last executing test programs:

2m43.713693563s ago: executing program 3 (id=1848):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TYPE(r1, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, 0xd, 0x6, 0x5, 0x0, 0x0, {0x5, 0x0, 0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x20040800}, 0x4000000)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @private1, 0x9}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f00000004c0)=0x8)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000000040)=@sack_info={r4, 0x9, 0xfffffffe}, &(0x7f00000000c0)=0xc)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000000)={0xb9, 0x0, 0x18a, 0x10, r4}, &(0x7f0000000040)=0x10)

2m42.805199241s ago: executing program 3 (id=1865):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x2200c1)
ioctl$EVIOCGBITKEY(r0, 0x80404521, &(0x7f0000000040)=""/147)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
recvmmsg$unix(r1, &(0x7f0000005e40)=[{{&(0x7f0000000140), 0x6e, &(0x7f0000001600)=[{&(0x7f00000001c0)=""/178, 0xb2}, {&(0x7f0000000280)=""/98, 0x62}, {&(0x7f0000000300)=""/82, 0x52}, {&(0x7f0000000380)=""/4096, 0x1000}, {&(0x7f0000001380)=""/72, 0x48}, {&(0x7f0000001400)=""/219, 0xdb}, {&(0x7f0000001500)=""/247, 0xf7}], 0x7, &(0x7f0000001680)=[@rights={{0x1c, 0x1, 0x1, [<r2=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, <r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x88}}, {{&(0x7f0000001740), 0x6e, &(0x7f00000048c0)=[{&(0x7f00000017c0)=""/4096, 0x1000}, {&(0x7f00000027c0)=""/4096, 0x1000}, {&(0x7f00000037c0)=""/4096, 0x1000}, {&(0x7f00000047c0)=""/37, 0x25}, {&(0x7f0000004800)=""/145, 0x91}], 0x5}}, {{&(0x7f0000004940)=@abs, 0x6e, &(0x7f0000005d00)=[{&(0x7f00000049c0)=""/4096, 0x1000}, {&(0x7f00000059c0)=""/231, 0xe7}, {&(0x7f0000005ac0)=""/132, 0x84}, {&(0x7f0000005b80)=""/60, 0x3c}, {&(0x7f0000005bc0)=""/42, 0x2a}, {&(0x7f0000005c00)=""/131, 0x83}, {&(0x7f0000005cc0)=""/3, 0x3}], 0x7, &(0x7f0000005d80)=[@cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff]}}, @rights={{0x28, 0x1, 0x1, [<r10=>0xffffffffffffffff, 0xffffffffffffffff, <r11=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r12=>0xffffffffffffffff]}}, @cred={{0x1c}}], 0x88}}], 0x3, 0x20, 0x0)
lseek(r3, 0x1, 0x4)
ioctl$EVIOCGKEYCODE_V2(r12, 0x80284504, &(0x7f0000005f00)=""/208)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(r12, 0x8983, &(0x7f0000006000)={0x7, 'veth0_to_bond\x00', {0x9}, 0x1})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000006040), &(0x7f0000006080)=0xc)
r13 = accept4$bt_l2cap(r2, &(0x7f00000060c0)={0x1f, 0x0, @fixed}, &(0x7f0000006100)=0xe, 0x800)
clock_gettime(0x0, &(0x7f0000009b00)={<r14=>0x0, <r15=>0x0})
recvmmsg(r13, &(0x7f0000009940)=[{{&(0x7f0000006140)=@in={0x2, 0x0, @multicast2}, 0x80, &(0x7f0000006600)=[{&(0x7f00000061c0)=""/72, 0x48}, {&(0x7f0000006240)=""/229, 0xe5}, {&(0x7f0000006340)=""/96, 0x60}, {&(0x7f00000063c0)=""/14, 0xe}, {&(0x7f0000006400)=""/224, 0xe0}, {&(0x7f0000006500)=""/252, 0xfc}], 0x6}, 0x1}, {{&(0x7f0000006680)=@hci, 0x80, &(0x7f0000006900)=[{&(0x7f0000006700)=""/22, 0x16}, {&(0x7f0000006740)=""/39, 0x27}, {&(0x7f0000006780)=""/165, 0xa5}, {&(0x7f0000006840)=""/159, 0x9f}], 0x4}, 0x49}, {{&(0x7f0000006940)=@phonet, 0x80, &(0x7f0000006a80)=[{&(0x7f00000069c0)=""/4, 0x4}, {&(0x7f0000006a00)=""/95, 0x5f}], 0x2, &(0x7f0000006ac0)=""/144, 0x90}, 0x4}, {{&(0x7f0000006b80)=@vsock={0x28, 0x0, 0x0, @local}, 0x80, &(0x7f0000006c80)=[{&(0x7f0000006c00)=""/107, 0x6b}], 0x1, &(0x7f0000006cc0)=""/167, 0xa7}, 0x6}, {{&(0x7f0000006d80)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x80, &(0x7f0000007240)=[{&(0x7f0000006e00)=""/57, 0x39}, {&(0x7f0000006e40)=""/90, 0x5a}, {&(0x7f0000006ec0)=""/219, 0xdb}, {&(0x7f0000006fc0)=""/239, 0xef}, {&(0x7f00000070c0)=""/199, 0xc7}, {&(0x7f00000071c0)=""/120, 0x78}], 0x6, &(0x7f00000072c0)=""/4096, 0x1000}, 0x4}, {{&(0x7f00000082c0)=@ieee802154={0x24, @short}, 0x80, &(0x7f00000093c0)=[{&(0x7f0000008340)=""/122, 0x7a}, {&(0x7f00000083c0)=""/4096, 0x1000}], 0x2}, 0xfff}, {{&(0x7f0000009400)=@ll={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @random}, 0x80, &(0x7f0000009880)=[{&(0x7f0000009480)=""/196, 0xc4}, {&(0x7f0000009580)=""/213, 0xd5}, {&(0x7f0000009680)=""/85, 0x55}, {&(0x7f0000009700)=""/223, 0xdf}, {&(0x7f0000009800)=""/67, 0x43}], 0x5, &(0x7f0000009900)=""/37, 0x25}, 0xfffffffe}], 0x7, 0x2020, &(0x7f0000009b40)={r14, r15+60000000})
ioctl$sock_SIOCSIFVLAN_DEL_VLAN_CMD(r9, 0x8983, &(0x7f0000009b80)={0x1, 'syz_tun\x00', {}, 0x3})
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r10, 0x84, 0x6d, &(0x7f0000009bc0)={0x0, 0xb0, "50a6047a79f8213f512d3e4ab744a71fce25cc497222d26be691dcdfeb0c33c225711f32666ba97f7a30f8e66bdb7e31e6deb4c4ab0c0ae97bf353d78befc4c3d8ab8a4bd03c40f2e402ba5a16351916db0d08f4f344c59c61a1c9107519746b268759515ffd5dee3cf3b8c2b16cc75945b53d2650724de1c5603907fcae47e2e65ffc0ef5f6629f6855ad592ee25f1c6d1b98cc26436c15d9e1058795c983234e789f98173bcbe19f034c80165591c2"}, &(0x7f0000009c80)=0xb8)
getsockopt$inet6_buf(r11, 0x29, 0x2f, &(0x7f0000009cc0)=""/4096, &(0x7f000000acc0)=0x1000)
getsockopt$sock_buf(r3, 0x1, 0x1a, &(0x7f000000ad00)=""/4096, &(0x7f000000bd00)=0x1000)
r17 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f000000be40)=0xffffffffffffffff, 0x4)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f000000bf00)={0xb5f30000, <r18=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f000000bf80)={0x17, 0x2, &(0x7f000000bd40)=@raw=[@ldst={0x2, 0x1, 0x2, 0x5, 0x4, 0x20, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}], &(0x7f000000bd80)='GPL\x00', 0x2, 0x44, &(0x7f000000bdc0)=""/68, 0x41000, 0x20, '\x00', r16, @fallback=0x30edf72b9985a4ac, r17, 0x8, &(0x7f000000be80)={0x1, 0x4}, 0x8, 0x10, &(0x7f000000bec0)={0x5, 0x7, 0x0, 0x3}, 0x10, r18, 0xffffffffffffffff, 0x0, &(0x7f000000bf40)=[r4], 0x0, 0x10, 0x5}, 0x94)
readv(r5, &(0x7f000000c180)=[{&(0x7f000000c040)=""/150, 0x96}, {&(0x7f000000c100)=""/103, 0x67}], 0x2)
syz_clone(0x80000, &(0x7f000000c1c0)="d0876e4a7ca7265f6060a35efc55d4699fa9648ef520acd9c6d4f3f72a467d106bcc80f7b6b1522e417038565b668f312087c67580e085af79adec2ed8c962ecc95d7cf4decb8fde657468b13638084020a060f01d2e5f3afea65782bbe5141bfa6e26585ef032c22ed9a07187d8e3ba320a671a9b95ff8f1d20af7e06e7e3dd4e417b3f378e650087476c2dc85130deb07a736ea4b7fc94b3560bd2946452369d95c4cbd247c04ba1e14b32645d06c10d4d38c777d176e4ec73df9d424b593883", 0xc1, &(0x7f000000c2c0), &(0x7f000000c300), &(0x7f000000c340)="faf083f90717d11aa6ccde6f7791128349b6f3ad608068a16afa7c07a274414dbbdf90f3db041a6d4226c0b4ed13b8b157d82719e7331f5489c2a4f986bbbccaa5a3d8408b29e2e3a566043c9d472b822ebc29e383f1d6")
r19 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r19, &(0x7f000000c480)={&(0x7f000000c3c0), 0xc, &(0x7f000000c440)={&(0x7f000000c400)={0x2c, 0x0, 0x9, 0x3, 0x0, 0x0, {0x7, 0x0, 0x9}, [@NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0xfffffff8}}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x1ff}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4008004}, 0x41040)
ptrace$getregset(0x4204, 0xffffffffffffffff, 0x92d4a922e4cc624b, &(0x7f000000c5c0)={&(0x7f000000c4c0)=""/240, 0xf0})
r20 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r21 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f000000c640), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_REMOVE(r20, &(0x7f000000c780)={&(0x7f000000c600)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f000000c740)={&(0x7f000000c680)={0xb8, r21, 0x8, 0x70bd2a, 0x25dfdbfe, {}, [@NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_TAGLST={0xc, 0x4, 0x0, 0x1, [{0x5, 0x3, 0x5}]}, @NLBL_CIPSOV4_A_MLSLVLLST={0x80, 0x8, 0x0, 0x1, [{0x34, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xac}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x54}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x59845b6f}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xbd}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x20f95ee7}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xc5d1}]}, {0x14, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0xc7aa600}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x3b}]}, {0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x601ab814}]}, {0x1c, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x58fe10ab}, @NLBL_CIPSOV4_A_MLSLVLLOC={0x8, 0x5, 0x36472130}, @NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0xaa}]}, {0xc, 0x7, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSLVLREM={0x8, 0x6, 0x8f}]}]}]}, 0xb8}, 0x1, 0x0, 0x0, 0x40804}, 0x20000814)
futex_waitv(&(0x7f000000c980)=[{0x8, &(0x7f000000c7c0)=0xffffffffbb725a5e}, {0xa, &(0x7f000000c800)=0x9, 0x2}, {0x1, &(0x7f000000c840)=0x8, 0x2}, {0x4, &(0x7f000000c880)=0x9, 0x2}, {0x98e, &(0x7f000000c8c0)=0x2d5b, 0x82}, {0x9, &(0x7f000000c900), 0x82}, {0x0, &(0x7f000000c940)=0xfffffffffffffffb}], 0x7, 0x0, &(0x7f000000ca40)={0x77359400}, 0x1)
bpf$BPF_BTF_LOAD(0x12, &(0x7f000000cc00)={&(0x7f000000ca80)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x44, 0x44, 0x6, [@decl_tag={0xa, 0x0, 0x0, 0x11, 0x2, 0x9}, @decl_tag={0x6, 0x0, 0x0, 0x11, 0x4, 0x9}, @typedef={0xc, 0x0, 0x0, 0x8, 0x5}, @fwd={0x6}, @volatile={0xc, 0x0, 0x0, 0x9, 0x4}]}, {0x0, [0x2e, 0x5f, 0x2e, 0x30]}}, &(0x7f000000cb00)=""/253, 0x62, 0xfd, 0x0, 0x7fff}, 0x28)
bpf$PROG_LOAD(0x5, &(0x7f000000ce00)={0x16, 0x3, &(0x7f000000cc40)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x606}, @jmp={0x5, 0x0, 0x9, 0x6, 0xa, 0xffffffffffffffe0, 0xfffffffffffffffc}], &(0x7f000000cc80)='syzkaller\x00', 0x40, 0x56, &(0x7f000000ccc0)=""/86, 0x40f00, 0x2, '\x00', r16, @fallback=0xe, r7, 0x8, &(0x7f000000cd40)={0x0, 0x4}, 0x8, 0x10, &(0x7f000000cd80)={0x5, 0x7, 0x4, 0x9}, 0x10, 0x0, r5, 0x0, &(0x7f000000cdc0)=[r11, r6, r8], 0x0, 0x10, 0xb}, 0x94)
setsockopt$inet6_IPV6_RTHDRDSTOPTS(r10, 0x29, 0x37, &(0x7f000000cec0)={0x4, 0x9, '\x00', [@jumbo={0xc2, 0x4, 0x4}, @calipso={0x7, 0x30, {0x3, 0xa, 0x9, 0x0, [0x8000, 0x3, 0x1ff, 0x3, 0x1]}}, @pad1, @ra, @jumbo={0xc2, 0x4, 0x7f}, @ra={0x5, 0x2, 0x9}, @pad1]}, 0x58)

2m41.959295635s ago: executing program 3 (id=1893):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x2200850, &(0x7f0000000080)={[{@journal_dev={'journal_dev', 0x3d, 0x7}}, {@debug}, {@nodioread_nolock}, {@min_batch_time={'min_batch_time', 0x3d, 0x6}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nodelalloc}, {@jqfmt_vfsv1}, {@norecovery}]}, 0x5, 0x596, &(0x7f0000000400)="$eJzs3V1rFFcYAOB3NonGj9YIIrUXRfCiFuvGJK0fUNBellYqtPd2SdYg2biS3YhJhepFvelNkUIpFUp/QO97Kf0D/RVCK0iR0FKkkDKb2SQm+5Ho6q7u88DoOTOTPefsmXf2nJlZNoC+dTj9JxdxKCK+TSL2rds2GNnGwyv7LT26MZkuSSwvf/ZXEkm2rr5/kv2/J8u8ERG/fR1xLLeyfmjda1cWFmcKpVJxLsuPVmevjlYWFo9fni1MF6eLV8YnJk6/Pzx+5tTJjrX1nQv//PDpvY+Gvzmy9P0vD/bfSeJc7M22rW/HM7i5PnO48F+WGopzG3Yc60BhvSTpdgV4KgNZnKexeSj2xUAW9cCr76uIWAb6VCL+oU/VxwH1uX2H5sEvjYcfrkyANrd/cOXaSAzX5ka7l5InZkbpfHekA+WnZfz659076RKtr0PsapMH2JabtyLixODg5vNfkp3/nt6J2sXj1jaW0W+fP9BN99Lxz7uNxj+51fFPNBj/7GkQu0+jffznHjyR7fCNhnT890HD8e/qqWtkIMu9VhvzDSWXLpeKJyLi9Yg4GkM703yr+zmnl+4vN9u2fvyXLmn59bFgVo8Hgztrl+lXTRWqhWdr9ZqHtyLebDj+TVb7P2nQ/+n7caHlK6911MHi3bea7dW+/c/X8s8Rbzfs/7X6J03vT06Mnzl1crR2PIzWj4rN/r598Pdm5Xe7/Wn/727d/pFk/f3ayvbL+Gn4cbHZti0e/09Ij/8dyee19I5s3fVCtTo3FrEj+WTz+vG1v63n6/un7T96pPX5r9Hxn06+vthi+28fuN10117o/6lt9f/2E/c//vLHZuVvrf/fq6WOZms2nP8eb7iUUbPVCnbobQQAAAAAAICekIuIvZHk8qvpXC6fX3m+40DszpXKleqxS+X5K1NR+67sSAzl6ne699Vuwa48DzGWPQ9bfz5ifEN+IiL2R8R3A7tq+fxkuTTV7cYDAAAAAAAAAAAAAAAAAABAj9jT5Pv/qT8Gul074Lmr/bDBzm7XAuiGtj/534lfegJ6Utv4B15Z4h/6l/iH/iX+oX+Jf+hf4h/6V+P49/QP9AOf/wAAAAAAAAAAAAAAAAAAAAAAAAAAANBRF86fT5flpUc3JtP81LWF+ZnyteNTxcpMfnZ+Mj9Znruany6Xp0vF/GR5tt3rlcrlq2PjMX99tFqsVEcrC4sXZ8vzV6oXL88WposXi0MvpFUAAAAAAAAAAAAAAAAAAADwcqksLM4USqXi3AtODEYXCm2VGM7ekAabzkZP1PD5Jc42b3v7xODmTf9GRC+0S+IZEl08KQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADABv8HAAD//9L0OVA=")
chdir(&(0x7f0000000240)='./file0\x00')
symlink(&(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
mknodat$null(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x20, 0x103)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040), 0x2, 0x6}}, 0x20)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x40, 0x2, 0x2, 0x201, 0x0, 0x0, {0x2, 0x0, 0x8}, [@CTA_EXPECT_TUPLE={0x2c, 0x2, 0x0, 0x1, [@CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x4004040}, 0x4000840)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[], 0x118)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r3, 0x0)
sendmsg$inet_sctp(r2, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x2a000}], 0x1, 0x0, 0x0, 0x804c040}, 0x0)

2m41.102025559s ago: executing program 3 (id=1917):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85eff010000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1099e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c391339878b699644c96bd6ea589765ed2a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac4741201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6d00000000000000000000008f6555f3b7d5021dfc8eb504f1e4fef716d60f0d50b03fc014fd3dff46f56750f0ba4f1b9f7de5c17e7d1f18522897edab8e9e76b667ec6b01908400f55e16f0cfbf026be5f5acc681053f697d62b3545aec4606e190216c22c1d8807b6c43f0f0a4b53619fe5c9412821c3816194a5e29cf12cc7a197b5bdafb096d2d7f6be483814c92ef29c3a21c169794c7de3b4c706f4de5f4b93c831944c7b66fa49f317aa22dbc211e19f031c4f8bee14ecd5eb061a052044adc4dd1b63a1500a9c0e09dbba23f2726a55975efb4519d864d984dcb3a1dcafa1124a6b004029a706478df3be2438d2e35e6ca67"], 0x0}, 0x94)
unshare(0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000180)={{}, {}, [], {0x4, 0x6}}, 0x24, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
syz_clone(0x498144ee5c6aa149, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

2m40.748976072s ago: executing program 3 (id=1925):
r0 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r1 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x19, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x68, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2, 0x0, 0xf}, 0x18)
sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f00000006c0)=@newtaction={0x170, 0x30, 0x800, 0x0, 0x0, {}, [{0x15c, 0x1, [@m_mpls={0x158, 0x11, 0x0, 0x0, {{0x9}, {0x4c, 0x2, 0x0, 0x1, [@TCA_MPLS_LABEL={0x8, 0x5, 0x426e7}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0x7f, 0x47, 0x4, 0xfffffffc}, 0x2}}, @TCA_MPLS_TC={0x5, 0x6, 0x6}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0x4, 0xd, 0x8, 0x7, 0x4c2d0400}, 0x3}}]}, {0xe1, 0x6, "e1dc3c5caa6ce8dc3e1fbd25efa6075a3bcb8fc876dab6c9e3bbef6d3bd7520aa3766228462a0d6ea2aa240a79eb4e56baddc9c9fd5ebf27af3cce8561b0dbf54e8991c434f48caf8d0a594bfdf7be9e11ec053876f406abb026b46057f2a4b4370a1bc1a2a47abc109210c0b53b05b26bbb801d19e5d93c62f76e1cf181f31ba2c50d2843331559ec92bfe0ac53c67b4459bb0dde33cf86fe6d4045461c129098bcc5d7b1a929a7e61531b5ce6b091542f15cc34c62e831dc0dd1661686f6c88cee8db567a49abbd3699267cfe404b71f79ff8cdf474621715d9d8545"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}]}, 0x170}}, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r5 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r5, 0x10c, 0x6, &(0x7f00000000c0)=0x1, 0x4)
r6 = io_uring_setup(0x330b, &(0x7f0000000640)={0x0, 0xffffffee, 0x1, 0x103fc, 0x14e})
r7 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r7, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x2b)
sendmsg$rds(r7, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
accept4$bt_l2cap(r4, 0x0, &(0x7f00000000c0), 0x800)
add_key$keyring(&(0x7f0000000240), &(0x7f0000000100)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r9}, 0x10)
r10 = openat$selinux_context(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$selinux_context(r10, &(0x7f0000000340)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000040)=<r11=>0x0, &(0x7f0000000080)=0x4)
stat(&(0x7f0000000180)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, <r12=>0x0})
setsockopt$inet_IP_IPSEC_POLICY(r8, 0x0, 0x10, &(0x7f0000000340)={{{@in6=@empty, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4e24, 0x4, 0x4e22, 0x6, 0x2, 0xa0, 0x0, 0x2b, r11, r12}, {0x7, 0x100000000, 0x9, 0x3e, 0x8000, 0x9, 0x8, 0xd70}, {0x2327, 0x81, 0x7f, 0x3}, 0x2, 0x6e6bb2, 0x2, 0x0, 0x1, 0x1}, {{@in=@empty, 0x4d3, 0xff}, 0x2, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x3502, 0x2, 0x2, 0x5, 0x3, 0x4, 0xe1}}, 0xe8)

2m40.099933974s ago: executing program 3 (id=1938):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001b80)=ANY=[@ANYBLOB="1c010000160001000000000000000000fc000000000000000000000000000001ac1414aa00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff01000000000000000000000000000100000000320000007f0000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000005800000000000000000000000000008008001e000000000014000d002001000000000000000000000000000208000b00"], 0x11c}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x7, 0x0, 0x0, 0x7ffc0001}]})
set_tid_address(0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYRES64=r1], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x20000010)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getxattr(0x0, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000ac1e0001821501f63ed02a170000000000000000000000000a006030"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x6, 0x1d, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x3}, [@exit, @call={0x85, 0x0, 0x0, 0x9f}, @call={0x85, 0x0, 0x0, 0x2c}, @jmp={0x5, 0x1, 0x5, 0x2, 0x1, 0x6, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0x4}, @map_fd={0x18, 0x4}, @cb_func={0x18, 0x0, 0x4, 0x0, 0x6}, @map_val={0x18, 0x5, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffff}, @map_fd={0x18, 0x1}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7de3}}]}, &(0x7f00000001c0)='syzkaller\x00', 0x7, 0x70, &(0x7f0000000400)=""/112, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200)={0x5, 0x10, 0x610c7248, 0x1}, 0x10, 0x0, 0x0, 0x9, &(0x7f0000000480)=[0xffffffffffffffff], &(0x7f00000004c0)=[{0x1, 0x1, 0xd, 0xc}, {0x1, 0x4, 0xe, 0x1}, {0x0, 0x2, 0x4, 0x8}, {0x5, 0x1, 0x5, 0x7}, {0x4, 0x4, 0x6, 0x1}, {0x0, 0x3, 0x4, 0x5}, {0x1, 0x4, 0x6, 0x1}, {0x3, 0x4, 0x3, 0x4}, {0x0, 0x4, 0xf}], 0x10, 0x7}, 0x94)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000680)=<r3=>0x0, &(0x7f00000006c0)=0x4)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000700)={r2, r3, 0x25, 0x10, @void}, 0x10)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000ac1e000100000000000000000000000000000000000000000a00400000000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="00000000000000000000000000000000a30a000000000000f8ffffffffffffff000000000000000008000000000000000000000000000000000000000000000000000000000000f9bce79700"/112], 0xb8}}, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, 0x140d, 0x800, 0x70bd2b, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x2}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x3}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0xc0c0)

2m40.099650254s ago: executing program 32 (id=1938):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000001b80)=ANY=[@ANYBLOB="1c010000160001000000000000000000fc000000000000000000000000000001ac1414aa00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff01000000000000000000000000000100000000320000007f0000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000005800000000000000000000000000008008001e000000000014000d002001000000000000000000000000000208000b00"], 0x11c}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x7, 0x0, 0x0, 0x7ffc0001}]})
set_tid_address(0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYRES64=r1], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x20000010)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getxattr(0x0, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000ac1e0001821501f63ed02a170000000000000000000000000a006030"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000005c0)={0x6, 0x1d, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x3}, [@exit, @call={0x85, 0x0, 0x0, 0x9f}, @call={0x85, 0x0, 0x0, 0x2c}, @jmp={0x5, 0x1, 0x5, 0x2, 0x1, 0x6, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0x4}, @map_fd={0x18, 0x4}, @cb_func={0x18, 0x0, 0x4, 0x0, 0x6}, @map_val={0x18, 0x5, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffff}, @map_fd={0x18, 0x1}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7de3}}]}, &(0x7f00000001c0)='syzkaller\x00', 0x7, 0x70, &(0x7f0000000400)=""/112, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200)={0x5, 0x10, 0x610c7248, 0x1}, 0x10, 0x0, 0x0, 0x9, &(0x7f0000000480)=[0xffffffffffffffff], &(0x7f00000004c0)=[{0x1, 0x1, 0xd, 0xc}, {0x1, 0x4, 0xe, 0x1}, {0x0, 0x2, 0x4, 0x8}, {0x5, 0x1, 0x5, 0x7}, {0x4, 0x4, 0x6, 0x1}, {0x0, 0x3, 0x4, 0x5}, {0x1, 0x4, 0x6, 0x1}, {0x3, 0x4, 0x3, 0x4}, {0x0, 0x4, 0xf}], 0x10, 0x7}, 0x94)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000680)=<r3=>0x0, &(0x7f00000006c0)=0x4)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000700)={r2, r3, 0x25, 0x10, @void}, 0x10)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000ac1e000100000000000000000000000000000000000000000a00400000000000", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="00000000000000000000000000000000a30a000000000000f8ffffffffffffff000000000000000008000000000000000000000000000000000000000000000000000000000000f9bce79700"/112], 0xb8}}, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x38, 0x140d, 0x800, 0x70bd2b, 0x25dfdbff, "", [@RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x2}, @RDMA_NLDEV_ATTR_RES_MRN={0x8, 0x3e, 0x3}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0xc0c0)

2m28.621089697s ago: executing program 2 (id=2181):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
ftruncate(0xffffffffffffffff, 0xc17a)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)

2m28.560361091s ago: executing program 2 (id=2182):
r0 = getpid()
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sched_setscheduler(0x0, 0x6, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
ioctl$SIOCPNENABLEPIPE(0xffffffffffffffff, 0x89ed, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r3}, &(0x7f0000001c00)=0x8000000, &(0x7f0000001c40)=r4}, 0x20)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x20, 0x10504, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x4, 0x0, @perf_config_ext={0x9, 0x5c28a022}, 0x7602, 0x5, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x890b, &(0x7f0000000000))
sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)

2m27.614519931s ago: executing program 2 (id=2200):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000980)={0x1b, 0x0, 0x0, 0x4, 0x0, 0x1, 0xfffffff9, '\x00', r3, 0xffffffffffffffff, 0x0, 0x3, 0x5}, 0x50)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x3548}}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x68, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x38, 0x2, [@TCA_BASIC_EMATCHES={0x34, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x28, 0x2, 0x0, 0x1, [@TCF_EM_META={0x24, 0x1, 0x0, 0x0, {{0x0, 0x4, 0x6}, [@TCA_EM_META_RVALUE={0x8, 0x3, [@TCF_META_TYPE_INT=0x5]}, @TCA_EM_META_RVALUE={0x4}, @TCA_EM_META_HDR={0xc, 0x1, {{0x0, 0x2}, {0x4, 0x9, 0x1}}}]}}]}]}]}}]}, 0x68}}, 0x0)

2m27.520686337s ago: executing program 2 (id=2205):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={0x0, 0x18}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
rt_sigprocmask(0x0, &(0x7f0000000040)={[0xfffffffffffffff9]}, 0x0, 0x8)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r3, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d00000008000500", @ANYRES64=<r4=>r1], 0x50}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r5 = gettid()
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=@newlink={0xc4, 0x10, 0x1, 0x1, 0x25dfdbff, {0x0, 0x0, 0x0, r3, 0x10b85, 0x49060}, [@IFLA_NET_NS_PID={0x8, 0x13, r5}, @IFLA_NUM_TX_QUEUES={0x8}, @IFLA_MTU={0x8, 0x4, 0xfffffff9}, @IFLA_VFINFO_LIST={0x4}, @IFLA_LINKINFO={0x88, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x78, 0x2, 0x0, 0x1, [@IFLA_VLAN_INGRESS_QOS={0x4c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x10, 0x5}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x8, 0x100}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x6, 0x4}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x6, 0xfffffff9}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x2, 0xc3}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x6, 0x4}}]}, @IFLA_VLAN_FLAGS={0xc, 0x2, {0x10, 0xd}}, @IFLA_VLAN_INGRESS_QOS={0x1c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x10001, 0x8}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x1, 0xfff}}]}]}}}]}, 0xc4}, 0x1, 0x0, 0x0, 0x90}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000610025484008851a670000000000000000009500000000000000c7d6eba58d285d94f2f2b99ba87c90b05b8e864eea586d19521fe55692cda05fda49617076fd97b31eee1f79701bcb47246f78ec1c4baf60188193c810d922c6bffd59f57aff"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x60, 0x0, 0x0, 0x11, '\x00', r3, @fallback=0xe25515eb58ac0315, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x2)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'syztnl1\x00', &(0x7f00000001c0)={'ip6tnl0\x00', 0x0, 0x2, 0xd7, 0x8c, 0x1ff, 0x61, @local, @mcast2, 0x40, 0x1, 0xfffffff9, 0x80000003}})
r6 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r6, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r6, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027fa80a010100000004"], 0x57)
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0x8, &(0x7f0000000000)={0xfffffffffffffffb, 0xfffffffffffffffc}, 0x0)
getrlimit(0x5, &(0x7f00000000c0))
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xb, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffc0}, 0x94)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1f20000001000600", @ANYRES32=0x1, @ANYRES8=r3, @ANYRES32=0x0, @ANYRES32, @ANYRES64=r3], 0x50)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x8c, &(0x7f0000001340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r8, @ANYBLOB=',wfdno=', @ANYRESHEX=r9])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000100)='sched_switch\x00', r7, 0x0, 0x2}, 0x18)
r10 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r11 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r11, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB="0c0100001000130428bd700000000000e0000001000000000000000000000000000000000000000000000000000000014e2100004e2400000200202000000000", @ANYRES32=0x0, @ANYRES32=r4, @ANYBLOB="fc020000000000000000000000000001000000003c0000000a0101000000000000000000000000000400000000000000060000000000000002000000000000000400000000004000ffffffffffffffff03000000000000007f00000000000000000000000000000000000000000000000800150000000000cc000000000000000000000000000000f600000000000000000000002abd7000000000000200010500000000000000001c00040002004e2100270000fe880000000000000000000000000101"], 0x10c}}, 0x804)
write$binfmt_aout(r10, &(0x7f00000000c0)=ANY=[], 0x20)
r12 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r12, 0x0)
syz_clone(0x630c1100, 0x0, 0x0, 0x0, 0x0, 0x0)

2m27.313748041s ago: executing program 2 (id=2214):
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x36e, &(0x7f00000007c0)="$eJzs3U1oM0UYwPEnaZImeXmbHERRkA6+CHpZ2uhZDNKCELC0jdgKwrbdaMialGyoRsS2J4+Kd0+Ch9KbBQ8F7VnoxZteRPDWi6BgBXVlv5LNV9PGpMH2/4OSycw8uzPZSXk27WYv3vj03UrJ0kp6Q6JJJRERkUuRrEQlEPEfo245IfLJd622A3n+wW8/PL22UUx6FWo5v/5CTik1N//Nex+m/G6ns3Kefevi19wv54+fP3nxz/o7ZUuVLVWtNZSutmo/NfQt01A7ZauiKbViGrplqHLVMupe+1f+dsza7m5T6dWdh+ndumFZSq82VcVoqkZNNepNpb+tl6tK0zT1MC0Ypni0uqrnRwzeHvNgMCH1el6fEZFUT0vxaCoDAgAAU9Wd/0edlH5Y/h/Syv83Za5QWFpVTud2/n/8zFnjwesnc37+f5rol/+/+KO3rY783zmdaOf/Ne/8oDQ8//9cbpD/92ZE98vI+X92AoPBaOYTPVWRjmdO/p/237+uwzePF9wC+T8AAAAAAAAAAAAAAAAAAAAAAP8Hl7adsW07EzwGP+1LCPznuJMGHf9ZEUk6R9/m+N9laxubknQv3HOOsfnxXnGv6D36Hc5ExBTjb7ubszaCK4+UIyvfmvt+/P5eccZtyZek7MTLomQk666nULxtL79aWFpUHj++dZlSOhyfk4w8Fo7/2l2dTnyuM97ff0KeexSK1yQj329LTUzZcSPb+/9oUalXXit0xafcfiLy860fFAAAAAAAxkxTLX3P3zVtULv3LSP5kvsxkSELkpG/+p/fL/Q9P49lnopNe/YAAAAAANwPVvODii5Ro+4WTLNfISUDm8ZQiHXUxEWkb+dEV038qi3PhGZ43fEkxLuDyX+d1xfBq3qTqOAfKZyBt5r8O6rIaOMJ5u/WRGLP/u43/XnTeUUOxF0AB+GmqFwjPNY9+HmnQvXt/Gjgdg79ibRqgo+NEgNeZ1np3U70ipUQ76mxI6MtgCc++/KP8b1BXjrxV8D7wzsfmoa9L9c5KF0FZxe9TfGJ/+IBAAAAcOvaSX9Q83K4OXwjkfDNcvjLPQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYzSRr/TrKgze++xtThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYun8DAAD//7ct9c4=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105142, 0x2c)
r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_GET(0xffffffffffffffff, 0x0, 0x20000040)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000001cc0)={0x11, 0xc, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000007200000095"], &(0x7f0000001480)='GPL\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='kfree\x00', r2, 0x0, 0x4804}, 0x18)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
sendmsg$802154_dgram(r1, &(0x7f000000b8c0)={&(0x7f000000b800)={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0202}}}, 0x10, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x48055}, 0x20000000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r4}, 0x18)
getrusage(0x1, &(0x7f0000000400))
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32600)

2m27.224164726s ago: executing program 2 (id=2218):
prlimit64(0x0, 0xe, &(0x7f0000000440)={0x8, 0x8b}, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000008c0)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095", @ANYRES8=r0, @ANYRESOCT=r2, @ANYRES8=r0, @ANYRES16=r0, @ANYBLOB="a02d5c0b778471057043ed29c2f7669f927336dc8a9882896bcf0edf3a32f784fd5d7e"], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000240)=ANY=[@ANYBLOB="7c02000021000100000000000000000000080000000000000000000000000000fc02000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000cc0111"], 0x27c}}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)=@newtfilter={0x70, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r9, {0x0, 0x7}, {}, {0xffff, 0x8}}, [@filter_kind_options=@f_fw={{0x7}, {0x44, 0x2, [@TCA_FW_MASK={0x8, 0x5, 0x8}, @TCA_FW_MASK={0x8, 0x5, 0xb}, @TCA_FW_CLASSID={0xfffffffffffffd57, 0x1, {0xd, 0xa}}, @TCA_FW_INDEV={0x14, 0x3, 'ip6erspan0\x00'}, @TCA_FW_INDEV={0x14, 0x3, 'ip6gre0\x00'}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x1}, 0x810)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r10 = getpid()
sched_setscheduler(r10, 0x0, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
connect$unix(r11, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e27}, 0x6e)
sendmmsg$unix(r12, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r11, &(0x7f00000000c0), 0x0, 0x2123, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000002c0)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0xff, 0x5ac, 0x26c, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x3f, 0x8, 0x10, [{{0x9, 0x4, 0x0, 0x3c, 0x1, 0x3, 0x1, 0x5, 0x7, {0x9, 0x21, 0xcb4a, 0xc1, 0x1, {0x22, 0x13a}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0x6, 0x8, 0x70}}}}}]}}]}}, &(0x7f0000000b00)={0xa, &(0x7f0000000300)={0xa, 0x6, 0x200, 0x2, 0xb1, 0x7, 0x40, 0xa9}, 0x49, &(0x7f0000000700)={0x5, 0xf, 0x49, 0x5, [@wireless={0xb, 0x10, 0x1, 0x4, 0xd0, 0x40, 0x8, 0x8001, 0x7}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x4, 0x0, 0x1, 0xd}, @ss_container_id={0x14, 0x10, 0x4, 0xa0, "09570cde13c433b1edc7008b4c7418cd"}, @ss_container_id={0x14, 0x10, 0x4, 0x5, "8a9a837c2df10c101cdec136083bb3f4"}, @ext_cap={0x7, 0x10, 0x2, 0x4, 0x2, 0x9, 0x8}]}, 0x5, [{0x83, &(0x7f0000000780)=@string={0x83, 0x3, "b98135427ebdbd99ce852d41347b39b165cb1d2820c94be12db19e6c2a8c000e6c744a32cf0e56a127b190f1978ac9f6f8fa23845a0dd577d07ac9539108cdca1f4a2a4c0dcfebd9fac0d05547a22e6906e44257ecfbf3e478ad6ce6351092ad424867a2840508d4136e8ebb357d9b73d2f17b157ad15cac4ce5f5f7d868bb0d2a"}}, {0x87, &(0x7f0000000b80)=ANY=[@ANYBLOB="87036bfc4ac403ab3a39fdd3726a43343c6185536901a8e0ef37f868bb775dbf684c36a6aa1754638891ad448c44ff26ea2812b58090af2f5fa8245d42b0fe7ac79f8ebdf740e19828c854b5c3b15af805214c873d34864eb5fc5bb0c938612fd795dd81114cf67fa007b2db870b740726413ea61a0e5630bdfaf9264afea4f824c462aeb9907d0d9efbc7858a58dbcb40f59903d15dab9421800b1cd3951c69c1ae479070b0839392adf173804b1fefc27ea21264fac4a8f38ef3c3587cd05980c093b155166e22d0b52ecfb2da217998218d7e294ab3f4ccef9b090a5649a6ee3c3da32e6872f3ea2fd55b04bbfc346196f2c0d99c185c473ca4d4ec040cff0854d5ee06babf4ab6b2c2d4b81374d88d6bd1c89002a8b05347a5f0bbbe266712ac49883889f9f574a9bc2ddcc6d013f078e8b276a41d4498b803abf9062803161c4c16a70c5bc19895a54613f70894f0b0ed2fdbb7b88879c87c"]}, {0x6d, &(0x7f0000000940)=@string={0x6d, 0x3, "038fcf110a301576170d0571e3df29c3ff49f8fab853d69134e5f891ad2f162359478416978389e04d93f5603f7007cef4f83ccc2c260ffe571a41aaa22ab040790512b3f2e9c50d80af3f05126e8af66079f19aaee37b42f08799cb7cc2ec0b7561e246bfccfa1f243c37"}}, {0x4, &(0x7f0000000a00)=@lang_id={0x4, 0x3, 0x200a}}, {0xb9, &(0x7f0000000a40)=@string={0xb9, 0x3, "235226477802897f86a311f0965f7c98f9295e8013618c922e7c549ad3dea934e499d0be9fdc715fbcc0ec326a01b1eb374723079e3a7800059befbc4ebea6fc636e52ad175303183c852ae397a80aa7d280940dc872fb32b599d2e710b522b9f1bfefb5b60e1b8e4c1d92f184e2a5110e702564f4dac11ad6f14cd13fa8d43efa5cc7e1b0743a1406d8390e3155e6ebc5edfb2da84a9cb833d4b89ff6ee9ca4b391a30919158ec2a05fcc3afcecaadd58ab0342808e00"}}]})
r13 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r13}, 0x4)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r14 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r14, @ANYBLOB="0000000000000000b7080000000e00007b8af80700000000bfdb00000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2m12.153562939s ago: executing program 33 (id=2218):
prlimit64(0x0, 0xe, &(0x7f0000000440)={0x8, 0x8b}, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000008c0)={r1, <r2=>0xffffffffffffffff}, 0x4)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095", @ANYRES8=r0, @ANYRESOCT=r2, @ANYRES8=r0, @ANYRES16=r0, @ANYBLOB="a02d5c0b778471057043ed29c2f7669f927336dc8a9882896bcf0edf3a32f784fd5d7e"], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000240)=ANY=[@ANYBLOB="7c02000021000100000000000000000000080000000000000000000000000000fc02000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000cc0111"], 0x27c}}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r7 = socket(0x400000000010, 0x3, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)=@newtfilter={0x70, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r9, {0x0, 0x7}, {}, {0xffff, 0x8}}, [@filter_kind_options=@f_fw={{0x7}, {0x44, 0x2, [@TCA_FW_MASK={0x8, 0x5, 0x8}, @TCA_FW_MASK={0x8, 0x5, 0xb}, @TCA_FW_CLASSID={0xfffffffffffffd57, 0x1, {0xd, 0xa}}, @TCA_FW_INDEV={0x14, 0x3, 'ip6erspan0\x00'}, @TCA_FW_INDEV={0x14, 0x3, 'ip6gre0\x00'}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x1}, 0x810)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r10 = getpid()
sched_setscheduler(r10, 0x0, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
connect$unix(r11, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e27}, 0x6e)
sendmmsg$unix(r12, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r11, &(0x7f00000000c0), 0x0, 0x2123, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000002c0)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0xff, 0x5ac, 0x26c, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x3f, 0x8, 0x10, [{{0x9, 0x4, 0x0, 0x3c, 0x1, 0x3, 0x1, 0x5, 0x7, {0x9, 0x21, 0xcb4a, 0xc1, 0x1, {0x22, 0x13a}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0x6, 0x8, 0x70}}}}}]}}]}}, &(0x7f0000000b00)={0xa, &(0x7f0000000300)={0xa, 0x6, 0x200, 0x2, 0xb1, 0x7, 0x40, 0xa9}, 0x49, &(0x7f0000000700)={0x5, 0xf, 0x49, 0x5, [@wireless={0xb, 0x10, 0x1, 0x4, 0xd0, 0x40, 0x8, 0x8001, 0x7}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x4, 0x0, 0x1, 0xd}, @ss_container_id={0x14, 0x10, 0x4, 0xa0, "09570cde13c433b1edc7008b4c7418cd"}, @ss_container_id={0x14, 0x10, 0x4, 0x5, "8a9a837c2df10c101cdec136083bb3f4"}, @ext_cap={0x7, 0x10, 0x2, 0x4, 0x2, 0x9, 0x8}]}, 0x5, [{0x83, &(0x7f0000000780)=@string={0x83, 0x3, "b98135427ebdbd99ce852d41347b39b165cb1d2820c94be12db19e6c2a8c000e6c744a32cf0e56a127b190f1978ac9f6f8fa23845a0dd577d07ac9539108cdca1f4a2a4c0dcfebd9fac0d05547a22e6906e44257ecfbf3e478ad6ce6351092ad424867a2840508d4136e8ebb357d9b73d2f17b157ad15cac4ce5f5f7d868bb0d2a"}}, {0x87, &(0x7f0000000b80)=ANY=[@ANYBLOB="87036bfc4ac403ab3a39fdd3726a43343c6185536901a8e0ef37f868bb775dbf684c36a6aa1754638891ad448c44ff26ea2812b58090af2f5fa8245d42b0fe7ac79f8ebdf740e19828c854b5c3b15af805214c873d34864eb5fc5bb0c938612fd795dd81114cf67fa007b2db870b740726413ea61a0e5630bdfaf9264afea4f824c462aeb9907d0d9efbc7858a58dbcb40f59903d15dab9421800b1cd3951c69c1ae479070b0839392adf173804b1fefc27ea21264fac4a8f38ef3c3587cd05980c093b155166e22d0b52ecfb2da217998218d7e294ab3f4ccef9b090a5649a6ee3c3da32e6872f3ea2fd55b04bbfc346196f2c0d99c185c473ca4d4ec040cff0854d5ee06babf4ab6b2c2d4b81374d88d6bd1c89002a8b05347a5f0bbbe266712ac49883889f9f574a9bc2ddcc6d013f078e8b276a41d4498b803abf9062803161c4c16a70c5bc19895a54613f70894f0b0ed2fdbb7b88879c87c"]}, {0x6d, &(0x7f0000000940)=@string={0x6d, 0x3, "038fcf110a301576170d0571e3df29c3ff49f8fab853d69134e5f891ad2f162359478416978389e04d93f5603f7007cef4f83ccc2c260ffe571a41aaa22ab040790512b3f2e9c50d80af3f05126e8af66079f19aaee37b42f08799cb7cc2ec0b7561e246bfccfa1f243c37"}}, {0x4, &(0x7f0000000a00)=@lang_id={0x4, 0x3, 0x200a}}, {0xb9, &(0x7f0000000a40)=@string={0xb9, 0x3, "235226477802897f86a311f0965f7c98f9295e8013618c922e7c549ad3dea934e499d0be9fdc715fbcc0ec326a01b1eb374723079e3a7800059befbc4ebea6fc636e52ad175303183c852ae397a80aa7d280940dc872fb32b599d2e710b522b9f1bfefb5b60e1b8e4c1d92f184e2a5110e702564f4dac11ad6f14cd13fa8d43efa5cc7e1b0743a1406d8390e3155e6ebc5edfb2da84a9cb833d4b89ff6ee9ca4b391a30919158ec2a05fcc3afcecaadd58ab0342808e00"}}]})
r13 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r13}, 0x4)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r14 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e0000000400000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r14, @ANYBLOB="0000000000000000b7080000000e00007b8af80700000000bfdb00000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.867233211s ago: executing program 4 (id=6248):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001b40)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff, 0x0, 0x0, 0x41100}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
r2 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_script(r2, &(0x7f0000019240)={'#! ', './file0'}, 0xb)
close(r2)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

1.838019783s ago: executing program 4 (id=6251):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x8, 0xf9, 0x7ffc1ffb}]})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000740)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r3}, 0x10)
sysinfo(0x0)
msync(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x6)
mlock2(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1)
munlockall()
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYRESHEX, @ANYRES8=r5, @ANYRESOCT=r4], 0x48)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x2f450279fc0f063a, 0x5d031, 0xffffffffffffffff, 0x0)
futex(0x0, 0x5, 0x2, &(0x7f0000fd7ff0)={0x0, 0x3938700}, 0x0, 0xfffffffd)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRESDEC=r3], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xd, &(0x7f00000003c0)=ANY=[@ANYRESHEX, @ANYRES32=r6, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r7}, &(0x7f0000000100), &(0x7f0000000180)='%-5lx  \x00'}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x0, &(0x7f0000000380)})
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xd, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
setgroups(0x0, 0x0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB="01002dbd7000fedbdf252c000000180001801400020064756d6d7930"], 0x2c}, 0x1, 0x0, 0x0, 0x20048881}, 0x2000c800)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'team_slave_1\x00', <r8=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x1}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000001100)={&(0x7f0000000640)=@newtfilter={0x40, 0x2c, 0xd2b, 0x70bd29, 0x35dfdbfb, {0x0, 0x0, 0x0, r8, {0xffe0}, {}, {0x7, 0xfff3}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0xb, 0x4}}]}}]}, 0x40}}, 0x24040084)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000f00)={'dummy0\x00', &(0x7f0000000140)=@ethtool_perm_addr={0x4b, 0x12, "43488172070000000000476fb2940acfbe4c"}})
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000440)=[0x3c, 0x8, 0x6])

1.647010345s ago: executing program 4 (id=6252):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x28}, 0x1c)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x4, 0x0, 0x2, 0x0, {0xa, 0x4e21, 0x8000, @empty}}}, 0x32)
r4 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r4, 0x0)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)

1.495307995s ago: executing program 4 (id=6254):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x28}, 0x1c)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r5}, 0x10)
r6 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r6, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)

1.41086979s ago: executing program 4 (id=6260):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x201, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, @perf_config_ext={0x9, 0x7}, 0x100, 0xa88, 0x8406, 0x5, 0x0, 0x3c, 0xffff, 0x0, 0x0, 0x0, 0x46}, 0x0, 0xffbfffffffffffff, 0xffffffffffffffff, 0xa)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x2041, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
ioctl$TIOCGPTPEER(r0, 0x5441, 0xb3d)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x1, 0x0, 0x7ffc0005}]})
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r5 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000200)=@generic={&(0x7f0000000180)='./file0\x00', 0x0, 0x10}, 0x18)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f00000004c0), 0x208e24b)
ioctl$NS_GET_PARENT(r6, 0xb702, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x0, 0x2b8, 0xb0000010, 0x2, 0x5c8f0200, 0x388, 0x3a8, 0x3a8, 0x388, 0x3a8, 0x3, 0x0, {[{{@ipv6={@private1, @local, [], [], 'vlan1\x00', 'veth0_to_team\x00'}, 0x0, 0x248, 0x290, 0x700, {}, [@common=@inet=@hashlimit3={{0x158}, {'geneve1\x00', {0xf1, 0x0, 0x33, 0x0, 0x0, 0x1, 0x7fffffff}}}, @common=@unspec=@limit={{0x48}, {0x10000000, 0x3}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x206, 'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@CONNSECMARK={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6e}}, {@user_xattr}, {@lazytime}, {@quota}]}, 0x3, 0x441, &(0x7f0000000440)="$eJzs3MtvG0UYAPBv10lLXyRUpdAHECiIikfSpKX0wAUEEgeQkOBQjiFJq1K3QXWQaBRBQKgcUSXuiCMSfwEHBBcEnJC4wh1VqlAuLZyM1vYmjmuncepkC/79pI1ndseZ+bw79sxOnAD61kj2I4nYHRG/R8RQPbu6wEj94ebSwtTfSwtTSVSrb/6V1MrdWFqYyovmz9uVZwYi0k+TONSm3srl+fOT5fLMpUZ+bO7Ce2OVy/PPnrsweXbm7MzFiVOnThwff/7kxHM9iTOL68bBD2cPH3j17auvT52++s7P3yR5/C1x9MjIWgefqFZ7XF2x9jSlk4ECG0JXSvVuGoO1/j8UpVg5eUPxyieFNg7YVNVqtbo/4rsOhxerwP9YEkW3AChG/kGfzX/zbetGH8W7/mJ9ApTFfbOx1Y8MRNooM9gyv+2lkYg4vfjPl9kWm3MfAgBgle+z8c8z7cZ/aexvKndvYw1lOCLui4i9EXEyIvZFxP0RtbIPRMSDXdbfukhy6/gnvdb+mdu7rKm9bPz3QmNta/X4Lx/9xXCpkdtTi38wOXOuPHOs8ZocjcHtWX58jTp+ePm3zzsdax7/ZVtWf/a4sjqUXhtoCXV6cm7yjoJucv3jiIMD7eJPllcCkog4EBEHN1jHuae+PtzpWKf41/WLe7DOVP0q4sn6+V+Mlvhzydrrk2P3RHnm2Fh+Vdzql1+vvNGp/juKvwey87+z7fW/HP9w0rxeW+m+jit/fNZxTnP7+Ntf/9uSt1bt+2Bybu7SeMS25LV6o5v3T7SUm1gpn8V/9Ej7/r83Vl6JQxGRXcQPRcTDEfFIo+2PRsRjEXFkjfh/eunxdzce/+bK4p/u6vyvJLZF6572idL5H79dVelwN/Fn5/9ELXW0sWc973/radfGrmYAAAD470kjYnck6ehyOk1HR+t/w78vdqbl2crc02dm3784Xf+OwHAMpvmdrqGm+6HjjWl9np9oyR9v3Df+orSjlh+dmi1PFx089LldHfp/5s9S0a0DNp3va0H/0v+hf+n/0L/0f+hfbfr/jiLaAWy9dp//HxXQDmDrtfR/y37QR8z/oX/p/9C/9H/oS5UdcfsvyUsUncj/GcPd0p7K5flI74pmSGxSouA3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB75NwAA//9wCOUr")
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)

1.41054146s ago: executing program 0 (id=6261):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r0}, 0x18)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r1 = io_uring_setup(0x792b, &(0x7f0000000600)={0x0, 0x2002, 0x400, 0x0, 0x4b1})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
setrlimit(0xb, &(0x7f0000000040)={0x1, 0x100})
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000d40)=ANY=[@ANYRESDEC, @ANYBLOB="96206f6a65c158a1d7b08977f00467be2bfc58b0f05c498282083331c9beefff924cec6a04403b24be7e7749cdba43ede83ad1686a812749df432c6b9449c9da4a64574092e8bfa4c208ea75384f29150254a6c79595cd5db7cc70caf908da660e800486782c935c967edb6cab2a58b7406ef4", @ANYRES32=r0], 0x50)
fcntl$notify(0xffffffffffffffff, 0x402, 0x8000001f)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

1.180326385s ago: executing program 0 (id=6269):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x9}, 0x18)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0)
socket(0x2, 0x80805, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@gettfilter={0x3c, 0x2e, 0x2, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xe}, {0x1, 0x2}, {0x0, 0x10}}, [{0x8, 0xb, 0x7f}, {0x8, 0xb, 0x81}, {0x8, 0xb, 0x1d}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x4048840)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c0000001000010400b500000000040000000000", @ANYRES32=0x0, @ANYBLOB="00000000001400001c00128009000100626f6e64000000000c0002"], 0x3c}, 0x1, 0x0, 0x0, 0x4080}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x8000010}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd29, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0xf)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000005c0)={'geneve1\x00', 0x800})
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, 0x0, 0x20000804)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000540)=@newtfilter={0x3c, 0x2c, 0xd3f, 0x70bd25, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0xfff3, 0xf}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_route={{0xa}, {0xc, 0x2, [@TCA_ROUTE4_TO={0x8, 0x2, 0x7f}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x200040d0}, 0x20004804)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x5, 0x0, 0x2, 0x0, 0x7, 0x518, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x7, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000037c0)=ANY=[@ANYRES8=r2], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r4}, 0x18)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})
gettid()

1.172560676s ago: executing program 5 (id=6270):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x4, 0x0, 0x2, 0x0, {0xa, 0x4e21, 0x8000, @empty}}}, 0x32)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r5}, 0x10)
r6 = openat$selinux_policy(0xffffff9c, &(0x7f0000000300), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r6, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)

1.146979747s ago: executing program 0 (id=6271):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$F2FS_IOC_ABORT_ATOMIC_WRITE(r0, 0xf505, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, 0x0, &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kfree\x00', r3, 0x0, 0xfffffffffffffffb}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc, 0x0, 0xffffffffffffffff, 0xfffffffd}, 0x50)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000300)={[{@dioread_nolock}, {@noauto_da_alloc}, {@inlinecrypt}, {@i_version}, {@data_err_ignore}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@data_err_ignore}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@resuid}, {@quota}], [{@hash}, {@context={'context', 0x3d, 'system_u'}}, {@seclabel}, {@defcontext={'defcontext', 0x3d, 'root'}}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f00000004c0)={0x8, "392f37c8177d6de7987abf66059edde4a028baaf7b6e794c60f61d06c35f0ae813fd454babc16ebc4f27a6ceb5e4aa9dee8ec2b050b7766519b8341129800897c4ca717a2c2442a7cda1446d805c94042af47149d4afe9b09acbb582e5743536c5e905195cafecfe02a91f9ae010ca10e653ed1b67b9a0c28c01b0884fc8998d7290d3172ec5ac2c0052a3d5f6d5642501dc927330f7f0a41140471e4c09882d4515d8b12aedf2a698a963d1100c2e0cf1cb39640b007d8140ea95e7fb3d207ab5df82dc41cc7e187ce6d4e3d3d10dff9fcc0e9be6a64acba6d732383f72f50f81de62d464b34ca2a7958294b43c81e1cf08e941d27c9beccc4a67321a3f6e703e598c9ecef49cd8a8a1089c3428679dd222b42cdc07e90cb60aa85fe01b7b96a54f2f1c488a01ef56912b5254da2f26748e6621233584662eb80777b0186703aec3c5da6c225e7893d3b503ec14f3e2fadead4e3307ce1d98247849b8d33a15e94eca3e291a6b9aa947de151c154ca1e979b5fd11e9e86e6bcde93a3b193be66244463a08630b32a3844590dceee0a75138b782068bcf1b25f982b8d2a1dc2d7a5e69ce9533efdff008d239911964b1d88daea387ef574d8c8131d96e4ea1fe28a133a2a95bfdaba9161049173a03da2e18f9f48050af69e37347fd6993f3a90987f12261a60e9c96e1465d51c09f3d064768484c106205b8d4176bad8354b0"})

1.08663191s ago: executing program 5 (id=6274):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB='<\x00\t\x00'/13, @ANYRES32=0x0, @ANYBLOB="21010000000000001c0012800b00010062726964676500000c00028006002700a1000000"], 0x3c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r3, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
shutdown(r3, 0x1)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00')
getdents(r4, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={0x0}, 0x18)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sendmsg$nl_route(r4, 0x0, 0x24008904)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)=<r6=>0x0)
timer_settime(r6, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)

1.022299025s ago: executing program 0 (id=6276):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fff}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10)
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="2000000000f828ffffff"], 0x20, 0x2400e044}, 0xff0f)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x3}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x35, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000018000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0)

1.006437746s ago: executing program 0 (id=6278):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000200000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x7, 0x8, &(0x7f0000000380)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x50, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000010bc0)='kfree\x00', r2}, 0x18)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x1e, r3, 0xfffffffffffffffe, r3, 0x1)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB='\v\x00\x00\x00\b\x00\x00\x00\f\x00\x00'], 0x48)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000280)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x1}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xf, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYBLOB="440ea8bb9a38a9f87d227106418765f088a7f8078288b847e3242831e8d7a8ff17512b56a6516662a3bb5e6dab9f92a5ebb92de5ae9f205afee0abfa2a205f5b33d23bc986da15e49a2f03159fd0fa36bfc8be32b6debba361dce725a1e57e78feb1181f8b3103c59ec5157c6a6013706cc8d80d415567b53dcc07d81166e2f1080654a86306fbcfd3fb9ea4aaee2b65fa1e4d208ab687d87c7c56d94990aad7f42f5bf0bd3b4122fc253f27da5f0919e3223230ee3959fd7ca53c"], &(0x7f0000000000)='GPL\x00', 0x1, 0x0, 0x0, 0x100, 0x30, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400080000000900020073797a3100000000050005000a00000012000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)=ANY=[@ANYBLOB="5c00000009060108ffffeff900000000070000000900020073797a31000000000500010007000000340007801800018014000240fe800000000000000000000001000000060004400e1f00000500070088000000060005404e220000"], 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90)
r6 = socket(0x10, 0x3, 0x0)
close(0x3)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r7, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000200)={<r8=>0x0, 0x0, &(0x7f00000001c0)}, &(0x7f0000000240)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r7, 0x84, 0x7a, &(0x7f0000000340)={<r9=>r8, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
getsockopt$inet_sctp_SCTP_CONTEXT(r6, 0x84, 0x11, &(0x7f0000000440)={<r10=>r9, 0x3}, &(0x7f0000000580)=0x8)
sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f00000016c0)=[{&(0x7f0000000400)=@in={0x2, 0x4e21, @multicast2}, 0x10, &(0x7f0000000600), 0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="20000000000000008400005b0800000000009300000000000000ffff0000000018feffffffffffff8300000000000000090000000700000020000000000000008400000002000000d63c30b23137ae4fe04a0000", @ANYRES32=0x0], 0x58, 0x8000}, {&(0x7f0000000a80)=@in={0x2, 0x4e20, @local}, 0x10, &(0x7f0000000bc0), 0x0, &(0x7f00000005c0)=[@sndrcv={0x30, 0x84, 0x1, {0x4b, 0x3, 0x200, 0x47d5, 0xfffff000, 0x2, 0x0, 0x40, r10}}], 0x30}, {&(0x7f0000000c40)=@in6={0xa, 0x4e20, 0x80000000, @local, 0x4}, 0x1c, &(0x7f0000000600)=[{&(0x7f0000001800)="3ff8aec1545ac047182b0015c478b5697da0d44e7247998b94843dbcde017d68298c5bca8faf6338ea2206a9f321a61332f5d0726935dcc94a663ad6ba1250d1a2fb45807061a2139822915b9f7a20fee79ca04f482d73fff4031ad55c06001741e61e87acb3ac3ddd7126a2b3892c2a198ecddac11f68bdda42aac2fc609c1bdb5f9735edbd25c4a1f50cf253", 0x8d}, {&(0x7f0000000d40)="d07ed8513fcd45eb9d878f5351f25c3396ec0671e71ed4651a85a8706cf17fc66fc5015467a310b34d9ee01e6ab5edd3748a3ac4d6addb49ca52b58d81764a9af1bc0f1dd36c1ddf22c9d1531c1860b04ef6d16334e08e10d58cc2b24f365a62a3c2d0508d31bdad80a0ec892d3330d7d0f4072e978af181c4fcca6d24787de5df7a18baa0cd8e02595f452de66eb3f125fd5ba4edefbe2008f8d689a0c611e3da787f5036f004a2bedf3690552371af2f1cbe789cf7d132ca934cdcea5c78b6b4e692e7affd5889aed221bbaca159dc5df161a0a7b97168d69e6795ec", 0xdd}, {&(0x7f0000000e40)="f2e367e41a45914a1bc3d03e0ac5ad35d290fac4c62d7c41b41f926204dc169a60da69a0", 0x24}, {&(0x7f00000007c0)="43f4d7859c23d68d1e7551703414bf3cc1c4b0b713d97691dc976746a1f15d751afddf9782e74bb2cbda22bc083c9feb33b1f1892be6c8ce579cfcbd1948f71eedcb4efc2f1134f469d4dccbf2bb578368859d2fcb4ef9b6b6f003a522a6d819e8abac486eb50a7e8d8164515ef3e9f4c12a895a578e87125b1ba1d1e9bba8d40820cb1291b909a1fb1bd648b07e647d5d6599649d3b5976f46ab84250c84ca9bebdb4531755f9a55ad5801ecd", 0xad}], 0x4, &(0x7f0000000ec0)=[@dstaddrv6={0x20, 0x84, 0x8, @loopback}], 0x20, 0x20000040}, {&(0x7f0000000f00)=@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000001300)=[{&(0x7f0000000f40)='\v', 0x1}, {&(0x7f0000000f80)="3444bb950b3701520c3ff1d2c7c61637e9605bb06914cc501689acb805bc98a194cea47aa88b5492c1dd6c8c44f49fa2c3b33c6e7071397c077676fec0ba52583d40430e", 0x44}, {&(0x7f0000001000)="0cf00e436e3ef6fb39287ba581fbc1b141132704253f6ce64e78efbc661af41c0e265b621641756caeff42283bd4ab902bd7c799216aa633d090bf5b3cd5a0c459cf82cc262d2afcd68001df9294bcf7159e47314c31b8e0a4644288b35dd52c3a74f5d7da6e8d206693fae5285c3d2be817b9b5107d8cad96d5c5cb2fc73490bbb229d18b0eca43769bef5d9e46e5a0b085f3910ef89fa85fbf04948921fe5271", 0xa1}, {&(0x7f00000010c0)="f4535448870a5fe02cb7b15151e4969b6d88fbd5f38d0ae05e542cf02dc7c4f7c427439c28c50a40bdb437ec044ca942ee99aeff1fb81fc6ee8d210772eb8e9340c3bb3884e6c471824b2764a6d28f225729cb83f2f3b50f70055d77ab64254bdc184662c3c52fbf0a7e4a55f574931ef6bcddd61aa3dd6978f585fc7618c1034ef0922274d0ef395758d60339e1927941380a46c0ca18a3d989ca7df45fb855aaf6f768e620c61abedf987014e6003f79a7ce178603b331b76289c426ac2938b2102e834ec9dcbf6e93d7ede6db4284d934ced34d4d02add64d5998cf", 0xdd}, {&(0x7f00000011c0)="d519766236379bd7af0a3fb4e1f1a22e734aee00d4ccbf600dce63a3184d7cc5c3d98beb854a1c7c4b3d07903a214e2f67a226750333acb8bc89a813f1f89e07044426626ae0343d05513894d5480c5641dfea14da338ab876904531b1cb7a2683a2b84162249535614e678aa70f7096b2e7d2baa8770206", 0x78}, {&(0x7f0000001240)="e2795f1be94853fe8c2afae73af94192a2b5d9262756ed118a970780c4cb41809d62356665e5bdd314c07aff8dd28cc2d61200c47a080b8833b6427469e2e3ac68c5174e1ebd36d8ad0a730787144ac347846bd6b61564494fa62763d59f1280a56122296f7e6fa2073f02a9352d7914cbd84db14e781ff77cfc3d8643da62afe514", 0x82}], 0x6, &(0x7f00000018c0)=ANY=[@ANYBLOB="1800000000000000840000000500000030000000080000003000000000000000840000000100000006004000080200000800000009000000010000000d00000008000000d60e6cf742f67a159c8fbe56dfc37eb3781a78ba0106230e351eee9a5f2dfe055a1affb4eb83abec511f41d0d785cf816c02de5c59ba30961f4e1b6b44f4dc4b3f0b5a0bb3d0acdfafc72138301aa0cd89a3ecdf7ef118be20a82a1a37005cd213b5dc59", @ANYRES32=r9, @ANYBLOB="180000000000000084000000060000000500000000000000200000000000000084000000080000000000000000000000000000000000000118000000000000008400000006000000ff0100000000000018000000000000008400000007000000ffffffff00000000200000000000000084000000080000000000000000000000000000000000000120000000000000008400000002000000080004800000010003000000", @ANYRES32=r9], 0xf0, 0x40}, {&(0x7f0000001480)=@in6={0xa, 0x4e23, 0xd29, @loopback, 0x4}, 0x1c, &(0x7f0000001640)=[{&(0x7f00000014c0)="6a79d0eb4e9a893950a2483d79022d84e90b7854ff94bdf2cddf41ed1bf49434c1a093053ec4430d1a7ab4f6b50a47523a543aa54889bacba0c083788c71c16facaab6b3ce5cc60c14d5e76d54e9687619f441202b5b46bdab1c6b212ab3758be39a50ff3e0b416b4deb77dd9bb065e9c7a6bb7f91d0956046eb334fc74c00d2e528ec191fdae53466ba1050b845c1e37f83a337702ab6cdc9340763b57f8eec246b9931da25ff07fa2d874063b20e4f1d47b4d15d6bc910d90babf0216f9284", 0xc0}, {&(0x7f0000001580)="83c9fbf328f4d3075c6f44eec3e4e92d8de2530df72d6f2a9ef762ff494333692061ab", 0x23}, {&(0x7f00000015c0)="1de3045b5ff0dcfa29ad54060f7c328e71c114b866174bcc6517fecd98a793d24e73e097c7ba070976d011ca39af636ddb5bbecebe34de4f6332fcf6b8d51f176215a23c827e3c43323646ec107fec841d81070038ecc0b1563e82f84616e5c587fa7d", 0x63}], 0x3, &(0x7f0000001680)=[@prinfo={0x18, 0x84, 0x5, {0x843634d31a9c1a5e, 0x2}}], 0x18, 0x24008004}], 0x5, 0x0)
setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r6, 0x84, 0x18, &(0x7f0000000180)={0x0, 0x9}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
r11 = socket(0xa, 0x1, 0x0)
bind$inet6(r11, &(0x7f0000000140)={0xa, 0xe64, 0xb, @empty, 0x1}, 0x1c)
sendto$inet6(r11, 0x0, 0x0, 0x24000881, &(0x7f0000000100)={0xa, 0x4e34, 0x5, @loopback, 0x7fffffff}, 0x1c)

556.874434ms ago: executing program 4 (id=6283):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x18)
r2 = open(&(0x7f0000000280)='.\x00', 0x361040, 0x1d2)
fcntl$notify(r2, 0x402, 0x5)
fcntl$notify(r2, 0x402, 0x8000003d)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
setitimer(0x0, 0x0, 0x0)
r4 = socket(0x28, 0x5, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r5, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r6, 0x0, 0x10007ffffffff}, 0x18)
bind$vsock_stream(r4, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r4, 0x0)
r7 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r7, &(0x7f0000000080), 0x10)
r8 = accept4$unix(r4, 0x0, 0x0, 0x0)
recvfrom$unix(r8, &(0x7f0000000140)=""/263, 0x107, 0x0, 0x0, 0x701)

422.614454ms ago: executing program 6 (id=6285):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendmmsg$inet6(r0, &(0x7f0000009600)=[{{&(0x7f0000000240)={0xa, 0x4e21, 0x2, @private0={0xfc, 0x0, '\x00', 0x4}}, 0x1c, &(0x7f0000000d00)=[{&(0x7f00000002c0)='\n', 0x1}], 0x1}}], 0x1, 0x200488d4)
shutdown(r0, 0x1)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000280)={0x0, 0x2d, "a22bbaa87520b5ebe34d8c2b95a370ea800ed87c90f50f62971a7d0ea849e7f3cf9b731b136469764404d12699"}, &(0x7f0000000300)=0x35)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)

379.656156ms ago: executing program 6 (id=6286):
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8c094, 0x2, @perf_config_ext={0x9, 0x6}, 0x6000, 0x0, 0x10000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x100000b3, 0x4)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x3}, 0x18)
socket$inet(0x2, 0x4000000000000001, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x4c, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x4c}}, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)={0x5c, 0x9, 0x6, 0x3, 0x0, 0x0, {0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0xe1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x88}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e22}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
ioctl$BTRFS_IOC_LOGICAL_INO_V2(r5, 0xc038943b, &(0x7f00000000c0)={0x6, 0x18, '\x00', 0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0]})
prctl$PR_SCHED_CORE(0x26, 0x1, 0x0, 0x1, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ec0)={&(0x7f0000000bc0)='kfree\x00', r6, 0x0, 0xfffffffffffffff4}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000004000000400000004000000041000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000e0000000000"], 0x50)
setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000640)={{{@in=@broadcast, @in=@multicast1, 0x4e22, 0x0, 0x4e24, 0x1ff, 0xa, 0x20, 0xa0, 0x3a}, {0xf, 0x7, 0x80000000, 0x100, 0x8, 0x8, 0x8001, 0x5}, {0xfffffffffffffff8, 0x7, 0x7fffffff, 0x5}, 0x8, 0x6e6bb3, 0x2, 0x0, 0x2, 0x3}, {{@in6=@private1, 0x4d2, 0xff}, 0x2, @in6=@remote, 0x3506, 0x3, 0x1, 0x8, 0x7, 0xc97e}}, 0xe8)
ioctl$GIO_UNISCRNMAP(0xffffffffffffffff, 0x4b69, &(0x7f0000000300)=""/102)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xd07, 0x40}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x30}], 0x1, 0x0)
r7 = socket(0x1e, 0x4, 0x0)
r8 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r7, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r7, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x1}], 0x1}}], 0x1, 0x9200000000000080)
dup3(r8, r7, 0x0)

321.850719ms ago: executing program 6 (id=6288):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fff}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10)
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="2000000000f828ffffff"], 0x20, 0x2400e044}, 0xff0f)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x3}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x35, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000018000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0)

309.200511ms ago: executing program 6 (id=6289):
syz_mount_image$ext4(&(0x7f0000000140)='ext3\x00', &(0x7f0000000480)='./file1\x00', 0x4, &(0x7f00000002c0)={[{@journal_path={'journal_path', 0x3d, './file1'}}, {@i_version}]}, 0x6, 0x606, &(0x7f0000001200)="$eJzs3c9rHGUfAPDvzCYhafO+aV9exBbFgIcWpGlSi9VebOvBHgoW7EHEQ0OT1NDtD5oUTCyYgAcFBRGvIr34D3iX3r2JoN48C1WkoqDSldmdbbbJbpq22Z008/nAJPM8M7vP893Js/M8O3l2Aiit0exHGrEn4s7ZJGKkZdtwNDaO5vvd/u36uWxJolZ7/dckkjyvuX+S/96ZJwYj4tsTEf+rrC13bmHxwmS11vBexMH5i1cOzi0sHpi9OHl++vz0pYlDLx4+Mv7SxOGJTYlzZ/775KnXnvr4/bdfmPmueiCJY3Gm/92pWBXHZhmN0biTh9ia3xcRR7KVNq/L42YbhFBqlfzvsT8inoiRqNRTDSMx+1GhlQO6qlZpvAfUgBJKtH0oqWY/oDm239g4+EyXeyW9c+t4YwC0Nv6+xmcjMVgfG+24nbSMjBqfbezahPKzMv65vvfzbIl7Pof48+7R6duEcjpZWo6IJ9vFn9TrtqseaRZ/2hjrH1157HhEDOT1e+UR6pC0rHfjc5j1PEj8rcchjYhj+e8s/8RDlj+6Kt3r+AEop5vH8xP5UpZaOf9lfY9m/yfa9H+G25y7HkbR57/O/b/m+X6w3u9JV/XDsj7L6fZP2b8646cPT37aqfzW/l+2ZOU3+4K9cGs5Yu+q+D/Igs37P1n8SZvjn+1y9tjGynj1+19OdtpWdPy1GxH72o5/Vnql2do61ycPzsxWp8cbP9uW8fU3b33Zqfyi48+O/44O8bcc/3T147LX5MoGy/jq9I2LnbYN3zf+9OeBpDHeHMhz3pmcn786ETGQnMp3ack/tH5dmvs0nyOLf/+z7dv/PX//y/c+z1DzLXMDrrxx4XanbQ9z/FsuJt+pbbAOnWTxT93/+K9p/1neJxss4483rz3dadt68Q89SmAAAAAAAABQQmn9GmySjt1dT9OxscZ82f/HjrR6eW7+uZnL1y5NReyv/z9kf9q80j3SSCdZeiL/f9hm+tCq9PMRsTsiPqsM1dNj5y5Xp4oOHgAAAAAAAAAAAAAAAAAAALaInfn8/+Z9qn+vNOb/AyXRzRvMAVub9g/lVW//a27xBJSB8z+Ul/YP5aX9Q3lp/1Be2j+Ul/YP5aX9Q3lp/wAAAACwLe1+5uaPSUQsHR2qL5mBfJsZQbC99RddAaAwlaIrABTm7qV/nX0onQ31///Kvxyw+9UBCpC0y6x3DmrrN/6bbR8JAAAAAAAAAAAAAHTBvj2d5/+bGwzbm2l/UF6PMP/fVwfAY85X/0N5GeMD95vFP9hpg/n/AAAAAAAAAAAAANAzw/UlScfyucDDkaZjYxH/iYhd0Z/MzFanxyPivxHxQ6USWXqi6EoDAAAAAAAAAAAAAAAAAADANjO3sLg8Wa1OX51bWLzQXPl7Tc72XmneBbUHZb0cD/ioSHr/sgxFROEHpWsrfS05ScRSduS3RMWuzsXWqEZ9peA3JgAAAAAAAAAAAAAAAAAAKKGWucft7f2ixzUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgN5buf9/91aKjhEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeDz9GwAA//8i0Dx4")
r0 = socket(0x10, 0x803, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7}, 0x18)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

266.785563ms ago: executing program 6 (id=6291):
perf_event_open(&(0x7f0000000040)={0x3, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8c094, 0x2, @perf_config_ext={0x9, 0x6}, 0x6000, 0x0, 0x10000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x3}, 0x18)
socket$inet(0x2, 0x4000000000000001, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x4c, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,port\x00'}]}, 0x4c}}, 0x2)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)={0x5c, 0x9, 0x6, 0x3, 0x0, 0x0, {0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0xe1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x88}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e22}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000000001000001"], 0x50)
ioctl$BTRFS_IOC_LOGICAL_INO_V2(r4, 0xc038943b, &(0x7f00000000c0)={0x6, 0x18, '\x00', 0x0, &(0x7f0000000080)=[0x0, 0x0, 0x0]})
prctl$PR_SCHED_CORE(0x26, 0x1, 0x0, 0x1, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ec0)={&(0x7f0000000bc0)='kfree\x00', r5, 0x0, 0xfffffffffffffff4}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000004000000400000004000000041000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000e0000000000"], 0x50)
setsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000640)={{{@in=@broadcast, @in=@multicast1, 0x4e22, 0x0, 0x4e24, 0x1ff, 0xa, 0x20, 0xa0, 0x3a}, {0xf, 0x7, 0x80000000, 0x100, 0x8, 0x8, 0x8001, 0x5}, {0xfffffffffffffff8, 0x7, 0x7fffffff, 0x5}, 0x8, 0x6e6bb3, 0x2, 0x0, 0x2, 0x3}, {{@in6=@private1, 0x4d2, 0xff}, 0x2, @in6=@remote, 0x3506, 0x3, 0x1, 0x8, 0x7, 0xc97e}}, 0xe8)
ioctl$GIO_UNISCRNMAP(0xffffffffffffffff, 0x4b69, &(0x7f0000000300)=""/102)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0xb, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0xd07, 0x40}, 0x100b28, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmmsg$inet_sctp(0xffffffffffffffff, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x30}], 0x1, 0x0)
r6 = socket(0x1e, 0x4, 0x0)
r7 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r6, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x1}], 0x1}}], 0x1, 0x9200000000000080)
dup3(r7, r6, 0x0)

233.913895ms ago: executing program 5 (id=6292):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x9, 0x640b9, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x0, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
mkdir(&(0x7f0000000100)='./control\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200)
r1 = openat$cgroup_freezer_state(r0, &(0x7f00000002c0), 0x2, 0x0)
write$cgroup_freezer_state(r1, &(0x7f00000000c0)='FROZEN\x00', 0x7)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x816744, &(0x7f0000000580)={[{@grpjquota}, {@discard}, {@norecovery}, {@noinit_itable}, {@resgid}, {@dioread_nolock}, {@usrjquota}, {@noauto_da_alloc}, {@jqfmt_vfsold}, {@dioread_lock}, {@resuid}, {@noquota}]}, 0x3, 0x46c, &(0x7f0000001380)="$eJzs3M1vVFUbAPDn3mnh5bN9ET9A1CoxNn60tKCycKPRxAVGE13gsraFEAZqaE2EEKnG4MbEEHVtXJr4F7hzY9SViVvdGxIibEBXNffOvTAzzJQWpjOU+f2SGc6ZezrnPHPuuffce2YIoG+NZE9JxNaI+CMihmrZxgIjtX+uXTk7/c+Vs9NJLC29/XeSl7t65ex0WbT8uy1FZjSNSD9NikoazZ8+c3yqWp09VeTHF068Pz5/+sxzx05MHZ09Onty8uDBA/snXnxh8vllWr9xxXFmcV3d/dHcnl2vv3vhjenDF9775fusvVuL7fVxdMpIFvjlpVzdy19mT092urIe21aXTgZ62BBWpRIRWXcN5uN/KCpxo/OG4rVPeto4YE1l56ZlzqKLS8A9LIkVFouVFQTWi/JEn13/lo8uTT3uCpderl0AZXFfKx61LQORFmUGm65vO2kkIg4v/vtN9og1ug8BAFDv8+mvD8WzreZ/aTxQV257sYYyHBH/j4gdEXFfROyMiPsj8rIPRsRDbWva0PLV5qWhm+c/6cXbDm4FsvnfS8XaVuP8r5z9VYYrRW5bHv9gcuRYdXZf8ZmMxuDGLD+xTB0/vvr7F+221c//skdWfzkXLNpxcaDpBt3M1MJUPintgEsfR+weaBV/cn0lILv03xURu1f31tvLxLGnv9vTrtCt419GB9aZlr6NeKrW/4vRFH8pWX59cvx/UZ3dN17uFTf79bfzb7Wr/47i74Cs/zc37v/NRYaT+vXa+dXXcf7Pz9pe09zu/r8heSfvl/Ko8uHUwsKpiYgNyaE83/D65I2/LfNl+Sz+0b2tx/+OWmJT9vRwRGQ78SMR8WhEPFa0/fGIeCIi9i4T/8+vtN92N/T/TMvj3/X9v6n/V5+oHP/ph3b1r6z/D+Sp0eKV/Ph3Cytt4J18dgAAALBepPl34JN07Ho6TcfGat/h3xmb0+rc/MIzR+Y+ODlT+678cAym5Z2uobr7oRPJYvGOtfxkca+43L6/uG/8VWVTnh+bnqvO9Dh26Hdb2oz/zF+VXrcOWHOt1tEmW67XNvyQDbgHNI//tDF77s1uNgboKr/Xhv51i/GfdqsdQPc5/0P/ajX+zzXlrQXAvcn5H/qX8Q/9y/iH/mX8Q1+6k9/1r6PE5aUOv2F2yLwL4qoOFf3Y/doj7XXsEmuRaP3/NAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKxX/wUAAP//57XmEw==")
chdir(&(0x7f0000000400)='./file0\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x101000, 0x108)
sendfile(r1, r1, 0x0, 0x8000002)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYRES16=r2], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r3}, 0x10)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x110e22fff6)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$TUNSETOFFLOAD(r4, 0x4004743d, 0x110e22fff6)
write$cgroup_type(r4, &(0x7f0000000280), 0xfffffeed)
rseq(&(0x7f0000000300), 0x20, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$kcm(0x29, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000000)=ANY=[@ANYBLOB="9f1500000000000000090000000000000c000000020000000000000000000013040000000000"], 0x0, 0x26}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x1, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

168.252279ms ago: executing program 6 (id=6294):
perf_event_open(&(0x7f0000000680)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0xe50c1700, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x8, 0x3, 0x488, 0x0, 0xffffffff, 0xffffffff, 0x1c8, 0xffffffff, 0x3b8, 0xffffffff, 0xffffffff, 0x3b8, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1c8, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x9, 0xffff0000, 0xc11270e446e71eb1, 0x0, 'syz1\x00'}}]}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x1a, 0x1, 0x5}}}, {{@ipv6={@remote, @private2, [0xffffff00, 0xffffffff, 0x0, 0xffffff00], [0xffffffff, 0xffffff00, 0xffffffff, 0xff000000], 'netpci0\x00', 'bridge_slave_1\x00', {}, {0xff}, 0x2b, 0x2, 0x5, 0x5}, 0x0, 0x1d0, 0x1f0, 0x0, {}, [@common=@srh={{0x30}, {0x2, 0xb7, 0x4, 0xe8, 0x6, 0x1268, 0xb2a}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x6, 0x4, 0x0, 'syz0\x00'}}]}, @unspec=@NOTRACK={0x20}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4e8)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32, @ANYBLOB], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000300)={0x38}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff}, 0x18)
r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x9, 0x7, 0x0, 0x0, 0x0, 0x40008, 0x590, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xe}, 0x4c58, 0x4, 0x0, 0x0, 0x7, 0x4ac, 0xb, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0xb)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000003, 0x13, r1, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x89f0, &(0x7f0000000000)={'bridge0\x00', &(0x7f0000000080)=@ethtool_regs={0x12}})
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000ec0)={&(0x7f0000000040)='kfree\x00', r0, 0x0, 0xfffffffffffffff4}, 0x18)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000003180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf84, 0x3}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYRES32=r3], &(0x7f00000002c0)='GPL\x00'}, 0x94)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00', 0xa02, 0xc1)
sendfile(r4, r4, 0x0, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000540)='kfree\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x109301)
ioctl$USBDEVFS_CONTROL(r5, 0xc0105500, &(0x7f0000000000)={0x80, 0x6, 0xff0c, 0x0, 0x0, 0xd5a6, 0x0})

160.91416ms ago: executing program 1 (id=6295):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'dummy0\x00'})
sendmsg$nl_route_sched(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000080)={0x0}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
sendmsg$nl_route_sched(r0, 0x0, 0x4000000)

147.027721ms ago: executing program 0 (id=6296):
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r0 = creat(&(0x7f0000000080)='./file0\x00', 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000540)={'\x00', 0x7e, 0x7527, 0x5c8, 0x7fff, 0x9})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, 0x0, 0x0)
close(0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xcb3a}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kmem_cache_free\x00', r2, 0x0, 0xfffffffffffffffc}, 0x18)
r3 = socket$caif_stream(0x25, 0x1, 0x4)
sendmmsg(r3, &(0x7f0000006a40)=[{{0x0, 0x0, &(0x7f00000026c0)=[{&(0x7f00000001c0)="62428c67", 0x4}], 0x1}}], 0x1, 0x40)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x3, 0x1d459d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x183, 0x6}, 0x6025, 0x4005, 0xb, 0x0, 0x1, 0x1, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x1}, 0x8)
sendto$inet6(r4, &(0x7f00000005c0)="f5", 0x1, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0xfffffffc, @rand_addr=' \x01\x00'}, 0x1c)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x4e24, 0x0, @rand_addr=' \x01\x00', 0xfffffffd}, 0x1c)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r4, 0x84, 0x7c, &(0x7f00000002c0)={0x0, 0x0, 0x8}, 0x8)
mkdir(&(0x7f0000000100)='./file0\x00', 0x40)
mkdir(&(0x7f0000000080)='./bus\x00', 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000500)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x14, 0x2c, 0x0, @remote, @local, {[], {{0x1100, 0x5, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x2}}}}}}}, 0x0)
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x1001, 0x0)
syz_io_uring_setup(0xbc3, 0x0, 0x0, &(0x7f00000000c0))
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)

130.976562ms ago: executing program 1 (id=6297):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, 0x0)
writev(r2, &(0x7f00000001c0)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988ca", 0xe}, {0x0}], 0x2)

122.946522ms ago: executing program 5 (id=6298):
r0 = inotify_init()
chdir(&(0x7f0000000000)='./file0\x00')
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, 0x94)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
r3 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r3, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, 0x0}, 0x0)
recvmmsg(r3, &(0x7f00000014c0)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000640)=""/189, 0xbd}], 0x1}}], 0x1, 0x40012000, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.numa_stat\x00', 0x26e1, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x600, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x2405, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0xd)
inotify_add_watch(r0, &(0x7f0000000400)='.\x00', 0x4000423)
inotify_add_watch(r0, &(0x7f00000001c0)='.\x00', 0x60000023)

82.591235ms ago: executing program 1 (id=6299):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fff}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10)
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="2000000000f828ffffff"], 0x20, 0x2400e044}, 0xff0f)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2, 0x0, 0x3}, 0x18)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x35, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000018000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0)

82.172655ms ago: executing program 1 (id=6300):
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0ffb}]})
ioperm(0x0, 0x2, 0x7e)

68.189636ms ago: executing program 1 (id=6301):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r1, &(0x7f0000000900)=[{{&(0x7f0000000080)={0x2, 0x4, @private=0xa010100}, 0x10, &(0x7f0000000100)=[{&(0x7f00000000c0)='Q', 0x1}], 0x1}, 0x20000000}, {{&(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000ac0)="6cb76def2c36dab0f366cf47ad785ed2fb5e1fa5fb56d566acdc377060c4ba50a58104620df72c3004bfbc77173110e163f7d8ad60c34cdb064852353438fea809e390e392afbf35311690cd8286a6c49668aee29b7537078dba77963d15c085d7343c1012135d361ac15c082b7ac8db87cc10fe3ffc374c8be18fc53437100a11dddb9981072ec036d513870a5bbf62ce9e39f790f61ef997af390b9f5fc8a699e001c59077c459eb40ee80a3ffeb35737da668ef974592faf129325cd9ad0dc5663950a329804c9f5d261f71165b05dac212cc2afc40f980ddef8773f1045e75de4ec606aef87052e9ac784bb0f5a43f9cac5e44ae1a6dd575ce17a4749dc7cd4d7f76a40676e792e5b31a25703b1f35b48a89ed84582ef8f4ac046695f402c25da1fa6bc732a7016edf093b4c31193130b3bc143702e2b1d23743ca797b24495dc4979b81413701c0597dcd5e3bcc9c2050c18cfe03814d358e0f795e990dc44d2c1b9890514bd5ea94a3f3a1e25a8cdc67133e9176d76dc54c31274cff0101d8a42c103bad1b8b57362446f2c2ed8a69daf3d7306ef3fa2015e4ee1ef3392120b82671d73b07f3082ea69ffa0ebc7b53c78862a3e1ece518c1f0abbe4053b4dfafe815c1fe4b0d079446e80d13af972e00644a0188605d7309812e24cd1158677f94a16a5eb0c5d48b60329fc522026efa596ac913540f2a9b0345f279329bfba29a7dfc8894e6a08eeee3dd974c3de9e0602cfd1e3e584b10dd26cd13f7fb432e72ea85fd1d3a872061bc967d7a67a3a7f09f34cc825db5d9ef3ce0ff9873f8eff342eb30fa970007e2f591f07dc9bc5141a9679a2f7c69aa50894353a7830a0f7cf766aff6e81d7c3b88d730946ce3f327716ef6fd270d5bf467aef288db903f740b6ac27b962a3c6462372e63f8da8505f05d17b364dd8c6b5d449accd01b4c6da297669f098bee986b95e389a2d003539ca9dec8c26b9f6bbb5f7fe6f0b764d99bc0dafcad4121ed6a749ac71fc5deeee54d0e8a2d9dccc87df818258d73c8816b78c1be3670fb14dded879caf925e0f8abf63f55ffee02bbffb465f0303338bd12e22fe94fdaa3f033127ecaf41649232c38e83850fd3ebc890ea5db2763a8389ac49bd9b7f6b81f381d3eeb90d0f596e2b7f7dfa2a0e9453c1f5f359b56aae9e97a51f6c092d25a031843e351f5733a25c5905706618ab569359bdca4932f6471f4f2d152f84cfc0c563885b0d93fd015095a8eb9422e3d17ddaf3f20dde5eeea415f76c0617964198c824b98f4d53ab0d4d734dcd6d07dddd5b77c1bd71208632941973bd5b5aca981137ec21dcd86ba518b3d4979b68f704a2a7d7cfeb9be3edf4b4b3560e930d9dba0bc358cba36a129748c1fa73483a69759ba0c4f2ee2a936899e163c213bb3fe5a28e68669fb2da6bbcdf4c55e933d127a8bc68b8d0e6c6c757fe8ea47f26ceb7c1b3ca8b962eb31a081756ed56fe4385dccc5e2a7a53300e9c8a1a55bcf8db3f828cb3db8485110da631a50199a5c1932b5538a2b1c3cddb4451868a413418e3f761530fd477b2ebb449070c73171964203ad7bad4302af13fa6fe55fb88ede096a7aba95ef3665da778250daa9dd4bd5ecb8a807d83fe6dcf2f0cf5de7a4ef742979afd7d93bb2672ad45f6537640313b1ca8838f3fdc08e57455af6398ce5b253312fe1a88206210831e0de59d1e3f9442fb9dd43f1b9c00d151d3234028990f8bcaf65c0ad9ea1bc20e4b7641ff26969b02ccd60d2d8d2d72fe5fd58068cd6d7525c9e24c4246cd776ecf1f57550bb6bddad5093618797547cde5c07e165bc979bfbb5479c58e89c29efa5fdfa5b4a87917a4275609afc849384458ca980ba5a2aa4d10c761bb3b3a57e3d3b41001cdf6", 0x541}], 0x1}}], 0x2, 0x0)
getsockopt$inet6_tcp_buf(r1, 0x6, 0x38, &(0x7f00000000c0)=""/131, &(0x7f0000000000)=0x83)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
setgroups(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, &(0x7f0000000600)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8f, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffc}, {0x85, 0x0, 0x0, 0x86}}, {{0x5, 0x0, 0x5, 0x9, 0x0, 0x1, 0x480}}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0xae}}}, &(0x7f0000000080)='GPL\x00', 0xb, 0xffe, &(0x7f0000000cc0)=""/4094, 0x41100, 0x40}, 0x94)

264.22µs ago: executing program 1 (id=6302):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000ebff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB='<\x00\t\x00'/13, @ANYRES32=0x0, @ANYBLOB="21010000000000001c0012800b00010062726964676500000c00028006002700a1000000"], 0x3c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r3, &(0x7f0000000180)="1a", 0x34000, 0x0, &(0x7f0000000480)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
shutdown(r3, 0x1)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00')
getdents(r4, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={0x0}, 0x18)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sendmsg$nl_route(r4, 0x0, 0x24008904)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)=<r6=>0x0)
timer_settime(r6, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)

112.66µs ago: executing program 5 (id=6303):
r0 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000100)={0x35, 0x3, 0x1}, 0x10)
write(r0, &(0x7f00000000c0)="1c0020001a009b8a14e5f40700426e2400000000fe00000000000000", 0x1c)

0s ago: executing program 5 (id=6304):
r0 = syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x80c406, &(0x7f0000000540)=ANY=[@ANYBLOB='dots,dots,dmask=000000000200000,nodots,discard,nfs=nostale_ro,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c646f733178666c6f70707900000000000000003030ffffffff303030303031373737373737373756c0f39fdb37372c004c0f1208ec0c34b7df4ba1c1e6b76697434db8574db9bcaef6a61a12c3f260bebc7ac5b1b11361119b83f1cf9f686b715b8e58fd37cea6623dc422c2ddbcefe94e5c255b5e8c90613e6b598b3b7a2c05de53dab7"], 0x1, 0x291, &(0x7f0000000280)="$eJzs3M9r034YwPGn6dZ0+7Ifpy/oxQe96CXMelQPVTYQC0q3inoQMpZpaG1HErQVwZw97e8YHr0J4j+w/8LbEGSnnYyszbKs+4Wza2f7fkHJkzz5tE8SUp5PId16uv66uupbq3YgRl7FEAllR2RWXNmTiZe5dpxLtsvdgoRyY+7N9sfFZ88fFkul+bLqQnHpVkFVp698ffv+09VvwX9PPk+bpmzOvtj6Wfi++f/mpa1fS69cX11f641AbV1uNAJ7ueboiutXLdXHNcf2HXXrvuMdyK/WGmtrLbXrK1OTa57j+2rXW2pIS4OG5uOq6mpZlk5N7sZ5GSG5Px5R2SiX7eK5FIMLw/OKdlZEJg7dDZWNwVQEAAAG6fj+30j22ev/je7+X+SU/v9DvNf0l573/1lJ+v+q0+7/A6+l9kvbTff/ONHZ+n/jfIrB38iEqZV7B1KeV5w4ehD9PwAAAAAAAAAAAAAAAAAAAAAA/4KdKJqJomhmd2mISBSvmyKSTa0fMXSknq0fVunrH6VeZnyBT7j+GAKpB/fyIj/CZqVZybSXnfzCg9L8nLalHvzbbjYr2SR/s5PXg/lxmYzzhSPzObl+rZPfzd1/VErn15uVCVk5sfKwV6cAAAAAAIChZ2liNtmYl2R+b1lqSne+PX/vROH+7wNd8/sxuTzWv+MAAAAAAADH81vvqnat5nj9CbJ9/KwzByJnG347MntSRlZETtmnvCgy+BN1KDDlQpQxzMGdnr1hlBHpbBmPvwy67gIAAAAAw2V/PjDoSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF39+OuyQR8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFH8DgAA//8sg70h") (fail_nth: 20)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x960030, &(0x7f0000000a40)=ANY=[@ANYRESOCT=r0, @ANYRES8=0x0, @ANYRES32, @ANYBLOB="f1bcca05ed588d63a576cc3afd51baf29cde0400000092f4e66ff7ef22aa9af727ceae8a8ec95fc1b73083de2de825a0cb2b0be774fdb33650d7dace27c16bc23b2f7c7fb72585548939698f280d138aa9255a8a924008f8477e82ba11cdb11efd5ca2f1ab049ce2cc7815d2daf8daea25533a558d561654faf5e0924f1376174f374d664fad4a6ab24ec000ccace822e7f9426e8e5de1fe58085a0ae86fd02a118b9365961834d46208b9fb4c91a1fa962a8b00a9717fcbb46c2400dc2e319379ea1e5a07aeb3f9cd4e648df445a1b4213e73230000efff000010000758027a472e7d263ef567a84166f26ee56e701c63a8863787889bf1c90fccf31954a940c8b584ca89a512f28edec08eb1c0823c028840eeaf3f5d8769023c0159571e8e899b43c293bc21a2b833e5c9c703c4cfa063dd050045706bde3d7ac373ab04b62b4111b59eabd436dd97e788a36ef25bad99beec474e667589d37100ec36292c15c6eeba7da9b809d122b8011db9c843b17f139ff9699a55f91ea00462de31c586eccbe859d181b51aa915eebc3e22c51b753af77b0abce52dd5f1d5076ebdf61f1b4319f18f2289958533a990efa95c7fc778a44d1e7c7d9b4a", @ANYRESHEX=r0, @ANYRESOCT=r0, @ANYRES64, @ANYBLOB="735f6e46fee1844ad4695bd6c9a1f85f5371aa4e7749437e67fc581a8d8983a4f95cc4471ae8a76cf365c4512dd81215cd5e4153586ad440d6403f7da30c61dbfe55d4fdbefbdcedb07aaefe6580b8a9bb883042c20075e444bff2f7ef6834b3de98c9d04374735e6ae92874f0d05c6ae5f6b87d0c35081e3eecc676efed00626dbb1875f613cfca3f0b58657c5d223c7137c2ef032583e8217cdd2e799b7e8890dc20b9308900"/176, @ANYRES16=r0, @ANYRESDEC, @ANYRES32=r0, @ANYRESOCT=0x0, @ANYBLOB="b6ca6a4387c1a511d20d1269c080dfee68272c347baf1a3c88c68cbd10a2140dc376efb71ebdc38075afad66616985d1b32948b0a7991e1eabc68cbf351cc3ebe9370862082c8386bf6d284d88ed"], 0x1, 0x0, &(0x7f0000000000))
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0)

kernel console output (not intermixed with test programs):

uous mode
[  250.655739][T17858] syzkaller1: entered allmulticast mode
[  250.664935][T17860] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5463'.
[  250.879477][T17870] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  250.879477][T17870]    program syz.1.5466 not setting count and/or reply_len properly
[  251.140851][T17906] syzkaller1: entered promiscuous mode
[  251.146360][T17906] syzkaller1: entered allmulticast mode
[  251.176563][T17910] syzkaller1: entered promiscuous mode
[  251.182066][T17910] syzkaller1: entered allmulticast mode
[  251.206646][T17913] hub 9-0:1.0: USB hub found
[  251.212423][T17913] hub 9-0:1.0: 8 ports detected
[  251.233061][T17913] sg_write: data in/out 8156/120 bytes for SCSI command 0x0-- guessing data in;
[  251.233061][T17913]    program syz.4.5485 not setting count and/or reply_len properly
[  251.497776][T17947] syzkaller1: entered promiscuous mode
[  251.503334][T17947] syzkaller1: entered allmulticast mode
[  251.554073][T17953] syzkaller1: entered promiscuous mode
[  251.559647][T17953] syzkaller1: entered allmulticast mode
[  251.767817][T17966] sg_write: data in/out 8156/120 bytes for SCSI command 0x0-- guessing data in;
[  251.767817][T17966]    program syz.6.5508 not setting count and/or reply_len properly
[  251.885531][T17972] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  251.885531][T17972]    program syz.6.5512 not setting count and/or reply_len properly
[  251.886592][T17976] loop5: detected capacity change from 0 to 512
[  251.917274][T17976] EXT4-fs (loop5): 1 orphan inode deleted
[  251.932504][   T42] EXT4-fs error (device loop5): ext4_release_dquot:6981: comm kworker/u8:2: Failed to release dquot type 1
[  251.951976][T17976] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  251.980526][T17976] ext4 filesystem being mounted at /75/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  251.994165][T17983] syzkaller1: entered promiscuous mode
[  251.999669][T17983] syzkaller1: entered allmulticast mode
[  252.063923][T16879] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.170742][T17997] sg_write: data in/out 8156/120 bytes for SCSI command 0x0-- guessing data in;
[  252.170742][T17997]    program syz.1.5522 not setting count and/or reply_len properly
[  252.197736][T18000] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5521'.
[  252.229974][T18000] hsr_slave_1 (unregistering): left promiscuous mode
[  252.343034][T18005] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  252.343034][T18005]    program syz.6.5525 not setting count and/or reply_len properly
[  252.385705][T18011] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5527'.
[  252.528895][T18029] syzkaller1: entered promiscuous mode
[  252.534655][T18029] syzkaller1: entered allmulticast mode
[  252.674468][T18044] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  252.674468][T18044]    program syz.0.5543 not setting count and/or reply_len properly
[  252.798534][T18070] netlink: 8 bytes leftover after parsing attributes in process `syz.4.5555'.
[  252.822929][T18073] syzkaller1: entered promiscuous mode
[  252.828417][T18073] syzkaller1: entered allmulticast mode
[  253.035335][T18096] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  253.035335][T18096]    program syz.4.5567 not setting count and/or reply_len properly
[  253.078591][T18106] loop5: detected capacity change from 0 to 512
[  253.266309][T18131] loop5: detected capacity change from 0 to 8192
[  253.296767][T18135] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  253.296767][T18135]    program syz.4.5585 not setting count and/or reply_len properly
[  253.697385][T18184] loop6: detected capacity change from 0 to 512
[  253.768401][T18193] loop5: detected capacity change from 0 to 512
[  254.097132][T18217] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5621'.
[  254.162736][T18231] FAULT_INJECTION: forcing a failure.
[  254.162736][T18231] name failslab, interval 1, probability 0, space 0, times 0
[  254.175463][T18231] CPU: 1 UID: 0 PID: 18231 Comm: syz.5.5627 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  254.175504][T18231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  254.175527][T18231] Call Trace:
[  254.175534][T18231]  <TASK>
[  254.175541][T18231]  __dump_stack+0x1d/0x30
[  254.175563][T18231]  dump_stack_lvl+0xe8/0x140
[  254.175584][T18231]  dump_stack+0x15/0x1b
[  254.175598][T18231]  should_fail_ex+0x265/0x280
[  254.175615][T18231]  should_failslab+0x8c/0xb0
[  254.175664][T18231]  kmem_cache_alloc_noprof+0x50/0x480
[  254.175691][T18231]  ? skb_clone+0x151/0x1f0
[  254.175707][T18231]  skb_clone+0x151/0x1f0
[  254.175722][T18231]  __netlink_deliver_tap+0x2c9/0x500
[  254.175759][T18231]  netlink_unicast+0x66b/0x690
[  254.175789][T18231]  netlink_sendmsg+0x58b/0x6b0
[  254.175809][T18231]  ? __pfx_netlink_sendmsg+0x10/0x10
[  254.175825][T18231]  __sock_sendmsg+0x145/0x180
[  254.175852][T18231]  ____sys_sendmsg+0x31e/0x4e0
[  254.175883][T18231]  ___sys_sendmsg+0x17b/0x1d0
[  254.176003][T18231]  __x64_sys_sendmsg+0xd4/0x160
[  254.176064][T18231]  x64_sys_call+0x191e/0x3000
[  254.176085][T18231]  do_syscall_64+0xd2/0x200
[  254.176095][T18232] syzkaller1: entered promiscuous mode
[  254.176102][T18231]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  254.176127][T18231]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  254.176179][T18231]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.176199][T18231] RIP: 0033:0x7f9fdb9cefc9
[  254.176214][T18231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  254.176232][T18231] RSP: 002b:00007f9fda42f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  254.176251][T18231] RAX: ffffffffffffffda RBX: 00007f9fdbc25fa0 RCX: 00007f9fdb9cefc9
[  254.176306][T18231] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  254.176318][T18231] RBP: 00007f9fda42f090 R08: 0000000000000000 R09: 0000000000000000
[  254.176330][T18231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  254.176342][T18231] R13: 00007f9fdbc26038 R14: 00007f9fdbc25fa0 R15: 00007fffc8137cc8
[  254.176360][T18231]  </TASK>
[  254.385506][T18232] syzkaller1: entered allmulticast mode
[  254.430023][   T29] kauditd_printk_skb: 2300 callbacks suppressed
[  254.430094][   T29] audit: type=1326 audit(3909160866.197:111921): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18230 comm="syz.6.5626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1703bdefc9 code=0x7ffc0000
[  254.460011][   T29] audit: type=1326 audit(3909160866.197:111922): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18230 comm="syz.6.5626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1703bdefc9 code=0x7ffc0000
[  254.483657][   T29] audit: type=1326 audit(3909160866.197:111923): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18230 comm="syz.6.5626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1703bdefc9 code=0x7ffc0000
[  254.507407][   T29] audit: type=1326 audit(3909160866.197:111924): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18230 comm="syz.6.5626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1703bdefc9 code=0x7ffc0000
[  254.531244][   T29] audit: type=1326 audit(3909160866.197:111925): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18230 comm="syz.6.5626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1703bdefc9 code=0x7ffc0000
[  254.555082][   T29] audit: type=1326 audit(3909160866.197:111926): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18230 comm="syz.6.5626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1703bdefc9 code=0x7ffc0000
[  254.578692][   T29] audit: type=1326 audit(3909160866.227:111927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18227 comm="syz.1.5625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f00af61efc9 code=0x7ffc0000
[  254.602357][   T29] audit: type=1326 audit(3909160866.227:111928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18227 comm="syz.1.5625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af61efc9 code=0x7ffc0000
[  254.626015][   T29] audit: type=1326 audit(3909160866.227:111929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18227 comm="syz.1.5625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af61efc9 code=0x7ffc0000
[  254.649924][   T29] audit: type=1326 audit(3909160866.267:111930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18237 comm="syz.0.5628" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f701dccefc9 code=0x7ffc0000
[  254.673986][T18231] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  254.970103][T18280] loop6: detected capacity change from 0 to 512
[  254.982972][T18280] msdos: Unknown parameter 'ó~qÚ­öÞŒ…Ô_ñà'
[  255.045904][T18271] can0: slcan on ptm0.
[  255.102541][T18270] can0 (unregistered): slcan off ptm0.
[  255.118613][T18287] __nla_validate_parse: 2 callbacks suppressed
[  255.118626][T18287] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5649'.
[  255.166678][T18294] syzkaller1: entered promiscuous mode
[  255.172193][T18294] syzkaller1: entered allmulticast mode
[  255.198573][T18304] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  255.207004][T18304] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  255.247004][T18301] netlink: 'syz.6.5653': attribute type 1 has an invalid length.
[  255.260528][T18301] 8021q: adding VLAN 0 to HW filter on device bond1
[  255.269531][T18300] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5653'.
[  255.270988][T18301] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5653'.
[  255.423711][T18324] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5663'.
[  255.432798][T18327] loop6: detected capacity change from 0 to 512
[  255.969146][T18354] chnl_net:caif_netlink_parms(): no params data found
[  256.017081][T18376] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5676'.
[  256.056880][T18354] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.064105][T18354] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.071591][T18354] bridge_slave_0: entered allmulticast mode
[  256.078145][T18354] bridge_slave_0: entered promiscuous mode
[  256.087388][T18354] bridge0: port 2(bridge_slave_1) entered blocking state
[  256.094483][T18354] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.101635][T18354] bridge_slave_1: entered allmulticast mode
[  256.108135][T18354] bridge_slave_1: entered promiscuous mode
[  256.132764][T18354] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  256.143723][T18354] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  256.164442][T18354] team0: Port device team_slave_0 added
[  256.171304][T18354] team0: Port device team_slave_1 added
[  256.201378][T18354] batman_adv: batadv0: Adding interface: batadv_slave_0
[  256.208386][T18354] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  256.234374][T18354] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  256.246406][T18354] batman_adv: batadv0: Adding interface: batadv_slave_1
[  256.253389][T18354] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  256.279291][T18354] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  256.308705][T18396] FAULT_INJECTION: forcing a failure.
[  256.308705][T18396] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  256.321836][T18396] CPU: 0 UID: 0 PID: 18396 Comm: syz.5.5685 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  256.321862][T18396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  256.321874][T18396] Call Trace:
[  256.321881][T18396]  <TASK>
[  256.321888][T18396]  __dump_stack+0x1d/0x30
[  256.321909][T18396]  dump_stack_lvl+0xe8/0x140
[  256.321930][T18396]  dump_stack+0x15/0x1b
[  256.322027][T18396]  should_fail_ex+0x265/0x280
[  256.322047][T18396]  should_fail+0xb/0x20
[  256.322063][T18396]  should_fail_usercopy+0x1a/0x20
[  256.322084][T18396]  _copy_from_iter+0xd2/0xe80
[  256.322174][T18396]  packet_sendmsg+0x2003/0x31f0
[  256.322245][T18396]  ? __rcu_read_unlock+0x4f/0x70
[  256.322268][T18396]  ? avc_has_perm_noaudit+0x1b1/0x200
[  256.322291][T18396]  ? avc_has_perm+0xf7/0x180
[  256.322320][T18396]  ? selinux_socket_sendmsg+0x175/0x1b0
[  256.322348][T18396]  ? __pfx_packet_sendmsg+0x10/0x10
[  256.322377][T18396]  __sock_sendmsg+0x145/0x180
[  256.322400][T18396]  ____sys_sendmsg+0x31e/0x4e0
[  256.322439][T18396]  ___sys_sendmsg+0x17b/0x1d0
[  256.322560][T18396]  __x64_sys_sendmsg+0xd4/0x160
[  256.322593][T18396]  x64_sys_call+0x191e/0x3000
[  256.322718][T18396]  do_syscall_64+0xd2/0x200
[  256.322736][T18396]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  256.322761][T18396]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  256.322869][T18396]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.322933][T18396] RIP: 0033:0x7f9fdb9cefc9
[  256.322948][T18396] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  256.323041][T18396] RSP: 002b:00007f9fda42f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  256.323087][T18396] RAX: ffffffffffffffda RBX: 00007f9fdbc25fa0 RCX: 00007f9fdb9cefc9
[  256.323100][T18396] RDX: 0000000000000000 RSI: 0000200000002ac0 RDI: 0000000000000003
[  256.323113][T18396] RBP: 00007f9fda42f090 R08: 0000000000000000 R09: 0000000000000000
[  256.323126][T18396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  256.323139][T18396] R13: 00007f9fdbc26038 R14: 00007f9fdbc25fa0 R15: 00007fffc8137cc8
[  256.323159][T18396]  </TASK>
[  256.333996][T18354] hsr_slave_0: entered promiscuous mode
[  256.547343][T18354] hsr_slave_1: entered promiscuous mode
[  256.554132][T18354] debugfs: 'hsr0' already exists in 'hsr'
[  256.559856][T18354] Cannot create hsr debugfs directory
[  256.698739][T18416] loop6: detected capacity change from 0 to 512
[  256.913072][ T8779] $Hÿ (unregistering): Released all slaves
[  256.919269][   T42] smc: removing ib device syz2
[  256.934048][ T8779] bond1 (unregistering): Released all slaves
[  256.941317][T18434] hub 1-0:1.0: USB hub found
[  256.946693][T18434] hub 1-0:1.0: 8 ports detected
[  257.193932][T18449] syzkaller1: entered promiscuous mode
[  257.199434][T18449] syzkaller1: entered allmulticast mode
[  257.273765][T18354] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  257.301588][T18354] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  257.321392][T18354] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  257.342603][ T8779] tipc: Left network mode
[  257.347289][T18354] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  257.359888][ T8779] hsr_slave_0: left promiscuous mode
[  257.365806][ T8779] hsr_slave_1: left promiscuous mode
[  257.502361][T18465] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5710'.
[  257.512492][T18464] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5710'.
[  257.520841][T18354] 8021q: adding VLAN 0 to HW filter on device bond0
[  257.534638][T18465] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5710'.
[  257.546483][T18354] 8021q: adding VLAN 0 to HW filter on device team0
[  257.565450][ T8762] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.572521][ T8762] bridge0: port 1(bridge_slave_0) entered forwarding state
[  257.593365][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.600511][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[  257.692807][T18354] 8021q: adding VLAN 0 to HW filter on device batadv0
[  257.794374][T18354] veth0_vlan: entered promiscuous mode
[  257.809703][T18354] veth1_vlan: entered promiscuous mode
[  257.822664][T18496] loop6: detected capacity change from 0 to 512
[  257.823661][T18354] veth0_macvtap: entered promiscuous mode
[  257.842596][T18354] veth1_macvtap: entered promiscuous mode
[  257.862553][T18498] syzkaller1: entered promiscuous mode
[  257.868036][T18498] syzkaller1: entered allmulticast mode
[  257.880477][T18354] batman_adv: batadv0: Interface activated: batadv_slave_0
[  257.893614][T18354] batman_adv: batadv0: Interface activated: batadv_slave_1
[  257.903729][   T42] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  257.929480][   T42] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  257.945290][   T42] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  257.967500][   T42] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  257.992138][T18507] syzkaller1: entered promiscuous mode
[  257.997610][T18507] syzkaller1: entered allmulticast mode
[  258.019180][T18511] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  258.085955][T18520] FAULT_INJECTION: forcing a failure.
[  258.085955][T18520] name failslab, interval 1, probability 0, space 0, times 0
[  258.098808][T18520] CPU: 0 UID: 0 PID: 18520 Comm: syz.0.5724 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  258.098831][T18520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  258.098844][T18520] Call Trace:
[  258.098850][T18520]  <TASK>
[  258.098857][T18520]  __dump_stack+0x1d/0x30
[  258.098930][T18520]  dump_stack_lvl+0xe8/0x140
[  258.098949][T18520]  dump_stack+0x15/0x1b
[  258.098963][T18520]  should_fail_ex+0x265/0x280
[  258.098980][T18520]  should_failslab+0x8c/0xb0
[  258.099009][T18520]  kmem_cache_alloc_noprof+0x50/0x480
[  258.099037][T18520]  ? getname_flags+0x80/0x3b0
[  258.099064][T18520]  getname_flags+0x80/0x3b0
[  258.099102][T18520]  getname_uflags+0x21/0x30
[  258.099224][T18520]  __x64_sys_execveat+0x5d/0x90
[  258.099248][T18520]  x64_sys_call+0x1fec/0x3000
[  258.099266][T18520]  do_syscall_64+0xd2/0x200
[  258.099282][T18520]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  258.099305][T18520]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  258.099341][T18520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.099360][T18520] RIP: 0033:0x7f2f9897efc9
[  258.099375][T18520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  258.099393][T18520] RSP: 002b:00007f2f973be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  258.099413][T18520] RAX: ffffffffffffffda RBX: 00007f2f98bd6090 RCX: 00007f2f9897efc9
[  258.099435][T18520] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  258.099472][T18520] RBP: 00007f2f973be090 R08: 0000000000001000 R09: 0000000000000000
[  258.099485][T18520] R10: 0000200000004780 R11: 0000000000000246 R12: 0000000000000001
[  258.099498][T18520] R13: 00007f2f98bd6128 R14: 00007f2f98bd6090 R15: 00007fff8a97c6e8
[  258.099516][T18520]  </TASK>
[  258.280709][T18519] program syz.1.5727 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  258.291202][T18522] sg_write: 2 callbacks suppressed
[  258.291279][T18522] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  258.291279][T18522]    program syz.5.5728 not setting count and/or reply_len properly
[  258.339497][T18526] sg_write: data in/out 8156/120 bytes for SCSI command 0x0-- guessing data in;
[  258.339497][T18526]    program syz.1.5730 not setting count and/or reply_len properly
[  258.575714][T18552] loop6: detected capacity change from 0 to 512
[  258.630013][T18553] program syz.4.5740 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  258.648617][T18553] pim6reg1: entered allmulticast mode
[  258.665844][T18553] netlink: 256 bytes leftover after parsing attributes in process `syz.4.5740'.
[  258.816219][T18561] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5745'.
[  258.900021][T18565] wireguard0: entered promiscuous mode
[  258.905651][T18565] wireguard0: entered allmulticast mode
[  258.953389][T18571] SELinux: failed to load policy
[  259.040469][T12144]  (unregistering): left allmulticast mode
[  259.181970][T18576] chnl_net:caif_netlink_parms(): no params data found
[  259.221184][T18576] bridge0: port 1(bridge_slave_0) entered blocking state
[  259.228352][T18576] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.236067][T18576] bridge_slave_0: entered allmulticast mode
[  259.242586][T18576] bridge_slave_0: entered promiscuous mode
[  259.249677][T18576] bridge0: port 2(bridge_slave_1) entered blocking state
[  259.256766][T18576] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.265169][T18576] bridge_slave_1: entered allmulticast mode
[  259.273041][T18576] bridge_slave_1: entered promiscuous mode
[  259.291148][T18576] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  259.304136][ T8762] netdevsim netdevsim6 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  259.314027][ T8762] netdevsim netdevsim6 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.326207][T18576] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  259.369325][ T8762] netdevsim netdevsim6 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  259.379333][ T8762] netdevsim netdevsim6 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.401060][T18576] team0: Port device team_slave_0 added
[  259.441093][T18576] team0: Port device team_slave_1 added
[  259.452460][T18597] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  259.472561][ T8762] netdevsim netdevsim6 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  259.482707][ T8762] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.500784][T18576] batman_adv: batadv0: Adding interface: batadv_slave_0
[  259.507819][T18576] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  259.533860][T18576] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  259.573964][   T29] kauditd_printk_skb: 1288 callbacks suppressed
[  259.573978][   T29] audit: type=1326 audit(2000000260.615:113217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18600 comm="syz.1.5755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af61efc9 code=0x7ffc0000
[  259.604039][   T29] audit: type=1326 audit(2000000260.615:113218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18600 comm="syz.1.5755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00af61efc9 code=0x7ffc0000
[  259.628205][   T29] audit: type=1326 audit(2000000260.615:113219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18600 comm="syz.1.5755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af61efc9 code=0x7ffc0000
[  259.652096][   T29] audit: type=1326 audit(2000000260.615:113220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18600 comm="syz.1.5755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af61efc9 code=0x7ffc0000
[  259.677790][   T29] audit: type=1326 audit(2000000260.615:113221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18600 comm="syz.1.5755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00af61efc9 code=0x7ffc0000
[  259.701713][   T29] audit: type=1326 audit(2000000260.615:113222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18600 comm="syz.1.5755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af61efc9 code=0x7ffc0000
[  259.725407][   T29] audit: type=1326 audit(2000000260.615:113223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18600 comm="syz.1.5755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af61efc9 code=0x7ffc0000
[  259.749081][   T29] audit: type=1326 audit(2000000260.615:113224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18600 comm="syz.1.5755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f00af61efc9 code=0x7ffc0000
[  259.772957][   T29] audit: type=1326 audit(2000000260.615:113225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18600 comm="syz.1.5755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af61efc9 code=0x7ffc0000
[  259.796661][   T29] audit: type=1326 audit(2000000260.615:113226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18600 comm="syz.1.5755" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00af61efc9 code=0x7ffc0000
[  259.823967][ T8762] netdevsim netdevsim6 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  259.833812][ T8762] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  259.859584][T18576] batman_adv: batadv0: Adding interface: batadv_slave_1
[  259.866646][T18576] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  259.892947][T18576] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  259.935478][T18576] hsr_slave_0: entered promiscuous mode
[  259.941641][T18576] hsr_slave_1: entered promiscuous mode
[  259.950017][T18576] debugfs: 'hsr0' already exists in 'hsr'
[  259.955813][T18576] Cannot create hsr debugfs directory
[  260.293062][ T8762] bond0 (unregistering): Released all slaves
[  260.301974][ T8762] bond1 (unregistering): Released all slaves
[  260.384763][ T8762] tipc: Left network mode
[  260.404662][ T8762] hsr_slave_0: left promiscuous mode
[  260.410421][ T8762] hsr_slave_1: left promiscuous mode
[  260.426377][ T8762] veth1_macvtap: left promiscuous mode
[  260.440249][ T8762] veth0_macvtap: left promiscuous mode
[  260.445930][ T8762] veth1_vlan: left promiscuous mode
[  260.451262][ T8762] veth0_vlan: left promiscuous mode
[  260.464029][T18627] loop5: detected capacity change from 0 to 512
[  260.471113][T18627] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[  260.711191][T18640] FAULT_INJECTION: forcing a failure.
[  260.711191][T18640] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  260.724343][T18640] CPU: 1 UID: 0 PID: 18640 Comm: syz.4.5769 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  260.724418][T18640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  260.724430][T18640] Call Trace:
[  260.724436][T18640]  <TASK>
[  260.724445][T18640]  __dump_stack+0x1d/0x30
[  260.724466][T18640]  dump_stack_lvl+0xe8/0x140
[  260.724487][T18640]  dump_stack+0x15/0x1b
[  260.724504][T18640]  should_fail_ex+0x265/0x280
[  260.724580][T18640]  should_fail+0xb/0x20
[  260.724596][T18640]  should_fail_usercopy+0x1a/0x20
[  260.724616][T18640]  _copy_from_iter+0xd2/0xe80
[  260.724706][T18640]  packet_sendmsg+0x2003/0x31f0
[  260.724733][T18640]  ? __rcu_read_unlock+0x4f/0x70
[  260.724777][T18640]  ? avc_has_perm_noaudit+0x1b1/0x200
[  260.724809][T18640]  ? avc_has_perm+0xf7/0x180
[  260.724828][T18640]  ? selinux_socket_sendmsg+0x175/0x1b0
[  260.724851][T18640]  ? __pfx_packet_sendmsg+0x10/0x10
[  260.724920][T18640]  __sock_sendmsg+0x145/0x180
[  260.724934][T18640]  ____sys_sendmsg+0x31e/0x4e0
[  260.725029][T18640]  ___sys_sendmsg+0x17b/0x1d0
[  260.725068][T18640]  __x64_sys_sendmsg+0xd4/0x160
[  260.725087][T18640]  x64_sys_call+0x191e/0x3000
[  260.725161][T18640]  do_syscall_64+0xd2/0x200
[  260.725190][T18640]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  260.725205][T18640]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  260.725278][T18640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  260.725290][T18640] RIP: 0033:0x7fea1759efc9
[  260.725299][T18640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  260.725309][T18640] RSP: 002b:00007fea16007038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  260.725338][T18640] RAX: ffffffffffffffda RBX: 00007fea177f5fa0 RCX: 00007fea1759efc9
[  260.725350][T18640] RDX: 0000000000000000 RSI: 0000200000002ac0 RDI: 0000000000000003
[  260.725363][T18640] RBP: 00007fea16007090 R08: 0000000000000000 R09: 0000000000000000
[  260.725418][T18640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  260.725426][T18640] R13: 00007fea177f6038 R14: 00007fea177f5fa0 R15: 00007ffeb60c2c98
[  260.725436][T18640]  </TASK>
[  260.969548][ T8762] IPVS: stop unused estimator thread 0...
[  261.067374][T18647] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  261.076001][T18576] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  261.086008][T18651] FAULT_INJECTION: forcing a failure.
[  261.086008][T18651] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  261.099072][T18651] CPU: 1 UID: 0 PID: 18651 Comm: syz.0.5773 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  261.099168][T18651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  261.099181][T18651] Call Trace:
[  261.099188][T18651]  <TASK>
[  261.099195][T18651]  __dump_stack+0x1d/0x30
[  261.099217][T18651]  dump_stack_lvl+0xe8/0x140
[  261.099235][T18651]  dump_stack+0x15/0x1b
[  261.099296][T18651]  should_fail_ex+0x265/0x280
[  261.099316][T18651]  should_fail+0xb/0x20
[  261.099333][T18651]  should_fail_usercopy+0x1a/0x20
[  261.099355][T18651]  _copy_to_user+0x20/0xa0
[  261.099413][T18651]  simple_read_from_buffer+0xb5/0x130
[  261.099436][T18651]  proc_fail_nth_read+0x10e/0x150
[  261.099466][T18651]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  261.099493][T18651]  vfs_read+0x1a8/0x770
[  261.099588][T18651]  ? __rcu_read_unlock+0x4f/0x70
[  261.099610][T18651]  ? __fget_files+0x184/0x1c0
[  261.099667][T18651]  ksys_read+0xda/0x1a0
[  261.099691][T18651]  __x64_sys_read+0x40/0x50
[  261.099714][T18651]  x64_sys_call+0x27c0/0x3000
[  261.099736][T18651]  do_syscall_64+0xd2/0x200
[  261.099758][T18651]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  261.099785][T18651]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  261.099820][T18651]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.099841][T18651] RIP: 0033:0x7f2f9897d9dc
[  261.099856][T18651] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  261.099889][T18651] RSP: 002b:00007f2f973df030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  261.099909][T18651] RAX: ffffffffffffffda RBX: 00007f2f98bd5fa0 RCX: 00007f2f9897d9dc
[  261.099922][T18651] RDX: 000000000000000f RSI: 00007f2f973df0a0 RDI: 0000000000000008
[  261.099935][T18651] RBP: 00007f2f973df090 R08: 0000000000000000 R09: 0000000000000000
[  261.099947][T18651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.099968][T18651] R13: 00007f2f98bd6038 R14: 00007f2f98bd5fa0 R15: 00007fff8a97c6e8
[  261.099986][T18651]  </TASK>
[  261.304305][T18576] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  261.315686][T18576] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  261.328171][T18576] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  261.384900][T18661] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[  261.462481][T18576] 8021q: adding VLAN 0 to HW filter on device bond0
[  261.501186][T18576] 8021q: adding VLAN 0 to HW filter on device team0
[  261.527563][ T8779] bridge0: port 1(bridge_slave_0) entered blocking state
[  261.534686][ T8779] bridge0: port 1(bridge_slave_0) entered forwarding state
[  261.568838][T18576] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  261.579280][T18576] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  261.620057][T18684] loop5: detected capacity change from 0 to 512
[  261.632503][ T8779] bridge0: port 2(bridge_slave_1) entered blocking state
[  261.639579][ T8779] bridge0: port 2(bridge_slave_1) entered forwarding state
[  261.660396][T18686] lo: entered allmulticast mode
[  261.668536][T18686] __nla_validate_parse: 1 callbacks suppressed
[  261.668548][T18686] netlink: 156 bytes leftover after parsing attributes in process `syz.1.5785'.
[  261.736859][T18692] nfs: Unknown parameter 'noac'
[  261.761113][T18576] 8021q: adding VLAN 0 to HW filter on device batadv0
[  261.787260][T18694] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5787'.
[  261.936950][T18730] netlink: 'syz.1.5795': attribute type 10 has an invalid length.
[  261.971351][T18730] team0: Port device dummy0 added
[  261.991876][T18730] netlink: 'syz.1.5795': attribute type 10 has an invalid length.
[  262.027799][T18576] veth0_vlan: entered promiscuous mode
[  262.040606][T18730] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  262.053324][T18730] team0: Failed to send options change via netlink (err -105)
[  262.060954][T18730] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  262.069904][T18730] team0: Port device dummy0 removed
[  262.077606][T18730] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  262.094322][T18576] veth1_vlan: entered promiscuous mode
[  262.136770][T18576] veth0_macvtap: entered promiscuous mode
[  262.147739][T18742] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5796'.
[  262.174833][T18576] veth1_macvtap: entered promiscuous mode
[  262.203687][T18744] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5798'.
[  262.261223][T18576] batman_adv: batadv0: Interface activated: batadv_slave_0
[  262.316859][T18576] batman_adv: batadv0: Interface activated: batadv_slave_1
[  262.348631][T18748] block device autoloading is deprecated and will be removed.
[  262.389047][   T42] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  262.435930][   T42] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  262.451720][   T42] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  262.462235][   T42] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  262.562808][T18758] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  262.609872][T18757] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  262.609872][T18757]    program syz.6.5801 not setting count and/or reply_len properly
[  262.876420][T18766] syzkaller1: entered promiscuous mode
[  262.881944][T18766] syzkaller1: entered allmulticast mode
[  262.961913][T18770] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  262.961913][T18770]    program syz.6.5807 not setting count and/or reply_len properly
[  263.075018][T18782] loop5: detected capacity change from 0 to 164
[  263.097217][T18782] ISOFS: unable to read i-node block
[  263.112931][T18782] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  263.202204][T18790] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  263.202204][T18790]    program syz.6.5814 not setting count and/or reply_len properly
[  263.228470][T18782] isofs_fill_super: get root inode failed
[  263.959941][T18796] syzkaller1: entered promiscuous mode
[  263.965901][T18796] syzkaller1: entered allmulticast mode
[  264.123174][T18782] netlink: 'syz.5.5812': attribute type 1 has an invalid length.
[  264.135633][T18782] 8021q: adding VLAN 0 to HW filter on device bond1
[  264.214876][T18811] syzkaller1: entered promiscuous mode
[  264.220368][T18811] syzkaller1: entered allmulticast mode
[  264.297949][T18816] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  264.297949][T18816]    program syz.0.5824 not setting count and/or reply_len properly
[  264.315999][T18823] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  264.315999][T18823]    program syz.5.5827 not setting count and/or reply_len properly
[  264.344141][T18830] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  264.365516][T18830] loop6: detected capacity change from 0 to 512
[  264.393871][T18830] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  264.396505][T18836] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5832'.
[  264.423138][T18830] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 214 vs 220 free clusters
[  264.454983][T18830] EXT4-fs (loop6): 1 truncate cleaned up
[  264.464260][T18830] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.487918][T18830] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  264.531411][T18851] sg_write: data in/out 8156/120 bytes for SCSI command 0x0-- guessing data in;
[  264.531411][T18851]    program syz.0.5840 not setting count and/or reply_len properly
[  264.590932][T18860] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5843'.
[  264.618398][T18862] FAULT_INJECTION: forcing a failure.
[  264.618398][T18862] name failslab, interval 1, probability 0, space 0, times 0
[  264.631103][T18862] CPU: 1 UID: 0 PID: 18862 Comm: syz.4.5844 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  264.631130][T18862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  264.631143][T18862] Call Trace:
[  264.631150][T18862]  <TASK>
[  264.631230][T18862]  __dump_stack+0x1d/0x30
[  264.631248][T18862]  dump_stack_lvl+0xe8/0x140
[  264.631338][T18862]  dump_stack+0x15/0x1b
[  264.631356][T18862]  should_fail_ex+0x265/0x280
[  264.631413][T18862]  should_failslab+0x8c/0xb0
[  264.631439][T18862]  kmem_cache_alloc_noprof+0x50/0x480
[  264.631465][T18862]  ? skb_clone+0x151/0x1f0
[  264.631489][T18862]  skb_clone+0x151/0x1f0
[  264.631575][T18862]  __netlink_deliver_tap+0x2c9/0x500
[  264.631656][T18862]  netlink_unicast+0x66b/0x690
[  264.631683][T18862]  netlink_sendmsg+0x58b/0x6b0
[  264.631768][T18862]  ? __pfx_netlink_sendmsg+0x10/0x10
[  264.631787][T18862]  __sock_sendmsg+0x145/0x180
[  264.631819][T18862]  ____sys_sendmsg+0x31e/0x4e0
[  264.631882][T18862]  ___sys_sendmsg+0x17b/0x1d0
[  264.631952][T18862]  __x64_sys_sendmsg+0xd4/0x160
[  264.632044][T18862]  x64_sys_call+0x191e/0x3000
[  264.632072][T18862]  do_syscall_64+0xd2/0x200
[  264.632091][T18862]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  264.632116][T18862]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  264.632183][T18862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.632204][T18862] RIP: 0033:0x7fea1759efc9
[  264.632220][T18862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.632237][T18862] RSP: 002b:00007fea16007038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  264.632256][T18862] RAX: ffffffffffffffda RBX: 00007fea177f5fa0 RCX: 00007fea1759efc9
[  264.632280][T18862] RDX: 0000000000000800 RSI: 0000200000000400 RDI: 0000000000000003
[  264.632293][T18862] RBP: 00007fea16007090 R08: 0000000000000000 R09: 0000000000000000
[  264.632306][T18862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.632318][T18862] R13: 00007fea177f6038 R14: 00007fea177f5fa0 R15: 00007ffeb60c2c98
[  264.632337][T18862]  </TASK>
[  264.837776][T18858] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  264.837776][T18858]    program syz.5.5842 not setting count and/or reply_len properly
[  264.887462][T18870] FAULT_INJECTION: forcing a failure.
[  264.887462][T18870] name failslab, interval 1, probability 0, space 0, times 0
[  264.900217][T18870] CPU: 1 UID: 0 PID: 18870 Comm: syz.5.5847 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  264.900252][T18870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  264.900263][T18870] Call Trace:
[  264.900268][T18870]  <TASK>
[  264.900323][T18870]  __dump_stack+0x1d/0x30
[  264.900344][T18870]  dump_stack_lvl+0xe8/0x140
[  264.900384][T18870]  dump_stack+0x15/0x1b
[  264.900402][T18870]  should_fail_ex+0x265/0x280
[  264.900422][T18870]  should_failslab+0x8c/0xb0
[  264.900449][T18870]  __kmalloc_noprof+0xa5/0x570
[  264.900479][T18870]  ? sock_kmalloc+0x85/0xc0
[  264.900497][T18870]  ? iovec_from_user+0x5e/0x210
[  264.900521][T18870]  sock_kmalloc+0x85/0xc0
[  264.900555][T18870]  ____sys_sendmsg+0xf8/0x4e0
[  264.900581][T18870]  ___sys_sendmsg+0x17b/0x1d0
[  264.900621][T18870]  __x64_sys_sendmsg+0xd4/0x160
[  264.900654][T18870]  x64_sys_call+0x191e/0x3000
[  264.900723][T18870]  do_syscall_64+0xd2/0x200
[  264.900742][T18870]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  264.900767][T18870]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  264.900794][T18870]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.900827][T18870] RIP: 0033:0x7f9fdb9cefc9
[  264.900843][T18870] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  264.900870][T18870] RSP: 002b:00007f9fda42f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  264.900890][T18870] RAX: ffffffffffffffda RBX: 00007f9fdbc25fa0 RCX: 00007f9fdb9cefc9
[  264.900927][T18870] RDX: 0000000020044010 RSI: 00002000000008c0 RDI: 0000000000000003
[  264.900938][T18870] RBP: 00007f9fda42f090 R08: 0000000000000000 R09: 0000000000000000
[  264.900948][T18870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.900958][T18870] R13: 00007f9fdbc26038 R14: 00007f9fdbc25fa0 R15: 00007fffc8137cc8
[  264.900974][T18870]  </TASK>
[  265.110016][T18868] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5846'.
[  265.146732][T18576] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.217699][   T29] kauditd_printk_skb: 738 callbacks suppressed
[  265.217714][   T29] audit: type=1326 audit(2000001802.251:113963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18885 comm="syz.4.5854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1759efc9 code=0x7ffc0000
[  265.225511][T18888] loop5: detected capacity change from 0 to 2048
[  265.255362][   T29] audit: type=1326 audit(2000001802.291:113964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18885 comm="syz.4.5854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1759efc9 code=0x7ffc0000
[  265.279101][   T29] audit: type=1326 audit(2000001802.291:113965): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18885 comm="syz.4.5854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea1759efc9 code=0x7ffc0000
[  265.302910][   T29] audit: type=1326 audit(2000001802.291:113966): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18885 comm="syz.4.5854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1759efc9 code=0x7ffc0000
[  265.313832][T18888] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  265.326638][   T29] audit: type=1326 audit(2000001802.291:113967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18885 comm="syz.4.5854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1759efc9 code=0x7ffc0000
[  265.362649][   T29] audit: type=1400 audit(2000001802.321:113968): avc:  denied  { unmount } for  pid=11635 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  265.382879][   T29] audit: type=1326 audit(2000001802.321:113969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18885 comm="syz.4.5854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea1759efc9 code=0x7ffc0000
[  265.406578][   T29] audit: type=1326 audit(2000001802.321:113970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18885 comm="syz.4.5854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1759efc9 code=0x7ffc0000
[  265.430356][   T29] audit: type=1326 audit(2000001802.321:113971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18885 comm="syz.4.5854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7fea1759efc9 code=0x7ffc0000
[  265.453936][   T29] audit: type=1326 audit(2000001802.321:113972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18885 comm="syz.4.5854" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1759efc9 code=0x7ffc0000
[  265.494139][T18895] FAULT_INJECTION: forcing a failure.
[  265.494139][T18895] name failslab, interval 1, probability 0, space 0, times 0
[  265.506800][T18895] CPU: 0 UID: 0 PID: 18895 Comm: syz.4.5856 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  265.506825][T18895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  265.506836][T18895] Call Trace:
[  265.506842][T18895]  <TASK>
[  265.506849][T18895]  __dump_stack+0x1d/0x30
[  265.506870][T18895]  dump_stack_lvl+0xe8/0x140
[  265.506886][T18895]  dump_stack+0x15/0x1b
[  265.506956][T18895]  should_fail_ex+0x265/0x280
[  265.506971][T18895]  ? slip_open+0x501/0x920
[  265.506992][T18895]  should_failslab+0x8c/0xb0
[  265.507076][T18895]  __kmalloc_cache_noprof+0x4c/0x4a0
[  265.507158][T18895]  slip_open+0x501/0x920
[  265.507182][T18895]  tty_ldisc_open+0x5d/0xb0
[  265.507257][T18895]  tty_set_ldisc+0x1db/0x380
[  265.507274][T18895]  tiocsetd+0x51/0x60
[  265.507363][T18895]  tty_ioctl+0xa79/0xb80
[  265.507379][T18895]  ? __pfx_tty_ioctl+0x10/0x10
[  265.507400][T18895]  __se_sys_ioctl+0xce/0x140
[  265.507417][T18895]  __x64_sys_ioctl+0x43/0x50
[  265.507432][T18895]  x64_sys_call+0x1816/0x3000
[  265.507478][T18895]  do_syscall_64+0xd2/0x200
[  265.507492][T18895]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  265.507512][T18895]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  265.507534][T18895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.507618][T18895] RIP: 0033:0x7fea1759efc9
[  265.507630][T18895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  265.507717][T18895] RSP: 002b:00007fea16007038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  265.507733][T18895] RAX: ffffffffffffffda RBX: 00007fea177f5fa0 RCX: 00007fea1759efc9
[  265.507743][T18895] RDX: 00002000000002c0 RSI: 0000000000005423 RDI: 0000000000000006
[  265.507753][T18895] RBP: 00007fea16007090 R08: 0000000000000000 R09: 0000000000000000
[  265.507763][T18895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  265.507773][T18895] R13: 00007fea177f6038 R14: 00007fea177f5fa0 R15: 00007ffeb60c2c98
[  265.507788][T18895]  </TASK>
[  265.750575][T18904] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  265.759137][T18904] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  265.768733][T18894] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  265.768733][T18894]    program syz.6.5857 not setting count and/or reply_len properly
[  265.873527][T18910] bond2: option fail_over_mac: invalid value (15)
[  265.892653][T18910] bond2 (unregistering): Released all slaves
[  265.933372][T18901] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  265.959655][T18901] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2048 with error 28
[  265.972323][T18901] EXT4-fs (loop5): This should not happen!! Data will be lost
[  265.972323][T18901] 
[  265.981981][T18901] EXT4-fs (loop5): Total free blocks count 0
[  265.987949][T18901] EXT4-fs (loop5): Free/Dirty block details
[  265.993866][T18901] EXT4-fs (loop5): free_blocks=2415919104
[  265.999579][T18901] EXT4-fs (loop5): dirty_blocks=8208
[  266.004871][T18901] EXT4-fs (loop5): Block reservation details
[  266.010836][T18901] EXT4-fs (loop5): i_reserved_data_blocks=513
[  266.124074][T18901] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 2050 with max blocks 2048 with error 28
[  266.146856][T18924] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  266.208719][T18927] netlink: 20 bytes leftover after parsing attributes in process `syz.1.5865'.
[  266.410965][T18949] FAULT_INJECTION: forcing a failure.
[  266.410965][T18949] name failslab, interval 1, probability 0, space 0, times 0
[  266.423804][T18949] CPU: 0 UID: 0 PID: 18949 Comm: syz.5.5876 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  266.423829][T18949] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  266.423842][T18949] Call Trace:
[  266.423850][T18949]  <TASK>
[  266.423858][T18949]  __dump_stack+0x1d/0x30
[  266.423913][T18949]  dump_stack_lvl+0xe8/0x140
[  266.423935][T18949]  dump_stack+0x15/0x1b
[  266.423949][T18949]  should_fail_ex+0x265/0x280
[  266.424044][T18949]  ? rtnl_newlink+0x5c/0x12d0
[  266.424063][T18949]  should_failslab+0x8c/0xb0
[  266.424086][T18949]  __kmalloc_cache_noprof+0x4c/0x4a0
[  266.424148][T18949]  rtnl_newlink+0x5c/0x12d0
[  266.424209][T18949]  ? trace_event_reg+0xdc/0x170
[  266.424294][T18949]  ? perf_trace_add+0x176/0x1a0
[  266.424315][T18949]  ? event_sched_in+0x675/0x750
[  266.424338][T18949]  ? xas_load+0x413/0x430
[  266.424438][T18949]  ? xas_load+0x413/0x430
[  266.424565][T18949]  ? perf_swevent_event+0x22f/0x450
[  266.424587][T18949]  ? __memcg_slab_free_hook+0x135/0x230
[  266.424669][T18949]  ? __rcu_read_unlock+0x4f/0x70
[  266.424694][T18949]  ? avc_has_perm_noaudit+0x1b1/0x200
[  266.424747][T18949]  ? cred_has_capability+0x210/0x280
[  266.424777][T18949]  ? selinux_capable+0x31/0x40
[  266.424799][T18949]  ? security_capable+0x83/0x90
[  266.424852][T18949]  ? ns_capable+0x7d/0xb0
[  266.424870][T18949]  ? __pfx_rtnl_newlink+0x10/0x10
[  266.424890][T18949]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  266.424917][T18949]  netlink_rcv_skb+0x123/0x220
[  266.424971][T18949]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  266.425064][T18949]  rtnetlink_rcv+0x1c/0x30
[  266.425082][T18949]  netlink_unicast+0x5c0/0x690
[  266.425165][T18949]  netlink_sendmsg+0x58b/0x6b0
[  266.425187][T18949]  ? __pfx_netlink_sendmsg+0x10/0x10
[  266.425251][T18949]  __sock_sendmsg+0x145/0x180
[  266.425344][T18949]  ____sys_sendmsg+0x31e/0x4e0
[  266.425385][T18949]  ___sys_sendmsg+0x17b/0x1d0
[  266.425456][T18949]  __x64_sys_sendmsg+0xd4/0x160
[  266.425490][T18949]  x64_sys_call+0x191e/0x3000
[  266.425512][T18949]  do_syscall_64+0xd2/0x200
[  266.425529][T18949]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  266.425563][T18949]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  266.425606][T18949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  266.425623][T18949] RIP: 0033:0x7f9fdb9cefc9
[  266.425639][T18949] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  266.425657][T18949] RSP: 002b:00007f9fda42f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  266.425678][T18949] RAX: ffffffffffffffda RBX: 00007f9fdbc25fa0 RCX: 00007f9fdb9cefc9
[  266.425711][T18949] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000004
[  266.425724][T18949] RBP: 00007f9fda42f090 R08: 0000000000000000 R09: 0000000000000000
[  266.425737][T18949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  266.425748][T18949] R13: 00007f9fdbc26038 R14: 00007f9fdbc25fa0 R15: 00007fffc8137cc8
[  266.425788][T18949]  </TASK>
[  266.726422][T18950] vlan1: entered promiscuous mode
[  266.731579][T18950] vlan1: entered allmulticast mode
[  266.736702][T18950] hsr_slave_1: entered allmulticast mode
[  266.883442][   T42] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.933925][   T42] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.968112][T18971] ip6tnl1: entered promiscuous mode
[  266.973672][T18971] ip6tnl1: entered allmulticast mode
[  267.006589][   T42] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.079056][   T42] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.170674][   T42] dvmrp1 (unregistering): left allmulticast mode
[  267.224024][   T42] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  267.233336][   T42] bond0 (unregistering): Released all slaves
[  267.241697][   T42] bond1 (unregistering): Released all slaves
[  267.307554][T18966] chnl_net:caif_netlink_parms(): no params data found
[  267.332879][T18999] netlink: 44 bytes leftover after parsing attributes in process `syz.6.5890'.
[  267.335248][   T42] tipc: Left network mode
[  267.352167][T18999] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5890'.
[  267.414429][   T42] hsr_slave_0: left promiscuous mode
[  267.420647][   T42] hsr_slave_1: left promiscuous mode
[  267.428150][   T42] veth1_to_batadv: left promiscuous mode
[  267.434130][   T42] veth0_macvtap: left promiscuous mode
[  267.439748][   T42] veth1_vlan: left promiscuous mode
[  267.445174][   T42] veth0_vlan: left promiscuous mode
[  267.528056][   T42] lo (unregistering): left allmulticast mode
[  267.576324][T18966] bridge0: port 1(bridge_slave_0) entered blocking state
[  267.583725][T18966] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.593302][T18966] bridge_slave_0: entered allmulticast mode
[  267.599762][T18966] bridge_slave_0: entered promiscuous mode
[  267.603656][T19009] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5894'.
[  267.606771][T18966] bridge0: port 2(bridge_slave_1) entered blocking state
[  267.621627][T18966] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.628907][T18966] bridge_slave_1: entered allmulticast mode
[  267.635329][T18966] bridge_slave_1: entered promiscuous mode
[  267.650337][T19009] ip6gretap1: entered promiscuous mode
[  267.673104][T18966] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  267.686966][T18966] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  267.710587][T19019] tipc: Started in network mode
[  267.715578][T19019] tipc: Node identity 4, cluster identity 4711
[  267.721761][T19019] tipc: Node number set to 4
[  267.729914][T18966] team0: Port device team_slave_0 added
[  267.743559][T18966] team0: Port device team_slave_1 added
[  267.781674][T18966] batman_adv: batadv0: Adding interface: batadv_slave_0
[  267.788652][T18966] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  267.814847][T18966] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  267.817423][T19025] netlink: 'syz.0.5900': attribute type 39 has an invalid length.
[  267.826435][T18966] batman_adv: batadv0: Adding interface: batadv_slave_1
[  267.835364][T19026] netlink: 'syz.0.5900': attribute type 39 has an invalid length.
[  267.840196][T18966] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  267.873849][T18966] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  267.892758][   T42] IPVS: stop unused estimator thread 0...
[  267.916744][T18966] hsr_slave_0: entered promiscuous mode
[  267.922938][T18966] hsr_slave_1: entered promiscuous mode
[  267.928914][T18966] debugfs: 'hsr0' already exists in 'hsr'
[  267.934675][T18966] Cannot create hsr debugfs directory
[  267.939100][T19032] loop6: detected capacity change from 0 to 1024
[  267.949060][T19032] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  267.960760][T19032] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #11: comm syz.6.5902: iget: bogus i_mode (1)
[  267.972538][T19032] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.5902: couldn't read orphan inode 11 (err -117)
[  267.985652][T19032] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.032224][T18576] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.275645][ T8790] Bluetooth: hci0: Frame reassembly failed (-84)
[  268.360808][T19068] FAULT_INJECTION: forcing a failure.
[  268.360808][T19068] name failslab, interval 1, probability 0, space 0, times 0
[  268.373657][T19068] CPU: 0 UID: 0 PID: 19068 Comm: syz.4.5916 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  268.373674][T19068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  268.373681][T19068] Call Trace:
[  268.373685][T19068]  <TASK>
[  268.373689][T19068]  __dump_stack+0x1d/0x30
[  268.373737][T19068]  dump_stack_lvl+0xe8/0x140
[  268.373771][T19068]  dump_stack+0x15/0x1b
[  268.373789][T19068]  should_fail_ex+0x265/0x280
[  268.373800][T19068]  should_failslab+0x8c/0xb0
[  268.373892][T19068]  kmem_cache_alloc_noprof+0x50/0x480
[  268.373908][T19068]  ? getname_flags+0x80/0x3b0
[  268.373944][T19068]  getname_flags+0x80/0x3b0
[  268.373968][T19068]  user_path_at+0x28/0x130
[  268.373980][T19068]  do_faccessat+0x380/0x800
[  268.374001][T19068]  __x64_sys_faccessat2+0x51/0x60
[  268.374027][T19068]  x64_sys_call+0x200f/0x3000
[  268.374103][T19068]  do_syscall_64+0xd2/0x200
[  268.374113][T19068]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  268.374127][T19068]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  268.374143][T19068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.374225][T19068] RIP: 0033:0x7fea1759efc9
[  268.374234][T19068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.374255][T19068] RSP: 002b:00007fea16007038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b7
[  268.374332][T19068] RAX: ffffffffffffffda RBX: 00007fea177f5fa0 RCX: 00007fea1759efc9
[  268.374339][T19068] RDX: 0000000000000002 RSI: 0000200000000000 RDI: 0000000000000005
[  268.374346][T19068] RBP: 00007fea16007090 R08: 0000000000000000 R09: 0000000000000000
[  268.374352][T19068] R10: 0000000000001100 R11: 0000000000000246 R12: 0000000000000001
[  268.374359][T19068] R13: 00007fea177f6038 R14: 00007fea177f5fa0 R15: 00007ffeb60c2c98
[  268.374440][T19068]  </TASK>
[  268.589371][T18966] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  268.599925][T18966] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  268.613018][T18966] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  268.620214][T19078] FAULT_INJECTION: forcing a failure.
[  268.620214][T19078] name failslab, interval 1, probability 0, space 0, times 0
[  268.625040][T18966] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  268.632960][T19078] CPU: 1 UID: 0 PID: 19078 Comm: syz.0.5921 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  268.632986][T19078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  268.633022][T19078] Call Trace:
[  268.633028][T19078]  <TASK>
[  268.633036][T19078]  __dump_stack+0x1d/0x30
[  268.633058][T19078]  dump_stack_lvl+0xe8/0x140
[  268.633077][T19078]  dump_stack+0x15/0x1b
[  268.633095][T19078]  should_fail_ex+0x265/0x280
[  268.633115][T19078]  should_failslab+0x8c/0xb0
[  268.633186][T19078]  kmem_cache_alloc_noprof+0x50/0x480
[  268.633213][T19078]  ? xfrm_state_alloc+0x2c/0x190
[  268.633237][T19078]  xfrm_state_alloc+0x2c/0x190
[  268.633258][T19078]  pfkey_add+0x3e5/0x12e0
[  268.633353][T19078]  pfkey_sendmsg+0x718/0x900
[  268.633385][T19078]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  268.633434][T19078]  __sock_sendmsg+0x145/0x180
[  268.633458][T19078]  ____sys_sendmsg+0x31e/0x4e0
[  268.633638][T19078]  ___sys_sendmsg+0x17b/0x1d0
[  268.633738][T19078]  __x64_sys_sendmsg+0xd4/0x160
[  268.633777][T19078]  x64_sys_call+0x191e/0x3000
[  268.633798][T19078]  do_syscall_64+0xd2/0x200
[  268.633815][T19078]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  268.633859][T19078]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  268.633887][T19078]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.633962][T19078] RIP: 0033:0x7f2f9897efc9
[  268.633977][T19078] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.633993][T19078] RSP: 002b:00007f2f973df038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  268.634058][T19078] RAX: ffffffffffffffda RBX: 00007f2f98bd5fa0 RCX: 00007f2f9897efc9
[  268.634071][T19078] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  268.634084][T19078] RBP: 00007f2f973df090 R08: 0000000000000000 R09: 0000000000000000
[  268.634096][T19078] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.634109][T19078] R13: 00007f2f98bd6038 R14: 00007f2f98bd5fa0 R15: 00007fff8a97c6e8
[  268.634127][T19078]  </TASK>
[  268.695305][T19079] netlink: 'syz.4.5920': attribute type 1 has an invalid length.
[  268.846312][T19079] netlink: 'syz.4.5920': attribute type 2 has an invalid length.
[  268.854185][T19079] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5920'.
[  268.864621][T19080] netlink: 'syz.4.5920': attribute type 1 has an invalid length.
[  268.872394][T19080] netlink: 'syz.4.5920': attribute type 2 has an invalid length.
[  268.880855][T19080] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5920'.
[  268.993293][T18966] 8021q: adding VLAN 0 to HW filter on device bond0
[  269.029608][T18966] 8021q: adding VLAN 0 to HW filter on device team0
[  269.044812][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[  269.051900][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[  269.063047][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[  269.070119][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[  269.083983][T19103] SELinux:  Context system_u:object_r:urandom_device_t:s0 is not valid (left unmapped).
[  269.130321][T19103] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  269.147931][T19104] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  269.215829][T19121] loop5: detected capacity change from 0 to 512
[  269.222413][T19105] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19105 comm=syz.4.5926
[  269.244274][T18966] 8021q: adding VLAN 0 to HW filter on device batadv0
[  269.254549][T19121] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  269.267627][T19121] ext4 filesystem being mounted at /161/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  269.278419][T19121] FAULT_INJECTION: forcing a failure.
[  269.278419][T19121] name failslab, interval 1, probability 0, space 0, times 0
[  269.291135][T19121] CPU: 0 UID: 0 PID: 19121 Comm: syz.5.5932 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  269.291198][T19121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  269.291208][T19121] Call Trace:
[  269.291213][T19121]  <TASK>
[  269.291220][T19121]  __dump_stack+0x1d/0x30
[  269.291242][T19121]  dump_stack_lvl+0xe8/0x140
[  269.291261][T19121]  dump_stack+0x15/0x1b
[  269.291278][T19121]  should_fail_ex+0x265/0x280
[  269.291320][T19121]  should_failslab+0x8c/0xb0
[  269.291344][T19121]  __kmalloc_noprof+0xa5/0x570
[  269.291369][T19121]  ? find_tree_dqentry+0x3e/0x8c0
[  269.291424][T19121]  find_tree_dqentry+0x3e/0x8c0
[  269.291442][T19121]  ? __brelse+0x32/0x60
[  269.291464][T19121]  ? from_kuid+0x139/0x320
[  269.291490][T19121]  ? ext4_quota_read+0x22b/0x260
[  269.291545][T19121]  find_tree_dqentry+0x4c9/0x8c0
[  269.291566][T19121]  qtree_read_dquot+0x35c/0x4a0
[  269.291640][T19121]  v2_read_dquot+0x98/0xd0
[  269.291717][T19121]  dquot_acquire+0xce/0x2b0
[  269.291743][T19121]  ext4_acquire_dquot+0x15f/0x200
[  269.291839][T19121]  dqget+0x535/0x8d0
[  269.291866][T19121]  __dquot_initialize+0x27f/0x7c0
[  269.291897][T19121]  dquot_initialize+0x1a/0x30
[  269.291959][T19121]  ext4_setattr+0x1c0/0xfd0
[  269.291978][T19121]  ? selinux_inode_setattr+0x465/0x4e0
[  269.292005][T19121]  ? __pfx_ext4_setattr+0x10/0x10
[  269.292063][T19121]  notify_change+0x872/0x8f0
[  269.292149][T19121]  chown_common+0x2be/0x3f0
[  269.292178][T19121]  ksys_fchown+0xbd/0x110
[  269.292218][T19121]  __x64_sys_fchown+0x3f/0x50
[  269.292242][T19121]  x64_sys_call+0x838/0x3000
[  269.292262][T19121]  do_syscall_64+0xd2/0x200
[  269.292281][T19121]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  269.292352][T19121]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  269.292378][T19121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.292439][T19121] RIP: 0033:0x7f9fdb9cefc9
[  269.292454][T19121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.292470][T19121] RSP: 002b:00007f9fda42f038 EFLAGS: 00000246 ORIG_RAX: 000000000000005d
[  269.292488][T19121] RAX: ffffffffffffffda RBX: 00007f9fdbc25fa0 RCX: 00007f9fdb9cefc9
[  269.292526][T19121] RDX: 000000000000ee01 RSI: 0000000000000000 RDI: 0000000000000004
[  269.292537][T19121] RBP: 00007f9fda42f090 R08: 0000000000000000 R09: 0000000000000000
[  269.292548][T19121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.292558][T19121] R13: 00007f9fdbc26038 R14: 00007f9fdbc25fa0 R15: 00007fffc8137cc8
[  269.292574][T19121]  </TASK>
[  269.540247][T19121] EXT4-fs error (device loop5): ext4_acquire_dquot:6945: comm syz.5.5932: Failed to acquire dquot type 0
[  269.561635][T19127] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19127 comm=syz.0.5931
[  269.595600][T16879] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.617509][T18966] veth0_vlan: entered promiscuous mode
[  269.630928][T18966] veth1_vlan: entered promiscuous mode
[  269.645762][T18966] veth0_macvtap: entered promiscuous mode
[  269.665733][T19132] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  269.665733][T19132]    program syz.4.5933 not setting count and/or reply_len properly
[  269.696812][T18966] veth1_macvtap: entered promiscuous mode
[  269.715227][T18966] batman_adv: batadv0: Interface activated: batadv_slave_0
[  269.716726][T19139] netlink: 129384 bytes leftover after parsing attributes in process `syz.5.5934'.
[  269.725187][T18966] batman_adv: batadv0: Interface activated: batadv_slave_1
[  269.732309][T19139] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[  269.764869][ T8819] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  269.775369][ T8819] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  269.788534][   T52] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  269.799192][   T52] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  269.827143][T19147] FAULT_INJECTION: forcing a failure.
[  269.827143][T19147] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  269.840241][T19147] CPU: 1 UID: 0 PID: 19147 Comm: syz.1.5880 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  269.840258][T19147] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  269.840265][T19147] Call Trace:
[  269.840269][T19147]  <TASK>
[  269.840273][T19147]  __dump_stack+0x1d/0x30
[  269.840287][T19147]  dump_stack_lvl+0xe8/0x140
[  269.840299][T19147]  dump_stack+0x15/0x1b
[  269.840333][T19147]  should_fail_ex+0x265/0x280
[  269.840345][T19147]  should_fail+0xb/0x20
[  269.840400][T19147]  should_fail_usercopy+0x1a/0x20
[  269.840412][T19147]  _copy_from_user+0x1c/0xb0
[  269.840426][T19147]  copy_from_bpfptr+0x5c/0x90
[  269.840438][T19147]  bpf_prog_load+0x73b/0x1100
[  269.840490][T19147]  ? security_bpf+0x2b/0x90
[  269.840505][T19147]  __sys_bpf+0x469/0x7c0
[  269.840518][T19147]  __x64_sys_bpf+0x41/0x50
[  269.840610][T19147]  x64_sys_call+0x2aee/0x3000
[  269.840626][T19147]  do_syscall_64+0xd2/0x200
[  269.840678][T19147]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  269.840693][T19147]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  269.840738][T19147]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.840750][T19147] RIP: 0033:0x7f443944efc9
[  269.840759][T19147] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.840769][T19147] RSP: 002b:00007f4437eb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  269.840833][T19147] RAX: ffffffffffffffda RBX: 00007f44396a5fa0 RCX: 00007f443944efc9
[  269.840840][T19147] RDX: 0000000000000094 RSI: 0000200000000840 RDI: 0000000000000005
[  269.840847][T19147] RBP: 00007f4437eb7090 R08: 0000000000000000 R09: 0000000000000000
[  269.840854][T19147] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.840860][T19147] R13: 00007f44396a6038 R14: 00007f44396a5fa0 R15: 00007fff00ef5cc8
[  269.840876][T19147]  </TASK>
[  270.107731][T19162] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5942'.
[  270.116713][T19162] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  270.124181][T19162] batman_adv: batadv0: Removing interface: batadv_slave_0
[  270.132067][T19162] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  270.139448][T19162] batman_adv: batadv0: Removing interface: batadv_slave_1
[  270.244422][   T29] kauditd_printk_skb: 553 callbacks suppressed
[  270.244435][   T29] audit: type=1326 audit(2000002319.279:114525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19163 comm="syz.0.5943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f9897efc9 code=0x7ffc0000
[  270.267932][T19164] FAULT_INJECTION: forcing a failure.
[  270.267932][T19164] name failslab, interval 1, probability 0, space 0, times 0
[  270.274535][   T29] audit: type=1326 audit(2000002319.279:114526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19163 comm="syz.0.5943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2f9897d810 code=0x7ffc0000
[  270.286864][T19164] CPU: 0 UID: 0 PID: 19164 Comm: syz.0.5943 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  270.286890][T19164] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  270.286902][T19164] Call Trace:
[  270.286951][T19164]  <TASK>
[  270.286958][T19164]  __dump_stack+0x1d/0x30
[  270.286995][T19164]  dump_stack_lvl+0xe8/0x140
[  270.287016][T19164]  dump_stack+0x15/0x1b
[  270.287033][T19164]  should_fail_ex+0x265/0x280
[  270.287052][T19164]  should_failslab+0x8c/0xb0
[  270.287149][T19164]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[  270.287254][T19164]  ? __alloc_skb+0x101/0x320
[  270.287281][T19164]  __alloc_skb+0x101/0x320
[  270.287429][T19164]  ? audit_log_start+0x342/0x720
[  270.287450][T19164]  audit_log_start+0x3a0/0x720
[  270.287469][T19164]  ? kstrtouint+0x76/0xc0
[  270.287497][T19164]  audit_seccomp+0x48/0x100
[  270.287555][T19164]  ? __seccomp_filter+0x82d/0x1250
[  270.287584][T19164]  __seccomp_filter+0x83e/0x1250
[  270.287647][T19164]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  270.287718][T19164]  ? vfs_write+0x7e8/0x960
[  270.287740][T19164]  ? __rcu_read_unlock+0x4f/0x70
[  270.287763][T19164]  ? __fget_files+0x184/0x1c0
[  270.287789][T19164]  __secure_computing+0x82/0x150
[  270.287831][T19164]  syscall_trace_enter+0xcf/0x1e0
[  270.287857][T19164]  do_syscall_64+0xac/0x200
[  270.287874][T19164]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  270.287954][T19164]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  270.287994][T19164]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.288014][T19164] RIP: 0033:0x7f2f9897efc9
[  270.288032][T19164] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  270.288106][T19164] RSP: 002b:00007f2f973df038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e5
[  270.288125][T19164] RAX: ffffffffffffffda RBX: 00007f2f98bd5fa0 RCX: 00007f2f9897efc9
[  270.288137][T19164] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  270.288228][T19164] RBP: 00007f2f973df090 R08: 0000000000000000 R09: 0000000000000000
[  270.288239][T19164] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  270.288251][T19164] R13: 00007f2f98bd6038 R14: 00007f2f98bd5fa0 R15: 00007fff8a97c6e8
[  270.288338][T19164]  </TASK>
[  270.288346][T19164] audit: audit_lost=20 audit_rate_limit=0 audit_backlog_limit=64
[  270.310582][   T29] audit: type=1326 audit(2000002319.279:114527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19163 comm="syz.0.5943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2f9897da7f code=0x7ffc0000
[  270.315180][ T4022] Bluetooth: hci0: command 0x1003 tx timeout
[  270.320402][T19164] audit: out of memory in audit_log_start
[  270.335019][ T3839] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  270.350139][   T29] audit: type=1326 audit(2000002319.369:114528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19163 comm="syz.0.5943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f2f9897d9dc code=0x7ffc0000
[  270.460523][T19168] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  270.460523][T19168]    program syz.0.5945 not setting count and/or reply_len properly
[  270.479129][   T29] audit: type=1326 audit(2000002319.369:114529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19163 comm="syz.0.5943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2f9897da7f code=0x7ffc0000
[  270.643590][   T29] audit: type=1326 audit(2000002319.369:114530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19163 comm="syz.0.5943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f2f9897dc2a code=0x7ffc0000
[  270.667070][   T29] audit: type=1326 audit(2000002319.369:114531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19163 comm="syz.0.5943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f9897efc9 code=0x7ffc0000
[  270.690680][   T29] audit: type=1326 audit(2000002319.369:114532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19163 comm="syz.0.5943" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f9897efc9 code=0x7ffc0000
[  270.742928][T19173] loop5: detected capacity change from 0 to 512
[  270.879337][T19190] loop5: detected capacity change from 0 to 512
[  270.892791][T19192] netlink: 108 bytes leftover after parsing attributes in process `syz.4.5956'.
[  270.943910][T19203] FAULT_INJECTION: forcing a failure.
[  270.943910][T19203] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  270.957320][T19203] CPU: 0 UID: 0 PID: 19203 Comm: syz.4.5960 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  270.957347][T19203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  270.957359][T19203] Call Trace:
[  270.957364][T19203]  <TASK>
[  270.957371][T19203]  __dump_stack+0x1d/0x30
[  270.957421][T19203]  dump_stack_lvl+0xe8/0x140
[  270.957439][T19203]  dump_stack+0x15/0x1b
[  270.957455][T19203]  should_fail_ex+0x265/0x280
[  270.957481][T19203]  should_fail_alloc_page+0xf2/0x100
[  270.957569][T19203]  alloc_pages_bulk_noprof+0xef/0x540
[  270.957657][T19203]  copy_splice_read+0xf3/0x660
[  270.957723][T19203]  ? __pfx_copy_splice_read+0x10/0x10
[  270.957742][T19203]  splice_direct_to_actor+0x26f/0x680
[  270.957762][T19203]  ? __pfx_direct_splice_actor+0x10/0x10
[  270.957824][T19203]  do_splice_direct+0xda/0x150
[  270.957845][T19203]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  270.957874][T19203]  do_sendfile+0x380/0x650
[  270.957904][T19203]  __x64_sys_sendfile64+0x105/0x150
[  270.957932][T19203]  x64_sys_call+0x2bb4/0x3000
[  270.957951][T19203]  do_syscall_64+0xd2/0x200
[  270.958018][T19203]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  270.958104][T19203]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  270.958190][T19203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.958220][T19203] RIP: 0033:0x7fea1759efc9
[  270.958235][T19203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  270.958274][T19203] RSP: 002b:00007fea16007038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  270.958291][T19203] RAX: ffffffffffffffda RBX: 00007fea177f5fa0 RCX: 00007fea1759efc9
[  270.958301][T19203] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[  270.958311][T19203] RBP: 00007fea16007090 R08: 0000000000000000 R09: 0000000000000000
[  270.958323][T19203] R10: 00000000003fffff R11: 0000000000000246 R12: 0000000000000001
[  270.958406][T19203] R13: 00007fea177f6038 R14: 00007fea177f5fa0 R15: 00007ffeb60c2c98
[  270.958424][T19203]  </TASK>
[  271.302185][T19222] netlink: 'syz.6.5968': attribute type 4 has an invalid length.
[  271.350254][T19226] netlink: 108 bytes leftover after parsing attributes in process `syz.1.5970'.
[  271.401100][T19234] tipc: Started in network mode
[  271.406107][T19234] tipc: Node identity 4, cluster identity 4711
[  271.412271][T19234] tipc: Node number set to 4
[  271.476189][T19245] loop6: detected capacity change from 0 to 512
[  271.494308][T19245] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  271.528850][T19245] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  271.540193][T19245] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5978'.
[  271.549284][T19245] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  271.556691][T19245] batman_adv: batadv0: Removing interface: batadv_slave_0
[  271.565000][T19245] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  271.572521][T19253] FAULT_INJECTION: forcing a failure.
[  271.572521][T19253] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  271.572546][T19253] CPU: 0 UID: 0 PID: 19253 Comm: syz.5.5981 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  271.572570][T19253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  271.572581][T19253] Call Trace:
[  271.572618][T19253]  <TASK>
[  271.572624][T19253]  __dump_stack+0x1d/0x30
[  271.572646][T19253]  dump_stack_lvl+0xe8/0x140
[  271.572680][T19253]  dump_stack+0x15/0x1b
[  271.572697][T19253]  should_fail_ex+0x265/0x280
[  271.572793][T19253]  should_fail+0xb/0x20
[  271.572808][T19253]  should_fail_usercopy+0x1a/0x20
[  271.572839][T19253]  _copy_to_user+0x20/0xa0
[  271.572935][T19253]  rng_dev_read+0x3ef/0x740
[  271.572962][T19253]  ? __pfx_rng_dev_read+0x10/0x10
[  271.573055][T19253]  vfs_readv+0x3fb/0x690
[  271.573091][T19253]  __x64_sys_preadv+0xfd/0x1c0
[  271.573117][T19253]  x64_sys_call+0x282e/0x3000
[  271.573176][T19253]  do_syscall_64+0xd2/0x200
[  271.573271][T19253]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  271.573296][T19253]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  271.573324][T19253]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.573356][T19253] RIP: 0033:0x7f9fdb9cefc9
[  271.573370][T19253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.573393][T19253] RSP: 002b:00007f9fda42f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  271.573453][T19253] RAX: ffffffffffffffda RBX: 00007f9fdbc25fa0 RCX: 00007f9fdb9cefc9
[  271.573465][T19253] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000003
[  271.573477][T19253] RBP: 00007f9fda42f090 R08: 0000000000000000 R09: 0000000000000000
[  271.573545][T19253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.573557][T19253] R13: 00007f9fdbc26038 R14: 00007f9fdbc25fa0 R15: 00007fffc8137cc8
[  271.573575][T19253]  </TASK>
[  271.718762][T19257] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  271.718762][T19257]    program syz.1.5983 not setting count and/or reply_len properly
[  271.722264][T19245] batman_adv: batadv0: Removing interface: batadv_slave_1
[  271.923444][T18576] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.532318][T19318] FAULT_INJECTION: forcing a failure.
[  272.532318][T19318] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  272.545493][T19318] CPU: 1 UID: 0 PID: 19318 Comm: syz.5.5993 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  272.545525][T19318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  272.545536][T19318] Call Trace:
[  272.545543][T19318]  <TASK>
[  272.545551][T19318]  __dump_stack+0x1d/0x30
[  272.545573][T19318]  dump_stack_lvl+0xe8/0x140
[  272.545609][T19318]  dump_stack+0x15/0x1b
[  272.545623][T19318]  should_fail_ex+0x265/0x280
[  272.545640][T19318]  should_fail+0xb/0x20
[  272.545654][T19318]  should_fail_usercopy+0x1a/0x20
[  272.545731][T19318]  strncpy_from_user+0x25/0x230
[  272.545784][T19318]  ? kmem_cache_alloc_noprof+0x242/0x480
[  272.545923][T19318]  ? getname_flags+0x80/0x3b0
[  272.545966][T19318]  getname_flags+0xae/0x3b0
[  272.545989][T19318]  __x64_sys_renameat2+0x5f/0x90
[  272.546013][T19318]  x64_sys_call+0x3f9/0x3000
[  272.546034][T19318]  do_syscall_64+0xd2/0x200
[  272.546107][T19318]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  272.546137][T19318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.546157][T19318] RIP: 0033:0x7f9fdb9cefc9
[  272.546173][T19318] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.546220][T19318] RSP: 002b:00007f9fda42f038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  272.546237][T19318] RAX: ffffffffffffffda RBX: 00007f9fdbc25fa0 RCX: 00007f9fdb9cefc9
[  272.546249][T19318] RDX: ffffffffffffff9c RSI: 0000200000000280 RDI: ffffffffffffff9c
[  272.546279][T19318] RBP: 00007f9fda42f090 R08: 0000000000000000 R09: 0000000000000000
[  272.546292][T19318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  272.546372][T19318] R13: 00007f9fdbc26038 R14: 00007f9fdbc25fa0 R15: 00007fffc8137cc8
[  272.546388][T19318]  </TASK>
[  273.068234][T19371] loop6: detected capacity change from 0 to 1024
[  273.086154][T19368] bridge0: port 2(bridge_slave_1) entered disabled state
[  273.093415][T19368] bridge0: port 1(bridge_slave_0) entered disabled state
[  273.101934][T19371] journal_path: Non-blockdev passed as './file1'
[  273.108285][T19371] EXT4-fs: error: could not find journal device path
[  273.186382][T19368] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  273.204744][T19368] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  273.253646][ T8817] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  273.306867][ T8817] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  273.335903][ T8817] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  273.361805][ T8817] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  273.501219][T19410] loop6: detected capacity change from 0 to 512
[  273.517524][T19408] syz_tun: entered allmulticast mode
[  273.518190][T19402] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  273.518190][T19402]    program syz.5.6008 not setting count and/or reply_len properly
[  273.523899][T19407] syz_tun: left allmulticast mode
[  273.571785][T19413] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6012'.
[  273.580808][T19413] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  273.588304][T19413] batman_adv: batadv0: Removing interface: batadv_slave_0
[  273.600469][T19413] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  273.600659][T19415] sg_write: data in/out 8156/120 bytes for SCSI command 0x0-- guessing data in;
[  273.600659][T19415]    program syz.0.6013 not setting count and/or reply_len properly
[  273.607884][T19413] batman_adv: batadv0: Removing interface: batadv_slave_1
[  273.721420][T19422] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6016'.
[  273.785627][T19432] loop5: detected capacity change from 0 to 512
[  273.834804][T19443] sg_write: data in/out 8156/120 bytes for SCSI command 0x0-- guessing data in;
[  273.834804][T19443]    program syz.1.6024 not setting count and/or reply_len properly
[  273.842579][T19432] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  273.871858][T19445] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19445 comm=syz.1.6025
[  273.881661][T19432] ext4 filesystem being mounted at /180/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  273.902117][T19437] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  273.902117][T19437]    program syz.6.6022 not setting count and/or reply_len properly
[  273.952305][T19451] netlink: 'syz.1.6027': attribute type 1 has an invalid length.
[  273.960077][T19451] netlink: 224 bytes leftover after parsing attributes in process `syz.1.6027'.
[  273.982519][T16879] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.997031][T19453] sg_write: data in/out 8156/120 bytes for SCSI command 0x0-- guessing data in;
[  273.997031][T19453]    program syz.0.6029 not setting count and/or reply_len properly
[  274.049143][T19463] loop6: detected capacity change from 0 to 512
[  274.075067][T19463] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  274.100951][T19463] ext4 filesystem being mounted at /44/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  274.132385][T19463] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6033'.
[  274.152155][T18576] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.166879][T19481] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19481 comm=syz.1.6040
[  274.211382][T19488] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  274.222906][T19488] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  274.236386][T19492] netlink: 20 bytes leftover after parsing attributes in process `syz.6.6044'.
[  274.256240][T19492] netdevsim netdevsim6 netdevsim0: entered promiscuous mode
[  274.265432][T19492] netdevsim netdevsim6 netdevsim0: left promiscuous mode
[  274.397679][T19507] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  274.397679][T19507]    program syz.6.6051 not setting count and/or reply_len properly
[  274.466884][T19528] program syz.1.6061 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  274.497687][T19534] netlink: 20 bytes leftover after parsing attributes in process `syz.4.6064'.
[  274.508454][T19534] FAULT_INJECTION: forcing a failure.
[  274.508454][T19534] name failslab, interval 1, probability 0, space 0, times 0
[  274.521135][T19534] CPU: 0 UID: 0 PID: 19534 Comm: syz.4.6064 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  274.521161][T19534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  274.521172][T19534] Call Trace:
[  274.521178][T19534]  <TASK>
[  274.521184][T19534]  __dump_stack+0x1d/0x30
[  274.521204][T19534]  dump_stack_lvl+0xe8/0x140
[  274.521284][T19534]  dump_stack+0x15/0x1b
[  274.521354][T19534]  should_fail_ex+0x265/0x280
[  274.521373][T19534]  ? alloc_netdev_mqs+0x7da/0xa50
[  274.521400][T19534]  should_failslab+0x8c/0xb0
[  274.521490][T19534]  __kmalloc_cache_noprof+0x4c/0x4a0
[  274.521551][T19534]  alloc_netdev_mqs+0x7da/0xa50
[  274.521633][T19534]  rtnl_create_link+0x239/0x710
[  274.521664][T19534]  rtnl_newlink_create+0x14c/0x620
[  274.521692][T19534]  ? __list_del_entry_valid_or_report+0x65/0x130
[  274.521716][T19534]  ? __mutex_lock+0x25d/0xcc0
[  274.521741][T19534]  rtnl_newlink+0xf29/0x12d0
[  274.521841][T19534]  ? xas_load+0x413/0x430
[  274.521869][T19534]  ? __rcu_read_unlock+0x4f/0x70
[  274.521890][T19534]  ? xa_load+0xb1/0xe0
[  274.521904][T19534]  ? __rcu_read_unlock+0x4f/0x70
[  274.521974][T19534]  ? avc_has_perm_noaudit+0x1b1/0x200
[  274.521993][T19534]  ? cred_has_capability+0x210/0x280
[  274.522021][T19534]  ? selinux_capable+0x31/0x40
[  274.522063][T19534]  ? security_capable+0x83/0x90
[  274.522091][T19534]  ? ns_capable+0x7d/0xb0
[  274.522112][T19534]  ? __pfx_rtnl_newlink+0x10/0x10
[  274.522175][T19534]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  274.522261][T19534]  ? avc_has_perm_noaudit+0x1b1/0x200
[  274.522281][T19534]  netlink_rcv_skb+0x123/0x220
[  274.522314][T19534]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  274.522377][T19534]  rtnetlink_rcv+0x1c/0x30
[  274.522440][T19534]  netlink_unicast+0x5c0/0x690
[  274.522468][T19534]  netlink_sendmsg+0x58b/0x6b0
[  274.522484][T19534]  ? __pfx_netlink_sendmsg+0x10/0x10
[  274.522501][T19534]  __sock_sendmsg+0x145/0x180
[  274.522526][T19534]  ____sys_sendmsg+0x31e/0x4e0
[  274.522558][T19534]  ___sys_sendmsg+0x17b/0x1d0
[  274.522598][T19534]  __x64_sys_sendmsg+0xd4/0x160
[  274.522652][T19534]  x64_sys_call+0x191e/0x3000
[  274.522675][T19534]  do_syscall_64+0xd2/0x200
[  274.522708][T19534]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  274.522767][T19534]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  274.522808][T19534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.522829][T19534] RIP: 0033:0x7fea1759efc9
[  274.522845][T19534] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.522859][T19534] RSP: 002b:00007fea16007038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  274.522912][T19534] RAX: ffffffffffffffda RBX: 00007fea177f5fa0 RCX: 00007fea1759efc9
[  274.522923][T19534] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000040
[  274.522937][T19534] RBP: 00007fea16007090 R08: 0000000000000000 R09: 0000000000000000
[  274.522949][T19534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  274.522962][T19534] R13: 00007fea177f6038 R14: 00007fea177f5fa0 R15: 00007ffeb60c2c98
[  274.523015][T19534]  </TASK>
[  274.867890][T19542] FAULT_INJECTION: forcing a failure.
[  274.867890][T19542] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  274.881148][T19542] CPU: 0 UID: 0 PID: 19542 Comm: syz.1.6067 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  274.881177][T19542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  274.881258][T19542] Call Trace:
[  274.881266][T19542]  <TASK>
[  274.881274][T19542]  __dump_stack+0x1d/0x30
[  274.881296][T19542]  dump_stack_lvl+0xe8/0x140
[  274.881315][T19542]  dump_stack+0x15/0x1b
[  274.881332][T19542]  should_fail_ex+0x265/0x280
[  274.881363][T19542]  should_fail_alloc_page+0xf2/0x100
[  274.881389][T19542]  __alloc_frozen_pages_noprof+0xff/0x360
[  274.881421][T19542]  alloc_pages_mpol+0xb3/0x260
[  274.881441][T19542]  vma_alloc_folio_noprof+0x1aa/0x300
[  274.881564][T19542]  handle_mm_fault+0xec2/0x2be0
[  274.881587][T19542]  ? vma_start_read+0x141/0x1f0
[  274.881617][T19542]  do_user_addr_fault+0x630/0x1080
[  274.881693][T19542]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  274.881721][T19542]  exc_page_fault+0x62/0xa0
[  274.881799][T19542]  asm_exc_page_fault+0x26/0x30
[  274.881818][T19542] RIP: 0033:0x7f4439310cb0
[  274.881832][T19542] Code: 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 49 89 c1 49 29 f1 47 0f b6 0c 08 45 84 c9 74 08 <45> 88 0c 00 49 8b 47 10 48 83 c0 01 49 89 47 10 83 e9 01 73 d3 41
[  274.881849][T19542] RSP: 002b:00007f4437eb64a0 EFLAGS: 00010202
[  274.881864][T19542] RAX: 0000000000015000 RBX: 00007f4437eb6540 RCX: 0000000000000009
[  274.881877][T19542] RDX: 00000000000017f4 RSI: 0000000000000bf5 RDI: 00007f4437eb65e0
[  274.881908][T19542] RBP: 000000000000000a R08: 00007f442fa97000 R09: 0000000000000073
[  274.881920][T19542] R10: 00002000000081c2 R11: 00000000000080f3 R12: 0000000000000801
[  274.881932][T19542] R13: 00007f44394edc40 R14: 0000000000000016 R15: 00007f4437eb65e0
[  274.881949][T19542]  </TASK>
[  275.049445][T19542] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  275.262625][   T29] kauditd_printk_skb: 1367 callbacks suppressed
[  275.262640][   T29] audit: type=1326 audit(2000003604.301:115900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19569 comm="syz.5.6081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fdb9cefc9 code=0x7ffc0000
[  275.294263][   T29] audit: type=1326 audit(2000003604.331:115901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19569 comm="syz.5.6081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=173 compat=0 ip=0x7f9fdb9cefc9 code=0x7ffc0000
[  275.315816][T19574] netlink: 'syz.5.6082': attribute type 1 has an invalid length.
[  275.318009][   T29] audit: type=1326 audit(2000003604.331:115902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19569 comm="syz.5.6081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fdb9cefc9 code=0x7ffc0000
[  275.349289][   T29] audit: type=1326 audit(2000003604.331:115903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19569 comm="syz.5.6081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fdb9cefc9 code=0x7ffc0000
[  275.392214][T19575] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  275.403409][T19575] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  275.418308][T19574] netlink: 'syz.5.6082': attribute type 1 has an invalid length.
[  275.426101][T19574] netlink: 224 bytes leftover after parsing attributes in process `syz.5.6082'.
[  275.490920][   T29] audit: type=1326 audit(2000003604.521:115904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19583 comm="syz.5.6084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fdb9cefc9 code=0x7ffc0000
[  275.521996][   T29] audit: type=1326 audit(2000003604.551:115905): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19583 comm="syz.5.6084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9fdb9cefc9 code=0x7ffc0000
[  275.545811][   T29] audit: type=1326 audit(2000003604.551:115906): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19583 comm="syz.5.6084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fdb9cefc9 code=0x7ffc0000
[  275.569604][   T29] audit: type=1326 audit(2000003604.551:115907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19583 comm="syz.5.6084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fdb9cefc9 code=0x7ffc0000
[  275.593513][   T29] audit: type=1326 audit(2000003604.551:115908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19583 comm="syz.5.6084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9fdb9cefc9 code=0x7ffc0000
[  275.617423][   T29] audit: type=1326 audit(2000003604.551:115909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19583 comm="syz.5.6084" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fdb9cefc9 code=0x7ffc0000
[  275.704291][T19588] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  275.704291][T19588]    program syz.5.6086 not setting count and/or reply_len properly
[  275.891357][T19608] netlink: 'syz.1.6094': attribute type 4 has an invalid length.
[  275.899181][T19608] netlink: 152 bytes leftover after parsing attributes in process `syz.1.6094'.
[  275.912856][T19608] .`: renamed from bond0 (while UP)
[  275.954670][T19612] FAULT_INJECTION: forcing a failure.
[  275.954670][T19612] name failslab, interval 1, probability 0, space 0, times 0
[  275.967399][T19612] CPU: 0 UID: 0 PID: 19612 Comm: syz.1.6096 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  275.967426][T19612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  275.967497][T19612] Call Trace:
[  275.967502][T19612]  <TASK>
[  275.967508][T19612]  __dump_stack+0x1d/0x30
[  275.967527][T19612]  dump_stack_lvl+0xe8/0x140
[  275.967548][T19612]  dump_stack+0x15/0x1b
[  275.967640][T19612]  should_fail_ex+0x265/0x280
[  275.967660][T19612]  should_failslab+0x8c/0xb0
[  275.967744][T19612]  __kmalloc_noprof+0xa5/0x570
[  275.967767][T19612]  ? kobject_get_path+0x92/0x1c0
[  275.967788][T19612]  kobject_get_path+0x92/0x1c0
[  275.967818][T19612]  kobject_uevent_env+0x1da/0x570
[  275.967844][T19612]  kobject_uevent+0x1d/0x30
[  275.967871][T19612]  __kobject_del+0x88/0x190
[  275.967892][T19612]  kobject_put+0x127/0x190
[  275.967910][T19612]  netdev_queue_update_kobjects+0x45f/0x4d0
[  275.967989][T19612]  netdev_unregister_kobject+0xcc/0x270
[  275.968033][T19612]  unregister_netdevice_many_notify+0x1299/0x1690
[  275.968055][T19612]  unregister_netdevice_queue+0x1f5/0x220
[  275.968097][T19612]  unregister_netdev+0xb3/0xe0
[  275.968122][T19612]  slip_close+0xe4/0x100
[  275.968175][T19612]  ? __pfx_slip_close+0x10/0x10
[  275.968242][T19612]  tty_ldisc_close+0x74/0xa0
[  275.968260][T19612]  tty_set_ldisc+0x1b9/0x380
[  275.968280][T19612]  tiocsetd+0x51/0x60
[  275.968302][T19612]  tty_ioctl+0xa79/0xb80
[  275.968359][T19612]  ? __pfx_tty_ioctl+0x10/0x10
[  275.968377][T19612]  __se_sys_ioctl+0xce/0x140
[  275.968395][T19612]  __x64_sys_ioctl+0x43/0x50
[  275.968450][T19612]  x64_sys_call+0x1816/0x3000
[  275.968469][T19612]  do_syscall_64+0xd2/0x200
[  275.968484][T19612]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  275.968526][T19612]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  275.968552][T19612]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.968574][T19612] RIP: 0033:0x7f443944efc9
[  275.968640][T19612] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  275.968654][T19612] RSP: 002b:00007f4437eb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  275.968672][T19612] RAX: ffffffffffffffda RBX: 00007f44396a5fa0 RCX: 00007f443944efc9
[  275.968686][T19612] RDX: 0000200000000080 RSI: 0000000000005423 RDI: 0000000000000003
[  275.968697][T19612] RBP: 00007f4437eb7090 R08: 0000000000000000 R09: 0000000000000000
[  275.968707][T19612] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  275.968718][T19612] R13: 00007f44396a6038 R14: 00007f44396a5fa0 R15: 00007fff00ef5cc8
[  275.968783][T19612]  </TASK>
[  276.251889][T19612] Falling back ldisc for ttyS3.
[  276.398639][T19638] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  276.398639][T19638]    program syz.0.6103 not setting count and/or reply_len properly
[  276.422606][T19640] sg_write: data in/out 8156/120 bytes for SCSI command 0x0-- guessing data in;
[  276.422606][T19640]    program syz.4.6108 not setting count and/or reply_len properly
[  276.502444][T19645] program syz.0.6110 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  276.659308][T19663] loop6: detected capacity change from 0 to 512
[  276.666452][T19663] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  276.678441][T19663] EXT4-fs (loop6): 1 truncate cleaned up
[  276.684673][T19663] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  276.710291][T18576] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.762984][T19674] netlink: 108 bytes leftover after parsing attributes in process `syz.6.6122'.
[  276.781595][T19671] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  276.781595][T19671]    program syz.0.6121 not setting count and/or reply_len properly
[  276.816708][T19679] loop6: detected capacity change from 0 to 1024
[  276.823495][T19679] journal_path: Non-blockdev passed as './file1'
[  276.829873][T19679] EXT4-fs: error: could not find journal device path
[  276.851111][T19681] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19681 comm=syz.0.6125
[  276.945787][T19687] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6128'.
[  277.045762][T19710] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19710 comm=syz.0.6139
[  277.068175][T19702] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  277.068175][T19702]    program syz.6.6135 not setting count and/or reply_len properly
[  277.246698][T19740] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19740 comm=syz.5.6151
[  277.317669][T19734] FAULT_INJECTION: forcing a failure.
[  277.317669][T19734] name failslab, interval 1, probability 0, space 0, times 0
[  277.330336][T19734] CPU: 0 UID: 0 PID: 19734 Comm: syz.0.6148 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  277.330362][T19734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  277.330371][T19734] Call Trace:
[  277.330376][T19734]  <TASK>
[  277.330382][T19734]  __dump_stack+0x1d/0x30
[  277.330401][T19734]  dump_stack_lvl+0xe8/0x140
[  277.330416][T19734]  dump_stack+0x15/0x1b
[  277.330430][T19734]  should_fail_ex+0x265/0x280
[  277.330448][T19734]  should_failslab+0x8c/0xb0
[  277.330472][T19734]  kmem_cache_alloc_noprof+0x50/0x480
[  277.330498][T19734]  ? vm_area_alloc+0x2c/0xb0
[  277.330526][T19734]  vm_area_alloc+0x2c/0xb0
[  277.330548][T19734]  mmap_region+0xa99/0x1620
[  277.330588][T19734]  do_mmap+0x9b3/0xbe0
[  277.330607][T19734]  __se_sys_remap_file_pages+0x537/0x5e0
[  277.330627][T19734]  ? fput+0x8f/0xc0
[  277.330642][T19734]  __x64_sys_remap_file_pages+0x67/0x80
[  277.330663][T19734]  x64_sys_call+0x23b3/0x3000
[  277.330682][T19734]  do_syscall_64+0xd2/0x200
[  277.330705][T19734]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  277.330729][T19734]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  277.330748][T19734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  277.330759][T19734] RIP: 0033:0x7f2f9897efc9
[  277.330768][T19734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  277.330778][T19734] RSP: 002b:00007f2f973df038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d8
[  277.330789][T19734] RAX: ffffffffffffffda RBX: 00007f2f98bd5fa0 RCX: 00007f2f9897efc9
[  277.330795][T19734] RDX: 0000000000000000 RSI: 0000000000400d00 RDI: 000020000051c000
[  277.330802][T19734] RBP: 00007f2f973df090 R08: 0000000000000000 R09: 0000000000000000
[  277.330809][T19734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  277.330815][T19734] R13: 00007f2f98bd6038 R14: 00007f2f98bd5fa0 R15: 00007fff8a97c6e8
[  277.330825][T19734]  </TASK>
[  277.367249][T19747] sg_write: data in/out 268435420/14 bytes for SCSI command 0x0-- guessing data in;
[  277.367249][T19747]    program syz.5.6154 not setting count and/or reply_len properly
[  277.590094][T19762] netlink: 'syz.6.6158': attribute type 1 has an invalid length.
[  277.592436][T19752] macsec1: entered promiscuous mode
[  277.603118][T19752] bridge0: entered promiscuous mode
[  277.608782][T19752] bridge0: port 3(macsec1) entered blocking state
[  277.615279][T19752] bridge0: port 3(macsec1) entered disabled state
[  277.658107][T19752] macsec1: entered allmulticast mode
[  277.663443][T19752] bridge0: entered allmulticast mode
[  277.680345][T19763] nfs4: Bad value for 'source'
[  277.724334][T19752] macsec1: left allmulticast mode
[  277.729454][T19752] bridge0: left allmulticast mode
[  277.736389][T19772] loop5: detected capacity change from 0 to 1024
[  277.744114][T19772] journal_path: Non-blockdev passed as './file1'
[  277.750501][T19772] EXT4-fs: error: could not find journal device path
[  277.757475][T19752] bridge0: left promiscuous mode
[  277.784384][T19762] 8021q: adding VLAN 0 to HW filter on device bond1
[  277.830686][T19779] tipc: Started in network mode
[  277.835988][T19779] tipc: Node identity 4, cluster identity 4711
[  277.842594][T19779] tipc: Node number set to 4
[  277.982868][T19752] x_tables: ip6_tables: CLASSIFY target: used from hooks PREROUTING, but only usable from FORWARD/OUTPUT/POSTROUTING
[  278.068228][T19800] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19800 comm=syz.4.6172
[  278.222046][T19819] batman_adv: batadv0: Removing interface: batadv_slave_0
[  278.229468][T19819] batman_adv: batadv0: Removing interface: batadv_slave_1
[  278.583225][T19854] FAULT_INJECTION: forcing a failure.
[  278.583225][T19854] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  278.596421][T19854] CPU: 0 UID: 0 PID: 19854 Comm: syz.1.6197 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  278.596483][T19854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  278.596496][T19854] Call Trace:
[  278.596502][T19854]  <TASK>
[  278.596510][T19854]  __dump_stack+0x1d/0x30
[  278.596590][T19854]  dump_stack_lvl+0xe8/0x140
[  278.596610][T19854]  dump_stack+0x15/0x1b
[  278.596628][T19854]  should_fail_ex+0x265/0x280
[  278.596649][T19854]  should_fail+0xb/0x20
[  278.596662][T19854]  should_fail_usercopy+0x1a/0x20
[  278.596679][T19854]  _copy_from_user+0x1c/0xb0
[  278.596744][T19854]  __se_sys_add_key+0x20e/0x350
[  278.596777][T19854]  __x64_sys_add_key+0x67/0x80
[  278.596815][T19854]  x64_sys_call+0x28c8/0x3000
[  278.596870][T19854]  do_syscall_64+0xd2/0x200
[  278.596886][T19854]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  278.596911][T19854]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  278.596981][T19854]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.597001][T19854] RIP: 0033:0x7f443944efc9
[  278.597016][T19854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  278.597032][T19854] RSP: 002b:00007f4437eb7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f8
[  278.597051][T19854] RAX: ffffffffffffffda RBX: 00007f44396a5fa0 RCX: 00007f443944efc9
[  278.597081][T19854] RDX: 0000200000000100 RSI: 0000000000000000 RDI: 0000200000000280
[  278.597093][T19854] RBP: 00007f4437eb7090 R08: ffffffffffffffff R09: 0000000000000000
[  278.597106][T19854] R10: 0000000000000018 R11: 0000000000000246 R12: 0000000000000001
[  278.597119][T19854] R13: 00007f44396a6038 R14: 00007f44396a5fa0 R15: 00007fff00ef5cc8
[  278.597142][T19854]  </TASK>
[  278.888925][T19843] SELinux: failed to load policy
[  278.901904][T19866] __nla_validate_parse: 7 callbacks suppressed
[  278.901921][T19866] netlink: 536 bytes leftover after parsing attributes in process `syz.5.6202'.
[  278.935253][T19866] netlink: 60 bytes leftover after parsing attributes in process `syz.5.6202'.
[  278.991070][T19885] netlink: 'syz.4.6208': attribute type 3 has an invalid length.
[  278.999453][T19877] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6207'.
[  279.066504][T19893] vhci_hcd: invalid port number 65
[  279.071672][T19893] vhci_hcd: invalid port number 65
[  279.094357][T19895] netlink: 1276 bytes leftover after parsing attributes in process `syz.0.6209'.
[  279.226199][T19913] FAULT_INJECTION: forcing a failure.
[  279.226199][T19913] name failslab, interval 1, probability 0, space 0, times 0
[  279.238832][T19913] CPU: 0 UID: 0 PID: 19913 Comm: syz.1.6219 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  279.238936][T19913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  279.238951][T19913] Call Trace:
[  279.238956][T19913]  <TASK>
[  279.239004][T19913]  __dump_stack+0x1d/0x30
[  279.239026][T19913]  dump_stack_lvl+0xe8/0x140
[  279.239047][T19913]  dump_stack+0x15/0x1b
[  279.239063][T19913]  should_fail_ex+0x265/0x280
[  279.239079][T19913]  should_failslab+0x8c/0xb0
[  279.239157][T19913]  kmem_cache_alloc_noprof+0x50/0x480
[  279.239184][T19913]  ? audit_log_start+0x342/0x720
[  279.239263][T19913]  audit_log_start+0x342/0x720
[  279.239281][T19913]  ? kstrtouint+0x76/0xc0
[  279.239348][T19913]  audit_seccomp+0x48/0x100
[  279.239452][T19913]  ? __seccomp_filter+0x82d/0x1250
[  279.239474][T19913]  __seccomp_filter+0x83e/0x1250
[  279.239516][T19913]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  279.239541][T19913]  ? vfs_write+0x7e8/0x960
[  279.239560][T19913]  ? __rcu_read_unlock+0x4f/0x70
[  279.239590][T19913]  ? __fget_files+0x184/0x1c0
[  279.239662][T19913]  __secure_computing+0x82/0x150
[  279.239683][T19913]  syscall_trace_enter+0xcf/0x1e0
[  279.239712][T19913]  do_syscall_64+0xac/0x200
[  279.239730][T19913]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  279.239761][T19913]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  279.239865][T19913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.239884][T19913] RIP: 0033:0x7f443944efc9
[  279.239896][T19913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  279.239914][T19913] RSP: 002b:00007f4437eb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000075
[  279.239981][T19913] RAX: ffffffffffffffda RBX: 00007f44396a5fa0 RCX: 00007f443944efc9
[  279.239992][T19913] RDX: ffffffffffffffff RSI: 000000000000ee00 RDI: ffffffffffffffff
[  279.240003][T19913] RBP: 00007f4437eb7090 R08: 0000000000000000 R09: 0000000000000000
[  279.240053][T19913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  279.240065][T19913] R13: 00007f44396a6038 R14: 00007f44396a5fa0 R15: 00007fff00ef5cc8
[  279.240081][T19913]  </TASK>
[  279.452258][T19921] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6221'.
[  279.461803][T19903] serio: Serial port ptm0
[  279.475824][T19921] bond0: Unable to set up delay as MII monitoring is disabled
[  279.483456][T19921] FAULT_INJECTION: forcing a failure.
[  279.483456][T19921] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  279.496603][T19921] CPU: 0 UID: 0 PID: 19921 Comm: syz.4.6221 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  279.496629][T19921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  279.496641][T19921] Call Trace:
[  279.496648][T19921]  <TASK>
[  279.496662][T19921]  __dump_stack+0x1d/0x30
[  279.496684][T19921]  dump_stack_lvl+0xe8/0x140
[  279.496733][T19921]  dump_stack+0x15/0x1b
[  279.496750][T19921]  should_fail_ex+0x265/0x280
[  279.496822][T19921]  should_fail+0xb/0x20
[  279.496837][T19921]  should_fail_usercopy+0x1a/0x20
[  279.496855][T19921]  _copy_to_user+0x20/0xa0
[  279.496877][T19921]  simple_read_from_buffer+0xb5/0x130
[  279.496975][T19921]  proc_fail_nth_read+0x10e/0x150
[  279.497057][T19921]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  279.497119][T19921]  vfs_read+0x1a8/0x770
[  279.497141][T19921]  ? __rcu_read_unlock+0x4f/0x70
[  279.497232][T19921]  ? __fget_files+0x184/0x1c0
[  279.497260][T19921]  ksys_read+0xda/0x1a0
[  279.497314][T19921]  __x64_sys_read+0x40/0x50
[  279.497338][T19921]  x64_sys_call+0x27c0/0x3000
[  279.497360][T19921]  do_syscall_64+0xd2/0x200
[  279.497378][T19921]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  279.497482][T19921]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  279.497510][T19921]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  279.497532][T19921] RIP: 0033:0x7fea1759d9dc
[  279.497605][T19921] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  279.497622][T19921] RSP: 002b:00007fea16007030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  279.497640][T19921] RAX: ffffffffffffffda RBX: 00007fea177f5fa0 RCX: 00007fea1759d9dc
[  279.497652][T19921] RDX: 000000000000000f RSI: 00007fea160070a0 RDI: 0000000000000005
[  279.497742][T19921] RBP: 00007fea16007090 R08: 0000000000000000 R09: 0000000000000000
[  279.497755][T19921] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  279.497767][T19921] R13: 00007fea177f6038 R14: 00007fea177f5fa0 R15: 00007ffeb60c2c98
[  279.497786][T19921]  </TASK>
[  279.899736][T19958] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  279.924695][T19957] netlink: 'syz.5.6237': attribute type 3 has an invalid length.
[  279.937788][T19962] program syz.4.6239 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  279.955409][T19960] rtc_cmos 00:00: Alarms can be up to one day in the future
[  279.971992][ T6011] rtc_cmos 00:00: Alarms can be up to one day in the future
[  279.979499][ T6011] rtc_cmos 00:00: Alarms can be up to one day in the future
[  279.987104][ T6011] rtc_cmos 00:00: Alarms can be up to one day in the future
[  279.987341][T19962] FAULT_INJECTION: forcing a failure.
[  279.987341][T19962] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  279.994671][ T6011] rtc_cmos 00:00: Alarms can be up to one day in the future
[  280.007432][T19962] CPU: 0 UID: 0 PID: 19962 Comm: syz.4.6239 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  280.007458][T19962] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  280.007470][T19962] Call Trace:
[  280.007478][T19962]  <TASK>
[  280.007486][T19962]  __dump_stack+0x1d/0x30
[  280.007508][T19962]  dump_stack_lvl+0xe8/0x140
[  280.007528][T19962]  dump_stack+0x15/0x1b
[  280.007583][T19962]  should_fail_ex+0x265/0x280
[  280.007674][T19962]  should_fail+0xb/0x20
[  280.007689][T19962]  should_fail_usercopy+0x1a/0x20
[  280.007709][T19962]  strncpy_from_user+0x25/0x230
[  280.007736][T19962]  strncpy_from_user_nofault+0x68/0xf0
[  280.007787][T19962]  bpf_probe_read_user_str+0x2a/0x70
[  280.007809][T19962]  bpf_prog_7f11bb5dfa26a882+0x43/0x49
[  280.007910][T19962]  bpf_trace_run2+0x107/0x1c0
[  280.007936][T19962]  ? filename_lookup+0x256/0x340
[  280.007996][T19962]  ? terminate_walk+0x27f/0x2a0
[  280.008021][T19962]  ? filename_lookup+0x256/0x340
[  280.008112][T19962]  kfree+0x351/0x400
[  280.008134][T19962]  ? path_lookupat+0x1fc/0x2a0
[  280.008162][T19962]  filename_lookup+0x256/0x340
[  280.008193][T19962]  ? __pfx_page_put_link+0x10/0x10
[  280.008218][T19962]  ? __pfx_page_put_link+0x10/0x10
[  280.008246][T19962]  do_readlinkat+0x7d/0x320
[  280.008266][T19962]  __x64_sys_readlinkat+0x51/0x60
[  280.008339][T19962]  x64_sys_call+0x16b4/0x3000
[  280.008360][T19962]  do_syscall_64+0xd2/0x200
[  280.008406][T19962]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  280.008432][T19962]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  280.008462][T19962]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.008482][T19962] RIP: 0033:0x7fea1759efc9
[  280.008496][T19962] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  280.008570][T19962] RSP: 002b:00007fea16007038 EFLAGS: 00000246 ORIG_RAX: 000000000000010b
[  280.008594][T19962] RAX: ffffffffffffffda RBX: 00007fea177f5fa0 RCX: 00007fea1759efc9
[  280.008606][T19962] RDX: 0000200000000780 RSI: 00002000000001c0 RDI: 000000000000000c
[  280.008618][T19962] RBP: 00007fea16007090 R08: 0000000000000000 R09: 0000000000000000
[  280.008630][T19962] R10: 00000000000000c6 R11: 0000000000000246 R12: 0000000000000002
[  280.008641][T19962] R13: 00007fea177f6038 R14: 00007fea177f5fa0 R15: 00007ffeb60c2c98
[  280.008674][T19962]  </TASK>
[  280.244416][ T6011] rtc rtc0: __rtc_set_alarm: err=-22
[  280.387023][T19976] FAULT_INJECTION: forcing a failure.
[  280.387023][T19976] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  280.400125][T19976] CPU: 0 UID: 0 PID: 19976 Comm: syz.4.6246 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  280.400165][T19976] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  280.400219][T19976] Call Trace:
[  280.400226][T19976]  <TASK>
[  280.400234][T19976]  __dump_stack+0x1d/0x30
[  280.400255][T19976]  dump_stack_lvl+0xe8/0x140
[  280.400272][T19976]  dump_stack+0x15/0x1b
[  280.400287][T19976]  should_fail_ex+0x265/0x280
[  280.400328][T19976]  should_fail+0xb/0x20
[  280.400345][T19976]  should_fail_usercopy+0x1a/0x20
[  280.400366][T19976]  _copy_from_user+0x1c/0xb0
[  280.400465][T19976]  __copy_msghdr+0x244/0x300
[  280.400491][T19976]  ___sys_sendmsg+0x109/0x1d0
[  280.400536][T19976]  __x64_sys_sendmsg+0xd4/0x160
[  280.400603][T19976]  x64_sys_call+0x191e/0x3000
[  280.400623][T19976]  do_syscall_64+0xd2/0x200
[  280.400706][T19976]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  280.400731][T19976]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  280.400758][T19976]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.400794][T19976] RIP: 0033:0x7fea1759efc9
[  280.400853][T19976] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  280.400871][T19976] RSP: 002b:00007fea16007038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  280.400891][T19976] RAX: ffffffffffffffda RBX: 00007fea177f5fa0 RCX: 00007fea1759efc9
[  280.400963][T19976] RDX: 0000000000000010 RSI: 0000200000000540 RDI: 0000000000000004
[  280.400976][T19976] RBP: 00007fea16007090 R08: 0000000000000000 R09: 0000000000000000
[  280.400988][T19976] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  280.401001][T19976] R13: 00007fea177f6038 R14: 00007fea177f5fa0 R15: 00007ffeb60c2c98
[  280.401058][T19976]  </TASK>
[  280.582781][T19978] loop6: detected capacity change from 0 to 512
[  280.594726][T19978] EXT4-fs error (device loop6): ext4_iget_extra_inode:5075: inode #15: comm syz.6.6247: corrupted in-inode xattr: e_name out of bounds
[  280.605607][   T29] kauditd_printk_skb: 1186 callbacks suppressed
[  280.605621][   T29] audit: type=1400 audit(2000004889.610:117094): avc:  denied  { getopt } for  pid=19977 comm="syz.6.6247" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  280.651910][T19978] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.6247: couldn't read orphan inode 15 (err -117)
[  280.667224][T19978] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  280.686166][   T29] audit: type=1326 audit(2000004889.720:117095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19986 comm="syz.4.6251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1759efc9 code=0x7ffc0000
[  280.709954][   T29] audit: type=1326 audit(2000004889.720:117096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19986 comm="syz.4.6251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea1759efc9 code=0x7ffc0000
[  280.733661][   T29] audit: type=1326 audit(2000004889.720:117097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19986 comm="syz.4.6251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1759efc9 code=0x7ffc0000
[  280.757392][   T29] audit: type=1326 audit(2000004889.720:117098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19986 comm="syz.4.6251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1759efc9 code=0x7ffc0000
[  280.807131][   T29] audit: type=1326 audit(2000004889.720:117099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19986 comm="syz.4.6251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fea1759efc9 code=0x7ffc0000
[  280.830907][   T29] audit: type=1326 audit(2000004889.720:117100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19986 comm="syz.4.6251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1759efc9 code=0x7ffc0000
[  280.831401][T19989] lo speed is unknown, defaulting to 1000
[  280.854799][   T29] audit: type=1326 audit(2000004889.720:117101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19986 comm="syz.4.6251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7fea1759efc9 code=0x7ffc0000
[  280.862753][T19989] lo speed is unknown, defaulting to 1000
[  280.884145][   T29] audit: type=1326 audit(2000004889.720:117102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19986 comm="syz.4.6251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea1759efc9 code=0x7ffc0000
[  280.891014][T19989] lo speed is unknown, defaulting to 1000
[  280.913498][   T29] audit: type=1326 audit(2000004889.720:117103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19986 comm="syz.4.6251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7fea1759efc9 code=0x7ffc0000
[  280.947412][T19989] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  280.958133][T19989] lo speed is unknown, defaulting to 1000
[  280.964301][T19989] lo speed is unknown, defaulting to 1000
[  280.970541][T19989] lo speed is unknown, defaulting to 1000
[  280.976986][T19989] lo speed is unknown, defaulting to 1000
[  280.983269][T19989] lo speed is unknown, defaulting to 1000
[  280.989361][T19989] lo speed is unknown, defaulting to 1000
[  280.995708][T18576] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.995894][T19989] lo speed is unknown, defaulting to 1000
[  281.111384][T20008] netlink: 36 bytes leftover after parsing attributes in process `syz.1.6259'.
[  281.204889][T20023] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  281.259172][T20027] netlink: 'syz.6.6265': attribute type 3 has an invalid length.
[  281.371955][T20042] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6267'.
[  282.199258][T20084] loop6: detected capacity change from 0 to 1024
[  282.205942][T20084] journal_path: Non-blockdev passed as './file1'
[  282.212308][T20084] EXT4-fs: error: could not find journal device path
[  282.296499][T20090] loop5: detected capacity change from 0 to 512
[  282.315757][T20092] lo speed is unknown, defaulting to 1000
[  282.370211][T20102] block device autoloading is deprecated and will be removed.
[  282.508841][T20120] FAULT_INJECTION: forcing a failure.
[  282.508841][T20120] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  282.522222][T20120] CPU: 1 UID: 0 PID: 20120 Comm: syz.5.6304 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  282.522325][T20120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  282.522336][T20120] Call Trace:
[  282.522342][T20120]  <TASK>
[  282.522349][T20120]  __dump_stack+0x1d/0x30
[  282.522438][T20120]  dump_stack_lvl+0xe8/0x140
[  282.522529][T20120]  dump_stack+0x15/0x1b
[  282.522546][T20120]  should_fail_ex+0x265/0x280
[  282.522564][T20120]  should_fail+0xb/0x20
[  282.522578][T20120]  should_fail_usercopy+0x1a/0x20
[  282.522684][T20120]  copy_folio_from_iter_atomic+0x278/0x11b0
[  282.522712][T20120]  ? shmem_write_begin+0xa8/0x190
[  282.522735][T20102] ==================================================================
[  282.522785][T20120]  ? shmem_write_begin+0xe1/0x190
[  282.522806][T20120]  generic_perform_write+0x2c2/0x490
[  282.522831][T20120]  shmem_file_write_iter+0xc5/0xf0
[  282.522930][T20120]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  282.522952][T20120]  vfs_write+0x52a/0x960
[  282.522980][T20120]  ksys_write+0xda/0x1a0
[  282.523004][T20120]  __x64_sys_write+0x40/0x50
[  282.523060][T20120]  x64_sys_call+0x2802/0x3000
[  282.523081][T20120]  do_syscall_64+0xd2/0x200
[  282.523099][T20120]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[  282.523256][T20120]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[  282.523284][T20120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.523310][T20120] RIP: 0033:0x7f9fdb9cda7f
[  282.523325][T20120] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  282.523342][T20120] RSP: 002b:00007f9fda42edf0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  282.523360][T20120] RAX: ffffffffffffffda RBX: 0000000000010000 RCX: 00007f9fdb9cda7f
[  282.523376][T20120] RDX: 0000000000010000 RSI: 00007f9fd200f000 RDI: 0000000000000004
[  282.523388][T20120] RBP: 0000000000000000 R08: 0000000000000000 R09: 000000000000028b
[  282.523441][T20120] R10: 00000000000001d2 R11: 0000000000000293 R12: 0000000000000004
[  282.523469][T20120] R13: 00007f9fda42eef0 R14: 00007f9fda42eeb0 R15: 00007f9fd200f000
[  282.523486][T20120]  </TASK>
[  282.525699][T20120] loop5: detected capacity change from 0 to 128
[  282.532539][T20102] BUG: KCSAN: data-race in data_alloc / prb_reserve
[  282.532560][T20102] 
[  282.532565][T20102] write to 0xffffffff8687b680 of 8 bytes by task 20120 on cpu 1:
[  282.532580][T20102]  data_alloc+0x280/0x2e0
[  282.532595][T20102]  prb_reserve+0x807/0xaf0
[  282.532612][T20102]  vprintk_store+0x56d/0x860
[  282.766143][T20102]  vprintk_emit+0x10d/0x580
[  282.770627][T20102]  vprintk_default+0x26/0x30
[  282.775196][T20102]  vprintk+0x1d/0x30
[  282.779071][T20102]  _printk+0x79/0xa0
[  282.782946][T20102]  show_trace_log_lvl+0x4e3/0x560
[  282.787949][T20102]  __dump_stack+0x1d/0x30
[  282.792298][T20102]  dump_stack_lvl+0xe8/0x140
[  282.796866][T20102]  dump_stack+0x15/0x1b
[  282.800997][T20102]  should_fail_ex+0x265/0x280
[  282.805647][T20102]  should_fail+0xb/0x20
[  282.809776][T20102]  should_fail_usercopy+0x1a/0x20
[  282.814782][T20102]  copy_folio_from_iter_atomic+0x278/0x11b0
[  282.820665][T20102]  generic_perform_write+0x2c2/0x490
[  282.825934][T20102]  shmem_file_write_iter+0xc5/0xf0
[  282.831032][T20102]  vfs_write+0x52a/0x960
[  282.835440][T20102]  ksys_write+0xda/0x1a0
[  282.839670][T20102]  __x64_sys_write+0x40/0x50
[  282.844250][T20102]  x64_sys_call+0x2802/0x3000
[  282.848916][T20102]  do_syscall_64+0xd2/0x200
[  282.853401][T20102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.859287][T20102] 
[  282.861592][T20102] read to 0xffffffff8687b680 of 8 bytes by task 20102 on cpu 0:
[  282.869204][T20102]  prb_reserve+0x220/0xaf0
[  282.873603][T20102]  vprintk_store+0x56d/0x860
[  282.878179][T20102]  vprintk_emit+0x10d/0x580
[  282.882676][T20102]  vprintk_default+0x26/0x30
[  282.887598][T20102]  vprintk+0x1d/0x30
[  282.891482][T20102]  _printk+0x79/0xa0
[  282.895371][T20102]  set_capacity_and_notify+0x14c/0x1f0
[  282.900813][T20102]  loop_set_size+0x2e/0x70
[  282.905218][T20102]  loop_configure+0x828/0x9c0
[  282.909887][T20102]  lo_ioctl+0x1e1/0x12b0
[  282.914118][T20102]  blkdev_ioctl+0x356/0x440
[  282.918609][T20102]  __se_sys_ioctl+0xce/0x140
[  282.923182][T20102]  __x64_sys_ioctl+0x43/0x50
[  282.927754][T20102]  x64_sys_call+0x1816/0x3000
[  282.932441][T20102]  do_syscall_64+0xd2/0x200
[  282.936927][T20102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  282.942804][T20102] 
[  282.945107][T20102] value changed: 0xffffffffffffc2d0 -> 0x000000000009fde0
[  282.952192][T20102] 
[  282.954495][T20102] Reported by Kernel Concurrency Sanitizer on:
[  282.960631][T20102] CPU: 0 UID: 0 PID: 20102 Comm: syz.0.6296 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  282.970446][T20102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  282.980493][T20102] ==================================================================
[  282.522654][T20102] loop0: detected capacity change from 0 to 512
[  282.996011][T20102] /dev/loop0: Can't open blockdev