131.774961][ T7953] loop3: detected capacity change from 0 to 2048
[  131.783709][   T29] audit: type=1400 audit(1743547169.633:7562): avc:  denied  { name_bind } for  pid=7940 comm="syz.2.1552" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  131.805446][   T29] audit: type=1400 audit(1743547169.633:7563): avc:  denied  { node_bind } for  pid=7940 comm="syz.2.1552" saddr=::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  131.827221][   T29] audit: type=1400 audit(1743547169.633:7564): avc:  denied  { prog_load } for  pid=7940 comm="syz.2.1552" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  131.846283][   T29] audit: type=1400 audit(1743547169.643:7565): avc:  denied  { bpf } for  pid=7940 comm="syz.2.1552" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  131.867442][   T29] audit: type=1400 audit(1743547169.643:7566): avc:  denied  { perfmon } for  pid=7940 comm="syz.2.1552" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  131.888544][   T29] audit: type=1400 audit(1743547169.643:7567): avc:  denied  { write } for  pid=7940 comm="syz.2.1552" name="/" dev="loop2" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  131.910371][   T29] audit: type=1400 audit(1743547169.643:7568): avc:  denied  { add_name } for  pid=7940 comm="syz.2.1552" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  131.931236][   T29] audit: type=1400 audit(1743547169.643:7569): avc:  denied  { create } for  pid=7940 comm="syz.2.1552" name="file1" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  131.951545][   T29] audit: type=1400 audit(1743547169.643:7570): avc:  denied  { read write } for  pid=7940 comm="syz.2.1552" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  131.981245][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.993348][ T7953] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.021117][ T7957] xt_recent: Unsupported userspace flags (000000de)
[  132.033065][ T7957] loop2: detected capacity change from 0 to 256
[  132.161087][ T7957] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  132.174596][ T7957] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  132.266766][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.342249][ T7963] Falling back ldisc for ttyS3.
[  132.400365][ T7969] loop3: detected capacity change from 0 to 512
[  132.414888][ T7969] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.429029][ T7969] ext4 filesystem being mounted at /331/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  132.513692][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.545023][ T7981] loop4: detected capacity change from 0 to 2048
[  132.583938][ T7979] Falling back ldisc for ttyS3.
[  132.600927][ T7981] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.822927][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.919795][ T8006] loop4: detected capacity change from 0 to 2048
[  132.960931][ T8006] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.983304][ T7983] Set syz1 is full, maxelem 65536 reached
[  132.990088][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.010832][ T8010] loop4: detected capacity change from 0 to 512
[  133.017969][ T8010] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  133.027264][ T8010] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  133.036575][ T8010] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[  133.045650][ T8010] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  133.054360][ T8010] System zones: 0-2, 18-18, 34-34
[  133.059861][ T8010] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  133.076564][ T8010] EXT4-fs (loop4): 1 truncate cleaned up
[  133.084793][ T8010] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.125249][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.510739][ T8035] loop2: detected capacity change from 0 to 2048
[  133.526247][ T8035] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.720591][ T8046] vhci_hcd: invalid port number 14
[  133.725984][ T8046] vhci_hcd: default hub control req: 8003 v0a02 i000e l6
[  133.737001][ T8046] hub 9-0:1.0: USB hub found
[  133.741743][ T8046] hub 9-0:1.0: 8 ports detected
[  133.765122][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.875355][ T8061] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.882682][ T8061] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.890106][ T8061] bridge0: entered allmulticast mode
[  133.899834][ T8061] bridge_slave_1: left allmulticast mode
[  133.905557][ T8061] bridge_slave_1: left promiscuous mode
[  133.911332][ T8061] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.919345][ T8061] bridge_slave_0: left promiscuous mode
[  133.925114][ T8061] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.014396][ T8066] loop4: detected capacity change from 0 to 512
[  134.041420][ T8066] EXT4-fs (loop4): orphan cleanup on readonly fs
[  134.049046][ T8066] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1597: bg 0: block 248: padding at end of block bitmap is not set
[  134.049717][ T8066] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.1597: Failed to acquire dquot type 1
[  134.137044][ T8066] EXT4-fs (loop4): 1 truncate cleaned up
[  134.143420][ T8066] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  134.174493][ T8072] loop0: detected capacity change from 0 to 512
[  134.198962][ T8072] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  134.207929][ T8072] EXT4-fs (loop0): orphan cleanup on readonly fs
[  134.220391][ T8072] EXT4-fs warning (device loop0): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  134.243335][ T8072] EXT4-fs (loop0): Cannot turn on quotas: error -22
[  134.257634][ T8075] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1600'.
[  134.267223][ T8072] EXT4-fs error (device loop0): ext4_orphan_get:1390: inode #16: comm syz.0.1599: iget: immutable or append flags not allowed on symlinks
[  134.282904][ T8072] EXT4-fs error (device loop0): ext4_orphan_get:1395: comm syz.0.1599: couldn't read orphan inode 16 (err -117)
[  134.296116][ T8072] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  134.305972][ T8075] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.343357][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.396742][ T8075] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.528947][ T8070] Set syz1 is full, maxelem 65536 reached
[  134.574312][ T8075] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.634656][ T8075] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.679044][ T8089] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1603'.
[  134.688002][ T8089] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1603'.
[  134.705798][ T8075] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  134.718554][ T8075] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  134.731234][ T8075] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  134.741683][ T8089] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1603'.
[  134.750667][ T8089] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1603'.
[  134.759630][ T8089] netlink: 2 bytes leftover after parsing attributes in process `syz.4.1603'.
[  134.773385][ T8075] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  134.788926][ T8089] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1603'.
[  135.011294][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.030091][ T8101] loop2: detected capacity change from 0 to 512
[  135.048267][ T8101] EXT4-fs (loop2): orphan cleanup on readonly fs
[  135.055510][ T8101] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1609: bg 0: block 248: padding at end of block bitmap is not set
[  135.073359][ T8106] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1610'.
[  135.081697][ T8101] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.1609: Failed to acquire dquot type 1
[  135.095672][ T8101] EXT4-fs (loop2): 1 truncate cleaned up
[  135.108525][ T8101] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  135.215837][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.310133][ T8137] loop1: detected capacity change from 0 to 2048
[  135.331238][ T8143] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1623'.
[  135.334944][ T8137] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.416774][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.523874][ T8158] loop0: detected capacity change from 0 to 512
[  135.532508][ T8158] EXT4-fs (loop0): orphan cleanup on readonly fs
[  135.552103][ T8158] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1630: bg 0: block 248: padding at end of block bitmap is not set
[  135.582163][ T8158] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.1630: Failed to acquire dquot type 1
[  135.599968][ T8158] EXT4-fs (loop0): 1 truncate cleaned up
[  135.607718][ T8166] siw: device registration error -23
[  135.608527][ T8158] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  135.662348][ T8172] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1634'.
[  135.671685][ T8167] loop4: detected capacity change from 0 to 1024
[  135.678834][ T8167] EXT4-fs: Ignoring removed nobh option
[  135.684583][ T8167] EXT4-fs: Ignoring removed bh option
[  135.724831][ T8167] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.762608][ T8178] af_packet: tpacket_rcv: packet too big, clamped from 3954 to 3710. macoff=82
[  135.784197][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.813704][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.872154][ T8189] Falling back ldisc for ttyS3.
[  135.968420][ T8202] siw: device registration error -23
[  136.012585][ T8210] syz.1.1650 uses obsolete (PF_INET,SOCK_PACKET)
[  136.113660][ T8218] loop0: detected capacity change from 0 to 2048
[  136.142908][ T8218] Alternate GPT is invalid, using primary GPT.
[  136.149363][ T8218]  loop0: p1 p2 p3
[  136.170955][ T8224] loop1: detected capacity change from 0 to 2048
[  136.194869][ T8224] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.225610][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.386679][ T8246] siw: device registration error -23
[  136.395739][ T8243] loop3: detected capacity change from 0 to 2048
[  136.415344][ T8243] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.512101][ T8243] FAULT_INJECTION: forcing a failure.
[  136.512101][ T8243] name failslab, interval 1, probability 0, space 0, times 0
[  136.524920][ T8243] CPU: 1 UID: 0 PID: 8243 Comm: syz.3.1662 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(voluntary) 
[  136.525018][ T8243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  136.525041][ T8243] Call Trace:
[  136.525048][ T8243]  <TASK>
[  136.525056][ T8243]  dump_stack_lvl+0xf6/0x150
[  136.525093][ T8243]  dump_stack+0x15/0x1a
[  136.525108][ T8243]  should_fail_ex+0x261/0x270
[  136.525132][ T8243]  should_failslab+0x8f/0xb0
[  136.525157][ T8243]  kmem_cache_alloc_noprof+0x59/0x340
[  136.525192][ T8243]  ? __es_insert_extent+0x563/0xed0
[  136.525289][ T8243]  __es_insert_extent+0x563/0xed0
[  136.525327][ T8243]  ext4_es_insert_extent+0x45d/0x1c60
[  136.525383][ T8243]  ext4_map_blocks+0x940/0xdf0
[  136.525427][ T8243]  ext4_iomap_begin+0x497/0x5c0
[  136.525468][ T8243]  iomap_iter+0x32e/0x7a0
[  136.525488][ T8243]  ? __pfx_ext4_iomap_begin+0x10/0x10
[  136.525609][ T8243]  __iomap_dio_rw+0x6f9/0x12a0
[  136.525693][ T8243]  ? ext4_journal_check_start+0x122/0x1b0
[  136.525716][ T8243]  iomap_dio_rw+0x40/0x90
[  136.525765][ T8243]  ext4_file_write_iter+0xba9/0xf80
[  136.525894][ T8243]  do_iter_readv_writev+0x40d/0x4b0
[  136.525930][ T8243]  vfs_writev+0x2da/0x880
[  136.525965][ T8243]  ? get_pid_task+0x94/0xd0
[  136.526068][ T8243]  __se_sys_pwritev2+0x103/0x1d0
[  136.526096][ T8243]  __x64_sys_pwritev2+0x78/0x90
[  136.526221][ T8243]  x64_sys_call+0x1c86/0x2e10
[  136.526246][ T8243]  do_syscall_64+0xc9/0x1c0
[  136.526266][ T8243]  ? clear_bhb_loop+0x25/0x80
[  136.526291][ T8243]  ? clear_bhb_loop+0x25/0x80
[  136.526375][ T8243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.526395][ T8243] RIP: 0033:0x7fd32757d169
[  136.526409][ T8243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  136.526431][ T8243] RSP: 002b:00007fd325be7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  136.526450][ T8243] RAX: ffffffffffffffda RBX: 00007fd327795fa0 RCX: 00007fd32757d169
[  136.526464][ T8243] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000007
[  136.526479][ T8243] RBP: 00007fd325be7090 R08: 0000000000000000 R09: 0000000000000000
[  136.526494][ T8243] R10: 0000000000001400 R11: 0000000000000246 R12: 0000000000000001
[  136.526508][ T8243] R13: 0000000000000000 R14: 00007fd327795fa0 R15: 00007ffe960da3e8
[  136.526530][ T8243]  </TASK>
[  136.771292][ T8256] loop0: detected capacity change from 0 to 512
[  136.799658][   T29] kauditd_printk_skb: 429 callbacks suppressed
[  136.799672][   T29] audit: type=1400 audit(1743547174.683:7994): avc:  denied  { read } for  pid=2986 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  136.828268][   T29] audit: type=1400 audit(1743547174.683:7995): avc:  denied  { search } for  pid=2986 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  136.849881][   T29] audit: type=1400 audit(1743547174.683:7996): avc:  denied  { append } for  pid=2986 comm="syslogd" name="messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  136.872263][   T29] audit: type=1400 audit(1743547174.683:7997): avc:  denied  { open } for  pid=2986 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  136.895228][   T29] audit: type=1400 audit(1743547174.683:7998): avc:  denied  { getattr } for  pid=2986 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  136.929575][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.949081][ T8266] loop1: detected capacity change from 0 to 256
[  136.955833][ T8256] EXT4-fs (loop0): orphan cleanup on readonly fs
[  136.966009][   T29] audit: type=1400 audit(1743547174.853:7999): avc:  denied  { wake_alarm } for  pid=8263 comm="syz.1.1671" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  136.991934][ T8256] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1666: bg 0: block 248: padding at end of block bitmap is not set
[  136.992623][   T29] audit: type=1400 audit(1743547174.883:8000): avc:  denied  { create } for  pid=8262 comm="syz.2.1668" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  137.028989][ T8256] Quota error (device loop0): write_blk: dquota write failed
[  137.036512][ T8256] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  137.046578][ T8256] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.1666: Failed to acquire dquot type 1
[  137.060086][ T8256] EXT4-fs (loop0): 1 truncate cleaned up
[  137.062035][   T29] audit: type=1400 audit(1743547174.953:8001): avc:  denied  { create } for  pid=8262 comm="syz.2.1668" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=atmpvc_socket permissive=1
[  137.066555][ T8256] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  137.249290][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.344993][ T8296] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.383580][ T8296] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.447094][ T8296] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.513112][ T8296] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  137.528797][ T8312] loop0: detected capacity change from 0 to 512
[  137.537331][ T8315] siw: device registration error -23
[  137.543318][ T8312] EXT4-fs (loop0): orphan cleanup on readonly fs
[  137.550557][ T8312] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1690: bg 0: block 248: padding at end of block bitmap is not set
[  137.567802][ T8312] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.1690: Failed to acquire dquot type 1
[  137.585471][ T8312] EXT4-fs (loop0): 1 truncate cleaned up
[  137.591749][ T8312] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  137.637487][ T8296] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  137.648879][ T8296] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  137.660404][ T8296] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  137.672695][ T8296] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  137.701037][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.935469][ T8346] loop4: detected capacity change from 0 to 512
[  137.968488][ T8346] EXT4-fs (loop4): orphan cleanup on readonly fs
[  137.977377][ T8346] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1705: bg 0: block 248: padding at end of block bitmap is not set
[  137.995790][ T8346] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.1705: Failed to acquire dquot type 1
[  138.008805][ T8346] EXT4-fs (loop4): 1 truncate cleaned up
[  138.019246][ T8346] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  138.095777][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.212168][ T8370] Falling back ldisc for ttyS3.
[  138.522252][ T8407] loop1: detected capacity change from 0 to 512
[  138.529163][ T8407] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  138.544752][ T8407] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.557874][ T8407] ext4 filesystem being mounted at /322/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.570918][ T8407] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.658437][ T8430] loop2: detected capacity change from 0 to 512
[  138.666113][ T8430] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  138.677882][ T8432] loop4: detected capacity change from 0 to 512
[  138.684888][ T8432] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  138.726119][ T8430] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.741286][ T8430] ext4 filesystem being mounted at /382/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.752594][ T8430] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.753731][ T8432] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.786556][ T8430] FAULT_INJECTION: forcing a failure.
[  138.786556][ T8430] name fail_futex, interval 1, probability 0, space 0, times 1
[  138.791436][ T8449] FAULT_INJECTION: forcing a failure.
[  138.791436][ T8449] name failslab, interval 1, probability 0, space 0, times 0
[  138.799500][ T8430] CPU: 1 UID: 0 PID: 8430 Comm: syz.2.1740 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(voluntary) 
[  138.799534][ T8430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  138.799550][ T8430] Call Trace:
[  138.799556][ T8430]  <TASK>
[  138.799566][ T8430]  dump_stack_lvl+0xf6/0x150
[  138.799598][ T8430]  dump_stack+0x15/0x1a
[  138.799620][ T8430]  should_fail_ex+0x261/0x270
[  138.799649][ T8430]  should_fail+0xb/0x10
[  138.799673][ T8430]  get_futex_key+0x10d/0x750
[  138.799736][ T8430]  futex_wait_setup+0x4c/0x1f0
[  138.799762][ T8430]  ? _parse_integer_limit+0x167/0x180
[  138.799790][ T8430]  __futex_wait+0x99/0x1d0
[  138.799819][ T8430]  ? __pfx_futex_wake_mark+0x10/0x10
[  138.799864][ T8430]  futex_wait+0x9b/0x1d0
[  138.799888][ T8430]  ? 0xffffffff81000000
[  138.799911][ T8430]  do_futex+0x279/0x370
[  138.799952][ T8430]  __se_sys_futex+0x23f/0x370
[  138.799996][ T8430]  __x64_sys_futex+0x78/0x90
[  138.800070][ T8430]  x64_sys_call+0x126a/0x2e10
[  138.800098][ T8430]  do_syscall_64+0xc9/0x1c0
[  138.800123][ T8430]  ? clear_bhb_loop+0x25/0x80
[  138.800151][ T8430]  ? clear_bhb_loop+0x25/0x80
[  138.800203][ T8430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.800229][ T8430] RIP: 0033:0x7f562792d169
[  138.800246][ T8430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.800263][ T8430] RSP: 002b:00007f5625f8f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  138.800279][ T8430] RAX: ffffffffffffffda RBX: 00007f5627b45fa0 RCX: 00007f562792d169
[  138.800291][ T8430] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000020000000cffc
[  138.800301][ T8430] RBP: 00007f5625f8f090 R08: 0000000000000000 R09: 0000000000000000
[  138.800313][ T8430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.800392][ T8430] R13: 0000000000000000 R14: 00007f5627b45fa0 R15: 00007ffc926af4a8
[  138.800415][ T8430]  </TASK>
[  138.818950][ T8432] ext4 filesystem being mounted at /313/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.824485][ T8449] CPU: 0 UID: 0 PID: 8449 Comm: syz.1.1746 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(voluntary) 
[  138.824524][ T8449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  138.824541][ T8449] Call Trace:
[  138.824593][ T8449]  <TASK>
[  138.824605][ T8449]  dump_stack_lvl+0xf6/0x150
[  138.824635][ T8449]  dump_stack+0x15/0x1a
[  138.824656][ T8449]  should_fail_ex+0x261/0x270
[  138.824737][ T8449]  should_failslab+0x8f/0xb0
[  138.824842][ T8449]  kmem_cache_alloc_node_noprof+0x5c/0x340
[  138.824885][ T8449]  ? __alloc_skb+0x10d/0x320
[  138.824976][ T8449]  __alloc_skb+0x10d/0x320
[  138.825013][ T8449]  ? skb_release_data+0x611/0x630
[  138.825039][ T8449]  netlink_dump+0x165/0x810
[  138.825130][ T8449]  __netlink_dump_start+0x433/0x520
[  138.825173][ T8449]  ? __pfx_rtnl_dump_ifinfo+0x10/0x10
[  138.825204][ T8449]  rtnetlink_rcv_msg+0x5ad/0x740
[  138.825298][ T8449]  ? __pfx_rtnl_dump_ifinfo+0x10/0x10
[  138.825392][ T8449]  ? should_fail_ex+0xd7/0x270
[  138.825417][ T8449]  ? __pfx_rtnl_dumpit+0x10/0x10
[  138.825490][ T8449]  ? __pfx_rtnl_dump_ifinfo+0x10/0x10
[  138.825524][ T8449]  netlink_rcv_skb+0x12f/0x230
[  138.825562][ T8449]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  138.825604][ T8449]  rtnetlink_rcv+0x1c/0x30
[  138.825705][ T8449]  netlink_unicast+0x605/0x6c0
[  138.825745][ T8449]  netlink_sendmsg+0x609/0x720
[  138.825773][ T8449]  ? __pfx_netlink_sendmsg+0x10/0x10
[  138.825810][ T8449]  __sock_sendmsg+0x140/0x180
[  138.825858][ T8449]  ____sys_sendmsg+0x350/0x4e0
[  138.825889][ T8449]  __sys_sendmsg+0x1a0/0x240
[  138.825937][ T8449]  __x64_sys_sendmsg+0x46/0x50
[  138.825963][ T8449]  x64_sys_call+0x26f3/0x2e10
[  138.826027][ T8449]  do_syscall_64+0xc9/0x1c0
[  138.826062][ T8449]  ? clear_bhb_loop+0x25/0x80
[  138.826095][ T8449]  ? clear_bhb_loop+0x25/0x80
[  138.826122][ T8449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.826200][ T8449] RIP: 0033:0x7f941ff2d169
[  138.826219][ T8449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.826323][ T8449] RSP: 002b:00007f941e597038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  138.826346][ T8449] RAX: ffffffffffffffda RBX: 00007f9420145fa0 RCX: 00007f941ff2d169
[  138.826361][ T8449] RDX: 0000000000000880 RSI: 00002000000005c0 RDI: 0000000000000003
[  138.826376][ T8449] RBP: 00007f941e597090 R08: 0000000000000000 R09: 0000000000000000
[  138.826389][ T8449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.826404][ T8449] R13: 0000000000000000 R14: 00007f9420145fa0 R15: 00007fffbfc57258
[  138.826427][ T8449]  </TASK>
[  139.059651][ T8451] loop1: detected capacity change from 0 to 512
[  139.076602][ T8432] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.088550][ T8451] EXT4-fs: Ignoring removed oldalloc option
[  139.296955][ T8451] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  139.306277][ T8451] EXT4-fs (loop1): orphan cleanup on readonly fs
[  139.313102][ T8451] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.1747: Failed to acquire dquot type 1
[  139.325201][ T8451] EXT4-fs (loop1): 1 truncate cleaned up
[  139.331484][ T8451] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  139.350354][ T8451] __nla_validate_parse: 20 callbacks suppressed
[  139.350426][ T8451] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1747'.
[  139.536769][ T8476] loop3: detected capacity change from 0 to 2048
[  139.555760][ T8476] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.757426][ T8487] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1760'.
[  139.770390][ T8487] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.805652][ T3303] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.833088][ T8487] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.883320][ T8487] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.943379][ T8487] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.985795][ T8451] syz.1.1747 (8451) used greatest stack depth: 6160 bytes left
[  139.998078][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.000705][ T8487] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  140.026237][ T8487] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  140.038798][ T8487] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  140.050813][ T8487] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  140.140068][ T8513] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.173804][ T8513] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.224869][ T8513] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.254163][ T8518] loop3: detected capacity change from 0 to 512
[  140.274488][ T8513] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.288166][ T8518] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  140.330716][ T8513] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  140.343710][ T8518] EXT4-fs (loop3): 1 truncate cleaned up
[  140.349810][ T8518] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.352607][ T8513] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  140.384099][ T8513] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  140.396072][ T8513] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  140.513800][ T8524] loop1: detected capacity change from 0 to 512
[  140.520787][ T8524] EXT4-fs: Ignoring removed nomblk_io_submit option
[  140.572585][ T8524] EXT4-fs warning (device loop1): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  140.587656][ T8528] loop2: detected capacity change from 0 to 512
[  140.595747][ T8528] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  140.604904][ T8528] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  140.613432][ T8524] EXT4-fs (loop1): mount failed
[  140.617561][ T8534] loop4: detected capacity change from 0 to 764
[  140.625532][ T8528] EXT4-fs (loop2): warning: checktime reached, running e2fsck is recommended
[  140.636062][ T8534] iso9660: Unknown parameter 'kmem_cache_free'
[  140.642665][ T8528] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  140.655056][ T8528] System zones: 0-2, 18-18, 34-34
[  140.663637][ T8528] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  140.744366][ T8528] EXT4-fs (loop2): 1 truncate cleaned up
[  140.783538][ T8528] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.814120][ T8538] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1779'.
[  140.846839][ T8538] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.933465][ T8538] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.953003][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.011576][ T8550] loop0: detected capacity change from 0 to 512
[  141.023956][ T8538] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.056872][ T8550] EXT4-fs (loop0): orphan cleanup on readonly fs
[  141.075792][ T8550] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1784: bg 0: block 248: padding at end of block bitmap is not set
[  141.126229][ T8538] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.156574][ T8550] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.1784: Failed to acquire dquot type 1
[  141.211845][ T8550] EXT4-fs (loop0): 1 truncate cleaned up
[  141.226796][ T8550] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  141.298115][ T3304] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.527703][ T8538] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  141.545186][ T8538] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  141.565317][ T8538] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  141.597539][ T8538] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  141.652230][ T8571] loop1: detected capacity change from 0 to 512
[  141.660777][ T8573] FAULT_INJECTION: forcing a failure.
[  141.660777][ T8573] name failslab, interval 1, probability 0, space 0, times 0
[  141.673630][ T8573] CPU: 1 UID: 0 PID: 8573 Comm: syz.4.1792 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(voluntary) 
[  141.673657][ T8573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  141.673738][ T8573] Call Trace:
[  141.673746][ T8573]  <TASK>
[  141.673756][ T8573]  dump_stack_lvl+0xf6/0x150
[  141.673783][ T8573]  dump_stack+0x15/0x1a
[  141.673799][ T8573]  should_fail_ex+0x261/0x270
[  141.673821][ T8573]  should_failslab+0x8f/0xb0
[  141.673909][ T8573]  __kmalloc_node_track_caller_noprof+0xaa/0x410
[  141.673993][ T8573]  ? sidtab_sid2str_get+0xb8/0x140
[  141.674033][ T8573]  ? vsnprintf+0x84d/0x8a0
[  141.674068][ T8573]  kmemdup_noprof+0x2b/0x70
[  141.674157][ T8573]  sidtab_sid2str_get+0xb8/0x140
[  141.674199][ T8573]  security_sid_to_context_core+0x1eb/0x2f0
[  141.674234][ T8573]  security_sid_to_context+0x27/0x30
[  141.674308][ T8573]  selinux_lsmprop_to_secctx+0x6c/0xf0
[  141.674350][ T8573]  security_lsmprop_to_secctx+0x40/0x80
[  141.674376][ T8573]  audit_log_task_context+0x7a/0x180
[  141.674409][ T8573]  audit_log_task+0xfb/0x250
[  141.674459][ T8573]  audit_seccomp+0x68/0x130
[  141.674539][ T8573]  __seccomp_filter+0x694/0x10e0
[  141.674586][ T8573]  __secure_computing+0x7e/0x160
[  141.674621][ T8573]  syscall_trace_enter+0xcf/0x1f0
[  141.674656][ T8573]  ? fpregs_assert_state_consistent+0x83/0xa0
[  141.674701][ T8573]  do_syscall_64+0xaa/0x1c0
[  141.674725][ T8573]  ? clear_bhb_loop+0x25/0x80
[  141.674785][ T8573]  ? clear_bhb_loop+0x25/0x80
[  141.674809][ T8573]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.674828][ T8573] RIP: 0033:0x7f585ba3bb7c
[  141.674843][ T8573] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  141.674860][ T8573] RSP: 002b:00007f585a09f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  141.674888][ T8573] RAX: ffffffffffffffda RBX: 00007f585bc55fa0 RCX: 00007f585ba3bb7c
[  141.674902][ T8573] RDX: 000000000000000f RSI: 00007f585a09f0a0 RDI: 0000000000000004
[  141.674932][ T8573] RBP: 00007f585a09f090 R08: 0000000000000000 R09: 0000000000000000
[  141.674943][ T8573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  141.674953][ T8573] R13: 0000000000000000 R14: 00007f585bc55fa0 R15: 00007ffe35e40ef8
[  141.674972][ T8573]  </TASK>
[  141.912141][   T29] kauditd_printk_skb: 563 callbacks suppressed
[  141.912156][   T29] audit: type=1326 audit(1743547179.543:8555): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=8572 comm="syz.4.1792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f585ba3bb7c code=0x7ffc0000
[  141.939265][   T29] audit: type=1326 audit(1743547179.793:8556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8572 comm="syz.4.1792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f585ba3bc1f code=0x7ffc0000
[  141.962580][   T29] audit: type=1326 audit(1743547179.793:8557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8572 comm="syz.4.1792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f585ba3bdca code=0x7ffc0000
[  141.985856][   T29] audit: type=1326 audit(1743547179.793:8558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8572 comm="syz.4.1792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f585ba3d169 code=0x7ffc0000
[  142.009340][   T29] audit: type=1326 audit(1743547179.793:8559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8572 comm="syz.4.1792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f585ba3d169 code=0x7ffc0000
[  142.013522][ T8571] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  142.041932][ T8571] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  142.056256][ T8575] loop2: detected capacity change from 0 to 512
[  142.062948][ T8575] EXT4-fs: Ignoring removed bh option
[  142.069006][ T8575] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  142.093760][ T8575] EXT4-fs error (device loop2): __ext4_iget:5016: inode #11: block 786447: comm syz.2.1793: invalid block
[  142.110334][ T8571] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended
[  142.119611][ T8575] EXT4-fs error (device loop2): ext4_orphan_get:1395: comm syz.2.1793: couldn't read orphan inode 11 (err -117)
[  142.142587][ T8581] loop4: detected capacity change from 0 to 1024
[  142.143107][ T8575] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.151752][ T8581] EXT4-fs: Ignoring removed nobh option
[  142.166900][ T8581] EXT4-fs: Ignoring removed bh option
[  142.182147][ T8571] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  142.197058][ T8571] System zones: 0-2, 18-18, 34-34
[  142.204270][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.215101][ T8581] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.230633][ T8581] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[  142.246736][   T29] audit: type=1400 audit(1743547180.123:8560): avc:  denied  { mac_admin } for  pid=8580 comm="syz.4.1795" capability=33  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  142.267887][   T29] audit: type=1400 audit(1743547180.133:8561): avc:  denied  { relabelto } for  pid=8580 comm="syz.4.1795" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  142.295777][ T8585] FAULT_INJECTION: forcing a failure.
[  142.295777][ T8585] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  142.308883][ T8585] CPU: 0 UID: 0 PID: 8585 Comm: syz.2.1796 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(voluntary) 
[  142.308916][ T8585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  142.308927][ T8585] Call Trace:
[  142.308934][ T8585]  <TASK>
[  142.308956][ T8585]  dump_stack_lvl+0xf6/0x150
[  142.308998][ T8585]  dump_stack+0x15/0x1a
[  142.309018][ T8585]  should_fail_ex+0x261/0x270
[  142.309046][ T8585]  should_fail+0xb/0x10
[  142.309069][ T8585]  should_fail_usercopy+0x1a/0x20
[  142.309096][ T8585]  strncpy_from_user+0x25/0x230
[  142.309159][ T8585]  path_getxattrat+0xb8/0x2a0
[  142.309200][ T8585]  __x64_sys_getxattr+0x5c/0x70
[  142.309239][ T8585]  x64_sys_call+0x2bb7/0x2e10
[  142.309318][ T8585]  do_syscall_64+0xc9/0x1c0
[  142.309337][ T8585]  ? clear_bhb_loop+0x25/0x80
[  142.309357][ T8585]  ? clear_bhb_loop+0x25/0x80
[  142.309378][ T8585]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.309404][ T8585] RIP: 0033:0x7f562792d169
[  142.309421][ T8585] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  142.309509][ T8585] RSP: 002b:00007f5625f8f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bf
[  142.309580][ T8585] RAX: ffffffffffffffda RBX: 00007f5627b45fa0 RCX: 00007f562792d169
[  142.309595][ T8585] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000001340
[  142.309610][ T8585] RBP: 00007f5625f8f090 R08: 0000000000000000 R09: 0000000000000000
[  142.309624][ T8585] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  142.309638][ T8585] R13: 0000000000000001 R14: 00007f5627b45fa0 R15: 00007ffc926af4a8
[  142.309656][ T8585]  </TASK>
[  142.506573][   T29] audit: type=1400 audit(1743547180.393:8562): avc:  denied  { write } for  pid=8580 comm="syz.4.1795" name="file0" dev="loop4" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  142.532689][   T29] audit: type=1400 audit(1743547180.393:8563): avc:  denied  { add_name } for  pid=8580 comm="syz.4.1795" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 trawcon="system_u:object_r:fsadm_exec_t:s0"
[  142.557242][   T29] audit: type=1400 audit(1743547180.393:8564): avc:  denied  { read open } for  pid=8580 comm="syz.4.1795" path="/325/file1/file0/bus" dev="loop4" ino=19 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  142.593628][ T8571] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  142.608809][ T8586] SELinux:  Context system_u:object_r:man_t:s0 is not valid (left unmapped).
[  142.633465][ T8588] SELinux: syz.2.1797 (8588) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  142.643088][ T8571] EXT4-fs (loop1): 1 truncate cleaned up
[  142.671402][ T8571] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.797553][ T8592] loop2: detected capacity change from 0 to 512
[  142.811926][ T8592] EXT4-fs (loop2): orphan cleanup on readonly fs
[  142.825168][ T8592] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1798: bg 0: block 248: padding at end of block bitmap is not set
[  142.852732][ T3307] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.892953][ T8592] EXT4-fs error (device loop2): ext4_acquire_dquot:6935: comm syz.2.1798: Failed to acquire dquot type 1
[  142.926798][ T8592] EXT4-fs (loop2): 1 truncate cleaned up
[  142.937250][ T8592] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  142.996026][ T3311] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.070330][ T3312] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.247518][ T8605] loop2: detected capacity change from 0 to 2048
[  143.471984][ T8607] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  143.480613][ T8607] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  143.509400][ T8617] loop1: detected capacity change from 0 to 256
[  143.530636][ T8617] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  143.556776][ T8617] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  143.696342][ T8628] SELinux: failed to load policy
[  143.723131][ T8630] siw: device registration error -23
[  143.798690][ T8634] loop3: detected capacity change from 0 to 512
[  143.806667][ T8634] EXT4-fs (loop3): orphan cleanup on readonly fs
[  143.813867][ T8634] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1811: bg 0: block 248: padding at end of block bitmap is not set
[  143.829777][ T8634] EXT4-fs error (device loop3): ext4_acquire_dquot:6935: comm syz.3.1811: Failed to acquire dquot type 1
[  143.841722][ T8634] EXT4-fs (loop3): 1 truncate cleaned up
[  143.922777][ T8637] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1812'.
[  144.061805][ T8643] loop4: detected capacity change from 0 to 512
[  144.070746][ T8643] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  144.085795][ T8643] EXT4-fs (loop4): mount failed
[  144.253300][ T8658] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1818'.
[  144.294665][ T8658] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.313911][ T8661] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1819'.
[  144.322847][ T8661] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1819'.
[  144.355038][ T8658] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.384346][ T8661] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1819'.
[  144.393358][ T8661] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1819'.
[  144.402274][ T8661] netlink: 2 bytes leftover after parsing attributes in process `syz.4.1819'.
[  144.428980][ T8658] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.462756][ T8661] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1819'.
[  144.521145][ T8667] loop0: detected capacity change from 0 to 128
[  144.542884][ T8658] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.585995][ T8666] loop2: detected capacity change from 0 to 764
[  144.604197][ T8666] iso9660: Unknown parameter 'kmem_cache_free'
[  144.717042][ T8658] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  144.813333][ T8658] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  144.860784][ T8658] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  144.923387][ T8658] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  145.028955][  T372] kworker/u8:5: attempt to access beyond end of device
[  145.028955][  T372] loop0: rw=1, sector=145, nr_sectors = 8 limit=128
[  145.046053][  T372] kworker/u8:5: attempt to access beyond end of device
[  145.046053][  T372] loop0: rw=1, sector=161, nr_sectors = 8 limit=128
[  145.059758][  T372] kworker/u8:5: attempt to access beyond end of device
[  145.059758][  T372] loop0: rw=1, sector=177, nr_sectors = 16 limit=128
[  145.073441][  T372] kworker/u8:5: attempt to access beyond end of device
[  145.073441][  T372] loop0: rw=1, sector=201, nr_sectors = 8 limit=128
[  145.087238][ T8679] Falling back ldisc for ttyS3.
[  145.092740][  T372] kworker/u8:5: attempt to access beyond end of device
[  145.092740][  T372] loop0: rw=1, sector=217, nr_sectors = 8 limit=128
[  145.129842][  T372] kworker/u8:5: attempt to access beyond end of device
[  145.129842][  T372] loop0: rw=1, sector=233, nr_sectors = 8 limit=128
[  145.144756][  T372] kworker/u8:5: attempt to access beyond end of device
[  145.144756][  T372] loop0: rw=1, sector=249, nr_sectors = 8 limit=128
[  145.158532][  T372] kworker/u8:5: attempt to access beyond end of device
[  145.158532][  T372] loop0: rw=1, sector=265, nr_sectors = 8 limit=128
[  145.172364][  T372] kworker/u8:5: attempt to access beyond end of device
[  145.172364][  T372] loop0: rw=1, sector=281, nr_sectors = 8 limit=128
[  145.202931][  T372] kworker/u8:5: attempt to access beyond end of device
[  145.202931][  T372] loop0: rw=1, sector=297, nr_sectors = 8 limit=128
[  145.226794][ T8687] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1830'.
[  145.235841][ T8687] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1830'.
[  145.256308][ T8687] xt_cgroup: xt_cgroup: no path or classid specified
[  145.279106][ T8693] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1831'.
[  145.314215][ T8695] loop1: detected capacity change from 0 to 764
[  145.320937][ T8695] iso9660: Unknown parameter 'kmem_cache_free'
[  145.333859][ T8699] siw: device registration error -23
[  145.364887][ T8704] FAULT_INJECTION: forcing a failure.
[  145.364887][ T8704] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  145.365027][ T8701] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1835'.
[  145.378253][ T8704] CPU: 1 UID: 0 PID: 8704 Comm: syz.1.1837 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(voluntary) 
[  145.378290][ T8704] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  145.378321][ T8704] Call Trace:
[  145.378330][ T8704]  <TASK>
[  145.378341][ T8704]  dump_stack_lvl+0xf6/0x150
[  145.378386][ T8704]  dump_stack+0x15/0x1a
[  145.378458][ T8704]  should_fail_ex+0x261/0x270
[  145.378486][ T8704]  should_fail_alloc_page+0xfd/0x110
[  145.378523][ T8704]  __alloc_frozen_pages_noprof+0x11e/0x340
[  145.378615][ T8704]  alloc_pages_mpol+0xb6/0x260
[  145.378641][ T8704]  vma_alloc_folio_noprof+0x1a2/0x310
[  145.378670][ T8704]  do_wp_page+0x652/0x2380
[  145.378708][ T8704]  ? __rcu_read_lock+0x36/0x50
[  145.378816][ T8704]  handle_mm_fault+0xc78/0x2b30
[  145.378864][ T8704]  exc_page_fault+0x3b9/0x650
[  145.378907][ T8704]  asm_exc_page_fault+0x26/0x30
[  145.378960][ T8704] RIP: 0033:0x7f941fdefbe3
[  145.378979][ T8704] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  145.379000][ T8704] RSP: 002b:00007f941e5964a0 EFLAGS: 00010202
[  145.379020][ T8704] RAX: 0000000000000400 RBX: 00007f941e596540 RCX: 00007f9416177000
[  145.379035][ T8704] RDX: 00007f941e5966e0 RSI: 0000000000000019 RDI: 00007f941e5965e0
[  145.379050][ T8704] RBP: 00000000000000f9 R08: 0000000000000008 R09: 00000000000000b0
[  145.379065][ T8704] R10: 00000000000000c2 R11: 00007f941e596540 R12: 0000000000000001
[  145.379120][ T8704] R13: 00007f941ffc93e0 R14: 0000000000000020 R15: 00007f941e5965e0
[  145.379144][ T8704]  </TASK>
[  145.379158][ T8704] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  145.428081][ T8705] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  145.464273][ T8707] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1838'.
[  145.467034][ T8704] loop1: detected capacity change from 0 to 512
[  145.475017][ T8705] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  145.479543][ T8704] EXT4-fs: Ignoring removed oldalloc option
[  145.561088][ T8709] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  145.567963][ T8704] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm syz.1.1837: Parent and EA inode have the same ino 15
[  145.574768][ T8709] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  145.579604][ T8704] EXT4-fs error (device loop1): ext4_xattr_inode_iget:433: comm syz.1.1837: Parent and EA inode have the same ino 15
[  145.634771][ T8704] EXT4-fs (loop1): 1 orphan inode deleted
[  145.637936][ T8707] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.671355][ T8714] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1839'.
[  145.713357][ T8707] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.752356][ T8716] Falling back ldisc for ttyS3.
[  145.763701][ T8707] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.814724][ T8707] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.840675][ T8727] loop2: detected capacity change from 0 to 2048
[  145.881694][ T8707] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  145.893718][ T8707] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  145.905554][ T8707] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  145.917465][ T8707] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  145.949076][ T8732] SELinux: syz.4.1847 (8732) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  145.995530][ T8735] loop4: detected capacity change from 0 to 2048
[  146.076378][ T8742] siw: device registration error -23
[  146.184406][ T8746] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  146.194274][ T8746] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  146.362318][ T8755] Falling back ldisc for ttyS3.
[  146.379873][ T8761] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.399692][ T8763] loop4: detected capacity change from 0 to 2048
[  146.423700][ T8761] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.483691][ T8761] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.524399][ T8761] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.603124][ T8770] loop4: detected capacity change from 0 to 2048
[  146.857149][ T8779] loop4: detected capacity change from 0 to 128
[  147.666960][   T29] kauditd_printk_skb: 10032 callbacks suppressed
[  147.666975][   T29] audit: type=1326 audit(1743547185.553:18592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8782 comm="syz.4.1864" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f585ba3d169 code=0x0
[  148.398118][   T29] audit: type=1400 audit(1743547186.283:18593): avc:  denied  { map_create } for  pid=8789 comm="syz.3.1866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  148.417565][   T29] audit: type=1400 audit(1743547186.283:18594): avc:  denied  { perfmon } for  pid=8789 comm="syz.3.1866" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  148.438781][   T29] audit: type=1400 audit(1743547186.283:18595): avc:  denied  { map_read map_write } for  pid=8789 comm="syz.3.1866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  148.458882][   T29] audit: type=1400 audit(1743547186.283:18596): avc:  denied  { name_bind } for  pid=8789 comm="syz.3.1866" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1
[  148.480879][   T29] audit: type=1400 audit(1743547186.283:18597): avc:  denied  { node_bind } for  pid=8789 comm="syz.3.1866" saddr=::1 src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1
[  148.502716][   T29] audit: type=1400 audit(1743547186.283:18598): avc:  denied  { prog_load } for  pid=8789 comm="syz.3.1866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  148.522007][   T29] audit: type=1400 audit(1743547186.283:18599): avc:  denied  { bpf } for  pid=8789 comm="syz.3.1866" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  148.542746][   T29] audit: type=1400 audit(1743547186.283:18600): avc:  denied  { prog_run } for  pid=8789 comm="syz.3.1866" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  148.561938][   T29] audit: type=1400 audit(1743547186.353:18601): avc:  denied  { read write } for  pid=3303 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  148.852738][ T8761] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  148.868622][ T8761] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  148.882265][ T8761] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  148.895389][ T8761] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  149.052793][ T8817] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.190554][ T8817] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.231509][ T8820] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  149.241408][ T8820] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  149.280756][ T8820] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  149.289559][ T8820] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  149.298316][ T8817] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.324494][ T8822] loop2: detected capacity change from 0 to 2048
[  149.413560][ T8817] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.627327][ T8833] loop3: detected capacity change from 0 to 512
[  149.634534][ T8833] /dev/loop3: Can't open blockdev
[  149.991831][ T8847] __nla_validate_parse: 8 callbacks suppressed
[  149.991850][ T8847] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1884'.
[  150.014816][ T8847] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.076896][ T8847] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.113717][ T8847] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.153692][ T8847] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  150.201584][ T8847] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  150.213880][ T8847] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  150.227109][ T8847] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  150.240103][ T8847] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  150.606526][ T8863] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  150.627457][ T8863] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  151.160596][ T8865] siw: device registration error -23
[  151.302034][ T8869] Falling back ldisc for ttyS3.
[  151.334181][ T8871] 9pnet_fd: Insufficient options for proto=fd
[  151.361715][ T8873] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  151.371625][ T8873] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  151.437512][ T8874] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  151.447219][ T8874] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  151.614474][ T8878] loop3: detected capacity change from 0 to 2048
[  151.801432][ T8885] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1896'.
[  151.811765][ T8885] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.863533][ T8885] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.913735][ T8885] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.954136][ T8885] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.009147][ T8885] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  152.020397][ T8885] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  152.031326][ T8885] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  152.042587][ T8885] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  152.093014][ T8890] loop3: detected capacity change from 0 to 2048
[  152.195625][ T8893] ==================================================================
[  152.203749][ T8893] BUG: KCSAN: data-race in filemap_write_and_wait_range / xas_set_mark
[  152.212009][ T8893] 
[  152.214330][ T8893] write to 0xffff888106706624 of 4 bytes by task 8890 on cpu 1:
[  152.221964][ T8893]  xas_set_mark+0x13d/0x150
[  152.226491][ T8893]  __folio_start_writeback+0x1ea/0x440
[  152.231995][ T8893]  ext4_bio_write_folio+0x591/0x9d0
[  152.237204][ T8893]  mpage_process_page_bufs+0x488/0x5d0
[  152.242690][ T8893]  mpage_prepare_extent_to_map+0x791/0xb80
[  152.248532][ T8893]  ext4_do_writepages+0xa3b/0x21d0
[  152.253655][ T8893]  ext4_writepages+0x183/0x320
[  152.258429][ T8893]  do_writepages+0x1d8/0x480
[  152.263050][ T8893]  file_write_and_wait_range+0x16e/0x2f0
[  152.268704][ T8893]  generic_buffers_fsync_noflush+0x46/0x120
[  152.274634][ T8893]  ext4_sync_file+0x1c3/0x6c0
[  152.279438][ T8893]  vfs_fsync_range+0x116/0x130
[  152.284213][ T8893]  ext4_buffered_write_iter+0x358/0x3c0
[  152.289778][ T8893]  ext4_file_write_iter+0xe49/0xf80
[  152.294994][ T8893]  iter_file_splice_write+0x5f2/0x980
[  152.300378][ T8893]  direct_splice_actor+0x160/0x2c0
[  152.305512][ T8893]  splice_direct_to_actor+0x305/0x680
[  152.310968][ T8893]  do_splice_direct+0xd9/0x150
[  152.315788][ T8893]  do_sendfile+0x40a/0x690
[  152.320235][ T8893]  __x64_sys_sendfile64+0x113/0x160
[  152.325449][ T8893]  x64_sys_call+0xfc3/0x2e10
[  152.330071][ T8893]  do_syscall_64+0xc9/0x1c0
[  152.334579][ T8893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.340475][ T8893] 
[  152.342797][ T8893] read to 0xffff888106706624 of 4 bytes by task 8893 on cpu 0:
[  152.350340][ T8893]  filemap_write_and_wait_range+0x105/0x370
[  152.356258][ T8893]  filemap_invalidate_pages+0xa8/0x1a0
[  152.361774][ T8893]  kiocb_invalidate_pages+0x6c/0x80
[  152.366989][ T8893]  __iomap_dio_rw+0x5d4/0x12a0
[  152.371785][ T8893]  iomap_dio_rw+0x40/0x90
[  152.376121][ T8893]  ext4_file_write_iter+0xba9/0xf80
[  152.381356][ T8893]  iter_file_splice_write+0x5f2/0x980
[  152.386735][ T8893]  direct_splice_actor+0x160/0x2c0
[  152.391868][ T8893]  splice_direct_to_actor+0x305/0x680
[  152.397296][ T8893]  do_splice_direct+0xd9/0x150
[  152.402089][ T8893]  do_sendfile+0x40a/0x690
[  152.406522][ T8893]  __x64_sys_sendfile64+0x113/0x160
[  152.411739][ T8893]  x64_sys_call+0xfc3/0x2e10
[  152.416342][ T8893]  do_syscall_64+0xc9/0x1c0
[  152.420848][ T8893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.426779][ T8893] 
[  152.429103][ T8893] value changed: 0x0a000021 -> 0x04000021
[  152.434817][ T8893] 
[  152.437157][ T8893] Reported by Kernel Concurrency Sanitizer on:
[  152.443316][ T8893] CPU: 0 UID: 0 PID: 8893 Comm: syz.3.1898 Not tainted 6.14.0-syzkaller-11270-g08733088b566 #0 PREEMPT(voluntary) 
[  152.455398][ T8893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  152.465501][ T8893] ==================================================================
[  153.227853][ T8817] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  153.238830][ T8817] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  153.249804][ T8817] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  153.261224][ T8817] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0