last executing test programs:

1.666622228s ago: executing program 4 (id=1199):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f00000002c0)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
sendfile(r0, r0, &(0x7f00000001c0)=0x3, 0x5)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x84}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0x18, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018160000f44dded2c1b58f89dbb9bbf2e1ad8008e52ad6070115188c14381288e02470baa91700bbe4ca204a7e8d45b08f3297fa4e79e3aad480c96e58675665e64175054c3428279be02e7e57ada774ac3748aab19acb1f04b55dd8d46b3346d51b06be09c8f1434e3f1d6a1ac2beeea7077aec1f7897d6610ae11048581d758956f21e24cbc7bc124ddf95368eae9fc0729dfbd2117e9cc741540d5cbee252af8aa87e73b12646cd6420ed9bca4c5e3ef3fd13b94b35d574186e3a034e730c4486d2", @ANYRESHEX, @ANYRES8=<r1=>0xffffffffffffffff], 0x0, 0x500000, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r3, 0x5608, 0x2)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x5, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000003, 0x0, @perf_bp={&(0x7f0000000080), 0x2}, 0x402, 0xffffffff, 0x7, 0x9, 0x8, 0x1, 0xfff9, 0x0, 0xa6, 0x0, 0x5}, 0x0, 0x804, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001900)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='page_pool_release\x00', r4}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0xc080)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
acct(&(0x7f00000001c0)='./file0\x00')
mount$nfs4(&(0x7f00000001c0)='\x00', &(0x7f0000000240)='.\x00', &(0x7f00000003c0), 0x200000, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000a00)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={0xffffffffffffffff, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000400)=ANY=[@ANYRES64, @ANYRES8=0x0, @ANYRES32=r1, @ANYRES64=0x0, @ANYRES16=r2], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000040)=0x14)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000003c0)=0x1)

1.569985929s ago: executing program 4 (id=1201):
syz_mount_image$ext4(&(0x7f0000000880)='ext2\x00', &(0x7f0000000000)='./file1\x00', 0x21000e, &(0x7f0000000380), 0xde, 0x529, &(0x7f00000008c0)="$eJzs3c1vHGcZAPBnxrvBaVzsAodSqR+iQUkF2Y1r2loc2iIQt0qgcg+WvbGsrLORd93GVoUc8QcgIQSVOHHigsSNCxLqn4CQKtE7AgRCkMKBAzBoZmdTZ5n1h7ofwf79pHf3nXd253nejXf2nY/MBHBuPRcRr0fEXES8EBGLZXtaljjol/x1H95/Zz0vefObf00iKdsiiuoDl8q3zfefKnX39m+ttdutnXK62du+0+zu7V/b2l7bbG22bq+sLL+8+srqS6vXx9LPvF+vfu2PP/zeT7/+6q+++Pbvbvz56nfypL9azh/0a3yKTy8+KB7r+WfxQC0idsYbbGbmyv7UZ50IAAAnko9SPxURnyvG/4sxV4zmCsNDuvnpZwcAAACMQ/baQvwricgAAACAM+u1iFiIJG2U5wIsRJo2Gv1zeD8Tj6XtTrf3hZud3dsb+byIpainN7farevlObVLUU/y6eWi/tH0i0PTKxHxRET8YPFiMd1Y77Q3Zr3zAwAAAM6JS0Pb//9Y7G//AwAAAGfM0qwTAAAAACZu1PZ/MuU8AAAAgMlx/B8AAADOtG+88UZessH9rzfe2tu91Xnr2kare6uxvbveWO/s3GlsdjqbxTX7to9aVj0i2p3OnS9F7N5t9lrdXrO7t39ju7N7u3djy/0DAQAAYFaeePa9D5KIOPjyxaLkLuQPcyPe4FwBODPS07z4D5PLA5i+UT/zJ3BhnHkA01ebdQLA7BzMOgFg1h661EfFoODwyTsP7TP49eRyAgAAxuvKZ6uP/9fK8/mBs+tUx/+BM+VjHP8H/s85/g/nV/1UI4B7E8wEmJXjbvUx8uIdVcf/K88MzrJjlwUAAEzUQlGeTRvlscCFSNNGI+Lx4r/615ObW+3W9Yj4ZET8drH+iXx6uXhn4vaAAAAAAAAAAAAAAAAAAAAAAAAAAHBCWZZEBgAAAJxpEemfkvL+X1cWLy8M7x+4kPxzMcpber394zd/dHet19tZztv/9qC9927Z/uIs9mAAAADAeVQ7cu5gO32wHQ8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4/Th/XfWB2Wacf/ylYhYqopfi/nieT7qEfHY35OoHXpfEhFzY4h/cC8inqyKn+RpxVKZxXD8NCIuTif+01mWVca/NIb4cJ69l69/Xq/6/qXxXPFc/f2vleXjemj9d+EXh+akD9Z/cyPWf4+fMMZT7/+8OTL+vYinatXrn0H8ZET856sWWPGhfPtb+/v/09hfeGQ/ibhS+fuTPBSr2du+0+zu7V/b2l7bbG22bq+sLL+8+srqS6vXmze32q3ysbKP33/6l/8Zavp31lf0P0bEXzqm/5fzSv1QYzYcpgz2/t37n+5X60OLKOJffb767+/JI+LnfxOfL38H8vlXBvWDfv2wZ372m2cqEyvjb4zo/3H//ldHLXTIC9/87u9P+FIAYAq6e/u31trt1s7EK+9mWTatWCevRHrSFxfDxal+YtOtDEZ3Ewsx/6j0dMqVy49GGqepjGPPFgAA8Kj5aNA/60wAAAAAAAAAAAAAAAAAAADg/OruRTrpy4kNxzyYTVcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI703wAAAP//4wvZIQ==")
pread64(0xffffffffffffffff, &(0x7f0000000240)=""/217, 0xd9, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0xf5ff, 0x2)

936.179727ms ago: executing program 0 (id=1210):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = io_uring_setup(0x192, &(0x7f0000000300)={0x0, 0x4178, 0x400, 0x8000002, 0x3d7})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$FIDEDUPERANGE(r2, 0xc0189436, &(0x7f0000000000)={0x4, 0x4})
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000780)=ANY=[@ANYBLOB="61122400000000006113340000000000bf1000000000000015000200091b00003d030100000000008701000000000000bc26000000000000bf67000000000000560300000ee600f06702000014000000160300000ee600f0bf050000000000000f610000000000006507f4ff02000400070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a82983d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf719506d2d6b05fe7030586e3f640f9f7e9a73b761ad4f0952a70046270d2b6436fdeecd791614ed46de741eb8cf91c046ef9beca574b350021c7ec6ef130f53748068ca432dae4e248b22b9ad8b2811f67916a1764578cba4b069037bfb3362d5691ac397f7e207145d970f0d97867552629b146645c785fb77dbeca38e49a9d5221f1f45f0a25890d04d91a15a05ae7e7ed6252c3d6c1973fb858de1da70d67317e7872b0603ce47ed2c1520e71b527bb42aa2e20e1e85df73736ed0a782ab7e7278dd54358cfdf6313d40f926332623625b49626481054787ab2dff85a9bebd6b317f26c691a65aa97bb3d1506a3a565e9c7ea5ad4611d2d77ee8a5c1b23814a26b6a20061fbb65bdd03770fa849f2a29ba69f90625f42592a70ba890f7a92878ae73574c3a233ee5954119931a1905210715fa77a8795f2fbec3797cb90f59fe8a4abec25f40c87bf25b750bbaa"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r4}, 0x18)
r5 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xb, 0x2, 0x0, 0x0, 0x0, 0x0, 0x20029, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0, 0xd}, 0x806, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x40082406, &(0x7f00000003c0)='cpu\t>0&&\t')
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=ANY=[@ANYRES32=r4, @ANYRES16=r1, @ANYRESDEC, @ANYRESOCT=r5], 0x64}, 0x1, 0x0, 0x0, 0x400d4}, 0x20004000)
close_range(r1, 0xffffffffffffffff, 0x0)

935.823447ms ago: executing program 4 (id=1211):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES64=0x0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
sendfile(r1, r1, &(0x7f00000001c0)=0x3, 0x5)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x84}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0x18, &(0x7f0000000680)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYRES8=<r2=>0xffffffffffffffff], 0x0, 0x500000, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r4, 0x5608, 0x2)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x5, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000003, 0x0, @perf_bp={&(0x7f0000000080), 0x2}, 0x402, 0xffffffff, 0x7, 0x9, 0x8, 0x1, 0xfff9, 0x0, 0xa6, 0x0, 0x5}, 0x0, 0x804, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001900)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='page_pool_release\x00', r5}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0xc080)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
acct(&(0x7f00000001c0)='./file0\x00')
mount$nfs4(&(0x7f00000001c0)='\x00', &(0x7f0000000240)='.\x00', &(0x7f00000003c0), 0x200000, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000a00)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={0xffffffffffffffff, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000400)=ANY=[@ANYRES64, @ANYRES8=0x0, @ANYRES32=r2, @ANYRES64=0x0, @ANYRES16=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x14)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000003c0)=0x1)

906.655958ms ago: executing program 0 (id=1212):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
sendfile(r1, r1, &(0x7f00000001c0)=0x3, 0x5)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x84}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0x18, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018160000f44dded2c1b58f89dbb9bbf2e1ad8008e52ad6070115188c14381288e02470baa91700bbe4ca204a7e8d45b08f3297fa4e79e3aad480c96e58675665e64175054c3428279be02e7e57ada774ac3748aab19acb1f04b55dd8d46b3346d51b06be09c8f1434e3f1d6a1ac2beeea7077aec1f7897d6610ae11048581d758956f21e24cbc7bc124ddf95368eae9fc0729dfbd2117e9cc741540d5cbee252af8aa87e73b12646cd6420ed9bca4c5e3ef3fd13b94b35d574186e3a034e730c4486d2", @ANYRESHEX=r0, @ANYRES8=<r2=>0xffffffffffffffff], 0x0, 0x500000, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r4, 0x5608, 0x2)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x5, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000003, 0x0, @perf_bp={&(0x7f0000000080), 0x2}, 0x402, 0xffffffff, 0x7, 0x9, 0x8, 0x1, 0xfff9, 0x0, 0xa6, 0x0, 0x5}, 0x0, 0x804, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001900)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='page_pool_release\x00', r5}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0xc080)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
acct(&(0x7f00000001c0)='./file0\x00')
mount$nfs4(&(0x7f00000001c0)='\x00', &(0x7f0000000240)='.\x00', &(0x7f00000003c0), 0x200000, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000a00)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={0xffffffffffffffff, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000400)=ANY=[@ANYRES64, @ANYRES8=0x0, @ANYRES32=r2, @ANYRES64=0x0, @ANYRES16=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x14)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000003c0)=0x1)

811.217959ms ago: executing program 4 (id=1214):
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x101343)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)=ANY=[@ANYBLOB="880000000101010100000000000000000a0000000c0019800800010005000000680001802c0001"], 0x88}}, 0x24044004)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000080)=0x9, 0x8, 0x0)

728.03257ms ago: executing program 4 (id=1215):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000c80)=@deltaction={0x2d0, 0x31, 0x400, 0x70bd27, 0x25dfdbfc, {}, [@TCA_ACT_TAB={0x48, 0x1, [{0x10, 0x1d, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'mirred\x00'}}, {0xc, 0x14, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x80000001}}, {0x10, 0x3, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x3, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x15, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @TCA_ACT_TAB={0x54, 0x1, [{0xc, 0x12, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}, {0xc, 0x2, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0x10, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0xc, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0x10, 0x0, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}]}, @TCA_ACT_TAB={0x40, 0x1, [{0x10, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0xc, 0xc, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xff}}, {0x10, 0xe, 0x0, 0x0, @TCA_ACT_KIND={0xc, 0x1, 'skbedit\x00'}}, {0x10, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}]}, @TCA_ACT_TAB={0x50, 0x1, [{0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}, {0x14, 0xe, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}, {0x10, 0x11, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0x10, 0x4, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}]}, @TCA_ACT_TAB={0x8c, 0x1, [{0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0x10, 0x1b, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0x10, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}, {0xc, 0xb, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3289}}, {0x10, 0x18, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}, {0x10, 0x14, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x18, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffffa}}, {0xc, 0x8, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x6}}]}, @TCA_ACT_TAB={0x68, 0x1, [{0xc, 0x16, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4ea88204}}, {0xc, 0xb, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0x14, 0xa, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}, {0x10, 0x16, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'skbmod\x00'}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7fffffff}}, {0xc, 0x7, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x40000}}, {0x10, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x14, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8001}}]}, @TCA_ACT_TAB={0x7c, 0x1, [{0xc, 0x18, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}, {0x10, 0x5, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'sample\x00'}}, {0xc, 0x17, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x10, 0xc, 0x0, 0x0, @TCA_ACT_KIND={0xb, 0x1, 'police\x00'}}, {0xc, 0x18, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0x10, 0x3, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0xc, 0xd, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0x12, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfb67}}, {0xc, 0x19, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x3}}]}, @TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x16, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}]}]}, 0x2d0}, 0x1, 0x0, 0x0, 0x24000004}, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x8, &(0x7f0000000080)={[{@sb={'sb', 0x3d, 0x1}}, {@nodioread_nolock}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{}, &(0x7f0000000040), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket(0x8000000010, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0}}, 0x20)
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x68, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, @perf_config_ext={0x7, 0xfffffffffffffffc}, 0x103200, 0x1, 0x840000, 0x5, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{}, {0x0, 0x4}, {0x0, 0x4, 0x10009, 0x5}], 0x10, 0xfffffff7, @void, @value}, 0x94)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803002d000b12d25a80648c2594f90124fc60100c020000040000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
ioctl$SCSI_IOCTL_DOORLOCK(0xffffffffffffffff, 0x5380)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8002, 0x0)

710.56652ms ago: executing program 0 (id=1216):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYRESDEC=r0], 0x50)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = syz_open_dev$usbfs(0x0, 0x1ff, 0x2000)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'hsr0\x00', <r7=>0x0})
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r8}, 0x18)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001100)=@newlink={0x3c, 0x10, 0x1, 0x70bd2d, 0x2, {0x0, 0x0, 0x0, 0x0, 0x10104, 0x1}, [@IFLA_IFNAME={0x14, 0x3, 'macvtap0\x00'}, @IFLA_TXQLEN={0x8, 0xd, 0x6c790d25}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000080}, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendto$packet(r5, &(0x7f0000000140)="33aaf14f564b1bf220cb1137d54b", 0xe, 0x20048844, &(0x7f0000000200)={0x11, 0x2, r7, 0x1, 0x6}, 0x14)
sendmsg$nl_route_sched(r10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r7, {}, {}, {0x13}}}, 0x24}}, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000400)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', r7, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r11}, 0x10)
r12 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r12, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000180)=@keyring={'key_or_keyring:', r12})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r13}, 0x10)
r14 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r14, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=ANY=[@ANYBLOB="14000000100001000000000000000000ef5b000a20000000000a03000000000000000000070000000900010073797a30000000006c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000003f28001280140001800c000100636f756e74657200040002801000015e0c000100636f756e7465720008000340000001"], 0xb4}, 0x1, 0x0, 0x0, 0x8000}, 0x20050800)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x4e24, 0x8000, @local, 0x8}]}, &(0x7f0000000180)=0x10)

708.837971ms ago: executing program 4 (id=1217):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000140), 0x4)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r4 = accept(r1, 0x0, 0x0)
sendmsg$AUDIT_USER_AVC(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000740)=ANY=[], 0x454}, 0x1, 0x0, 0x0, 0x30000004}, 0x0)
recvfrom(r3, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r0}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r6, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x8)
connect$inet6(r6, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r6, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r6, &(0x7f0000004b80)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="8252", 0x2}], 0x1}}], 0x1, 0x4000c000)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0, &(0x7f0000000300)}, 0x20)
sendto$inet6(r6, &(0x7f0000000300), 0x16, 0x0, 0x0, 0xfffffffffffffdfd)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r5}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18090000002300810000000000000000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r8}, 0x10)
syz_mount_image$ext4(0x0, &(0x7f00000001c0)='./file0\x00', 0x40000, 0x0, 0x1, 0x0, &(0x7f0000000380))
pipe2$9p(&(0x7f0000002180)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000580)=ANY=[@ANYRES32=r7, @ANYRESHEX=r9, @ANYBLOB="2c776664c7103d", @ANYRESHEX=r10, @ANYBLOB=',cache=readahead,\x00'])

660.085951ms ago: executing program 0 (id=1218):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
statx(r0, &(0x7f00000001c0)='./mnt\x00', 0x1000, 0x100, &(0x7f0000000080)) (async)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r0, 0xc0189379, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r1=>r0}, './mnt\x00'})
unshare(0x22020600) (async)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200003, 0x0, 0x0, 0x3}) (async)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000005c0)={@ifindex, 0x11, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) (async)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x65, &(0x7f0000000180)=[@in={0x2, 0x4e20, @multicast1}], 0x10)

568.134472ms ago: executing program 3 (id=1220):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1, 0x0, 0x1}, 0x18)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000100))
write$ppp(r2, &(0x7f0000000300)="bdb77971e737c5d65a7f23ee9a07730ce37a9a11fb77b6e0caea19b62bfa01000080000000007551eb369708e724a588402cdf4ea4ab1d788c4dc1d68d0182bffe2dd33cb75960b4fcf62c1e8251e65f770c4fc4232585bb17c26a23812c4d49a9cdef906b868014a27c81dd4200"/123, 0xffffff89)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x18)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
r5 = socket$rxrpc(0x21, 0x2, 0xa)
recvfrom$rxrpc(r5, &(0x7f0000000180)=""/27, 0x1b, 0x1, &(0x7f0000000400)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e23, 0x6, @private0, 0xb}}, 0x24)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a05000000000000000000020000000900020073797a310008000008000440000000000900010073797a30000000000800034000000009"], 0x64}, 0x1, 0x0, 0x0, 0x20048801}, 0x10)

554.781402ms ago: executing program 0 (id=1221):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r1=>r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r3)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_WIPHY(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYRES64=r1], 0x28}}, 0x0)

544.527852ms ago: executing program 3 (id=1222):
arch_prctl$ARCH_GET_GS(0x1004, &(0x7f0000000080))
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$rds(0x15, 0x5, 0x0)
socket$kcm(0x29, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
execve(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = getpid()
arch_prctl$ARCH_GET_GS(0x1004, &(0x7f00000002c0))
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x40002, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
unshare(0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[], 0x48)
writev(r0, &(0x7f00000004c0)=[{&(0x7f00000003c0)}, {&(0x7f0000000640)="8a2d4cdb757ed3507c8db40fa71c9d42950fe4c8628356d86b695655266f30c2d619d423924dcd0fa58a75c5cfb8ea7fd6a7605f73e1a9f639c9f10fad984890f77767692a75cc5d03fa7d35ce1679a6ec9a0b7b1a2ddd87eb3c7dfa411bd14a92e9e8e555eb6fee6379b7bcb69de67aa16465b170e7448a1e6fe535b1cb0289398a0e0de8a35c2c3d6d9df35b236f9ffa568ef19402b890e8cae46986c007955b0435f6cb1b7ca6dd8fc3769aec521cbd2eed06ebff3f6c6bc784dc750c0fa3f9d00bde6cd906a6aeff3f06473e307e2dbc9480dc52d04e0ec1571b37c9ac8d6d7ecb2ffcdbe6af4ab6175b6f1865ab21978a1dc1247a6d35a417ff2a887ede617bc1edd1bcf386879060f7971499c9bb22e9dd88153bb2dbdb2f4507df7c04ab546b0808947f01f0b50df6bdfe1ec24e2844504c60023af9b98d81fb5d479310d044c45dea98934549ba3f32e4c7d0b988310134c6d81fe584eb2db93b833082866e2b58d8d08984737be7a0b3128ee0274fe5f0a4f250461889b3823ac8e13e0dd51e856e38312df7953e96beaf599e35e106e9d20e07c24283a2a6c3447423afb0eb4c75acd9876b64db195836a61288a819e464bebbee806a91b416be8c428930783126229e9722d680fa845a2efb96487e55b18386337a05931b763dd7ff7392318799490e5944e983d448479339d3ef9e17111456273874c1a135c0730a426ef09060f7c35dea8884adc4ba6e837839940f605190610ad80de820c7b56138c164122031d8828bd2417441a4a0549cc36e3976eefed68ea32bdca6c0b60c314f421b33f791c06780dae7afeee09e65f361d701072196eb8fc48111cb52fd0564a780071755ad9a949249577e183f664ed0afafb13cf2dac9a157d075e9a7b54ae233beb397dbbcde586b6db99e889e6d48002e6472fb1f0642d6df4fa7d1069f0c7cb52f11023f7852b81f69300e2e2aca1829fc97160565a5f6eaa3c98ffb6efd0453522135a53c212e9a915ff1a73ba15f76b0400e7d58884bfc0d93b80aa43121b2dec1f4d06d61b78a15372d8e652733402932d83dae7044dbdea3986ecababa93b7f1e6eaae0eaef3517da2f8495af0cfcc638ae2c6fe90bd68b33f8e56a66d1607008fa010204c189ff471f6b89db7e36e409adaa7090a20cf111e1fccbf4a202638b4ede913434251e24e964f106696a12d35d767ab63658e4f5b5f53c41dcb888fb2f7e327d81ada8675e6e2ecbcbbb9f231dce09c71c65b2a6daa6f56652eb1a2f2ffd086a07593c411ec05974235f8ad51683dd9b6b300ca6ecd63ca3298c2aabbb65e39279eaf09300208d3d255d41596ed6c318e3b4febb77c5a83a3e9b3810b91ec0559097983f0dfe05ea1f6a4993abe58bf5bf67cd06dc6c6c00f98a7de37a3bbee47fb56acc99a118d0330baa00477731324fcfe39e6dd79b29cdf1ab09d3d19c7c97a82f02b4088af1f784fa572507c62256d809307d2707a80126e63856063c082ebeb6349870dab57f19d3b7a95332b968af09e680327403600f1c884845e7b5252b408e40ebde3d15f774d7029af8a4804b65c24bc87df705e5aff17be5b15701dd411c795f463256f5bea9a8b05cb47a0cf3bbe364bf50dee933b7e031d54dd1566afc73018a9cd532c8830962aad2d612c9ff6602e21ca3ac7b815d1422488a4939f2f622e3bcc3aba58964b7adf4af2f0ac0e94aa88dae9ab81af2a7fb6880c548e52054d09335425a55bd43343d5cff321393ac1131c558e7f561817c42d1594056fdb0fc6ef740aa3fe3ee692cd96a327b268a68e423342bce07cca2c338e2d0d6711a891dc997730b502e30fb26c4312ec993e8d03729a844bae71aafdb7cd713a4273d0f031527de1dde9afbc907ea36eeeb92e5e35b2910ce8f6ebb6acc21d2ccd2b5b806032ca0532f4a25731f54c77afc9787688515d381e385e7e9a8258556d1677af3cc1e4e1ddbdecd2d8d113a01e3b617a2d6feb8aaaac51e4e694413277d303d87b2e2e16250d2875ac2785ce93f063caf38ce17519a96ef07e437a36457195b86b67fc907c7da68a17f4effe83274c0655ca6c50797253fa24786693f181664493dbdc5e90c7f17de437c139c25bb237e5f618a52c5ad3b96893050d3ed104491502e0e894f1ce782edf03d2d2a6425fb11fc5595c770d307c9fd42abb3c79e31748d8aa4dae5867827ae48ac1954c7a8f1a82c2a2083c192bf033f1ccf7e083a70bd443a46ecda179873a3801028268980f8a209ccb30ab123c483d7f7bbd5f18d6b6097ffc1ae7b5e5a8fba57fc73b9a10d0081efabe1cd922208cff5ee8f1c52ec3aeb4815ecbfe2d892ac5e897891ea04645459e3fd7be3b1a9badca92531868ea80bed643dcd485fc4559b80903ca43b3b274a0607a29b50c938c77c1c24141fc0a25a4f172a6db6837bd25e1f3126a7fbbec91edc35e28bb84f2e74cbb623f64f85544b9f3c960379cdfe78e54d8cf5adf7ce4a407e394fef2526c2905646d26aed0d98734e5088a663c609c3e10ce18b12bb87a720ccd0f65010d727c190ab510d43cc1002129ae68d44416628e98f8032a033765bc11cde9d7cac9a0a0347656f5e5de0c0d4d2a6eb3e01435122761ec5b699ce2367ef71647c7f2f6723b0ec9072e99c64f39efb1e40dbef0a1d5b733d4ab2fa914c24dbaa3375b61b2cbc6d3eb2eac2a60eb0ebacb8c615a8b4a7972205e7e15986f68cb9e96d8c8dc9b81232ef45ad05661aa0954dc28c806a974d277a98cef9ef1b1ca70b5386a369549e6a616f89170752dbb5c05ee4a139f791b4383228cf5ff30d64d35d51eb4f74c5d78d864c59472c9dabf54617a2b4eca0fa4a728a0880b92ae70e2c00a8306e67feda45a512e696392e3b5361c9145e240573eca06785f3ecfd7d11908a60c5e942fd1439166fbcb938c4e14c847865a2e822736e67987bda0e93a88aa3e6af788ca1c811b9c7e4a8f458902ae97b8daa2b1c99e479f125b693fb7292938f20ff6dd29e1cac23951c9bc8926a41538956a41155f16662364abed5df1d539797f04e22c13b223f84d0e50f0b1eb7b358d68db2848d81b94dddab2ab1008665f8e1ee1edfff89dd2a869ce20fe71d867bc1eef5fa06d0c9e9f2a84123b409fbdb3f4cf919141d547ec574938f0d37a069d68e06433d2b391022d1945f6b478d74e2d9da14e21b97e2af6bfe4bff4bffb3d91fbb8af2201af0d77a452a779e216ce89e5e783fc258450ec667ae68b4d36b85a204d1f84073afcf00aa477785e8e5008e449b170e1e197fcf5b9c52b7226c84a261c94a2ba2280be7ad9097708ab7eb0733c1a0046b0249d88778f607a984a736d6f2364b09b709cfb6e8f661bbe66aa7c38fd844f2a7897c9dcf639f750a43baf589bee98d19f53d72f0640aecb4869a703158040158b38ef04c07f6e327daa081992cfc3f0e124d91991511ff18c834eba345526450290bbc6e02330c84ce9877dd0357794e9ef31c11771ade631c44c8925efa7fc5084374303dd1556f0879ffe3aa5042301908ea599a39f41da89978d8f93bec14bcdba7a9f81fff2496e8c1bb6e691224ac88c97ad9c8f411e6c8656880684abb86253cd1bad2357e9453372d721eed74ec0a19fe41d20971c5e7118de8ffa34f559f5f8ee8b18d7aa938b07d5a67011b8e431cbd87a23bf8341228be1291483fc3f12db5335c5d2bb23589cdda20bd95f947f4881126660183717c8c051cd132e5352328b21acfeffbee8463f76e48efa5069e2e49d4655e5d30cf2e902e963642ba1ecf74dc609facb90dee98e08feb6757378aeffea65ba47c689352f4d0e8026aedcc7280af9943d4ced02d46881ae4248e4f0191540be2a126947936fc85ea57958652da9425172d9ab9f8c120ba73de129193c56955bd3b4b2b05e9e51315280409015d82daab6b2e066ab289b9cfd79ca8306e18d112a5c8c1454b9398c18e98b0985044c5f0ecb26c395a424d53d748f0dba6ad74bb8d7c4b4ad68db2f98f991735e24be00fdc3a4eb9220fd610e9eebac676366054734d9288f259a0877c9f1bf977560517ff9d2ade2d921fba192b955364b945ba00bdc9902275bc5c60e66d3cf491ebb3885364cc78bca0339f8caabe9affd06e4089ab721577b8aef092e0e57c40ea00befa195a4246921de05ab64fff945ba6e08abde303f2c9b3eed02d8299834d828b7e9eee5cbbeab7c943e43e2e771a410764a7152fee018781e3f1de769b97b6d82ae57df640e1c36d47f9813f8f2abf875ef2cdfa19d439641a2a8876ed44064ec4681744f7f760b6b1292b00665b0f870e6368cf12a2c57c459eeb3ce2d7698a72cc18be9a228bdd900fcb66b3510ac97f1156a91f5a80d81776c23115b5eebb61269b8d06a6cbe3e923513a0fe48978b5338a9536ccb1b893e6dac5aacd49163ebc0bab26f62940f768d4fd893ccd7d582d8328e91834e6ead67788d34da8e12e2fe88da761c6766f283f467667d2d5163c647fc8123f931e756c3c0599091ebde4127320f5fbcbae1a83116484fc297d1caa92821a933ba58e029d1b468120ae54eea099ec11b866f153f8ab06cf0f0773bbcf9f912fdae1f5fefe0e62f8d56b5c055e0f830825b03dd643d4e8d87606cb04143c93abd22cbcd5e1df2be3cd65f7e34de5812b70ef0a193ed291c06ed2175cf83cfa625e7323a9daa9aa2fce672bb9e0d9f6d753bb47203f38d588902efbf31544747a1153f2da6f8bca8ea58377e287538328a369ab3c3b96d2e139d6771080a02bcedfecfa70e404ab4fa78f1fe6045f06a44e60c444f396bd7301d774079f33e884b1f18fc919b38a298fe99177d5664cff8de7c68d24fd9ecb252c7906763090f15f9da51a8b2676440d23df5e6445d90c2e5de4fb92ac5a1c56b146d66c13b8629ad7a791e9268c7499545b4a3cb23c23bed0f8f2cbe2d5573eea4e87546cf65cf81593e5f5d45e8f1263d3fc786fd320bc75a090fede7ca37270ed718d06ae83ab1695aa173dd5a7d28f511d5ab65a83f6886cbc7a3d760c7e8b58fbd61799600bae71a39c8c652d3f0db07408e2e4b3b632b15220e4eab194657c4b97f26188cb5599cdcbd6efadb375acf2440707e1c21ad532698a4b41ed984171fc5b9cf742cdf212297f9d11b591fdbc087810e28ff917fae73f04325e1ae7df08b72472e9dd4c0137daf047f5ddf03291c1cfc624c1cce67c7ace43a891404a872ff71516f4aa0792eaec4a3c5bc7f60d1cfc74da82eedf2a6fbffef940be749520f791a00528aa966fe5604b12bce1fd624cf95a03ac952b25e409dcb6e7742354f7231e954881d6198bb6856ec2cc3ec6236cbc2054da6c5da733a55ed843b49aaf664f21e1ec9687e78b61569350a283026a31b599a71e9c3a0f24ef39e39f65599629849b09c7c0cea6bad369f995c22941c6fcf26a4ea34b6434b2c98003aa02cfa5bc31af6083ddb02cf07ada5b2b0a8738f92bed92b4bf65a47e79b13ee7a2ea1e7ee0c701957e18b7d57b9f578d870de65ce730f4cb300be3dcfef5f8f2ea7f55a392e2a4915ed29979c4d8b8ff9e783e310d8b4a0d539066e1d10587164bd12a179c2c7246f963c71073c7ae1a58aa8eb230e59e65cc2620a36c48a628ebdc61c503c2e3c5af578e1936b2c39bc535f2644a1c3143d2f747cf2a4c25e5e6fefae9ccc658a54f73e37e3ebcea7054750ad5126d8f64e4b0e2fe65390ccfb782fa514ad000e291b45774bd3c899d96cdb4341d7488f0a44e3cb83d0f745af5a", 0x1000}, {&(0x7f0000000400)="782cd9b10c353703976a5cb990877227766fcad180d81095ace568c1f21676ad2f84ead326dd808af31efd6dabf45464d208ddd3750310a6207e0f9aeb59dcea3431b686c81f5058bc477896ba9727b3b6b0477a1eca400d151a6e0ed82bc67f083bd59f87f09a44107d8edb690b21705c3c78f42e34815c55ccb1a8859cdd7fed95239bb070603e4250c9f080dfc0f4a05b6cd98d", 0x95}], 0x3)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, @void, @value}, 0x94)
splice(r1, &(0x7f0000000300)=0xbf2, r4, &(0x7f0000000340)=0x9, 0x8, 0xf)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
unshare(0x44040000)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r6, 0x1, 0x25, &(0x7f0000000240)=0x20, 0x4)
bind$rds(r1, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r1, &(0x7f0000000380)={&(0x7f0000000040)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x0)

487.628953ms ago: executing program 0 (id=1224):
iopl(0x3)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x286ca06bbee933dc, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000008c0)=ANY=[@ANYBLOB="14010000280001000000000000600000010100800c0000000000000000000000140001000100000000000000000000000000000150bb2d6f8abcffffabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923b0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e951b8fb962fb8a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061d496dc35817c8a66c29be82fd00000093"], 0x114}], 0x1, 0x0, 0x0, 0x44010}, 0x0)
lchown(0x0, 0x0, 0xee01)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00'})
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x7, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r6, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
syz_socket_connect_nvme_tcp()
setsockopt$inet6_group_source_req(r6, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @loopback}}}, 0x108)
r7 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r7, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x4, 0x0, @mcast1={0xff, 0x7}, 0x8a4}}, {{0xa, 0x4e20, 0x100, @remote}}}, 0x108)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)
socket$netlink(0x10, 0x3, 0x0)

392.945135ms ago: executing program 2 (id=1226):
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x101343)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)=ANY=[@ANYBLOB="880000000101010100000000000000000a0000000c0019800800010005000000680001802c0001"], 0x88}}, 0x24044004)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000080)=0x9, 0x8, 0x0)

323.938005ms ago: executing program 2 (id=1227):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
sendfile(r1, r1, &(0x7f00000001c0)=0x3, 0x5)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x84}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0x18, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000018160000f44dded2c1b58f89dbb9bbf2e1ad8008e52ad6070115188c14381288e02470baa91700bbe4ca204a7e8d45b08f3297fa4e79e3aad480c96e58675665e64175054c3428279be02e7e57ada774ac3748aab19acb1f04b55dd8d46b3346d51b06be09c8f1434e3f1d6a1ac2beeea7077aec1f7897d6610ae11048581d758956f21e24cbc7bc124ddf95368eae9fc0729dfbd2117e9cc741540d5cbee252af8aa87e73b12646cd6420ed9bca4c5e3ef3fd13b94b35d574186e3a034e730c4486d2", @ANYRESHEX=r0, @ANYRES8=<r2=>0xffffffffffffffff], 0x0, 0x500000, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r4, 0x5608, 0x2)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x5, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000003, 0x0, @perf_bp={&(0x7f0000000080), 0x2}, 0x402, 0xffffffff, 0x7, 0x9, 0x8, 0x1, 0xfff9, 0x0, 0xa6, 0x0, 0x5}, 0x0, 0x804, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001900)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='page_pool_release\x00', r5}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0xc080)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
acct(&(0x7f00000001c0)='./file0\x00')
mount$nfs4(&(0x7f00000001c0)='\x00', &(0x7f0000000240)='.\x00', &(0x7f00000003c0), 0x200000, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000a00)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={0xffffffffffffffff, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000400)=ANY=[@ANYRES64, @ANYRES8=0x0, @ANYRES32=r2, @ANYRES64=0x0, @ANYRES16=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x14)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000003c0)=0x1)

323.595755ms ago: executing program 3 (id=1228):
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1a"], 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r0}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

274.531976ms ago: executing program 3 (id=1230):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r2 = getpid()
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)

247.368177ms ago: executing program 1 (id=1231):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f00000003c0)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r3, 0x0, r2, 0x0, 0x6, 0x1000000000000000)
dup3(r3, r2, 0x0)
sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000500)={0x14, 0x3, 0x2, 0x201, 0x0, 0x0, {0x0, 0x0, 0x1}}, 0x14}}, 0x0)

211.108677ms ago: executing program 1 (id=1232):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='ata_bmdma_status\x00', r1, 0x0, 0x1}, 0x18)
r2 = openat$ppp(0xffffffffffffff9c, 0x0, 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000100))
write$ppp(r2, &(0x7f0000000300)="bdb77971e737c5d65a7f23ee9a07730ce37a9a11fb77b6e0caea19b62bfa01000080000000007551eb369708e724a588402cdf4ea4ab1d788c4dc1d68d0182bffe2dd33cb75960b4fcf62c1e8251e65f770c4fc4232585bb17c26a23812c4d49a9cdef906b868014a27c81dd4200"/123, 0xffffff89)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x18)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
r5 = socket$rxrpc(0x21, 0x2, 0xa)
recvfrom$rxrpc(r5, &(0x7f0000000180)=""/27, 0x1b, 0x1, &(0x7f0000000400)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e23, 0x6, @private0, 0xb}}, 0x24)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a05000000000000000000020000000900020073797a310008000008000440000000000900010073797a30000000000800034000000009"], 0x64}, 0x1, 0x0, 0x0, 0x20048801}, 0x10)

210.407547ms ago: executing program 2 (id=1233):
r0 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc) (async, rerun: 32)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async, rerun: 32)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94) (async, rerun: 64)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10) (async, rerun: 64)
r4 = socket(0x10, 0x3, 0x0) (rerun: 64)
connect$netlink(r4, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc) (async, rerun: 64)
sendmsg$nl_route_sched(r4, &(0x7f0000000080)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000040)={&(0x7f0000000580)=@newtaction={0x18, 0x31, 0x829, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x52}, 0x0) (async, rerun: 64)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r5, &(0x7f0000002380)=[{{&(0x7f0000000480)={0xa, 0x0, 0x0, @private0, 0x7fffffff}, 0x1c, &(0x7f0000000b00)=[{&(0x7f0000000580)='3', 0x1}], 0x1}}], 0x1, 0x44191)
listen(r5, 0x100)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r5, 0x29, 0x37, &(0x7f0000000540)={0x3b}, 0x8) (async)
accept4(r5, 0x0, 0x0, 0x0) (async)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) (async, rerun: 64)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (rerun: 64)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r7}, 0x10) (async)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r8}, 0x10)
syz_clone(0x80000400, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
setregid(0xffffffffffffffff, r1)
setsockopt$inet_tcp_buf(r0, 0x6, 0x1c, &(0x7f00000002c0)="51396836ca253dc7e39ca95135cfa2e9bcdc9eb5fd5ec78a0f822a4a07fac5dcc96aaebc58e1bf479d46db54cd8fc736af36adb5ba6a183e9aee7bf44fab9a2c0d4a55b9176f9fa6e89cb6fe4549d67cdcae3050645bd89d0e420367a23726caa1374a6f", 0x64)
setregid(0x0, r1) (async)
madvise(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0xa) (async)
geteuid()
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000100)=0x10)

116.212828ms ago: executing program 1 (id=1234):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=<r1=>r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), r3)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NL80211_CMD_GET_WIPHY(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYRES64=r1], 0x28}}, 0x0)

115.830498ms ago: executing program 2 (id=1235):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='ata_bmdma_status\x00', r1, 0x0, 0x1}, 0x18)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000100))
write$ppp(r2, &(0x7f0000000300)="bdb77971e737c5d65a7f23ee9a07730ce37a9a11fb77b6e0caea19b62bfa01000080000000007551eb369708e724a588402cdf4ea4ab1d788c4dc1d68d0182bffe2dd33cb75960b4fcf62c1e8251e65f770c4fc4232585bb17c26a23812c4d49a9cdef906b868014a27c81dd4200"/123, 0xffffff89)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
r4 = socket$rxrpc(0x21, 0x2, 0xa)
recvfrom$rxrpc(r4, &(0x7f0000000180)=""/27, 0x1b, 0x1, &(0x7f0000000400)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e23, 0x6, @private0, 0xb}}, 0x24)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a05000000000000000000020000000900020073797a310008000008000440000000000900010073797a30000000000800034000000009"], 0x64}, 0x1, 0x0, 0x0, 0x20048801}, 0x10)

115.643278ms ago: executing program 1 (id=1236):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000040)={0x4, 0x1, 0x80000000, 0x2, <r3=>0x0}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f00000000c0)={r3, 0x3, 0xec, 0x9}, &(0x7f0000000100)=0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=@newqdisc={0x48, 0x24, 0xe0b, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x5}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x3, '\x00', 0x1, 0x800, 0x9, 0x800}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20040005}, 0x0)

113.145138ms ago: executing program 3 (id=1237):
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x101343)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001812", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)=ANY=[@ANYBLOB="880000000101010100000000000000000a0000000c0019800800010005000000680001802c0001"], 0x88}}, 0x24044004)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000080)=0x9, 0x8, 0x0)

101.910378ms ago: executing program 2 (id=1238):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=@newqdisc={0x48, 0x24, 0xe0b, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x5}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x3, '\x00', 0x1, 0x800, 0x9, 0x800}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20040005}, 0x0)

80.315899ms ago: executing program 1 (id=1239):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000006c0), 0xfe, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000380)=[{0x200000000006, 0x1, 0x7, 0x7ffc1ffb}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
rmdir(0x0)
write$cgroup_int(r0, &(0x7f0000000040), 0xfea0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000100)=0x100)

46.842789ms ago: executing program 3 (id=1240):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES64=0x0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f00000002c0)=ANY=[@ANYRESDEC=r0], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
sendfile(r1, r1, &(0x7f00000001c0)=0x3, 0x5)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x84}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0x18, &(0x7f0000000680)=ANY=[@ANYBLOB, @ANYRESHEX=r0, @ANYRES8=<r2=>0xffffffffffffffff], 0x0, 0x500000, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80000000, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r4, 0x5608, 0x2)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x5, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000003, 0x0, @perf_bp={&(0x7f0000000080), 0x2}, 0x402, 0xffffffff, 0x7, 0x9, 0x8, 0x1, 0xfff9, 0x0, 0xa6, 0x0, 0x5}, 0x0, 0x804, 0xffffffffffffffff, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001900)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='page_pool_release\x00', r5}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0xc080)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
acct(&(0x7f00000001c0)='./file0\x00')
mount$nfs4(&(0x7f00000001c0)='\x00', &(0x7f0000000240)='.\x00', &(0x7f00000003c0), 0x200000, 0x0)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000a00)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={0xffffffffffffffff, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000400)=ANY=[@ANYRES64, @ANYRES8=0x0, @ANYRES32=r2, @ANYRES64=0x0, @ANYRES16=r3], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x14)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000003c0)=0x1)

46.512559ms ago: executing program 2 (id=1241):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000480)=@newqdisc={0x48, 0x24, 0xe0b, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x5}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x3, '\x00', 0x1, 0x800, 0x9, 0x800}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20040005}, 0x0) (fail_nth: 1)

0s ago: executing program 1 (id=1242):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYRESDEC=r0], 0x50)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = syz_open_dev$usbfs(0x0, 0x1ff, 0x2000)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$USBDEVFS_SUBMITURB(r4, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/locks\x00', 0x0, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'hsr0\x00', <r7=>0x0})
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r8}, 0x18)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000001140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001100)=@newlink={0x3c, 0x10, 0x1, 0x70bd2d, 0x2, {0x0, 0x0, 0x0, 0x0, 0x10104, 0x1}, [@IFLA_IFNAME={0x14, 0x3, 'macvtap0\x00'}, @IFLA_TXQLEN={0x8, 0xd, 0x6c790d25}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000080}, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendto$packet(r5, &(0x7f0000000140)="33aaf14f564b1bf220cb1137d54b", 0xe, 0x20048844, &(0x7f0000000200)={0x11, 0x2, r7, 0x1, 0x6}, 0x14)
sendmsg$nl_route_sched(r10, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r7, {}, {}, {0x13}}}, 0x24}}, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000400)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', r7, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r11}, 0x10)
r12 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r12, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000180)=@keyring={'key_or_keyring:', r12})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r13 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xd, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r13}, 0x10)
r14 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r14, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=ANY=[@ANYBLOB="14000000100001000000000000000000ef5b000a20000000000a03000000000000000000070000000900010073797a30000000006c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000003f28001280140001800c000100636f756e74657200040002801000015e0c000100636f756e7465720008000340000001"], 0xb4}, 0x1, 0x0, 0x0, 0x8000}, 0x20050800)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x4e24, 0x8000, @local, 0x8}]}, &(0x7f0000000180)=0x10)

kernel console output (not intermixed with test programs):

 failure.
[   52.363760][ T4176] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   52.376916][ T4176] CPU: 1 UID: 0 PID: 4176 Comm: syz.2.251 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   52.376944][ T4176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   52.376956][ T4176] Call Trace:
[   52.376963][ T4176]  <TASK>
[   52.376972][ T4176]  __dump_stack+0x1d/0x30
[   52.376999][ T4176]  dump_stack_lvl+0xe8/0x140
[   52.377079][ T4176]  dump_stack+0x15/0x1b
[   52.377102][ T4176]  should_fail_ex+0x265/0x280
[   52.377161][ T4176]  should_fail+0xb/0x20
[   52.377202][ T4176]  should_fail_usercopy+0x1a/0x20
[   52.377270][ T4176]  _copy_from_iter+0xcf/0xdd0
[   52.377290][ T4176]  ? __build_skb_around+0x1a0/0x200
[   52.377331][ T4176]  ? __alloc_skb+0x223/0x320
[   52.377376][ T4176]  netlink_sendmsg+0x471/0x6b0
[   52.377466][ T4176]  ? __pfx_netlink_sendmsg+0x10/0x10
[   52.377485][ T4176]  __sock_sendmsg+0x142/0x180
[   52.377521][ T4176]  ____sys_sendmsg+0x31e/0x4e0
[   52.377607][ T4176]  ___sys_sendmsg+0x17b/0x1d0
[   52.377643][ T4176]  __x64_sys_sendmsg+0xd4/0x160
[   52.377667][ T4176]  x64_sys_call+0x2999/0x2fb0
[   52.377688][ T4176]  do_syscall_64+0xd0/0x1a0
[   52.377778][ T4176]  ? clear_bhb_loop+0x40/0x90
[   52.377807][ T4176]  ? clear_bhb_loop+0x40/0x90
[   52.377832][ T4176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.377853][ T4176] RIP: 0033:0x7f86e38ee969
[   52.377879][ T4176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.377899][ T4176] RSP: 002b:00007f86e1f57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   52.377917][ T4176] RAX: ffffffffffffffda RBX: 00007f86e3b15fa0 RCX: 00007f86e38ee969
[   52.377929][ T4176] RDX: 0000000002000000 RSI: 0000200000000400 RDI: 000000000000000a
[   52.377984][ T4176] RBP: 00007f86e1f57090 R08: 0000000000000000 R09: 0000000000000000
[   52.378000][ T4176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.378029][ T4176] R13: 0000000000000000 R14: 00007f86e3b15fa0 R15: 00007ffc7cd94468
[   52.378052][ T4176]  </TASK>
[   52.673130][ T4179] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2
[   52.994645][ T4194] loop3: detected capacity change from 0 to 2048
[   53.099099][ T4198] netlink: 'syz.2.259': attribute type 10 has an invalid length.
[   53.311455][ T4208] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2
[   53.388771][ T4210] loop0: detected capacity change from 0 to 1024
[   53.418951][ T4210] syz.0.266: attempt to access beyond end of device
[   53.418951][ T4210] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   53.439209][   T29] kauditd_printk_skb: 190 callbacks suppressed
[   53.439227][   T29] audit: type=1400 audit(1748241774.715:7887): avc:  denied  { execute } for  pid=4212 comm="syz.2.267" path="/71/cpu.stat" dev="tmpfs" ino=390 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[   53.472196][ T4213] Zero length message leads to an empty skb
[   53.493993][   T29] audit: type=1400 audit(1748241774.755:7888): avc:  denied  { tracepoint } for  pid=4211 comm="syz.1.263" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[   53.535739][ T4219] FAULT_INJECTION: forcing a failure.
[   53.535739][ T4219] name failslab, interval 1, probability 0, space 0, times 0
[   53.548573][ T4219] CPU: 1 UID: 0 PID: 4219 Comm: syz.2.268 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   53.548654][ T4219] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   53.548671][ T4219] Call Trace:
[   53.548688][ T4219]  <TASK>
[   53.548698][ T4219]  __dump_stack+0x1d/0x30
[   53.548726][ T4219]  dump_stack_lvl+0xe8/0x140
[   53.548746][ T4219]  dump_stack+0x15/0x1b
[   53.548762][ T4219]  should_fail_ex+0x265/0x280
[   53.548798][ T4219]  ? __pfx_cond_bools_destroy+0x10/0x10
[   53.548879][ T4219]  should_failslab+0x8c/0xb0
[   53.548956][ T4219]  kmem_cache_alloc_noprof+0x50/0x310
[   53.548976][ T4219]  ? hashtab_duplicate+0xfe/0x360
[   53.549010][ T4219]  ? __pfx_cond_bools_destroy+0x10/0x10
[   53.549032][ T4219]  hashtab_duplicate+0xfe/0x360
[   53.549060][ T4219]  ? __pfx_cond_bools_copy+0x10/0x10
[   53.549141][ T4219]  cond_policydb_dup+0xd2/0x4e0
[   53.549201][ T4219]  security_set_bools+0xa0/0x340
[   53.549237][ T4219]  sel_commit_bools_write+0x1ea/0x270
[   53.549268][ T4219]  vfs_writev+0x3eb/0x870
[   53.549291][ T4219]  ? __pfx_sel_commit_bools_write+0x10/0x10
[   53.549365][ T4219]  ? mutex_lock+0xd/0x30
[   53.549406][ T4219]  do_writev+0xe7/0x210
[   53.549430][ T4219]  __x64_sys_writev+0x45/0x50
[   53.549470][ T4219]  x64_sys_call+0x2006/0x2fb0
[   53.549559][ T4219]  do_syscall_64+0xd0/0x1a0
[   53.549590][ T4219]  ? clear_bhb_loop+0x40/0x90
[   53.549613][ T4219]  ? clear_bhb_loop+0x40/0x90
[   53.549635][ T4219]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.549724][ T4219] RIP: 0033:0x7f86e38ee969
[   53.549744][ T4219] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.549767][ T4219] RSP: 002b:00007f86e1f57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[   53.549791][ T4219] RAX: ffffffffffffffda RBX: 00007f86e3b15fa0 RCX: 00007f86e38ee969
[   53.549805][ T4219] RDX: 0000000000000001 RSI: 00002000000025c0 RDI: 0000000000000006
[   53.549818][ T4219] RBP: 00007f86e1f57090 R08: 0000000000000000 R09: 0000000000000000
[   53.549834][ T4219] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   53.549892][ T4219] R13: 0000000000000000 R14: 00007f86e3b15fa0 R15: 00007ffc7cd94468
[   53.549917][ T4219]  </TASK>
[   53.809340][ T4223] veth0_macvtap: left promiscuous mode
[   53.818640][ T4223] macvtap0: refused to change device tx_queue_len
[   53.826324][ T4223] hsr_slave_0: left promiscuous mode
[   53.832440][ T4223] hsr_slave_1: left promiscuous mode
[   53.832963][   T29] audit: type=1326 audit(1748241775.105:7889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4216 comm="syz.4.265" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb67435e969 code=0x0
[   53.901538][   T29] audit: type=1400 audit(1748241775.165:7890): avc:  denied  { execute } for  pid=4209 comm="syz.0.266" path="/sys/power/resume" dev="sysfs" ino=241 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=file permissive=1
[   53.937551][ T4229] loop1: detected capacity change from 0 to 2048
[   53.994162][ T4232] netlink: 'syz.1.272': attribute type 10 has an invalid length.
[   54.140436][   T29] audit: type=1400 audit(1748241775.415:7891): avc:  denied  { create } for  pid=4238 comm="syz.0.274" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   54.160202][   T29] audit: type=1400 audit(1748241775.415:7892): avc:  denied  { read } for  pid=4238 comm="syz.0.274" name="event3" dev="devtmpfs" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   54.183310][   T29] audit: type=1400 audit(1748241775.415:7893): avc:  denied  { open } for  pid=4238 comm="syz.0.274" path="/dev/input/event3" dev="devtmpfs" ino=256 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[   54.284053][   T29] audit: type=1326 audit(1748241775.555:7894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4243 comm="syz.0.276" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f456a25e969 code=0x0
[   54.317904][   T29] audit: type=1326 audit(1748241775.595:7895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4246 comm="syz.1.277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aef7e969 code=0x7ffc0000
[   54.338069][ T4247] __nla_validate_parse: 12 callbacks suppressed
[   54.338091][ T4247] netlink: 4 bytes leftover after parsing attributes in process `+}[@'.
[   54.342389][   T29] audit: type=1326 audit(1748241775.605:7896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4246 comm="syz.1.277" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aef7e969 code=0x7ffc0000
[   54.397562][ T4253] netlink: 8 bytes leftover after parsing attributes in process `syz.0.276'.
[   54.414207][ T4252] loop4: detected capacity change from 0 to 128
[   54.421151][ T4252] =======================================================
[   54.421151][ T4252] WARNING: The mand mount option has been deprecated and
[   54.421151][ T4252]          and is ignored by this kernel. Remove the mand
[   54.421151][ T4252]          option from the mount to silence this warning.
[   54.421151][ T4252] =======================================================
[   54.468989][ T4252] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   54.483702][ T4252] ext4 filesystem being mounted at /45/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.508773][ T4260] netlink: 20 bytes leftover after parsing attributes in process `syz.1.279'.
[   54.521600][ T3324] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   54.561915][ T4266] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2
[   54.596366][ T4268] loop4: detected capacity change from 0 to 2048
[   54.646177][ T4271] netlink: 96 bytes leftover after parsing attributes in process `syz.4.283'.
[   54.680170][ T4273] loop2: detected capacity change from 0 to 2048
[   54.783179][ T4280] netlink: 4 bytes leftover after parsing attributes in process `syz.2.287'.
[   54.820456][ T4281] capability: warning: `syz.4.286' uses 32-bit capabilities (legacy support in use)
[   54.929298][ T4285] nfs4: Bad value for 'source'
[   54.937326][ T4285] loop2: detected capacity change from 0 to 512
[   54.969880][ T4287] netlink: 32 bytes leftover after parsing attributes in process `syz.3.290'.
[   55.071183][ T4278] Set syz1 is full, maxelem 65536 reached
[   55.122982][ T4291] loop2: detected capacity change from 0 to 1024
[   55.141586][ T4294] netlink: 4 bytes leftover after parsing attributes in process `syz.0.293'.
[   55.173116][ T4291] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   55.208884][ T4291] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.292: bg 0: block 88: padding at end of block bitmap is not set
[   55.225557][ T4302] macvtap0: refused to change device tx_queue_len
[   55.232581][ T4302] netlink: 4 bytes leftover after parsing attributes in process `syz.4.295'.
[   55.242657][ T4291] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 12. Delete some EAs or run e2fsck.
[   55.255816][ T4302] hsr_slave_0: left promiscuous mode
[   55.260860][ T4305] FAULT_INJECTION: forcing a failure.
[   55.260860][ T4305] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   55.274269][ T4305] CPU: 1 UID: 0 PID: 4305 Comm: syz.0.296 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   55.274324][ T4305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   55.274433][ T4305] Call Trace:
[   55.274441][ T4305]  <TASK>
[   55.274450][ T4305]  __dump_stack+0x1d/0x30
[   55.274477][ T4305]  dump_stack_lvl+0xe8/0x140
[   55.274555][ T4305]  dump_stack+0x15/0x1b
[   55.274623][ T4305]  should_fail_ex+0x265/0x280
[   55.274660][ T4305]  should_fail+0xb/0x20
[   55.274761][ T4305]  should_fail_usercopy+0x1a/0x20
[   55.274784][ T4305]  _copy_to_user+0x20/0xa0
[   55.274807][ T4305]  simple_read_from_buffer+0xb5/0x130
[   55.274843][ T4305]  proc_fail_nth_read+0x100/0x140
[   55.274897][ T4305]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   55.274926][ T4305]  vfs_read+0x19d/0x6f0
[   55.274951][ T4305]  ? __rcu_read_unlock+0x4f/0x70
[   55.275016][ T4305]  ? __fget_files+0x184/0x1c0
[   55.275058][ T4305]  ksys_read+0xda/0x1a0
[   55.275120][ T4305]  __x64_sys_read+0x40/0x50
[   55.275146][ T4305]  x64_sys_call+0x2d77/0x2fb0
[   55.275167][ T4305]  do_syscall_64+0xd0/0x1a0
[   55.275216][ T4305]  ? clear_bhb_loop+0x40/0x90
[   55.275267][ T4305]  ? clear_bhb_loop+0x40/0x90
[   55.275292][ T4305]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.275376][ T4305] RIP: 0033:0x7f456a25d37c
[   55.275396][ T4305] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   55.275412][ T4305] RSP: 002b:00007f45688c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   55.275429][ T4305] RAX: ffffffffffffffda RBX: 00007f456a485fa0 RCX: 00007f456a25d37c
[   55.275440][ T4305] RDX: 000000000000000f RSI: 00007f45688c70a0 RDI: 0000000000000004
[   55.275559][ T4305] RBP: 00007f45688c7090 R08: 0000000000000000 R09: 0000000000000000
[   55.275570][ T4305] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.275581][ T4305] R13: 0000000000000000 R14: 00007f456a485fa0 R15: 00007ffd796bc258
[   55.275604][ T4305]  </TASK>
[   55.275653][ T4302] hsr_slave_1: left promiscuous mode
[   55.497026][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.507968][ T4313] netlink: 4 bytes leftover after parsing attributes in process `syz.0.299'.
[   55.557352][ T4319] nfs4: Bad value for 'source'
[   55.565160][ T4319] loop2: detected capacity change from 0 to 512
[   55.658413][ T4323] netlink: 96 bytes leftover after parsing attributes in process `syz.0.304'.
[   55.725105][ T4329] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[   55.763187][ T4332] netlink: 'syz.1.308': attribute type 4 has an invalid length.
[   55.780459][ T4332] netlink: 'syz.1.308': attribute type 4 has an invalid length.
[   55.791444][ T4332] vcan0: entered allmulticast mode
[   55.796929][ T4332] vcan0: left allmulticast mode
[   55.858597][ T4339] loop1: detected capacity change from 0 to 128
[   55.874451][ T4339] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   55.881208][ T4342] loop3: detected capacity change from 0 to 2048
[   55.934462][ T4339] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   55.968796][ T4345] netlink: 'syz.0.313': attribute type 10 has an invalid length.
[   56.118311][ T4355] netlink: 'syz.0.317': attribute type 10 has an invalid length.
[   56.157065][ T4339] geneve0: entered allmulticast mode
[   56.189902][ T3498] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   56.191283][ T4361] nfs4: Bad value for 'source'
[   56.230466][ T4363] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=20318 sclass=netlink_route_socket pid=4363 comm=syz.0.321
[   56.243587][ T4361] loop3: detected capacity change from 0 to 512
[   56.250036][ T4366] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=20318 sclass=netlink_route_socket pid=4366 comm=syz.0.321
[   56.293702][ T4369] loop2: detected capacity change from 0 to 2048
[   56.360175][ T4373] netlink: 'syz.4.325': attribute type 10 has an invalid length.
[   56.383291][ T4373] 8021q: adding VLAN 0 to HW filter on device batadv0
[   56.406515][ T4373] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   56.440476][ T4381] netlink: 'syz.3.328': attribute type 1 has an invalid length.
[   56.455151][ T4377] macvtap0: refused to change device tx_queue_len
[   56.609993][ T4398] nfs4: Bad value for 'source'
[   56.623333][ T4398] loop0: detected capacity change from 0 to 512
[   56.725853][ T4403] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[   56.760914][ T4405] nfs4: Bad value for 'source'
[   56.769989][ T4405] loop0: detected capacity change from 0 to 512
[   56.839763][ T4411] netlink: 'syz.1.339': attribute type 1 has an invalid length.
[   56.973878][ T4429] nfs4: Bad value for 'source'
[   57.065433][ T4438] netlink: 'syz.1.339': attribute type 27 has an invalid length.
[   57.074455][ T4438] geneve0: left allmulticast mode
[   57.642739][ T4451] nfs4: Bad value for 'source'
[   57.680348][ T4451] loop3: detected capacity change from 0 to 512
[   57.743564][ T4457] vcan0: entered allmulticast mode
[   57.749092][ T4457] vcan0: left allmulticast mode
[   57.820234][ T4463] nfs4: Bad value for 'source'
[   57.867531][ T4442] Set syz1 is full, maxelem 65536 reached
[   57.973557][ T4471] nfs4: Bad value for 'source'
[   57.996465][ T4471] loop4: detected capacity change from 0 to 512
[   58.179804][ T4488] atomic_op ffff88811a03f128 conn xmit_atomic 0000000000000000
[   58.240533][ T4493] batman_adv: batadv0: Removing interface: batadv_slave_0
[   58.251804][ T4493] batman_adv: batadv0: Removing interface: batadv_slave_1
[   58.261609][ T4493] bond0: (slave batadv0): Releasing backup interface
[   58.413748][ T4509] nfs4: Bad value for 'source'
[   58.754280][ T4511] Set syz1 is full, maxelem 65536 reached
[   58.844464][   T29] kauditd_printk_skb: 254 callbacks suppressed
[   58.844480][   T29] audit: type=1400 audit(1748241780.115:8151): avc:  denied  { setopt } for  pid=4529 comm="syz.3.377" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[   58.879425][ T4534] nfs4: Bad value for 'source'
[   58.879595][ T4532] nfs4: Bad value for 'source'
[   58.884004][ T4532] loop1: detected capacity change from 0 to 512
[   58.887759][ T4534] loop4: detected capacity change from 0 to 512
[   58.993504][ T4539] loop4: detected capacity change from 0 to 512
[   59.042305][ T4542] nfs4: Bad value for 'source'
[   59.047164][   T29] audit: type=1326 audit(1748241780.315:8152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4544 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aef7e969 code=0x7ffc0000
[   59.047201][   T29] audit: type=1326 audit(1748241780.315:8153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4544 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76aef7e969 code=0x7ffc0000
[   59.047251][   T29] audit: type=1326 audit(1748241780.315:8154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4544 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aef7e969 code=0x7ffc0000
[   59.047324][   T29] audit: type=1326 audit(1748241780.315:8155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4544 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aef7e969 code=0x7ffc0000
[   59.140787][   T29] audit: type=1326 audit(1748241780.315:8156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4544 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76aef7e969 code=0x7ffc0000
[   59.164316][   T29] audit: type=1326 audit(1748241780.325:8157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4544 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aef7e969 code=0x7ffc0000
[   59.182947][ T4545] validate_nla: 4 callbacks suppressed
[   59.182966][ T4545] netlink: 'syz.1.384': attribute type 1 has an invalid length.
[   59.203713][ T4542] loop2: detected capacity change from 0 to 512
[   59.261970][   T29] audit: type=1326 audit(1748241780.375:8158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4544 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f76aef7e969 code=0x7ffc0000
[   59.285451][   T29] audit: type=1326 audit(1748241780.445:8159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4544 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aef7e969 code=0x7ffc0000
[   59.309072][   T29] audit: type=1326 audit(1748241780.445:8160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4544 comm="syz.1.384" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f76aef7e969 code=0x7ffc0000
[   59.367769][ T4551] __nla_validate_parse: 29 callbacks suppressed
[   59.367790][ T4551] netlink: 20 bytes leftover after parsing attributes in process `syz.4.387'.
[   59.417126][ T4554] loop0: detected capacity change from 0 to 2048
[   59.466301][ T4560] nfs4: Bad value for 'source'
[   59.480082][ T4560] loop2: detected capacity change from 0 to 512
[   59.621416][ T4578] random: crng reseeded on system resumption
[   59.799650][ T4596] netlink: 4 bytes leftover after parsing attributes in process `syz.0.399'.
[   59.925594][ T4605] loop4: detected capacity change from 0 to 2048
[   59.929117][ T4601] atomic_op ffff88812cb18128 conn xmit_atomic 0000000000000000
[   59.996393][ T4615] netlink: 96 bytes leftover after parsing attributes in process `syz.1.413'.
[   60.012283][ T4618] netlink: 8 bytes leftover after parsing attributes in process `syz.2.398'.
[   60.013762][ T4617] nfs4: Bad value for 'source'
[   60.026550][ T4620] netlink: 4 bytes leftover after parsing attributes in process `syz.0.401'.
[   60.037538][ T4620] batman_adv: batadv0: Removing interface: batadv_slave_0
[   60.052155][ T4617] loop4: detected capacity change from 0 to 512
[   60.060531][ T4620] batman_adv: batadv0: Removing interface: batadv_slave_1
[   60.088373][ T4620] bond0: (slave batadv0): Releasing backup interface
[   60.230975][ T4639] nfs4: Bad value for 'source'
[   60.247004][ T4639] loop4: detected capacity change from 0 to 512
[   60.340635][ T4655] netlink: 4 bytes leftover after parsing attributes in process `syz.0.410'.
[   60.357130][ T4652] netlink: 96 bytes leftover after parsing attributes in process `syz.1.411'.
[   60.472326][ T4671] xt_hashlimit: max too large, truncated to 1048576
[   60.479220][ T4670] loop4: detected capacity change from 0 to 2048
[   60.492604][ T4673] loop0: detected capacity change from 0 to 164
[   60.533485][ T4673] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   60.630039][ T4684] netlink: 20 bytes leftover after parsing attributes in process `syz.3.422'.
[   60.669262][ T4686] netlink: 4 bytes leftover after parsing attributes in process `syz.2.423'.
[   60.700008][ T4690] netlink: 96 bytes leftover after parsing attributes in process `syz.3.425'.
[   60.736908][ T4692] nfs4: Bad value for 'source'
[   60.744866][ T4692] loop2: detected capacity change from 0 to 512
[   60.816879][ T4698] nfs4: Bad value for 'source'
[   60.825256][ T4698] loop3: detected capacity change from 0 to 512
[   60.899430][ T4700] loop2: detected capacity change from 0 to 2048
[   61.120161][ T4730] macvtap0: refused to change device tx_queue_len
[   61.474902][ T4763] FAULT_INJECTION: forcing a failure.
[   61.474902][ T4763] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   61.488084][ T4763] CPU: 1 UID: 0 PID: 4763 Comm: syz.1.442 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   61.488117][ T4763] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   61.488133][ T4763] Call Trace:
[   61.488141][ T4763]  <TASK>
[   61.488150][ T4763]  __dump_stack+0x1d/0x30
[   61.488223][ T4763]  dump_stack_lvl+0xe8/0x140
[   61.488330][ T4763]  dump_stack+0x15/0x1b
[   61.488426][ T4763]  should_fail_ex+0x265/0x280
[   61.488482][ T4763]  should_fail+0xb/0x20
[   61.488509][ T4763]  should_fail_usercopy+0x1a/0x20
[   61.488582][ T4763]  _copy_from_user+0x1c/0xb0
[   61.488602][ T4763]  memdup_user+0x5e/0xd0
[   61.488620][ T4763]  sctp_getsockopt_connectx3+0x173/0x300
[   61.488717][ T4763]  sctp_getsockopt+0x910/0xaa0
[   61.488781][ T4763]  sock_common_getsockopt+0x60/0x70
[   61.488872][ T4763]  ? __pfx_sock_common_getsockopt+0x10/0x10
[   61.488898][ T4763]  do_sock_getsockopt+0x1fd/0x240
[   61.488918][ T4763]  __x64_sys_getsockopt+0x11e/0x1a0
[   61.488939][ T4763]  x64_sys_call+0x12aa/0x2fb0
[   61.488958][ T4763]  do_syscall_64+0xd0/0x1a0
[   61.489028][ T4763]  ? clear_bhb_loop+0x40/0x90
[   61.489048][ T4763]  ? clear_bhb_loop+0x40/0x90
[   61.489067][ T4763]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.489131][ T4763] RIP: 0033:0x7f76aef7e969
[   61.489144][ T4763] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.489160][ T4763] RSP: 002b:00007f76ad5e7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[   61.489176][ T4763] RAX: ffffffffffffffda RBX: 00007f76af1a5fa0 RCX: 00007f76aef7e969
[   61.489187][ T4763] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000006
[   61.489198][ T4763] RBP: 00007f76ad5e7090 R08: 0000200000000180 R09: 0000000000000000
[   61.489208][ T4763] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[   61.489219][ T4763] R13: 0000000000000000 R14: 00007f76af1a5fa0 R15: 00007ffc6dd32258
[   61.489285][ T4763]  </TASK>
[   61.735256][ T4771] x_tables: duplicate underflow at hook 3
[   61.756648][ T4773] nfs4: Bad value for 'source'
[   61.763721][ T4773] loop0: detected capacity change from 0 to 512
[   61.925991][ T4782] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[   61.952162][ T4784] netlink: 'syz.3.451': attribute type 10 has an invalid length.
[   61.961420][ T4784] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.970481][ T4784] bond0: (slave batadv0): Enslaving as an active interface with an up link
[   62.475163][ T4806] nfs4: Bad value for 'source'
[   62.482499][ T4806] loop1: detected capacity change from 0 to 512
[   62.991769][ T4818] loop2: detected capacity change from 0 to 512
[   63.032911][ T4818] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   63.064594][ T4822] netlink: 'syz.0.465': attribute type 10 has an invalid length.
[   63.106119][ T4818] EXT4-fs (loop2): 1 orphan inode deleted
[   63.116251][  T327] EXT4-fs error (device loop2): ext4_release_dquot:6971: comm kworker/u8:5: Failed to release dquot type 1
[   63.166397][ T4818] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   63.215138][ T4834] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[   63.243295][ T4818] ext4 filesystem being mounted at /104/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.303797][ T4818] EXT4-fs (loop2): shut down requested (0)
[   63.315506][ T4840] nfs4: Bad value for 'source'
[   63.329073][ T4840] loop3: detected capacity change from 0 to 512
[   63.510788][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   63.657260][ T4857] netlink: 'syz.3.480': attribute type 10 has an invalid length.
[   63.809606][ T4865] loop2: detected capacity change from 0 to 2048
[   63.822090][ T4867] nfs4: Bad value for 'source'
[   63.847308][ T4869] loop4: detected capacity change from 0 to 512
[   63.858085][ T4867] loop1: detected capacity change from 0 to 512
[   63.870903][ T4869] EXT4-fs (loop4): 1 orphan inode deleted
[   63.885390][ T4869] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   63.908479][ T3498] __quota_error: 157 callbacks suppressed
[   63.908498][ T3498] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   63.919425][ T4869] ext4 filesystem being mounted at /97/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   63.924069][ T3498] EXT4-fs error (device loop4): ext4_release_dquot:6971: comm kworker/u8:8: Failed to release dquot type 1
[   63.970941][   T29] audit: type=1326 audit(1748241785.245:8315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4876 comm="syz.2.489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86e38ee969 code=0x7ffc0000
[   63.994440][   T29] audit: type=1326 audit(1748241785.245:8316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4876 comm="syz.2.489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86e38ee969 code=0x7ffc0000
[   63.996461][ T4869] EXT4-fs (loop4): shut down requested (0)
[   64.027864][   T29] audit: type=1326 audit(1748241785.295:8317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4876 comm="syz.2.489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f86e38ee969 code=0x7ffc0000
[   64.051319][   T29] audit: type=1326 audit(1748241785.295:8318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4876 comm="syz.2.489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86e38ee969 code=0x7ffc0000
[   64.074809][   T29] audit: type=1326 audit(1748241785.295:8319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4876 comm="syz.2.489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86e38ee969 code=0x7ffc0000
[   64.098254][   T29] audit: type=1326 audit(1748241785.295:8320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4876 comm="syz.2.489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f86e38ee969 code=0x7ffc0000
[   64.121762][   T29] audit: type=1326 audit(1748241785.295:8321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4876 comm="syz.2.489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86e38ee969 code=0x7ffc0000
[   64.145255][   T29] audit: type=1326 audit(1748241785.295:8322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4876 comm="syz.2.489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86e38ee969 code=0x7ffc0000
[   64.168722][   T29] audit: type=1326 audit(1748241785.295:8323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4876 comm="syz.2.489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f86e38ee969 code=0x7ffc0000
[   64.292264][ T4888] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[   64.348602][ T4891] netlink: 'syz.3.493': attribute type 10 has an invalid length.
[   64.359063][ T3324] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.686211][ T4907] __nla_validate_parse: 20 callbacks suppressed
[   64.686293][ T4907] netlink: 20 bytes leftover after parsing attributes in process `syz.4.498'.
[   65.013013][ T4911] netlink: 56 bytes leftover after parsing attributes in process `syz.2.500'.
[   65.022066][ T4911] netlink: 40 bytes leftover after parsing attributes in process `syz.2.500'.
[   65.041567][ T4909] loop4: detected capacity change from 0 to 2048
[   65.191045][ T4918] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[   65.372545][ T4923] FAULT_INJECTION: forcing a failure.
[   65.372545][ T4923] name failslab, interval 1, probability 0, space 0, times 0
[   65.385268][ T4923] CPU: 1 UID: 0 PID: 4923 Comm: syz.4.503 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   65.385370][ T4923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   65.385382][ T4923] Call Trace:
[   65.385389][ T4923]  <TASK>
[   65.385398][ T4923]  __dump_stack+0x1d/0x30
[   65.385425][ T4923]  dump_stack_lvl+0xe8/0x140
[   65.385480][ T4923]  dump_stack+0x15/0x1b
[   65.385500][ T4923]  should_fail_ex+0x265/0x280
[   65.385567][ T4923]  should_failslab+0x8c/0xb0
[   65.385606][ T4923]  kmem_cache_alloc_noprof+0x50/0x310
[   65.385688][ T4923]  ? getname_flags+0x80/0x3b0
[   65.385723][ T4923]  getname_flags+0x80/0x3b0
[   65.385819][ T4923]  do_sys_openat2+0x60/0x110
[   65.385846][ T4923]  __x64_sys_openat+0xf2/0x120
[   65.385875][ T4923]  x64_sys_call+0x1af/0x2fb0
[   65.385904][ T4923]  do_syscall_64+0xd0/0x1a0
[   65.386003][ T4923]  ? clear_bhb_loop+0x40/0x90
[   65.386030][ T4923]  ? clear_bhb_loop+0x40/0x90
[   65.386070][ T4923]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.386118][ T4923] RIP: 0033:0x7fb67435e969
[   65.386136][ T4923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.386213][ T4923] RSP: 002b:00007fb672985038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   65.386301][ T4923] RAX: ffffffffffffffda RBX: 00007fb674586160 RCX: 00007fb67435e969
[   65.386318][ T4923] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[   65.386335][ T4923] RBP: 00007fb672985090 R08: 0000000000000000 R09: 0000000000000000
[   65.386373][ T4923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   65.386386][ T4923] R13: 0000000000000000 R14: 00007fb674586160 R15: 00007ffd84c630b8
[   65.386407][ T4923]  </TASK>
[   65.657248][ T4925] netlink: 'syz.1.506': attribute type 10 has an invalid length.
[   65.767384][ T4928] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=5123 sclass=netlink_route_socket pid=4928 comm=+}[@
[   65.818990][ T4929] infiniband syz!: set down
[   65.823565][ T4929] infiniband syz!: added team_slave_0
[   65.834562][ T4929] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR
[   65.835713][ T4929] infiniband syz!: Couldn't open port 1
[   65.869165][ T4929] RDS/IB: syz!: added
[   65.873388][ T4929] smc: adding ib device syz! with port count 1
[   65.880202][ T4929] smc:    ib device syz! port 1 has pnetid 
[   66.036943][ T4938] netlink: 56 bytes leftover after parsing attributes in process `syz.4.512'.
[   66.045881][ T4938] netlink: 40 bytes leftover after parsing attributes in process `syz.4.512'.
[   66.047639][ T4939] netlink: 20 bytes leftover after parsing attributes in process `syz.2.511'.
[   66.088449][ T4943] loop3: detected capacity change from 0 to 512
[   66.090307][ T4941] netlink: 20 bytes leftover after parsing attributes in process `syz.1.510'.
[   66.128604][ T4947] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2
[   66.140294][ T4945] loop4: detected capacity change from 0 to 2048
[   66.160808][ T4943] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   66.196863][ T4943] ext4 filesystem being mounted at /97/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.215187][ T4952] loop9: detected capacity change from 0 to 7
[   66.226581][ T3582] Buffer I/O error on dev loop9, logical block 0, async page read
[   66.234916][ T3582] Buffer I/O error on dev loop9, logical block 0, async page read
[   66.234948][ T3582]  loop9: unable to read partition table
[   66.261663][ T4955] netlink: 'syz.4.518': attribute type 10 has an invalid length.
[   66.262104][ T4952] Buffer I/O error on dev loop9, logical block 0, async page read
[   66.278876][ T4956] nfs4: Bad value for 'source'
[   66.286362][ T4956] loop2: detected capacity change from 0 to 512
[   66.301292][ T4958] netlink: 20 bytes leftover after parsing attributes in process `syz.0.519'.
[   66.327997][ T4959] IPVS: Error connecting to the multicast addr
[   66.353312][ T4952] Buffer I/O error on dev loop9, logical block 0, async page read
[   66.361340][ T4952]  loop9: unable to read partition table
[   66.369820][ T4952] loop_reread_partitions: partition scan of loop9 (þ被üŸÑø éÚ¬§½dƤ´à–ƒÝ¡¯¨�â·û
[   66.369820][ T4952] 
Uªÿÿÿÿÿÿ) failed (rc=-5)
[   66.370338][ T3582] Buffer I/O error on dev loop9, logical block 0, async page read
[   66.412968][ T3582] Buffer I/O error on dev loop9, logical block 0, async page read
[   66.433312][ T3582] Buffer I/O error on dev loop9, logical block 0, async page read
[   66.450705][ T3582] Buffer I/O error on dev loop9, logical block 0, async page read
[   66.479973][ T3582] Buffer I/O error on dev loop9, logical block 0, async page read
[   66.488841][ T3582] Buffer I/O error on dev loop9, logical block 0, async page read
[   66.500016][ T4969] netlink: 56 bytes leftover after parsing attributes in process `syz.1.524'.
[   66.508987][ T4969] netlink: 40 bytes leftover after parsing attributes in process `syz.1.524'.
[   66.536840][ T4973] netlink: 'syz.4.526': attribute type 10 has an invalid length.
[   66.578846][ T4978] loop2: detected capacity change from 0 to 2048
[   66.601454][ T4973] netlink: 'syz.4.526': attribute type 10 has an invalid length.
[   66.636242][ T4973] team0: entered promiscuous mode
[   66.641628][ T4973] team_slave_0: entered promiscuous mode
[   66.647535][ T4973] team_slave_1: entered promiscuous mode
[   66.670595][ T4973] 8021q: adding VLAN 0 to HW filter on device team0
[   66.682825][ T4973] bridge0: port 3(team0) entered blocking state
[   66.689351][ T4973] bridge0: port 3(team0) entered disabled state
[   66.703169][ T4973] team0: entered allmulticast mode
[   66.708955][ T4973] team_slave_0: entered allmulticast mode
[   66.715893][ T4973] team_slave_1: entered allmulticast mode
[   66.725985][ T4986] netlink: 'syz.1.530': attribute type 10 has an invalid length.
[   66.764401][ T4988] nfs4: Bad value for 'source'
[   66.773639][ T4988] loop1: detected capacity change from 0 to 512
[   66.997290][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   67.071380][ T5019] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[   67.133431][ T5032] FAULT_INJECTION: forcing a failure.
[   67.133431][ T5032] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   67.146918][ T5032] CPU: 1 UID: 0 PID: 5032 Comm: syz.2.545 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   67.146946][ T5032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   67.146995][ T5032] Call Trace:
[   67.147003][ T5032]  <TASK>
[   67.147012][ T5032]  __dump_stack+0x1d/0x30
[   67.147038][ T5032]  dump_stack_lvl+0xe8/0x140
[   67.147063][ T5032]  dump_stack+0x15/0x1b
[   67.147085][ T5032]  should_fail_ex+0x265/0x280
[   67.147149][ T5032]  should_fail+0xb/0x20
[   67.147191][ T5032]  should_fail_usercopy+0x1a/0x20
[   67.147217][ T5032]  _copy_from_user+0x1c/0xb0
[   67.147248][ T5032]  do_fcntl+0x5a3/0xdf0
[   67.147289][ T5032]  ? selinux_file_fcntl+0x1cb/0x1e0
[   67.147330][ T5032]  __se_sys_fcntl+0xb1/0x120
[   67.147356][ T5032]  __x64_sys_fcntl+0x43/0x50
[   67.147381][ T5032]  x64_sys_call+0x1f1d/0x2fb0
[   67.147485][ T5032]  do_syscall_64+0xd0/0x1a0
[   67.147516][ T5032]  ? clear_bhb_loop+0x40/0x90
[   67.147613][ T5032]  ? clear_bhb_loop+0x40/0x90
[   67.147641][ T5032]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.147668][ T5032] RIP: 0033:0x7f86e38ee969
[   67.147686][ T5032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.147709][ T5032] RSP: 002b:00007f86e1f57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[   67.147757][ T5032] RAX: ffffffffffffffda RBX: 00007f86e3b15fa0 RCX: 00007f86e38ee969
[   67.147773][ T5032] RDX: 0000200000000200 RSI: 0000000000000006 RDI: 0000000000000005
[   67.147789][ T5032] RBP: 00007f86e1f57090 R08: 0000000000000000 R09: 0000000000000000
[   67.147804][ T5032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   67.147842][ T5032] R13: 0000000000000000 R14: 00007f86e3b15fa0 R15: 00007ffc7cd94468
[   67.147916][ T5032]  </TASK>
[   67.168616][ T5036] loop1: detected capacity change from 0 to 2048
[   67.487000][ T5057] netlink: 'syz.1.552': attribute type 10 has an invalid length.
[   67.548719][ T5066] netlink: 'syz.0.548': attribute type 10 has an invalid length.
[   67.660766][ T5079] FAULT_INJECTION: forcing a failure.
[   67.660766][ T5079] name failslab, interval 1, probability 0, space 0, times 0
[   67.673658][ T5079] CPU: 0 UID: 0 PID: 5079 Comm: syz.4.560 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   67.673694][ T5079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   67.673709][ T5079] Call Trace:
[   67.673764][ T5079]  <TASK>
[   67.673773][ T5079]  __dump_stack+0x1d/0x30
[   67.673801][ T5079]  dump_stack_lvl+0xe8/0x140
[   67.673823][ T5079]  dump_stack+0x15/0x1b
[   67.673842][ T5079]  should_fail_ex+0x265/0x280
[   67.673883][ T5079]  should_failslab+0x8c/0xb0
[   67.673951][ T5079]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   67.673981][ T5079]  ? sidtab_sid2str_get+0xa0/0x130
[   67.674019][ T5079]  kmemdup_noprof+0x2b/0x70
[   67.674108][ T5079]  sidtab_sid2str_get+0xa0/0x130
[   67.674143][ T5079]  security_sid_to_context_core+0x1eb/0x2e0
[   67.674174][ T5079]  security_sid_to_context+0x27/0x40
[   67.674265][ T5079]  selinux_lsmprop_to_secctx+0x67/0xf0
[   67.674309][ T5079]  security_lsmprop_to_secctx+0x43/0x80
[   67.674340][ T5079]  audit_log_task_context+0x77/0x190
[   67.674415][ T5079]  audit_log_task+0xf4/0x250
[   67.674453][ T5079]  audit_seccomp+0x61/0x100
[   67.674478][ T5079]  ? __seccomp_filter+0x68c/0x10d0
[   67.674539][ T5079]  __seccomp_filter+0x69d/0x10d0
[   67.674562][ T5079]  ? do_dentry_open+0x914/0xa20
[   67.674656][ T5079]  ? __rcu_read_unlock+0x4f/0x70
[   67.674685][ T5079]  ? mntput_no_expire+0x6f/0x3d0
[   67.674711][ T5079]  __secure_computing+0x82/0x150
[   67.674732][ T5079]  syscall_trace_enter+0xcf/0x1e0
[   67.674761][ T5079]  do_syscall_64+0xaa/0x1a0
[   67.674869][ T5079]  ? clear_bhb_loop+0x40/0x90
[   67.674890][ T5079]  ? clear_bhb_loop+0x40/0x90
[   67.674912][ T5079]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.674940][ T5079] RIP: 0033:0x7fb67435d37c
[   67.675013][ T5079] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   67.675037][ T5079] RSP: 002b:00007fb6729c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   67.675060][ T5079] RAX: ffffffffffffffda RBX: 00007fb674585fa0 RCX: 00007fb67435d37c
[   67.675076][ T5079] RDX: 000000000000000f RSI: 00007fb6729c70a0 RDI: 0000000000000005
[   67.675092][ T5079] RBP: 00007fb6729c7090 R08: 0000000000000000 R09: 0000000000000000
[   67.675107][ T5079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   67.675119][ T5079] R13: 0000000000000000 R14: 00007fb674585fa0 R15: 00007ffd84c630b8
[   67.675148][ T5079]  </TASK>
[   67.678356][ T5081] loop2: detected capacity change from 0 to 2048
[   67.738550][ T5082] FAULT_INJECTION: forcing a failure.
[   67.738550][ T5082] name failslab, interval 1, probability 0, space 0, times 0
[   67.935106][ T5082] CPU: 0 UID: 0 PID: 5082 Comm: syz.1.561 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   67.935136][ T5082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   67.935148][ T5082] Call Trace:
[   67.935197][ T5082]  <TASK>
[   67.935206][ T5082]  __dump_stack+0x1d/0x30
[   67.935233][ T5082]  dump_stack_lvl+0xe8/0x140
[   67.935254][ T5082]  dump_stack+0x15/0x1b
[   67.935271][ T5082]  should_fail_ex+0x265/0x280
[   67.935390][ T5082]  ? do_kimage_alloc_init+0x2f/0x170
[   67.935460][ T5082]  should_failslab+0x8c/0xb0
[   67.935569][ T5082]  __kmalloc_cache_noprof+0x4c/0x320
[   67.935594][ T5082]  do_kimage_alloc_init+0x2f/0x170
[   67.935633][ T5082]  do_kexec_load+0x8c/0x510
[   67.935723][ T5082]  ? _copy_from_user+0x89/0xb0
[   67.935753][ T5082]  __se_sys_kexec_load+0x134/0x160
[   67.935872][ T5082]  __x64_sys_kexec_load+0x55/0x70
[   67.935917][ T5082]  x64_sys_call+0xa36/0x2fb0
[   67.935948][ T5082]  do_syscall_64+0xd0/0x1a0
[   67.936024][ T5082]  ? clear_bhb_loop+0x40/0x90
[   67.936115][ T5082]  ? clear_bhb_loop+0x40/0x90
[   67.936142][ T5082]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.936162][ T5082] RIP: 0033:0x7f76aef7e969
[   67.936177][ T5082] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.936253][ T5082] RSP: 002b:00007f76ad5e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[   67.936277][ T5082] RAX: ffffffffffffffda RBX: 00007f76af1a5fa0 RCX: 00007f76aef7e969
[   67.936294][ T5082] RDX: 0000200000000140 RSI: 0000000000000001 RDI: 0000000000100000
[   67.936310][ T5082] RBP: 00007f76ad5e7090 R08: 0000000000000000 R09: 0000000000000000
[   67.936323][ T5082] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   67.936334][ T5082] R13: 0000000000000001 R14: 00007f76af1a5fa0 R15: 00007ffc6dd32258
[   67.936352][ T5082]  </TASK>
[   68.146401][ T5097] netlink: 'syz.4.566': attribute type 10 has an invalid length.
[   68.357175][ T5109] loop1: detected capacity change from 0 to 8192
[   68.392629][ T5115] vhci_hcd: invalid port number 254
[   68.397922][ T5115] vhci_hcd: GetPortErrorCount req not supported for USB 2.0 roothub
[   68.712211][ T5125] nfs4: Bad value for 'source'
[   68.751754][ T5125] loop2: detected capacity change from 0 to 512
[   69.051384][ T5138] nfs4: Bad value for 'source'
[   69.064212][ T5138] loop0: detected capacity change from 0 to 512
[   69.102053][ T5142] nfs4: Bad value for 'source'
[   69.112253][ T5142] loop2: detected capacity change from 0 to 512
[   69.140133][   T29] kauditd_printk_skb: 205 callbacks suppressed
[   69.140182][   T29] audit: type=1326 audit(1748241790.415:8528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.4.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67435e969 code=0x7ffc0000
[   69.178627][   T29] audit: type=1326 audit(1748241790.425:8529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.4.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67435e969 code=0x7ffc0000
[   69.202276][   T29] audit: type=1326 audit(1748241790.425:8530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.4.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb67435e969 code=0x7ffc0000
[   69.225801][   T29] audit: type=1326 audit(1748241790.425:8531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.4.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67435e969 code=0x7ffc0000
[   69.249426][   T29] audit: type=1326 audit(1748241790.425:8532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.4.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb67435e969 code=0x7ffc0000
[   69.273033][   T29] audit: type=1326 audit(1748241790.425:8533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.4.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67435e969 code=0x7ffc0000
[   69.296507][   T29] audit: type=1326 audit(1748241790.425:8534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.4.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb67435e969 code=0x7ffc0000
[   69.320252][   T29] audit: type=1326 audit(1748241790.425:8535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.4.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67435e969 code=0x7ffc0000
[   69.343903][   T29] audit: type=1326 audit(1748241790.425:8536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.4.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67435e969 code=0x7ffc0000
[   69.367401][   T29] audit: type=1326 audit(1748241790.425:8537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5143 comm="syz.4.586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb67435e969 code=0x7ffc0000
[   69.516295][ T5178] nfs4: Bad value for 'source'
[   69.524065][ T5178] loop3: detected capacity change from 0 to 512
[   69.659939][ T5194] FAULT_INJECTION: forcing a failure.
[   69.659939][ T5194] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   69.673222][ T5194] CPU: 1 UID: 0 PID: 5194 Comm: syz.3.596 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   69.673277][ T5194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   69.673292][ T5194] Call Trace:
[   69.673300][ T5194]  <TASK>
[   69.673310][ T5194]  __dump_stack+0x1d/0x30
[   69.673335][ T5194]  dump_stack_lvl+0xe8/0x140
[   69.673360][ T5194]  dump_stack+0x15/0x1b
[   69.673380][ T5194]  should_fail_ex+0x265/0x280
[   69.673457][ T5194]  should_fail+0xb/0x20
[   69.673494][ T5194]  should_fail_usercopy+0x1a/0x20
[   69.673520][ T5194]  _copy_from_user+0x1c/0xb0
[   69.673596][ T5194]  __se_sys_mount+0x10d/0x2e0
[   69.673629][ T5194]  ? fput+0x8f/0xc0
[   69.673682][ T5194]  ? ksys_write+0x16e/0x1a0
[   69.673716][ T5194]  __x64_sys_mount+0x67/0x80
[   69.673749][ T5194]  x64_sys_call+0xd36/0x2fb0
[   69.673775][ T5194]  do_syscall_64+0xd0/0x1a0
[   69.673832][ T5194]  ? clear_bhb_loop+0x40/0x90
[   69.673886][ T5194]  ? clear_bhb_loop+0x40/0x90
[   69.673912][ T5194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.673938][ T5194] RIP: 0033:0x7f03d8dfe969
[   69.673956][ T5194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.674050][ T5194] RSP: 002b:00007f03d7467038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   69.674073][ T5194] RAX: ffffffffffffffda RBX: 00007f03d9025fa0 RCX: 00007f03d8dfe969
[   69.674089][ T5194] RDX: 00002000000000c0 RSI: 0000200000000080 RDI: 0000000000000000
[   69.674104][ T5194] RBP: 00007f03d7467090 R08: 00002000000003c0 R09: 0000000000000000
[   69.674119][ T5194] R10: 0000000000200000 R11: 0000000000000246 R12: 0000000000000001
[   69.674134][ T5194] R13: 0000000000000000 R14: 00007f03d9025fa0 R15: 00007fff057354d8
[   69.674157][ T5194]  </TASK>
[   69.854946][ T5190] loop1: detected capacity change from 0 to 8192
[   69.932674][ T5200] nfs4: Bad value for 'source'
[   69.940285][ T5200] loop3: detected capacity change from 0 to 512
[   69.991183][ T5204] nfs4: Bad value for 'source'
[   69.999234][ T5204] loop0: detected capacity change from 0 to 512
[   70.020040][ T5205] __nla_validate_parse: 17 callbacks suppressed
[   70.020055][ T5205] netlink: 8 bytes leftover after parsing attributes in process `syz.2.594'.
[   70.191037][ T5213] netlink: 4 bytes leftover after parsing attributes in process `syz.0.602'.
[   70.415971][ T5228] netlink: 32 bytes leftover after parsing attributes in process `syz.0.606'.
[   70.474503][ T5234] FAULT_INJECTION: forcing a failure.
[   70.474503][ T5234] name failslab, interval 1, probability 0, space 0, times 0
[   70.487251][ T5234] CPU: 0 UID: 0 PID: 5234 Comm: syz.2.609 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   70.487299][ T5234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   70.487379][ T5234] Call Trace:
[   70.487385][ T5234]  <TASK>
[   70.487393][ T5234]  __dump_stack+0x1d/0x30
[   70.487421][ T5234]  dump_stack_lvl+0xe8/0x140
[   70.487448][ T5234]  dump_stack+0x15/0x1b
[   70.487469][ T5234]  should_fail_ex+0x265/0x280
[   70.487579][ T5234]  should_failslab+0x8c/0xb0
[   70.487621][ T5234]  __kmalloc_noprof+0xa5/0x3e0
[   70.487647][ T5234]  ? hash_ip4_add+0x5d7/0xf60
[   70.487727][ T5234]  hash_ip4_add+0x5d7/0xf60
[   70.487752][ T5234]  ? hash_ip4_add+0x63/0xf60
[   70.487845][ T5234]  ? ip_set_get_ipaddr4+0x98/0x160
[   70.487881][ T5234]  ? ip_set_get_ipaddr4+0x104/0x160
[   70.488024][ T5234]  hash_ip4_uadt+0x434/0x4f0
[   70.488054][ T5234]  ? __pfx_hash_ip4_add+0x10/0x10
[   70.488085][ T5234]  call_ad+0xdc/0x630
[   70.488141][ T5234]  ? __nla_parse+0x40/0x60
[   70.488170][ T5234]  ip_set_ad+0x5c0/0x690
[   70.488221][ T5234]  ip_set_uadd+0x41/0x50
[   70.488254][ T5234]  nfnetlink_rcv_msg+0x4c3/0x590
[   70.488369][ T5234]  netlink_rcv_skb+0x120/0x220
[   70.488408][ T5234]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[   70.488451][ T5234]  nfnetlink_rcv+0x16b/0x1690
[   70.488565][ T5234]  ? __kfree_skb+0x109/0x150
[   70.488590][ T5234]  ? nlmon_xmit+0x4f/0x60
[   70.488618][ T5234]  ? consume_skb+0x49/0x150
[   70.488699][ T5234]  ? nlmon_xmit+0x4f/0x60
[   70.488723][ T5234]  ? dev_hard_start_xmit+0x39e/0x3d0
[   70.488752][ T5234]  ? __dev_queue_xmit+0x11c0/0x1fb0
[   70.488777][ T5234]  ? __dev_queue_xmit+0x182/0x1fb0
[   70.488808][ T5234]  ? ref_tracker_free+0x37d/0x3e0
[   70.488912][ T5234]  ? __netlink_deliver_tap+0x4dc/0x500
[   70.488944][ T5234]  netlink_unicast+0x59e/0x670
[   70.489041][ T5234]  netlink_sendmsg+0x58b/0x6b0
[   70.489070][ T5234]  ? __pfx_netlink_sendmsg+0x10/0x10
[   70.489098][ T5234]  __sock_sendmsg+0x142/0x180
[   70.489132][ T5234]  ____sys_sendmsg+0x31e/0x4e0
[   70.489156][ T5234]  ___sys_sendmsg+0x17b/0x1d0
[   70.489214][ T5234]  __x64_sys_sendmsg+0xd4/0x160
[   70.489249][ T5234]  x64_sys_call+0x2999/0x2fb0
[   70.489276][ T5234]  do_syscall_64+0xd0/0x1a0
[   70.489301][ T5234]  ? clear_bhb_loop+0x40/0x90
[   70.489331][ T5234]  ? clear_bhb_loop+0x40/0x90
[   70.489353][ T5234]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   70.489375][ T5234] RIP: 0033:0x7f86e38ee969
[   70.489394][ T5234] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   70.489476][ T5234] RSP: 002b:00007f86e1f57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   70.489495][ T5234] RAX: ffffffffffffffda RBX: 00007f86e3b15fa0 RCX: 00007f86e38ee969
[   70.489510][ T5234] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[   70.489525][ T5234] RBP: 00007f86e1f57090 R08: 0000000000000000 R09: 0000000000000000
[   70.489547][ T5234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   70.489564][ T5234] R13: 0000000000000000 R14: 00007f86e3b15fa0 R15: 00007ffc7cd94468
[   70.489590][ T5234]  </TASK>
[   70.826771][ T5237] openvswitch: netlink: Message has 6 unknown bytes.
[   70.842493][ T5239] nfs4: Bad value for 'source'
[   70.868284][ T5230] futex_wake_op: syz.1.608 tries to shift op by -1; fix this program
[   70.879442][ T5239] loop2: detected capacity change from 0 to 512
[   70.967877][ T5245] netlink: 'syz.4.613': attribute type 1 has an invalid length.
[   70.975561][ T5245] netlink: 224 bytes leftover after parsing attributes in process `syz.4.613'.
[   71.055432][ T5243] netlink: 'syz.0.612': attribute type 1 has an invalid length.
[   71.063175][ T5243] netlink: 224 bytes leftover after parsing attributes in process `syz.0.612'.
[   71.098386][ T5250] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[   71.108354][ T5248] netlink: 20 bytes leftover after parsing attributes in process `syz.2.614'.
[   71.293933][ T5256] nfs4: Bad value for 'source'
[   71.341188][ T5256] loop4: detected capacity change from 0 to 512
[   71.401973][ T5254] netlink: 96 bytes leftover after parsing attributes in process `syz.2.617'.
[   71.417966][ T5266] netlink: 'syz.0.612': attribute type 27 has an invalid length.
[   71.426003][ T5266] geneve0: left allmulticast mode
[   71.436799][ T5258] netlink: 96 bytes leftover after parsing attributes in process `syz.1.618'.
[   71.921949][ T5282] netlink: 4 bytes leftover after parsing attributes in process `syz.4.624'.
[   71.933181][ T5284] nfs4: Bad value for 'source'
[   71.957936][ T5284] loop0: detected capacity change from 0 to 512
[   72.053570][ T5289] netlink: 'syz.2.627': attribute type 1 has an invalid length.
[   72.061365][ T5289] netlink: 224 bytes leftover after parsing attributes in process `syz.2.627'.
[   72.064863][ T5292] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[   72.100204][ T5295] netlink: 'syz.4.629': attribute type 1 has an invalid length.
[   72.312718][ T5316] netlink: 'syz.0.634': attribute type 1 has an invalid length.
[   72.327133][ T5320] nfs4: Bad value for 'source'
[   72.335171][ T5320] loop2: detected capacity change from 0 to 512
[   72.464184][ T5338] FAULT_INJECTION: forcing a failure.
[   72.464184][ T5338] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   72.477337][ T5338] CPU: 1 UID: 0 PID: 5338 Comm: syz.3.636 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   72.477365][ T5338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   72.477394][ T5338] Call Trace:
[   72.477402][ T5338]  <TASK>
[   72.477411][ T5338]  __dump_stack+0x1d/0x30
[   72.477437][ T5338]  dump_stack_lvl+0xe8/0x140
[   72.477464][ T5338]  dump_stack+0x15/0x1b
[   72.477485][ T5338]  should_fail_ex+0x265/0x280
[   72.477531][ T5338]  should_fail+0xb/0x20
[   72.477580][ T5338]  should_fail_usercopy+0x1a/0x20
[   72.477601][ T5338]  _copy_from_user+0x1c/0xb0
[   72.477624][ T5338]  do_fcntl+0x5a3/0xdf0
[   72.477643][ T5338]  ? selinux_file_fcntl+0x1cb/0x1e0
[   72.477733][ T5338]  __se_sys_fcntl+0xb1/0x120
[   72.477760][ T5338]  __x64_sys_fcntl+0x43/0x50
[   72.477822][ T5338]  x64_sys_call+0x1f1d/0x2fb0
[   72.477851][ T5338]  do_syscall_64+0xd0/0x1a0
[   72.477882][ T5338]  ? clear_bhb_loop+0x40/0x90
[   72.477912][ T5338]  ? clear_bhb_loop+0x40/0x90
[   72.477941][ T5338]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   72.477977][ T5338] RIP: 0033:0x7f03d8dfe969
[   72.477992][ T5338] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   72.478044][ T5338] RSP: 002b:00007f03d7467038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[   72.478069][ T5338] RAX: ffffffffffffffda RBX: 00007f03d9025fa0 RCX: 00007f03d8dfe969
[   72.478085][ T5338] RDX: 0000200000000200 RSI: 0000000000000006 RDI: 0000000000000006
[   72.478141][ T5338] RBP: 00007f03d7467090 R08: 0000000000000000 R09: 0000000000000000
[   72.478236][ T5338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   72.478272][ T5338] R13: 0000000000000000 R14: 00007f03d9025fa0 R15: 00007fff057354d8
[   72.478299][ T5338]  </TASK>
[   72.782782][ T5349] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[   73.113454][ T5377] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[   73.231030][ T5388] netlink: 'syz.0.657': attribute type 1 has an invalid length.
[   73.329138][ T5394] wireguard0: entered allmulticast mode
[   73.516349][ T5398] loop1: detected capacity change from 0 to 1764
[   73.816868][ T5408] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[   73.868201][ T5415] loop3: detected capacity change from 0 to 512
[   73.898574][ T5420] nfs4: Bad value for 'source'
[   73.900259][ T5415] EXT4-fs (loop3): 1 orphan inode deleted
[   73.906554][ T5420] loop4: detected capacity change from 0 to 512
[   73.913870][ T5415] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.929450][   T31] EXT4-fs error (device loop3): ext4_release_dquot:6971: comm kworker/u8:1: Failed to release dquot type 1
[   73.933547][ T5415] ext4 filesystem being mounted at /121/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   74.025515][ T5421] xt_hashlimit: max too large, truncated to 1048576
[   74.067216][ T3314] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.092841][ T5426] nfs4: Bad value for 'source'
[   74.093207][ T5428] nfs4: Bad value for 'source'
[   74.102671][ T5426] loop0: detected capacity change from 0 to 512
[   74.109111][ T5428] loop3: detected capacity change from 0 to 512
[   74.253848][ T5440] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2
[   74.284776][   T29] kauditd_printk_skb: 386 callbacks suppressed
[   74.284790][   T29] audit: type=1326 audit(1748241795.555:8923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5435 comm="syz.0.674" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f456a25e969 code=0x0
[   74.350729][ T5450] FAULT_INJECTION: forcing a failure.
[   74.350729][ T5450] name failslab, interval 1, probability 0, space 0, times 0
[   74.363536][ T5450] CPU: 0 UID: 0 PID: 5450 Comm: syz.3.681 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   74.363582][ T5450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   74.363599][ T5450] Call Trace:
[   74.363607][ T5450]  <TASK>
[   74.363617][ T5450]  __dump_stack+0x1d/0x30
[   74.363645][ T5450]  dump_stack_lvl+0xe8/0x140
[   74.363670][ T5450]  dump_stack+0x15/0x1b
[   74.363747][ T5450]  should_fail_ex+0x265/0x280
[   74.363795][ T5450]  ? nf_tables_newtable+0x375/0xea0
[   74.363834][ T5450]  should_failslab+0x8c/0xb0
[   74.363908][ T5450]  __kmalloc_cache_noprof+0x4c/0x320
[   74.363952][ T5450]  ? __nla_validate_parse+0x1652/0x1d00
[   74.363981][ T5450]  nf_tables_newtable+0x375/0xea0
[   74.364035][ T5450]  nfnetlink_rcv+0xb96/0x1690
[   74.364169][ T5450]  netlink_unicast+0x59e/0x670
[   74.364286][ T5450]  netlink_sendmsg+0x58b/0x6b0
[   74.364309][ T5450]  ? __pfx_netlink_sendmsg+0x10/0x10
[   74.364334][ T5450]  __sock_sendmsg+0x142/0x180
[   74.364371][ T5450]  ____sys_sendmsg+0x31e/0x4e0
[   74.364404][ T5450]  ___sys_sendmsg+0x17b/0x1d0
[   74.364493][ T5450]  __x64_sys_sendmsg+0xd4/0x160
[   74.364527][ T5450]  x64_sys_call+0x2999/0x2fb0
[   74.364549][ T5450]  do_syscall_64+0xd0/0x1a0
[   74.364572][ T5450]  ? clear_bhb_loop+0x40/0x90
[   74.364673][ T5450]  ? clear_bhb_loop+0x40/0x90
[   74.364758][ T5450]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.364779][ T5450] RIP: 0033:0x7f03d8dfe969
[   74.364794][ T5450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.364814][ T5450] RSP: 002b:00007f03d7467038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   74.364838][ T5450] RAX: ffffffffffffffda RBX: 00007f03d9025fa0 RCX: 00007f03d8dfe969
[   74.364855][ T5450] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[   74.364908][ T5450] RBP: 00007f03d7467090 R08: 0000000000000000 R09: 0000000000000000
[   74.364925][ T5450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.364939][ T5450] R13: 0000000000000000 R14: 00007f03d9025fa0 R15: 00007fff057354d8
[   74.364965][ T5450]  </TASK>
[   74.617080][ T5460] nfs4: Bad value for 'source'
[   74.624865][ T5460] loop3: detected capacity change from 0 to 512
[   74.666169][ T5465] nfs4: Bad value for 'source'
[   74.673857][ T5465] loop2: detected capacity change from 0 to 512
[   74.692725][ T5458] macvtap0: refused to change device tx_queue_len
[   74.749219][ T5469] nfs4: Bad value for 'source'
[   74.759207][ T5469] loop2: detected capacity change from 0 to 512
[   74.784240][   T29] audit: type=1326 audit(1748241796.055:8924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5473 comm="syz.3.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03d8dfe969 code=0x7ffc0000
[   74.790078][ T5474] netlink: 'syz.3.689': attribute type 1 has an invalid length.
[   74.834029][   T29] audit: type=1326 audit(1748241796.055:8925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5473 comm="syz.3.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03d8dfe969 code=0x7ffc0000
[   74.857569][   T29] audit: type=1326 audit(1748241796.055:8926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5473 comm="syz.3.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03d8dfe969 code=0x7ffc0000
[   74.880943][   T29] audit: type=1326 audit(1748241796.055:8927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5473 comm="syz.3.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03d8dfe969 code=0x7ffc0000
[   74.904286][   T29] audit: type=1326 audit(1748241796.055:8928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5473 comm="syz.3.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03d8dfe969 code=0x7ffc0000
[   74.927882][   T29] audit: type=1326 audit(1748241796.065:8929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5473 comm="syz.3.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03d8dfe969 code=0x7ffc0000
[   74.951446][   T29] audit: type=1326 audit(1748241796.065:8930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5473 comm="syz.3.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f03d8dfe969 code=0x7ffc0000
[   74.974997][   T29] audit: type=1326 audit(1748241796.065:8931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5473 comm="syz.3.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f03d8dfe969 code=0x7ffc0000
[   74.998457][   T29] audit: type=1326 audit(1748241796.065:8932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5473 comm="syz.3.689" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f03d8dfd2d0 code=0x7ffc0000
[   75.150436][ T5479] __nla_validate_parse: 29 callbacks suppressed
[   75.150515][ T5479] netlink: 96 bytes leftover after parsing attributes in process `syz.0.691'.
[   75.179097][ T5481] FAULT_INJECTION: forcing a failure.
[   75.179097][ T5481] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   75.192272][ T5481] CPU: 0 UID: 0 PID: 5481 Comm: syz.2.692 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   75.192306][ T5481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   75.192368][ T5481] Call Trace:
[   75.192376][ T5481]  <TASK>
[   75.192384][ T5481]  __dump_stack+0x1d/0x30
[   75.192412][ T5481]  dump_stack_lvl+0xe8/0x140
[   75.192437][ T5481]  dump_stack+0x15/0x1b
[   75.192459][ T5481]  should_fail_ex+0x265/0x280
[   75.192558][ T5481]  should_fail+0xb/0x20
[   75.192597][ T5481]  should_fail_usercopy+0x1a/0x20
[   75.192622][ T5481]  _copy_from_user+0x1c/0xb0
[   75.192711][ T5481]  do_tcp_setsockopt+0x41c/0x1670
[   75.192755][ T5481]  ? selinux_socket_setsockopt+0x1ad/0x1e0
[   75.192791][ T5481]  tcp_setsockopt+0x51/0xb0
[   75.192898][ T5481]  sock_common_setsockopt+0x69/0x80
[   75.192939][ T5481]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   75.192976][ T5481]  __sys_setsockopt+0x184/0x200
[   75.193011][ T5481]  __x64_sys_setsockopt+0x64/0x80
[   75.193038][ T5481]  x64_sys_call+0x2bd5/0x2fb0
[   75.193088][ T5481]  do_syscall_64+0xd0/0x1a0
[   75.193118][ T5481]  ? clear_bhb_loop+0x40/0x90
[   75.193145][ T5481]  ? clear_bhb_loop+0x40/0x90
[   75.193173][ T5481]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.193263][ T5481] RIP: 0033:0x7f86e38ee969
[   75.193282][ T5481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.193306][ T5481] RSP: 002b:00007f86e1f57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   75.193380][ T5481] RAX: ffffffffffffffda RBX: 00007f86e3b15fa0 RCX: 00007f86e38ee969
[   75.193393][ T5481] RDX: 000000000000000e RSI: 0000000000000006 RDI: 0000000000000004
[   75.193405][ T5481] RBP: 00007f86e1f57090 R08: 00000000000000d8 R09: 0000000000000000
[   75.193417][ T5481] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.193474][ T5481] R13: 0000000000000000 R14: 00007f86e3b15fa0 R15: 00007ffc7cd94468
[   75.193497][ T5481]  </TASK>
[   75.211234][ T5483] netlink: 20 bytes leftover after parsing attributes in process `syz.0.693'.
[   75.242111][ T5485] netlink: 56 bytes leftover after parsing attributes in process `syz.2.694'.
[   75.307664][ T5487] loop0: detected capacity change from 0 to 1024
[   75.307726][ T5485] netlink: 40 bytes leftover after parsing attributes in process `syz.2.694'.
[   75.345235][ T5487] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   75.446598][ T5487] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   75.455251][ T5487] EXT4-fs (loop0): orphan cleanup on readonly fs
[   75.470809][ T5489] netlink: 'syz.3.689': attribute type 27 has an invalid length.
[   75.754994][ T5487] EXT4-fs error (device loop0): ext4_ext_check_inode:524: inode #3: comm syz.0.695: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 2(4), depth 0(0)
[   75.791923][ T5495] loop2: detected capacity change from 0 to 1024
[   75.803668][ T5496] nfs4: Bad value for 'source'
[   75.809551][ T5487] EXT4-fs error (device loop0): ext4_quota_enable:7129: comm syz.0.695: Bad quota inode: 3, type: 0
[   75.824924][ T5495] EXT4-fs: Ignoring removed orlov option
[   75.830926][ T5495] EXT4-fs: Ignoring removed nomblk_io_submit option
[   75.833356][ T5496] loop4: detected capacity change from 0 to 512
[   75.845589][ T5487] EXT4-fs warning (device loop0): ext4_enable_quotas:7170: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[   75.860479][ T5487] EXT4-fs (loop0): Cannot turn on quotas: error -117
[   75.887514][ T5495] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.887977][ T5487] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   75.919765][ T5487] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   75.933541][ T5487] EXT4-fs error (device loop0): ext4_search_dir:1476: inode #2: block 16: comm syz.0.695: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   75.953184][ T5487] EXT4-fs error (device loop0): ext4_search_dir:1476: inode #2: block 16: comm syz.0.695: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   75.996647][ T3318] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.036966][ T3316] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.076789][ T5508] netlink: 'syz.2.701': attribute type 1 has an invalid length.
[   76.084522][ T5508] netlink: 224 bytes leftover after parsing attributes in process `syz.2.701'.
[   76.269108][ T5506] loop3: detected capacity change from 0 to 512
[   76.305934][ T5506] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[   76.593124][ T5527] netlink: 'syz.3.707': attribute type 10 has an invalid length.
[   76.620636][ T5528] netlink: 'syz.1.706': attribute type 10 has an invalid length.
[   76.763721][ T5541] netlink: 4 bytes leftover after parsing attributes in process `syz.3.713'.
[   76.788588][ T5539] netlink: 'syz.1.712': attribute type 27 has an invalid length.
[   77.183374][ T5562] netlink: 'syz.0.720': attribute type 10 has an invalid length.
[   77.213569][ T5564] netlink: 32 bytes leftover after parsing attributes in process `syz.0.722'.
[   77.341497][ T5571] netlink: 'syz.1.725': attribute type 27 has an invalid length.
[   77.795637][ T5589] netlink: 'syz.3.733': attribute type 10 has an invalid length.
[   77.821321][ T5516] syz.4.704 (5516) used greatest stack depth: 7032 bytes left
[   77.912634][ T5597] FAULT_INJECTION: forcing a failure.
[   77.912634][ T5597] name failslab, interval 1, probability 0, space 0, times 0
[   77.925371][ T5597] CPU: 0 UID: 0 PID: 5597 Comm: syz.0.735 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   77.925404][ T5597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   77.925421][ T5597] Call Trace:
[   77.925429][ T5597]  <TASK>
[   77.925437][ T5597]  __dump_stack+0x1d/0x30
[   77.925458][ T5597]  dump_stack_lvl+0xe8/0x140
[   77.925478][ T5597]  dump_stack+0x15/0x1b
[   77.925499][ T5597]  should_fail_ex+0x265/0x280
[   77.925543][ T5597]  should_failslab+0x8c/0xb0
[   77.925583][ T5597]  kmem_cache_alloc_noprof+0x50/0x310
[   77.925608][ T5597]  ? vm_area_dup+0x32/0x230
[   77.925632][ T5597]  vm_area_dup+0x32/0x230
[   77.925654][ T5597]  copy_mm+0x72c/0x1360
[   77.925690][ T5597]  copy_process+0xcf1/0x1f90
[   77.925729][ T5597]  kernel_clone+0x16c/0x5b0
[   77.925763][ T5597]  ? vfs_write+0x75e/0x8d0
[   77.925798][ T5597]  __x64_sys_clone+0xe6/0x120
[   77.925835][ T5597]  x64_sys_call+0x2c59/0x2fb0
[   77.925863][ T5597]  do_syscall_64+0xd0/0x1a0
[   77.925893][ T5597]  ? clear_bhb_loop+0x40/0x90
[   77.925918][ T5597]  ? clear_bhb_loop+0x40/0x90
[   77.925942][ T5597]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.925964][ T5597] RIP: 0033:0x7f456a25e969
[   77.925989][ T5597] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.926014][ T5597] RSP: 002b:00007f45688a5fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   77.926034][ T5597] RAX: ffffffffffffffda RBX: 00007f456a486080 RCX: 00007f456a25e969
[   77.926050][ T5597] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000630c1000
[   77.926066][ T5597] RBP: 00007f45688a6090 R08: 0000000000000000 R09: 0000000000000000
[   77.926081][ T5597] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[   77.926097][ T5597] R13: 0000000000000000 R14: 00007f456a486080 R15: 00007ffd796bc258
[   77.926116][ T5597]  </TASK>
[   78.291555][ T5612] netlink: 96 bytes leftover after parsing attributes in process `syz.1.744'.
[   78.604212][ T5625] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2
[   78.714258][ T5630] FAULT_INJECTION: forcing a failure.
[   78.714258][ T5630] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   78.727423][ T5630] CPU: 0 UID: 0 PID: 5630 Comm: syz.0.751 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   78.727509][ T5630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   78.727525][ T5630] Call Trace:
[   78.727534][ T5630]  <TASK>
[   78.727543][ T5630]  __dump_stack+0x1d/0x30
[   78.727649][ T5630]  dump_stack_lvl+0xe8/0x140
[   78.727670][ T5630]  dump_stack+0x15/0x1b
[   78.727692][ T5630]  should_fail_ex+0x265/0x280
[   78.727736][ T5630]  should_fail+0xb/0x20
[   78.727848][ T5630]  should_fail_usercopy+0x1a/0x20
[   78.727918][ T5630]  _copy_from_user+0x1c/0xb0
[   78.727949][ T5630]  vmemdup_user+0x59/0xd0
[   78.727973][ T5630]  path_setxattrat+0x1b6/0x310
[   78.728031][ T5630]  __x64_sys_lsetxattr+0x71/0x90
[   78.728081][ T5630]  x64_sys_call+0x1e36/0x2fb0
[   78.728102][ T5630]  do_syscall_64+0xd0/0x1a0
[   78.728129][ T5630]  ? clear_bhb_loop+0x40/0x90
[   78.728156][ T5630]  ? clear_bhb_loop+0x40/0x90
[   78.728256][ T5630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.728282][ T5630] RIP: 0033:0x7f456a25e969
[   78.728297][ T5630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.728317][ T5630] RSP: 002b:00007f45688c7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[   78.728386][ T5630] RAX: ffffffffffffffda RBX: 00007f456a485fa0 RCX: 00007f456a25e969
[   78.728455][ T5630] RDX: 0000200000000240 RSI: 0000200000000200 RDI: 00002000000001c0
[   78.728471][ T5630] RBP: 00007f45688c7090 R08: 0000000000000000 R09: 0000000000000000
[   78.728487][ T5630] R10: 0000000000001001 R11: 0000000000000246 R12: 0000000000000001
[   78.728501][ T5630] R13: 0000000000000001 R14: 00007f456a485fa0 R15: 00007ffd796bc258
[   78.728520][ T5630]  </TASK>
[   78.746919][ T5632] FAULT_INJECTION: forcing a failure.
[   78.746919][ T5632] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   78.924839][ T5632] CPU: 1 UID: 0 PID: 5632 Comm: syz.2.752 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   78.924937][ T5632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   78.924953][ T5632] Call Trace:
[   78.924962][ T5632]  <TASK>
[   78.924971][ T5632]  __dump_stack+0x1d/0x30
[   78.924996][ T5632]  dump_stack_lvl+0xe8/0x140
[   78.925015][ T5632]  dump_stack+0x15/0x1b
[   78.925080][ T5632]  should_fail_ex+0x265/0x280
[   78.925184][ T5632]  should_fail+0xb/0x20
[   78.925268][ T5632]  should_fail_usercopy+0x1a/0x20
[   78.925318][ T5632]  _copy_from_user+0x1c/0xb0
[   78.925346][ T5632]  do_tcp_setsockopt+0x41c/0x1670
[   78.925385][ T5632]  ? selinux_socket_setsockopt+0x1ad/0x1e0
[   78.925418][ T5632]  tcp_setsockopt+0x51/0xb0
[   78.925451][ T5632]  sock_common_setsockopt+0x69/0x80
[   78.925494][ T5632]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   78.925534][ T5632]  __sys_setsockopt+0x184/0x200
[   78.925562][ T5632]  __x64_sys_setsockopt+0x64/0x80
[   78.925588][ T5632]  x64_sys_call+0x2bd5/0x2fb0
[   78.925681][ T5632]  do_syscall_64+0xd0/0x1a0
[   78.925746][ T5632]  ? clear_bhb_loop+0x40/0x90
[   78.925774][ T5632]  ? clear_bhb_loop+0x40/0x90
[   78.925803][ T5632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   78.925832][ T5632] RIP: 0033:0x7f86e38ee969
[   78.925849][ T5632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.925880][ T5632] RSP: 002b:00007f86e1f57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   78.925898][ T5632] RAX: ffffffffffffffda RBX: 00007f86e3b15fa0 RCX: 00007f86e38ee969
[   78.925918][ T5632] RDX: 000000000000000e RSI: 0000000000000006 RDI: 0000000000000003
[   78.925934][ T5632] RBP: 00007f86e1f57090 R08: 00000000000000d8 R09: 0000000000000000
[   78.925950][ T5632] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[   78.925967][ T5632] R13: 0000000000000000 R14: 00007f86e3b15fa0 R15: 00007ffc7cd94468
[   78.925991][ T5632]  </TASK>
[   79.195550][ T5644] netlink: 'syz.4.758': attribute type 10 has an invalid length.
[   79.201446][ T5648] netlink: 4 bytes leftover after parsing attributes in process `syz.0.760'.
[   79.226441][ T5644] veth1_macvtap: left promiscuous mode
[   79.238987][ T5644] team0: Device veth1_macvtap failed to register rx_handler
[   79.257707][ T5651] netlink: 96 bytes leftover after parsing attributes in process `syz.2.755'.
[   79.286368][   T29] kauditd_printk_skb: 9105 callbacks suppressed
[   79.286385][   T29] audit: type=1400 audit(1748241800.565:17711): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   79.313761][ T3044] audit: audit_backlog=65 > audit_backlog_limit=64
[   79.322663][ T3044] audit: audit_lost=114 audit_rate_limit=0 audit_backlog_limit=64
[   79.325399][   T29] audit: type=1400 audit(1748241800.565:17712): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   79.330676][ T3044] audit: backlog limit exceeded
[   79.353893][   T29] audit: type=1400 audit(1748241800.565:17713): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   79.380066][   T29] audit: type=1400 audit(1748241800.565:17714): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   79.401282][   T29] audit: type=1400 audit(1748241800.565:17715): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   79.404350][ T3044] audit: audit_backlog=65 > audit_backlog_limit=64
[   79.422476][   T29] audit: type=1400 audit(1748241800.565:17716): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   79.458069][ T5653] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[   79.522595][ T5657] syz.3.765 uses obsolete (PF_INET,SOCK_PACKET)
[   80.525796][ T5721] macvtap0: refused to change device tx_queue_len
[   80.532923][ T5721] __nla_validate_parse: 3 callbacks suppressed
[   80.532938][ T5721] netlink: 4 bytes leftover after parsing attributes in process `syz.1.786'.
[   80.655476][ T5729] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[   80.794158][ T5741] IPv6: Can't replace route, no match found
[   80.813105][ T5741] netlink: 132 bytes leftover after parsing attributes in process `syz.2.797'.
[   80.836927][ T5747] netlink: 'syz.0.793': attribute type 27 has an invalid length.
[   81.633451][ T5804] FAULT_INJECTION: forcing a failure.
[   81.633451][ T5804] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   81.646719][ T5804] CPU: 1 UID: 0 PID: 5804 Comm: syz.1.823 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   81.646756][ T5804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   81.646773][ T5804] Call Trace:
[   81.646781][ T5804]  <TASK>
[   81.646790][ T5804]  __dump_stack+0x1d/0x30
[   81.646825][ T5804]  dump_stack_lvl+0xe8/0x140
[   81.646888][ T5804]  dump_stack+0x15/0x1b
[   81.646911][ T5804]  should_fail_ex+0x265/0x280
[   81.646956][ T5804]  should_fail+0xb/0x20
[   81.646991][ T5804]  should_fail_usercopy+0x1a/0x20
[   81.647012][ T5804]  _copy_to_user+0x20/0xa0
[   81.647077][ T5804]  simple_read_from_buffer+0xb5/0x130
[   81.647223][ T5804]  proc_fail_nth_read+0x100/0x140
[   81.647262][ T5804]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   81.647292][ T5804]  vfs_read+0x19d/0x6f0
[   81.647317][ T5804]  ? touch_atime+0x106/0x330
[   81.647369][ T5804]  ? __rcu_read_unlock+0x4f/0x70
[   81.647393][ T5804]  ? __fget_files+0x184/0x1c0
[   81.647433][ T5804]  ksys_read+0xda/0x1a0
[   81.647469][ T5804]  __x64_sys_read+0x40/0x50
[   81.647523][ T5804]  x64_sys_call+0x2d77/0x2fb0
[   81.647621][ T5804]  do_syscall_64+0xd0/0x1a0
[   81.647649][ T5804]  ? clear_bhb_loop+0x40/0x90
[   81.647692][ T5804]  ? clear_bhb_loop+0x40/0x90
[   81.647720][ T5804]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.647747][ T5804] RIP: 0033:0x7f76aef7d37c
[   81.647766][ T5804] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   81.647819][ T5804] RSP: 002b:00007f76ad5e7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   81.647839][ T5804] RAX: ffffffffffffffda RBX: 00007f76af1a5fa0 RCX: 00007f76aef7d37c
[   81.647856][ T5804] RDX: 000000000000000f RSI: 00007f76ad5e70a0 RDI: 0000000000000004
[   81.647872][ T5804] RBP: 00007f76ad5e7090 R08: 0000000000000000 R09: 0000000000000000
[   81.647906][ T5804] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.647922][ T5804] R13: 0000000000000000 R14: 00007f76af1a5fa0 R15: 00007ffc6dd32258
[   81.647942][ T5804]  </TASK>
[   81.872032][ T5807] FAULT_INJECTION: forcing a failure.
[   81.872032][ T5807] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   81.885227][ T5807] CPU: 1 UID: 0 PID: 5807 Comm: syz.4.824 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   81.885317][ T5807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   81.885335][ T5807] Call Trace:
[   81.885344][ T5807]  <TASK>
[   81.885354][ T5807]  __dump_stack+0x1d/0x30
[   81.885383][ T5807]  dump_stack_lvl+0xe8/0x140
[   81.885409][ T5807]  dump_stack+0x15/0x1b
[   81.885431][ T5807]  should_fail_ex+0x265/0x280
[   81.885508][ T5807]  should_fail+0xb/0x20
[   81.885547][ T5807]  should_fail_usercopy+0x1a/0x20
[   81.885572][ T5807]  _copy_from_user+0x1c/0xb0
[   81.885601][ T5807]  ____sys_sendmsg+0x1c5/0x4e0
[   81.885654][ T5807]  ___sys_sendmsg+0x17b/0x1d0
[   81.885715][ T5807]  __sys_sendmmsg+0x178/0x300
[   81.885762][ T5807]  __x64_sys_sendmmsg+0x57/0x70
[   81.885790][ T5807]  x64_sys_call+0x2f2f/0x2fb0
[   81.885819][ T5807]  do_syscall_64+0xd0/0x1a0
[   81.885992][ T5807]  ? clear_bhb_loop+0x40/0x90
[   81.886073][ T5807]  ? clear_bhb_loop+0x40/0x90
[   81.886097][ T5807]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.886126][ T5807] RIP: 0033:0x7fb67435e969
[   81.886146][ T5807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.886169][ T5807] RSP: 002b:00007fb6729c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   81.886238][ T5807] RAX: ffffffffffffffda RBX: 00007fb674585fa0 RCX: 00007fb67435e969
[   81.886251][ T5807] RDX: 0000000000000001 RSI: 0000200000003cc0 RDI: 0000000000000003
[   81.886266][ T5807] RBP: 00007fb6729c7090 R08: 0000000000000000 R09: 0000000000000000
[   81.886343][ T5807] R10: 0000000044008004 R11: 0000000000000246 R12: 0000000000000001
[   81.886359][ T5807] R13: 0000000000000000 R14: 00007fb674585fa0 R15: 00007ffd84c630b8
[   81.886384][ T5807]  </TASK>
[   82.092862][ T5809] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[   82.215671][ T5823] netlink: 'syz.4.832': attribute type 10 has an invalid length.
[   82.236432][ T5821] syz.3.831 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   82.674530][ T5874] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[   83.165304][ T5901] netlink: 'syz.1.866': attribute type 4 has an invalid length.
[   83.297252][ T5912] netlink: 'syz.1.869': attribute type 10 has an invalid length.
[   83.346351][ T5914] macvtap0: refused to change device tx_queue_len
[   83.372702][ T5914] netlink: 4 bytes leftover after parsing attributes in process `syz.1.872'.
[   83.639881][ T5935] netlink: 'syz.4.882': attribute type 10 has an invalid length.
[   83.751561][ T5947] netlink: 4 bytes leftover after parsing attributes in process `syz.0.886'.
[   84.008459][ T5968] FAULT_INJECTION: forcing a failure.
[   84.008459][ T5968] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   84.021602][ T5968] CPU: 0 UID: 0 PID: 5968 Comm: syz.2.895 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   84.021664][ T5968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   84.021723][ T5968] Call Trace:
[   84.021732][ T5968]  <TASK>
[   84.021741][ T5968]  __dump_stack+0x1d/0x30
[   84.021769][ T5968]  dump_stack_lvl+0xe8/0x140
[   84.021794][ T5968]  dump_stack+0x15/0x1b
[   84.021815][ T5968]  should_fail_ex+0x265/0x280
[   84.021987][ T5968]  should_fail+0xb/0x20
[   84.022028][ T5968]  should_fail_usercopy+0x1a/0x20
[   84.022055][ T5968]  _copy_to_user+0x20/0xa0
[   84.022086][ T5968]  simple_read_from_buffer+0xb5/0x130
[   84.022187][ T5968]  proc_fail_nth_read+0x100/0x140
[   84.022223][ T5968]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   84.022265][ T5968]  vfs_read+0x19d/0x6f0
[   84.022291][ T5968]  ? __rcu_read_unlock+0x4f/0x70
[   84.022386][ T5968]  ? __fget_files+0x184/0x1c0
[   84.022421][ T5968]  ksys_read+0xda/0x1a0
[   84.022447][ T5968]  __x64_sys_read+0x40/0x50
[   84.022624][ T5968]  x64_sys_call+0x2d77/0x2fb0
[   84.022694][ T5968]  do_syscall_64+0xd0/0x1a0
[   84.022720][ T5968]  ? clear_bhb_loop+0x40/0x90
[   84.022742][ T5968]  ? clear_bhb_loop+0x40/0x90
[   84.022814][ T5968]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.022842][ T5968] RIP: 0033:0x7f86e38ed37c
[   84.022862][ T5968] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   84.022893][ T5968] RSP: 002b:00007f86e1f57030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   84.022918][ T5968] RAX: ffffffffffffffda RBX: 00007f86e3b15fa0 RCX: 00007f86e38ed37c
[   84.022933][ T5968] RDX: 000000000000000f RSI: 00007f86e1f570a0 RDI: 0000000000000003
[   84.023018][ T5968] RBP: 00007f86e1f57090 R08: 0000000000000000 R09: 0000000000000000
[   84.023034][ T5968] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   84.023050][ T5968] R13: 0000000000000000 R14: 00007f86e3b15fa0 R15: 00007ffc7cd94468
[   84.023073][ T5968]  </TASK>
[   84.296284][   T29] kauditd_printk_skb: 23839 callbacks suppressed
[   84.296301][   T29] audit: type=1400 audit(1748504207.565:35866): avc:  denied  { read write } for  pid=3324 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=0
[   84.300156][ T3044] audit: audit_backlog=65 > audit_backlog_limit=64
[   84.302689][   T29] audit: type=1400 audit(1748504207.565:35867): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   84.327117][ T3044] audit: audit_lost=2012 audit_rate_limit=0 audit_backlog_limit=64
[   84.333634][   T29] audit: type=1400 audit(1748504207.565:35868): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   84.354734][ T3044] audit: backlog limit exceeded
[   84.362640][   T29] audit: type=1400 audit(1748504207.565:35869): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   84.410311][   T29] audit: type=1400 audit(1748504207.565:35870): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   84.410637][ T5972] audit: audit_backlog=65 > audit_backlog_limit=64
[   84.431499][   T29] audit: type=1400 audit(1748504207.565:35871): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   84.917363][ T5986] macvtap0: refused to change device tx_queue_len
[   84.928474][ T5986] netlink: 4 bytes leftover after parsing attributes in process `syz.3.900'.
[   85.075440][ T6001] netlink: 'syz.1.909': attribute type 27 has an invalid length.
[   85.291923][ T6016] netlink: 'syz.2.916': attribute type 10 has an invalid length.
[   85.479925][ T6028] FAULT_INJECTION: forcing a failure.
[   85.479925][ T6028] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   85.493053][ T6028] CPU: 1 UID: 0 PID: 6028 Comm: GPL Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   85.493174][ T6028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   85.493190][ T6028] Call Trace:
[   85.493197][ T6028]  <TASK>
[   85.493204][ T6028]  __dump_stack+0x1d/0x30
[   85.493226][ T6028]  dump_stack_lvl+0xe8/0x140
[   85.493304][ T6028]  dump_stack+0x15/0x1b
[   85.493324][ T6028]  should_fail_ex+0x265/0x280
[   85.493372][ T6028]  should_fail+0xb/0x20
[   85.493408][ T6028]  should_fail_usercopy+0x1a/0x20
[   85.493434][ T6028]  _copy_to_user+0x20/0xa0
[   85.493472][ T6028]  simple_read_from_buffer+0xb5/0x130
[   85.493540][ T6028]  proc_fail_nth_read+0x100/0x140
[   85.493569][ T6028]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   85.493601][ T6028]  vfs_read+0x19d/0x6f0
[   85.493665][ T6028]  ? __rcu_read_unlock+0x4f/0x70
[   85.493771][ T6028]  ? __fget_files+0x184/0x1c0
[   85.493830][ T6028]  ksys_read+0xda/0x1a0
[   85.493858][ T6028]  __x64_sys_read+0x40/0x50
[   85.493893][ T6028]  x64_sys_call+0x2d77/0x2fb0
[   85.493922][ T6028]  do_syscall_64+0xd0/0x1a0
[   85.493963][ T6028]  ? clear_bhb_loop+0x40/0x90
[   85.493988][ T6028]  ? clear_bhb_loop+0x40/0x90
[   85.494031][ T6028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.494059][ T6028] RIP: 0033:0x7f456a25d37c
[   85.494078][ T6028] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   85.494102][ T6028] RSP: 002b:00007f45688c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   85.494123][ T6028] RAX: ffffffffffffffda RBX: 00007f456a485fa0 RCX: 00007f456a25d37c
[   85.494190][ T6028] RDX: 000000000000000f RSI: 00007f45688c70a0 RDI: 0000000000000003
[   85.494203][ T6028] RBP: 00007f45688c7090 R08: 0000000000000000 R09: 0000000000000000
[   85.494215][ T6028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   85.494226][ T6028] R13: 0000000000000000 R14: 00007f456a485fa0 R15: 00007ffd796bc258
[   85.494244][ T6028]  </TASK>
[   85.724836][ T6030] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[   85.920017][ T6051] netlink: 'syz.1.929': attribute type 27 has an invalid length.
[   85.959354][ T6055] netlink: 'syz.3.933': attribute type 3 has an invalid length.
[   86.041905][ T6061] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[   86.302675][ T6076] netlink: 'syz.0.942': attribute type 10 has an invalid length.
[   86.334399][ T6076] team0: Port device dummy0 added
[   86.879806][ T6096] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2
[   86.889615][ T6095] xt_cgroup: path and classid specified
[   87.011927][ T6104] macvtap0: refused to change device tx_queue_len
[   87.018908][ T6104] netlink: 4 bytes leftover after parsing attributes in process `syz.3.953'.
[   87.249061][ T6112] netlink: 'syz.4.956': attribute type 27 has an invalid length.
[   87.388057][ T6121] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[   87.593852][ T6134] macvtap0: refused to change device tx_queue_len
[   87.604582][ T6134] netlink: 4 bytes leftover after parsing attributes in process `syz.1.965'.
[   87.849174][ T6153] x_tables: ip_tables: icmp match: only valid for protocol 1
[   87.929619][ T6164] netlink: 'syz.1.978': attribute type 10 has an invalid length.
[   87.983216][ T6169] macvtap0: refused to change device tx_queue_len
[   87.991198][ T6169] netlink: 4 bytes leftover after parsing attributes in process `syz.3.980'.
[   88.164785][ T6182] serio: Serial port ptm1
[   88.393573][ T6199] netlink: 'syz.3.993': attribute type 27 has an invalid length.
[   88.442179][ T6201] macvtap0: refused to change device tx_queue_len
[   88.486784][ T6201] netlink: 4 bytes leftover after parsing attributes in process `syz.1.994'.
[   88.547031][ T6205] FAULT_INJECTION: forcing a failure.
[   88.547031][ T6205] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   88.560258][ T6205] CPU: 0 UID: 0 PID: 6205 Comm: syz.0.996 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   88.560300][ T6205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   88.560315][ T6205] Call Trace:
[   88.560323][ T6205]  <TASK>
[   88.560332][ T6205]  __dump_stack+0x1d/0x30
[   88.560361][ T6205]  dump_stack_lvl+0xe8/0x140
[   88.560383][ T6205]  dump_stack+0x15/0x1b
[   88.560399][ T6205]  should_fail_ex+0x265/0x280
[   88.560436][ T6205]  should_fail+0xb/0x20
[   88.560487][ T6205]  should_fail_usercopy+0x1a/0x20
[   88.560514][ T6205]  _copy_from_user+0x1c/0xb0
[   88.560574][ T6205]  kstrtouint_from_user+0x69/0xf0
[   88.560620][ T6205]  ? avc_policy_seqno+0x15/0x30
[   88.560641][ T6205]  proc_fail_nth_write+0x50/0x160
[   88.560679][ T6205]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   88.560742][ T6205]  vfs_write+0x266/0x8d0
[   88.560777][ T6205]  ? vfs_read+0x47f/0x6f0
[   88.560810][ T6205]  ? __rcu_read_unlock+0x4f/0x70
[   88.560881][ T6205]  ? __fget_files+0x184/0x1c0
[   88.560925][ T6205]  ksys_write+0xda/0x1a0
[   88.560952][ T6205]  __x64_sys_write+0x40/0x50
[   88.560984][ T6205]  x64_sys_call+0x2cdd/0x2fb0
[   88.561013][ T6205]  do_syscall_64+0xd0/0x1a0
[   88.561050][ T6205]  ? clear_bhb_loop+0x40/0x90
[   88.561079][ T6205]  ? clear_bhb_loop+0x40/0x90
[   88.561107][ T6205]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   88.561135][ T6205] RIP: 0033:0x7f456a25d41f
[   88.561155][ T6205] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   88.561182][ T6205] RSP: 002b:00007f45688c7030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   88.561207][ T6205] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f456a25d41f
[   88.561224][ T6205] RDX: 0000000000000001 RSI: 00007f45688c70a0 RDI: 0000000000000003
[   88.561237][ T6205] RBP: 00007f45688c7090 R08: 0000000000000000 R09: 0000000000000000
[   88.561251][ T6205] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   88.561267][ T6205] R13: 0000000000000000 R14: 00007f456a485fa0 R15: 00007ffd796bc258
[   88.561292][ T6205]  </TASK>
[   88.999652][ T6229] netlink: 'syz.4.1006': attribute type 10 has an invalid length.
[   89.241549][ T6255] FAULT_INJECTION: forcing a failure.
[   89.241549][ T6255] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   89.254777][ T6255] CPU: 1 UID: 0 PID: 6255 Comm: syz.1.1017 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   89.254814][ T6255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   89.254838][ T6255] Call Trace:
[   89.254847][ T6255]  <TASK>
[   89.254857][ T6255]  __dump_stack+0x1d/0x30
[   89.254956][ T6255]  dump_stack_lvl+0xe8/0x140
[   89.254975][ T6255]  dump_stack+0x15/0x1b
[   89.255024][ T6255]  should_fail_ex+0x265/0x280
[   89.255068][ T6255]  should_fail+0xb/0x20
[   89.255104][ T6255]  should_fail_usercopy+0x1a/0x20
[   89.255132][ T6255]  _copy_from_user+0x1c/0xb0
[   89.255192][ T6255]  get_timespec64+0x4c/0x100
[   89.255221][ T6255]  __se_sys_ppoll+0x75/0x200
[   89.255260][ T6255]  ? fput+0x8f/0xc0
[   89.255288][ T6255]  __x64_sys_ppoll+0x67/0x80
[   89.255325][ T6255]  x64_sys_call+0x2de5/0x2fb0
[   89.255352][ T6255]  do_syscall_64+0xd0/0x1a0
[   89.255455][ T6255]  ? clear_bhb_loop+0x40/0x90
[   89.255478][ T6255]  ? clear_bhb_loop+0x40/0x90
[   89.255508][ T6255]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.255582][ T6255] RIP: 0033:0x7f76aef7e969
[   89.255601][ T6255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   89.255625][ T6255] RSP: 002b:00007f76ad5e7038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[   89.255682][ T6255] RAX: ffffffffffffffda RBX: 00007f76af1a5fa0 RCX: 00007f76aef7e969
[   89.255722][ T6255] RDX: 0000200000000480 RSI: 0000000000000001 RDI: 0000200000000440
[   89.255734][ T6255] RBP: 00007f76ad5e7090 R08: 0000000000000000 R09: 0000000000000000
[   89.255748][ T6255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   89.255761][ T6255] R13: 0000000000000000 R14: 00007f76af1a5fa0 R15: 00007ffc6dd32258
[   89.255785][ T6255]  </TASK>
[   89.316152][ T3044] audit_log_start: 27833 callbacks suppressed
[   89.316220][ T3044] audit: audit_backlog=65 > audit_backlog_limit=64
[   89.316509][   T29] audit: type=1400 audit(1748766614.537:59610): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   89.320856][ T3044] audit: audit_lost=3379 audit_rate_limit=0 audit_backlog_limit=64
[   89.320879][ T3044] audit: backlog limit exceeded
[   89.324822][ T3044] audit: audit_backlog=65 > audit_backlog_limit=64
[   89.325545][   T29] audit: type=1400 audit(1748766614.537:59611): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   89.329341][ T3044] audit: audit_lost=3380 audit_rate_limit=0 audit_backlog_limit=64
[   89.329359][ T3044] audit: backlog limit exceeded
[   89.329642][ T3044] audit: audit_backlog=65 > audit_backlog_limit=64
[   89.333964][   T29] audit: type=1400 audit(1748766614.537:59612): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   89.358886][ T6258] macvtap0: refused to change device tx_queue_len
[   89.559139][ T6258] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1018'.
[   89.599803][ T6261] netlink: 'syz.1.1019': attribute type 10 has an invalid length.
[   89.803383][ T6272] netlink: 'syz.1.1024': attribute type 27 has an invalid length.
[   89.992988][ T6282] macvtap0: refused to change device tx_queue_len
[   90.000849][ T6282] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1029'.
[   90.040795][ T6284] netlink: 'syz.2.1030': attribute type 10 has an invalid length.
[   90.093639][ T6290] FAULT_INJECTION: forcing a failure.
[   90.093639][ T6290] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   90.106817][ T6290] CPU: 1 UID: 0 PID: 6290 Comm: syz.2.1033 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   90.106907][ T6290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   90.107000][ T6290] Call Trace:
[   90.107009][ T6290]  <TASK>
[   90.107019][ T6290]  __dump_stack+0x1d/0x30
[   90.107048][ T6290]  dump_stack_lvl+0xe8/0x140
[   90.107069][ T6290]  dump_stack+0x15/0x1b
[   90.107158][ T6290]  should_fail_ex+0x265/0x280
[   90.107214][ T6290]  should_fail+0xb/0x20
[   90.107255][ T6290]  should_fail_usercopy+0x1a/0x20
[   90.107335][ T6290]  _copy_to_user+0x20/0xa0
[   90.107362][ T6290]  __x64_sys_clock_adjtime+0x167/0x1d0
[   90.107450][ T6290]  x64_sys_call+0x2839/0x2fb0
[   90.107546][ T6290]  do_syscall_64+0xd0/0x1a0
[   90.107579][ T6290]  ? clear_bhb_loop+0x40/0x90
[   90.107609][ T6290]  ? clear_bhb_loop+0x40/0x90
[   90.107632][ T6290]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.107689][ T6290] RIP: 0033:0x7f86e38ee969
[   90.107753][ T6290] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.107772][ T6290] RSP: 002b:00007f86e1f57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000131
[   90.107792][ T6290] RAX: ffffffffffffffda RBX: 00007f86e3b15fa0 RCX: 00007f86e38ee969
[   90.107805][ T6290] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[   90.107834][ T6290] RBP: 00007f86e1f57090 R08: 0000000000000000 R09: 0000000000000000
[   90.107868][ T6290] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.107886][ T6290] R13: 0000000000000001 R14: 00007f86e3b15fa0 R15: 00007ffc7cd94468
[   90.107910][ T6290]  </TASK>
[   90.330362][ T6301] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[   90.539723][ T6313] macvtap0: refused to change device tx_queue_len
[   90.547357][ T6313] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1042'.
[   90.646861][ T6328] netdevsim netdevsim2: Direct firmware load for ./file0 failed with error -2
[   90.739302][ T6339] FAULT_INJECTION: forcing a failure.
[   90.739302][ T6339] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   90.752530][ T6339] CPU: 0 UID: 0 PID: 6339 Comm: syz.3.1052 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   90.752562][ T6339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   90.752577][ T6339] Call Trace:
[   90.752628][ T6339]  <TASK>
[   90.752638][ T6339]  __dump_stack+0x1d/0x30
[   90.752663][ T6339]  dump_stack_lvl+0xe8/0x140
[   90.752687][ T6339]  dump_stack+0x15/0x1b
[   90.752709][ T6339]  should_fail_ex+0x265/0x280
[   90.752839][ T6339]  should_fail+0xb/0x20
[   90.752953][ T6339]  should_fail_usercopy+0x1a/0x20
[   90.752980][ T6339]  _copy_to_user+0x20/0xa0
[   90.753007][ T6339]  __se_sys_cachestat+0x5af/0x630
[   90.753072][ T6339]  __x64_sys_cachestat+0x55/0x70
[   90.753179][ T6339]  x64_sys_call+0x2b46/0x2fb0
[   90.753206][ T6339]  do_syscall_64+0xd0/0x1a0
[   90.753236][ T6339]  ? clear_bhb_loop+0x40/0x90
[   90.753259][ T6339]  ? clear_bhb_loop+0x40/0x90
[   90.753282][ T6339]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.753340][ T6339] RIP: 0033:0x7f03d8dfe969
[   90.753359][ T6339] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.753381][ T6339] RSP: 002b:00007f03d7467038 EFLAGS: 00000246 ORIG_RAX: 00000000000001c3
[   90.753404][ T6339] RAX: ffffffffffffffda RBX: 00007f03d9025fa0 RCX: 00007f03d8dfe969
[   90.753418][ T6339] RDX: 0000200000000040 RSI: 0000200000000000 RDI: 0000000000000003
[   90.753430][ T6339] RBP: 00007f03d7467090 R08: 0000000000000000 R09: 0000000000000000
[   90.753497][ T6339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   90.753573][ T6339] R13: 0000000000000000 R14: 00007f03d9025fa0 R15: 00007fff057354d8
[   90.753598][ T6339]  </TASK>
[   91.041617][ T6349] macvtap0: refused to change device tx_queue_len
[   91.055122][ T6351] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=49 sclass=netlink_audit_socket pid=6351 comm=syz.3.1059
[   91.077198][ T6352] netlink: 'syz.1.1054': attribute type 27 has an invalid length.
[   91.085648][ T6349] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1058'.
[   91.141126][ T6359] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[   91.152446][ T6361] wireguard0: entered promiscuous mode
[   91.158169][ T6361] wireguard0: entered allmulticast mode
[   91.345444][ T6380] FAULT_INJECTION: forcing a failure.
[   91.345444][ T6380] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   91.358705][ T6380] CPU: 1 UID: 0 PID: 6380 Comm: syz.3.1070 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   91.358749][ T6380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   91.358766][ T6380] Call Trace:
[   91.358774][ T6380]  <TASK>
[   91.358784][ T6380]  __dump_stack+0x1d/0x30
[   91.358812][ T6380]  dump_stack_lvl+0xe8/0x140
[   91.358856][ T6380]  dump_stack+0x15/0x1b
[   91.358877][ T6380]  should_fail_ex+0x265/0x280
[   91.358922][ T6380]  should_fail+0xb/0x20
[   91.358962][ T6380]  should_fail_usercopy+0x1a/0x20
[   91.359023][ T6380]  strncpy_from_user+0x25/0x230
[   91.359136][ T6380]  ? kmem_cache_alloc_noprof+0x186/0x310
[   91.359163][ T6380]  ? getname_flags+0x80/0x3b0
[   91.359207][ T6380]  getname_flags+0xae/0x3b0
[   91.359317][ T6380]  __x64_sys_symlink+0x33/0x60
[   91.359426][ T6380]  x64_sys_call+0x2d8d/0x2fb0
[   91.359454][ T6380]  do_syscall_64+0xd0/0x1a0
[   91.359484][ T6380]  ? clear_bhb_loop+0x40/0x90
[   91.359512][ T6380]  ? clear_bhb_loop+0x40/0x90
[   91.359604][ T6380]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.359632][ T6380] RIP: 0033:0x7f03d8dfe969
[   91.359652][ T6380] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   91.359711][ T6380] RSP: 002b:00007f03d7467038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[   91.359733][ T6380] RAX: ffffffffffffffda RBX: 00007f03d9025fa0 RCX: 00007f03d8dfe969
[   91.359775][ T6380] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000200000000340
[   91.359790][ T6380] RBP: 00007f03d7467090 R08: 0000000000000000 R09: 0000000000000000
[   91.359803][ T6380] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   91.359814][ T6380] R13: 0000000000000001 R14: 00007f03d9025fa0 R15: 00007fff057354d8
[   91.359832][ T6380]  </TASK>
[   91.668444][ T6393] macvtap0: refused to change device tx_queue_len
[   91.675562][ T6393] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1076'.
[   91.733023][ T6398] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[   91.813013][ T6405] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1081'.
[   91.822291][ T6405] netem: change failed
[   92.126533][ T6425] macvtap0: refused to change device tx_queue_len
[   92.167480][ T6425] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1090'.
[   92.236112][ T6431] netdevsim netdevsim1: Direct firmware load for ./file0 failed with error -2
[   92.270506][ T6441] netlink: 'syz.3.1094': attribute type 27 has an invalid length.
[   92.561374][ T6458] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1105'.
[   92.645353][ T6464] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2
[   92.697879][ T6475] FAULT_INJECTION: forcing a failure.
[   92.697879][ T6475] name failslab, interval 1, probability 0, space 0, times 0
[   92.710770][ T6475] CPU: 0 UID: 0 PID: 6475 Comm: syz.2.1113 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   92.710819][ T6475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   92.710836][ T6475] Call Trace:
[   92.710845][ T6475]  <TASK>
[   92.710855][ T6475]  __dump_stack+0x1d/0x30
[   92.710882][ T6475]  dump_stack_lvl+0xe8/0x140
[   92.710908][ T6475]  dump_stack+0x15/0x1b
[   92.710930][ T6475]  should_fail_ex+0x265/0x280
[   92.711016][ T6475]  should_failslab+0x8c/0xb0
[   92.711057][ T6475]  __kmalloc_noprof+0xa5/0x3e0
[   92.711084][ T6475]  ? alloc_pipe_info+0x1c9/0x350
[   92.711123][ T6475]  alloc_pipe_info+0x1c9/0x350
[   92.711193][ T6475]  splice_direct_to_actor+0x592/0x680
[   92.711260][ T6475]  ? kstrtouint_from_user+0x9f/0xf0
[   92.711299][ T6475]  ? __pfx_direct_splice_actor+0x10/0x10
[   92.711326][ T6475]  ? __rcu_read_unlock+0x4f/0x70
[   92.711354][ T6475]  ? get_pid_task+0x96/0xd0
[   92.711398][ T6475]  ? avc_policy_seqno+0x15/0x30
[   92.711424][ T6475]  do_splice_direct+0xda/0x150
[   92.711447][ T6475]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   92.711481][ T6475]  do_sendfile+0x380/0x640
[   92.711508][ T6475]  __x64_sys_sendfile64+0x105/0x150
[   92.711595][ T6475]  x64_sys_call+0xb39/0x2fb0
[   92.711616][ T6475]  do_syscall_64+0xd0/0x1a0
[   92.711649][ T6475]  ? clear_bhb_loop+0x40/0x90
[   92.711677][ T6475]  ? clear_bhb_loop+0x40/0x90
[   92.711780][ T6475]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.711809][ T6475] RIP: 0033:0x7f86e38ee969
[   92.711828][ T6475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.711909][ T6475] RSP: 002b:00007f86e1f57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   92.711933][ T6475] RAX: ffffffffffffffda RBX: 00007f86e3b15fa0 RCX: 00007f86e38ee969
[   92.711950][ T6475] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000003
[   92.711966][ T6475] RBP: 00007f86e1f57090 R08: 0000000000000000 R09: 0000000000000000
[   92.711981][ T6475] R10: 0001000000000004 R11: 0000000000000246 R12: 0000000000000001
[   92.711998][ T6475] R13: 0000000000000000 R14: 00007f86e3b15fa0 R15: 00007ffc7cd94468
[   92.712022][ T6475]  </TASK>
[   93.012853][ T6489] macvtap0: refused to change device tx_queue_len
[   93.032799][ T6489] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1120'.
[   93.084482][ T6493] netdevsim netdevsim3: Direct firmware load for ./file0 failed with error -2
[   93.134542][ T6495] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1123'.
[   93.198016][ T6499] FAULT_INJECTION: forcing a failure.
[   93.198016][ T6499] name failslab, interval 1, probability 0, space 0, times 0
[   93.210711][ T6499] CPU: 0 UID: 0 PID: 6499 Comm: syz.3.1125 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   93.210741][ T6499] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   93.210830][ T6499] Call Trace:
[   93.210838][ T6499]  <TASK>
[   93.210847][ T6499]  __dump_stack+0x1d/0x30
[   93.210874][ T6499]  dump_stack_lvl+0xe8/0x140
[   93.210924][ T6499]  dump_stack+0x15/0x1b
[   93.210980][ T6499]  should_fail_ex+0x265/0x280
[   93.211098][ T6499]  should_failslab+0x8c/0xb0
[   93.211147][ T6499]  __kmalloc_noprof+0xa5/0x3e0
[   93.211166][ T6499]  ? security_perf_event_alloc+0x48/0x120
[   93.211209][ T6499]  security_perf_event_alloc+0x48/0x120
[   93.211292][ T6499]  perf_event_alloc+0x14ed/0x15c0
[   93.211319][ T6499]  ? __pfx_ptrace_triggered+0x10/0x10
[   93.211339][ T6499]  perf_event_create_kernel_counter+0xaa/0x370
[   93.211372][ T6499]  ? __pfx_ptrace_triggered+0x10/0x10
[   93.211397][ T6499]  register_user_hw_breakpoint+0x32/0x40
[   93.211524][ T6499]  ptrace_set_debugreg+0x279/0x750
[   93.211550][ T6499]  ? get_pid_task+0x96/0xd0
[   93.211579][ T6499]  ? proc_fail_nth_write+0x12d/0x160
[   93.211657][ T6499]  arch_ptrace+0x361/0x3f0
[   93.211694][ T6499]  __se_sys_ptrace+0xf3/0x2b0
[   93.211798][ T6499]  __x64_sys_ptrace+0x55/0x70
[   93.211828][ T6499]  x64_sys_call+0x1d6a/0x2fb0
[   93.211909][ T6499]  do_syscall_64+0xd0/0x1a0
[   93.212014][ T6499]  ? clear_bhb_loop+0x40/0x90
[   93.212043][ T6499]  ? clear_bhb_loop+0x40/0x90
[   93.212119][ T6499]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.212141][ T6499] RIP: 0033:0x7f03d8dfe969
[   93.212156][ T6499] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.212174][ T6499] RSP: 002b:00007f03d7467038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065
[   93.212203][ T6499] RAX: ffffffffffffffda RBX: 00007f03d9025fa0 RCX: 00007f03d8dfe969
[   93.212219][ T6499] RDX: 0000000000000358 RSI: 0000000000000206 RDI: 0000000000000006
[   93.212234][ T6499] RBP: 00007f03d7467090 R08: 0000000000000000 R09: 0000000000000000
[   93.212247][ T6499] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.212259][ T6499] R13: 0000000000000000 R14: 00007f03d9025fa0 R15: 00007fff057354d8
[   93.212277][ T6499]  </TASK>
[   93.532138][ T6512] FAULT_INJECTION: forcing a failure.
[   93.532138][ T6512] name failslab, interval 1, probability 0, space 0, times 0
[   93.544901][ T6512] CPU: 1 UID: 0 PID: 6512 Comm: syz.1.1132 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   93.544938][ T6512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   93.544955][ T6512] Call Trace:
[   93.544963][ T6512]  <TASK>
[   93.544973][ T6512]  __dump_stack+0x1d/0x30
[   93.545000][ T6512]  dump_stack_lvl+0xe8/0x140
[   93.545147][ T6512]  dump_stack+0x15/0x1b
[   93.545163][ T6512]  should_fail_ex+0x265/0x280
[   93.545201][ T6512]  should_failslab+0x8c/0xb0
[   93.545233][ T6512]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[   93.545272][ T6512]  ? sidtab_sid2str_get+0xa0/0x130
[   93.545305][ T6512]  kmemdup_noprof+0x2b/0x70
[   93.545327][ T6512]  sidtab_sid2str_get+0xa0/0x130
[   93.545368][ T6512]  security_sid_to_context_core+0x1eb/0x2e0
[   93.545524][ T6512]  security_sid_to_context+0x27/0x40
[   93.545559][ T6512]  selinux_lsmprop_to_secctx+0x67/0xf0
[   93.545655][ T6512]  security_lsmprop_to_secctx+0x43/0x80
[   93.545699][ T6512]  audit_log_task_context+0x77/0x190
[   93.545740][ T6512]  audit_log_task+0xf4/0x250
[   93.545780][ T6512]  audit_seccomp+0x61/0x100
[   93.545811][ T6512]  ? __seccomp_filter+0x68c/0x10d0
[   93.545834][ T6512]  __seccomp_filter+0x69d/0x10d0
[   93.545857][ T6512]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   93.545890][ T6512]  ? vfs_write+0x75e/0x8d0
[   93.545988][ T6512]  ? __rcu_read_unlock+0x4f/0x70
[   93.546022][ T6512]  ? __fget_files+0x184/0x1c0
[   93.546136][ T6512]  __secure_computing+0x82/0x150
[   93.546310][ T6512]  syscall_trace_enter+0xcf/0x1e0
[   93.546410][ T6512]  do_syscall_64+0xaa/0x1a0
[   93.546439][ T6512]  ? clear_bhb_loop+0x40/0x90
[   93.546468][ T6512]  ? clear_bhb_loop+0x40/0x90
[   93.546498][ T6512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.546556][ T6512] RIP: 0033:0x7f76aef7e969
[   93.546572][ T6512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.546594][ T6512] RSP: 002b:00007f76ad5e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ad
[   93.546619][ T6512] RAX: ffffffffffffffda RBX: 00007f76af1a5fa0 RCX: 00007f76aef7e969
[   93.546681][ T6512] RDX: fffffffffffffff8 RSI: 0000000000000009 RDI: 0000000000000001
[   93.546696][ T6512] RBP: 00007f76ad5e7090 R08: 0000000000000000 R09: 0000000000000000
[   93.546707][ T6512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.546720][ T6512] R13: 0000000000000000 R14: 00007f76af1a5fa0 R15: 00007ffc6dd32258
[   93.546745][ T6512]  </TASK>
[   93.771398][ T6523] netlink: 'syz.2.1133': attribute type 27 has an invalid length.
[   93.804549][ T6524] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1134'.
[   93.898632][ T6523] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.905965][ T6523] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.953002][ T6523] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   93.965704][ T6523] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   94.023719][ T6523] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   94.032731][ T6523] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   94.041968][ T6523] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   94.051085][ T6523] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   94.075568][ T6530] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2
[   94.105993][ T6534] netlink: 96 bytes leftover after parsing attributes in process `syz.3.1139'.
[   94.238782][ T6554] macvtap0: refused to change device tx_queue_len
[   94.271636][ T6554] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1146'.
[   94.329882][   T29] kauditd_printk_skb: 24224 callbacks suppressed
[   94.329899][   T29] audit: type=1400 audit(1748766619.607:77714): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   94.348266][ T3044] audit: audit_backlog=65 > audit_backlog_limit=64
[   94.358543][ T3324] audit: audit_backlog=65 > audit_backlog_limit=64
[   94.364227][ T3044] audit: audit_lost=5422 audit_rate_limit=0 audit_backlog_limit=64
[   94.370755][ T3324] audit: audit_lost=5423 audit_rate_limit=0 audit_backlog_limit=64
[   94.370773][ T3324] audit: backlog limit exceeded
[   94.372200][   T29] audit: type=1400 audit(1748766619.607:77715): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   94.378711][ T3044] audit: backlog limit exceeded
[   94.417626][   T29] audit: type=1400 audit(1748766619.607:77716): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   94.424998][ T3044] audit: audit_backlog=65 > audit_backlog_limit=64
[   94.487667][ T6568] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1152'.
[   94.526556][ T6567] netdevsim netdevsim0: Direct firmware load for ./file0 failed with error -2
[   94.544761][ T6572] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1155'.
[   94.635909][ T6581] FAULT_INJECTION: forcing a failure.
[   94.635909][ T6581] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   94.649151][ T6581] CPU: 0 UID: 0 PID: 6581 Comm: syz.2.1159 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   94.649187][ T6581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.649203][ T6581] Call Trace:
[   94.649234][ T6581]  <TASK>
[   94.649244][ T6581]  __dump_stack+0x1d/0x30
[   94.649266][ T6581]  dump_stack_lvl+0xe8/0x140
[   94.649291][ T6581]  dump_stack+0x15/0x1b
[   94.649313][ T6581]  should_fail_ex+0x265/0x280
[   94.649377][ T6581]  should_fail+0xb/0x20
[   94.649407][ T6581]  should_fail_usercopy+0x1a/0x20
[   94.649427][ T6581]  _copy_to_user+0x20/0xa0
[   94.649522][ T6581]  simple_read_from_buffer+0xb5/0x130
[   94.649569][ T6581]  proc_fail_nth_read+0x100/0x140
[   94.649606][ T6581]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   94.649633][ T6581]  vfs_read+0x19d/0x6f0
[   94.649673][ T6581]  ? __rcu_read_unlock+0x4f/0x70
[   94.649696][ T6581]  ? __fget_files+0x184/0x1c0
[   94.649737][ T6581]  ksys_read+0xda/0x1a0
[   94.649814][ T6581]  __x64_sys_read+0x40/0x50
[   94.649846][ T6581]  x64_sys_call+0x2d77/0x2fb0
[   94.649907][ T6581]  do_syscall_64+0xd0/0x1a0
[   94.649931][ T6581]  ? clear_bhb_loop+0x40/0x90
[   94.649957][ T6581]  ? clear_bhb_loop+0x40/0x90
[   94.650016][ T6581]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.650037][ T6581] RIP: 0033:0x7f86e38ed37c
[   94.650052][ T6581] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   94.650075][ T6581] RSP: 002b:00007f86e1f57030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   94.650099][ T6581] RAX: ffffffffffffffda RBX: 00007f86e3b15fa0 RCX: 00007f86e38ed37c
[   94.650115][ T6581] RDX: 000000000000000f RSI: 00007f86e1f570a0 RDI: 0000000000000003
[   94.650162][ T6581] RBP: 00007f86e1f57090 R08: 0000000000000000 R09: 0000000000000000
[   94.650174][ T6581] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.650204][ T6581] R13: 0000000000000001 R14: 00007f86e3b15fa0 R15: 00007ffc7cd94468
[   94.650227][ T6581]  </TASK>
[   94.879298][ T6584] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1161'.
[   94.930606][ T6591] FAULT_INJECTION: forcing a failure.
[   94.930606][ T6591] name failslab, interval 1, probability 0, space 0, times 0
[   94.943360][ T6591] CPU: 1 UID: 0 PID: 6591 Comm: +}[@ Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   94.943389][ T6591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.943406][ T6591] Call Trace:
[   94.943414][ T6591]  <TASK>
[   94.943431][ T6591]  __dump_stack+0x1d/0x30
[   94.943459][ T6591]  dump_stack_lvl+0xe8/0x140
[   94.943484][ T6591]  dump_stack+0x15/0x1b
[   94.943506][ T6591]  should_fail_ex+0x265/0x280
[   94.943549][ T6591]  should_failslab+0x8c/0xb0
[   94.943597][ T6591]  kmem_cache_alloc_noprof+0x50/0x310
[   94.943623][ T6591]  ? getname_flags+0x80/0x3b0
[   94.943664][ T6591]  getname_flags+0x80/0x3b0
[   94.943766][ T6591]  do_sys_openat2+0x60/0x110
[   94.943815][ T6591]  __x64_sys_openat+0xf2/0x120
[   94.943844][ T6591]  x64_sys_call+0x1af/0x2fb0
[   94.943872][ T6591]  do_syscall_64+0xd0/0x1a0
[   94.943973][ T6591]  ? clear_bhb_loop+0x40/0x90
[   94.944001][ T6591]  ? clear_bhb_loop+0x40/0x90
[   94.944035][ T6591]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.944063][ T6591] RIP: 0033:0x7f03d8dfe969
[   94.944079][ T6591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.944157][ T6591] RSP: 002b:00007f03d7446038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   94.944182][ T6591] RAX: ffffffffffffffda RBX: 00007f03d9026080 RCX: 00007f03d8dfe969
[   94.944198][ T6591] RDX: 0000000000000000 RSI: 0000200000000000 RDI: ffffffffffffff9c
[   94.944215][ T6591] RBP: 00007f03d7446090 R08: 0000000000000000 R09: 0000000000000000
[   94.944231][ T6591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.944247][ T6591] R13: 0000000000000000 R14: 00007f03d9026080 R15: 00007fff057354d8
[   94.944268][ T6591]  </TASK>
[   95.148654][ T6598] netlink: 'syz.2.1163': attribute type 27 has an invalid length.
[   95.214849][ T6601] netdevsim netdevsim4: Direct firmware load for ./file0 failed with error -2
[   95.402418][ T6616] netlink: 'syz.1.1174': attribute type 4 has an invalid length.
[   95.496469][ T6622] macvtap0: refused to change device tx_queue_len
[   95.585235][ T6627] futex_wake_op: syz.4.1178 tries to shift op by -1; fix this program
[   95.858264][ T6644] macvtap0: refused to change device tx_queue_len
[   96.063430][ T6670] netlink: 'syz.1.1195': attribute type 27 has an invalid length.
[   96.141293][ T6674] FAULT_INJECTION: forcing a failure.
[   96.141293][ T6674] name failslab, interval 1, probability 0, space 0, times 0
[   96.154201][ T6674] CPU: 0 UID: 0 PID: 6674 Comm: syz.2.1200 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   96.154235][ T6674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   96.154283][ T6674] Call Trace:
[   96.154291][ T6674]  <TASK>
[   96.154300][ T6674]  __dump_stack+0x1d/0x30
[   96.154350][ T6674]  dump_stack_lvl+0xe8/0x140
[   96.154373][ T6674]  dump_stack+0x15/0x1b
[   96.154392][ T6674]  should_fail_ex+0x265/0x280
[   96.154431][ T6674]  ? copy_net_ns+0x13e/0x720
[   96.154464][ T6674]  should_failslab+0x8c/0xb0
[   96.154587][ T6674]  __kmalloc_cache_noprof+0x4c/0x320
[   96.154619][ T6674]  copy_net_ns+0x13e/0x720
[   96.154651][ T6674]  create_new_namespaces+0x20e/0x410
[   96.154693][ T6674]  unshare_nsproxy_namespaces+0xe8/0x120
[   96.154731][ T6674]  ksys_unshare+0x3d0/0x6d0
[   96.154821][ T6674]  __x64_sys_unshare+0x1f/0x30
[   96.154853][ T6674]  x64_sys_call+0x2d4b/0x2fb0
[   96.154881][ T6674]  do_syscall_64+0xd0/0x1a0
[   96.154907][ T6674]  ? clear_bhb_loop+0x40/0x90
[   96.154963][ T6674]  ? clear_bhb_loop+0x40/0x90
[   96.154986][ T6674]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.155009][ T6674] RIP: 0033:0x7f86e38ee969
[   96.155025][ T6674] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.155043][ T6674] RSP: 002b:00007f86e1f36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[   96.155119][ T6674] RAX: ffffffffffffffda RBX: 00007f86e3b16080 RCX: 00007f86e38ee969
[   96.155134][ T6674] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000044040000
[   96.155150][ T6674] RBP: 00007f86e1f36090 R08: 0000000000000000 R09: 0000000000000000
[   96.155194][ T6674] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.155210][ T6674] R13: 0000000000000000 R14: 00007f86e3b16080 R15: 00007ffc7cd94468
[   96.155234][ T6674]  </TASK>
[   97.074352][ T6715] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   97.124100][ T6715] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[   97.287769][ T6738] netlink: 'syz.0.1224': attribute type 27 has an invalid length.
[   97.387298][ T6746] macvtap0: refused to change device tx_queue_len
[   97.394392][ T6746] __nla_validate_parse: 9 callbacks suppressed
[   97.394410][ T6746] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1229'.
[   97.672983][ T4075] ==================================================================
[   97.681120][ T4075] BUG: KCSAN: data-race in __dentry_kill / fast_dput
[   97.687855][ T4075] 
[   97.690201][ T4075] write to 0xffff888106faa9d0 of 8 bytes by task 3547 on cpu 1:
[   97.697889][ T4075]  __dentry_kill+0x142/0x4b0
[   97.702520][ T4075]  dput+0x5e/0xd0
[   97.705424][ T6774] FAULT_INJECTION: forcing a failure.
[   97.705424][ T6774] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.706171][ T4075]  do_unlinkat+0x221/0x4c0
[   97.706206][ T4075]  __x64_sys_unlink+0x2e/0x40
[   97.719351][ T6774] CPU: 1 UID: 0 PID: 6774 Comm: syz.2.1241 Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   97.719428][ T6774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   97.719447][ T6774] Call Trace:
[   97.719456][ T6774]  <TASK>
[   97.719466][ T6774]  __dump_stack+0x1d/0x30
[   97.719494][ T6774]  dump_stack_lvl+0xe8/0x140
[   97.719541][ T6774]  dump_stack+0x15/0x1b
[   97.719565][ T6774]  should_fail_ex+0x265/0x280
[   97.719663][ T6774]  should_fail+0xb/0x20
[   97.719785][ T6774]  should_fail_usercopy+0x1a/0x20
[   97.719813][ T6774]  _copy_to_user+0x20/0xa0
[   97.719845][ T6774]  simple_read_from_buffer+0xb5/0x130
[   97.719944][ T6774]  proc_fail_nth_read+0x100/0x140
[   97.720072][ T6774]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   97.720108][ T6774]  vfs_read+0x19d/0x6f0
[   97.720160][ T6774]  ? __rcu_read_unlock+0x4f/0x70
[   97.720273][ T6774]  ? __fget_files+0x184/0x1c0
[   97.720316][ T6774]  ksys_read+0xda/0x1a0
[   97.720408][ T6774]  __x64_sys_read+0x40/0x50
[   97.720445][ T6774]  x64_sys_call+0x2d77/0x2fb0
[   97.720475][ T6774]  do_syscall_64+0xd0/0x1a0
[   97.720561][ T6774]  ? clear_bhb_loop+0x40/0x90
[   97.720593][ T6774]  ? clear_bhb_loop+0x40/0x90
[   97.720657][ T6774]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.720686][ T6774] RIP: 0033:0x7f86e38ed37c
[   97.720717][ T6774] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   97.720744][ T6774] RSP: 002b:00007f86e1f36030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   97.720771][ T6774] RAX: ffffffffffffffda RBX: 00007f86e3b16080 RCX: 00007f86e38ed37c
[   97.720790][ T6774] RDX: 000000000000000f RSI: 00007f86e1f360a0 RDI: 0000000000000005
[   97.720872][ T6774] RBP: 00007f86e1f36090 R08: 0000000000000000 R09: 0000000000000000
[   97.720889][ T6774] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.720906][ T6774] R13: 0000000000000000 R14: 00007f86e3b16080 R15: 00007ffc7cd94468
[   97.720931][ T6774]  </TASK>
[   97.926703][ T4075]  x64_sys_call+0x22a6/0x2fb0
[   97.931399][ T4075]  do_syscall_64+0xd0/0x1a0
[   97.935919][ T4075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.941825][ T4075] 
[   97.944152][ T4075] read to 0xffff888106faa9d0 of 8 bytes by task 4075 on cpu 0:
[   97.951702][ T4075]  fast_dput+0x5f/0x2c0
[   97.955888][ T4075]  dput+0x24/0xd0
[   97.959538][ T4075]  step_into+0x5b2/0x820
[   97.963826][ T4075]  path_openat+0x13e8/0x2170
[   97.968433][ T4075]  do_filp_open+0x109/0x230
[   97.972964][ T4075]  do_sys_openat2+0xa6/0x110
[   97.977577][ T4075]  __x64_sys_openat+0xf2/0x120
[   97.982362][ T4075]  x64_sys_call+0x1af/0x2fb0
[   97.986970][ T4075]  do_syscall_64+0xd0/0x1a0
[   97.991495][ T4075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.997403][ T4075] 
[   97.999733][ T4075] value changed: 0xffff888237b76040 -> 0x0000000000000000
[   98.006868][ T4075] 
[   98.009195][ T4075] Reported by Kernel Concurrency Sanitizer on:
[   98.015352][ T4075] CPU: 0 UID: 0 PID: 4075 Comm: udevd Not tainted 6.15.0-rc7-syzkaller-00175-g0f8c0258bf04 #0 PREEMPT(voluntary) 
[   98.027345][ T4075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   98.037431][ T4075] ==================================================================
[   98.051232][ T6776] macvtap0: refused to change device tx_queue_len
[   98.058539][ T6776] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1242'.
[   99.336776][   T29] kauditd_printk_skb: 22223 callbacks suppressed
[   99.336795][   T29] audit: type=1400 audit(1748766624.617:98291): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   99.349811][ T3044] audit: audit_backlog=65 > audit_backlog_limit=64
[   99.364339][   T29] audit: type=1400 audit(1748766624.617:98292): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   99.371138][ T3044] audit: audit_lost=5974 audit_rate_limit=0 audit_backlog_limit=64
[   99.392360][   T29] audit: type=1400 audit(1748766624.617:98293): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   99.392391][   T29] audit: type=1400 audit(1748766624.617:98294): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   99.400338][ T3044] audit: backlog limit exceeded
[   99.421422][   T29] audit: type=1400 audit(1748766624.617:98295): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   99.421453][   T29] audit: type=1400 audit(1748766624.617:98296): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[   99.444847][ T3044] audit: audit_backlog=65 > audit_backlog_limit=64
[  104.346039][   T29] kauditd_printk_skb: 38046 callbacks suppressed
[  104.346060][   T29] audit: type=1400 audit(1748766629.617:136341): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[  104.356869][ T3044] audit: audit_backlog=65 > audit_backlog_limit=64
[  104.374698][   T29] audit: type=1400 audit(1748766629.627:136342): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[  104.380250][ T3044] audit: audit_lost=5976 audit_rate_limit=0 audit_backlog_limit=64
[  104.401433][   T29] audit: type=1400 audit(1748766629.627:136343): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[  104.409330][ T3044] audit: backlog limit exceeded
[  104.410020][ T3044] audit: audit_backlog=65 > audit_backlog_limit=64
[  104.430547][   T29] audit: type=1400 audit(1748766629.627:136344): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0
[  104.435373][ T3044] audit: audit_lost=5977 audit_rate_limit=0 audit_backlog_limit=64
[  104.441887][   T29] audit: type=1400 audit(1748766629.627:136345): avc:  denied  { read } for  pid=3044 comm="dhcpcd" scontext=system_u:system_r:dhcpc_t tcontext=system_u:system_r:dhcpc_t tclass=netlink_kobject_uevent_socket permissive=0