last executing test programs:

36.316293092s ago: executing program 1 (id=237):
socket$pppl2tp(0x18, 0x1, 0x1)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x34, 0x0, 0x1, 0x70bd2e, 0x25dfdbfe, {}, [@ETHTOOL_A_CHANNELS_TX_COUNT={0x8}, @ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}]}]}, 0x34}}, 0x400c810)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000680), 0xc, 0x0, 0x1, 0x0, 0x0, 0x20008801}, 0x4c040)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
io_uring_setup(0x60f7, &(0x7f0000000a40)={0x0, 0x0, 0x30205, 0xfffffffe, 0x3bd})
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r2, 0xc004743e, &(0x7f0000000300)=0x2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x80}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r3}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)=@o_path={0x0, r4}, 0x18)

36.238267445s ago: executing program 1 (id=238):
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d000000"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000440)='kmem_cache_free\x00', r0}, 0x18)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffa}, [@call={0x85, 0x0, 0x0, 0xd0}, @call={0x85, 0x0, 0x0, 0x11}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f00000007c0)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_SCRNMAP(r2, 0x4b41, &(0x7f0000000200))
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4c000000020601080000000000000000000000400500050002000000050004000310000005000100070000000900020073797a310000000011000300686173683a69702c6d61726b00000000"], 0x4c}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x40, 0x9, 0x6, 0x801, 0x0, 0x0, {0x2, 0x0, 0x9}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0xcb58c9f2fa78421b}, 0x40c0080)
sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000000756de0800000000000000000a0000040500010007000010"], 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)
syz_usb_disconnect(0xffffffffffffffff)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
syz_usbip_server_init(0x4)

35.242754777s ago: executing program 1 (id=252):
r0 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000004c0)={<r2=>0x0, @remote, @local}, &(0x7f0000000500)=0xc)
r3 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'lo\x00', <r4=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x70bd27, 0x25dfdbff, {0xa, 0x17, 0x0, 0xff, r4}, [@IFA_LOCAL={0x14, 0x2, @loopback}, @IFA_FLAGS={0x8, 0x8, 0x288}]}, 0x34}, 0x1, 0x0, 0x0, 0x2004c040}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'bridge0\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="440000001000ffff27bd7000fbdbdf2500000000", @ANYBLOB="fda65f0500000000140012800c0001006d616376746170", @ANYBLOB='\b\x00\n'], 0x44}, 0x1, 0x0, 0x0, 0x308}, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r8, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r9}, 0x94)
sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000008c0)={&(0x7f0000000680)={0x224, 0x0, 0x8, 0x70bd25, 0x25dfdbfb, {}, [@HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}]}, @HEADER={0x40, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vlan0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'team0\x00'}]}, @HEADER={0x34, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_team\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}]}, @HEADER={0x74, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'batadv_slave_1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r6}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}]}, @HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan1\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ipvlan0\x00'}]}]}, 0x224}, 0x1, 0x0, 0x0, 0x8000}, 0x910)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
add_key(&(0x7f0000000040)='encrypted\x00', &(0x7f00000000c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)=ANY=[@ANYBLOB="240000003f000500000000000000df25047c0000040000000c0001"], 0x24}, 0x1, 0x0, 0x0, 0x48800}, 0x0)

35.17573863s ago: executing program 1 (id=255):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
eventfd(0x0)
r0 = syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f0000000100)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x400000}}, {@mb_optimize_scan}, {@grpquota}]}, 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000580), r2)
sendmsg$NFC_CMD_LLC_SET_PARAMS(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f00000026c0)=ANY=[@ANYBLOB="2c0000cac7dc022a321adbd99796ee337246034ed49b7f9a725558d594a1905e57a84955f4c5423f6242dc7b5ac6084979920216bda82cb8b7a78b64fa628c2e2357e8ec009ab8d4377e0e43e3d58eee207d6a59cb2c85d4d329f6c5408ab9ea087eabfb0bc06640a9f078fd579a6645d6085ef138b2c5f1491e2e212b5e7678dda79e2f1f517e2d8b338787aa5d3e990634b81f0f00"/165, @ANYRES16=r3, @ANYBLOB="091929bd7000fddbdf251000000008000100", @ANYRES32=0x0, @ANYBLOB="06001100930200000500100009000000"], 0x2c}, 0x1, 0x0, 0x0, 0x44040}, 0x20000054)
recvmsg(0xffffffffffffffff, 0x0, 0x40000000)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r4}, 0x10)
r5 = creat(&(0x7f00000000c0)='./bus\x00', 0x1a2)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0xacd42, 0x108)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000002300)={'wpan4\x00', <r7=>0x0})
sendmsg$NL802154_CMD_GET_WPAN_PHY(r2, &(0x7f00000025c0)={&(0x7f0000000640)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000002380)={&(0x7f0000002340)={0x38, 0x0, 0x0, 0x70bd27, 0x25dfdbfd, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}]}, 0x38}, 0x1, 0x0, 0x0, 0x24008000}, 0x8c0)
ioctl$AUTOFS_DEV_IOCTL_READY(r6, 0xc0189376, &(0x7f0000000240)={{0x1, 0x1, 0x18, r0, {0x1}}, './file1\x00'})
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r9=>0x0})
sendmsg$nl_route(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x401, 0x20000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x2}}}, @IFLA_LINK={0x8, 0x5, r9}, @IFLA_MASTER={0x8, 0xa, r9}]}, 0x44}, 0x1, 0x0, 0x0, 0x20004885}, 0x4054)
r10 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r10, 0x11b, 0x3, &(0x7f0000000380)=0x20000, 0x4)
setsockopt$XDP_UMEM_REG(r10, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x204000, 0x1000}, 0x20)
r11 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'team_slave_1\x00', <r12=>0x0})
setsockopt$XDP_UMEM_COMPLETION_RING(r10, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)
setsockopt$XDP_UMEM_FILL_RING(r10, 0x11b, 0x5, &(0x7f0000000040)=0x4000, 0x4)
bind$xdp(r10, &(0x7f00000002c0)={0x2c, 0x4, r12, 0x30, r10}, 0x10)
fallocate(r5, 0x0, 0xbf5, 0x2000402)
ioctl$EXT4_IOC_MOVE_EXT(r6, 0xc028660f, &(0x7f0000000040)={0xc, r5, 0x0, 0x0, 0x0, 0xfffffffffe000001})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

34.94028827s ago: executing program 1 (id=257):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c000000"], 0x50)
mount_setattr(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0x8000, &(0x7f00000003c0)={0x1000f5, 0x1, 0x180000}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c3"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', r1, 0x0, 0x200000000000006}, 0x18)
open$dir(0x0, 0x0, 0x12c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x7f, 0x0, 0x0, 0x0, 0x6f}, 0x94)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@random="00008000", @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x18, 0x3a, 0x0, @loopback, @loopback, {[], @mld={0x83, 0x0, 0x0, 0x9, 0xc036, @remote}}}}}}, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0xfffffffffffffd2e, &(0x7f0000000000)='e', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000080)='kfree\x00', r4, 0x0, 0x8}, 0x18)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
recvmmsg(r6, &(0x7f0000001640), 0xb4, 0x34000, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r8}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
rt_sigqueueinfo(0x0, 0x28, 0x0)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)=ANY=[@ANYBLOB="18000000", @ANYRES16=r5, @ANYBLOB="a787000000ff000000000b00000404000180"], 0x18}}, 0x0)
perf_event_open(&(0x7f0000000180)={0x8, 0x80, 0x0, 0x4, 0x0, 0x6, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080), 0x4}, 0x0, 0x0, 0x0, 0x1, 0xb, 0x0, 0x0, 0x0, 0x4, 0x0, 0x8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

34.69447575s ago: executing program 1 (id=261):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000011c0)=@newtaction={0x14, 0x30, 0x871a15abc695fb3d}, 0x14}}, 0x0)

34.69437114s ago: executing program 32 (id=261):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000011c0)=@newtaction={0x14, 0x30, 0x871a15abc695fb3d}, 0x14}}, 0x0)

2.738880335s ago: executing program 2 (id=676):
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000480), 0x80200, 0x0)
ioctl$PTP_SYS_OFFSET_EXTENDED(r0, 0xc4c03d09, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000540)={'ip6tnl0\x00', &(0x7f00000005c0)={'syztnl1\x00', <r2=>0x0, 0x29, 0x9, 0x7, 0x8000, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, @mcast2, 0x8, 0x7800, 0x4b41, 0x1}})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="07000000020000000700fdff0500000000820400", @ANYRES32=r0, @ANYBLOB="f40100"/20, @ANYRES32=r2, @ANYRES32, @ANYBLOB="040000000200"/20, @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00'], 0x50)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r6}, 0x18)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x2, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0, 0x6}, {0xd, 0x1}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0xa, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x5, 0x48f, 0x8000, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x40080}, 0x4000440)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f00000001c0)=0x3)
ioctl$PPPIOCSPASS(r5, 0x40107447, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x60, 0x6, 0x8}]})
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f8, 0x328, 0xc8, 0x8, 0x1a0, 0x5803, 0x328, 0x2e8, 0x2e8, 0x328, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0x138, 0x1a0, 0x0, {0x0, 0x2000000000000}, [@common=@ipv6header={{0x28}, {0x6, 0x4d, 0x1}}, @common=@unspec=@physdev={{0x68}, {'ip6gre0\x00', {}, 'macvlan1\x00', {0xff}, 0x12, 0x5}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x5, 0x8, 0x401, 'netbios-ns\x00', 'syz0\x00'}}}, {{@ipv6={@private0={0xfc, 0x0, '\x00', 0x7}, @remote, [0xffffffff, 0xffffff, 0xff, 0xff000000], [0x0, 0x0, 0xffffff00, 0xffffff00], 'gre0\x00', 'nicvf0\x00', {0x44ed33f51a235323}, {}, 0x32, 0xfc, 0x4}, 0x0, 0x160, 0x188, 0x0, {}, [@common=@inet=@set1={{0x28}, {{0x2, 0x0, 0x7}}}, @common=@srh1={{0x90}, {0x2f, 0x11, 0x0, 0xd, 0x1c, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @empty, @dev={0xfe, 0x80, '\x00', 0x1e}, [0xffffffff, 0xffffffff, 0xffffffff, 0xff], [0xff000000, 0x0, 0x114071d1588b71c6, 0xffffffff], [0xffffffff, 0xff000000, 0xff000000, 0x7fffff00], 0x0, 0x1020}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x9, 0x7}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x0, 0xfffffffb}}}}, 0x458)
connect$inet6(r1, &(0x7f00000003c0)={0xa, 0xfffe, 0x7, @mcast2, 0x6}, 0x1c)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f00000006c0)=@gcm_256={{0x303}, "591d76fbf0466d6d", "7806e2baf1f0bcac2e1ac3a3b65515cc4c27f7c05fdfb7eaf2f34efcf8ecaf45", "fa8cd6a9", "477cc0b9532fb396"}, 0x38)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYRESHEX=r7], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r8}, &(0x7f0000000340), &(0x7f0000000300)=r9}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='kmem_cache_free\x00'}, 0x18)
r10 = timerfd_create(0x0, 0x80000)
timerfd_gettime(r10, &(0x7f0000000040))
syz_open_procfs(0x0, &(0x7f0000000040)='loginuid\x00')
write(r1, &(0x7f0000000740)="000000000002ffff18a7897475539bf598ade5d70d2af71cc20e1c9a00ef931d77c47c0d123ae978347712fdd70cc80030d64a20a96095a26f3a5d8b666469c140939b8faa620df606b90accced43a", 0x38)

2.569172182s ago: executing program 2 (id=682):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r0}, 0x10)
fsync(r0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
r1 = syz_io_uring_setup(0x5d6b, &(0x7f0000000380)={0x0, 0x59dd, 0x80, 0x3, 0xbd6f7fff}, &(0x7f0000000480)=<r2=>0x0, &(0x7f00000000c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_MKDIRAT={0x25, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x10c, 0x0, 0x1})
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001480)=ANY=[], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
io_uring_enter(r1, 0x5535, 0x3acd, 0x22, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000100), &(0x7f0000000080)='./file0\x00', 0x200600, &(0x7f00000000c0)=ANY=[], 0x1, 0x3f9, &(0x7f00000007c0)="$eJzs3E9v2zYfwHEqsfH48YBiQLE2TXNg2x2yQ11JWRwYPWky7bCVJYGSi+Q0FItdBHO6Ye2ANafl0m3A9iK6417Eznszxa47DPAgycmcP3baNI274vsBEtLSz+RPskDGCigBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACE5Tdt27FEoMPuhpzMb5qoM2X/fns3DxVT+hXCyn5EpSIWik0Ll//d/VHRyNXi1VVRyYqK2P3gyod3L5dKRROWmJLQhXjybPfLh4NB7xtZFWLm2Vy8tgp1EumO11ZSJ5Fs1Ov2nfVWIls6UMlmkqqO9I3y0sjIZf8T6TQaK1L9vRl1w3bTC9T+xrXbrm3X5b1arDyTROGde7XEX9dBoMN2HpPtzmLWsgvxvk5lqryOlP3tQW/ltCSzIOdVglwpS1M/Rtd2XcdxXae+2lhds+3SsQ32EeJYxOwvWly4yvhlda7jN/AmhqP5HwAAAAAAvL+s/B579v2/nN+Ht0RLB8qedVoAAAAAAOAc5f/5v5oV5ay2ICy+/wMAAAAA8L75cdIauzkh5kcx/7N+/1MY9f/i1Y6X/fZ2Rnvnj7aYthatS6NG8qJeGr3y1ZJ1rQi6th/9clT0x/Ow/hoOx/LI1wpaxpStvXjjY+vsCYifxWIRs7hVlFv7e4peqi0dqJofBXcd4XmX5lK1kX77ePs7IbLefwo7lyzR3x70al98NdjKc9nLWtnbGS2gOLaOYkouTw/WPR4/81ku5fxGzKjfatGvPX78c8Xb516jz+fienGj53q1iK0ePv5K1qdTO3z0v/4hDmfhvNaRD4fDYbZhPIulImZp+VZW3Fo+IQu3NukzGGXhjmdxpnPxClmsnJaF9f2bZQEAs9I/ZRayxLF59wyjXH/KXxnnN7s/FzeKmBuL+cBaWjxhRLcnjuj++Bx79nn9N3GzODcHz0CYNMdm/f5yZFZ9kb3hxcR+k8C1slM4/3Tna3HlybPd29s7Dx/1HvUeu+5K3f7UtlddUc4PQ5T784OezdwDADiBMi+tavqDZYyOP3caDcdL15U0kX9fGt1sK6nDVBl/3QvbSsYmSiM/CrLKA91UiUy6cRyZVLYiI+Mo0Rv5k1/k6NEviep4Yar9JA6UlyjpR2Hq+als6sSXcfezQCfryuRvTmLl65b2vVRHoUyirvFVTcpEqbFA3VRhqls6q4YyNrrjmU35IAq6HSWbKvGNjtOoaHC/Lx22ItPJm63N+mQDAPCOOHiC3VuszPoYAQDAYczSAAAAAAAAAAAAAAAAAAAAAAC8+y5i/R8VKlT+a5VZj0wA3rZ/AgAA//+sRKem")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x11, 0x200000000000004f, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x41000, 0x37, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={<r7=>0xffffffffffffffff})
ioctl$FIDEDUPERANGE(r7, 0xc0189436, &(0x7f00000005c0)=ANY=[@ANYBLOB="fdffffffffcf3b316b9cffffffffffff7f"])
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x10)
getdents(r8, 0x0, 0x58)
r9 = socket$igmp6(0xa, 0x3, 0x2)
r10 = dup3(r9, r8, 0x0)
r11 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0)
writev(r11, &(0x7f0000000180)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000c00)="0500000000029e", 0x7}], 0x2)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r10, 0xc0189378, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r12=>0xffffffffffffffff, {r9}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_READY(r10, 0xc0189376, &(0x7f0000000200)={{0x1, 0x1, 0x18, r12, {0x3}}, '.\x00'})
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r13 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r14 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r13, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r14}, 0x10)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)

2.492907155s ago: executing program 2 (id=683):
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d000000"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000440)='kmem_cache_free\x00', r0}, 0x18)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffa}, [@call={0x85, 0x0, 0x0, 0xd0}, @call={0x85, 0x0, 0x0, 0x11}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f00000007c0)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_SCRNMAP(r2, 0x4b41, &(0x7f0000000200))
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4c000000020601080000000000000000000000400500050002000000050004000310000005000100070000000900020073797a310000000011000300686173683a69702c6d61726b00000000"], 0x4c}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x801, 0x0, 0x0, {0x2, 0x0, 0x9}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0xcb58c9f2fa78421b}, 0x40c0080)
sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)
syz_usb_disconnect(0xffffffffffffffff)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
syz_usbip_server_init(0x4)

2.412135559s ago: executing program 5 (id=685):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1, 0xa}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48801}, 0x4)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000002c0)={'sit0\x00', &(0x7f0000000380)={'syztnl1\x00', 0x0, 0x610, 0x700, 0x3, 0x0, {{0x5, 0x4, 0x0, 0x4, 0x14, 0x68, 0x0, 0x8, 0x0, 0x0, @empty, @broadcast}}}})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'team0\x00', <r5=>0x0})
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="600000001000ffff2bbd7000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="08860100223803003800128009000100766c616e000000002800028006000100110000001c0003800c00010000000000090000000c000100000000000800000008000500", @ANYRES32=r5], 0x60}, 0x1, 0x0, 0x0, 0x1}, 0x20040044)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000130000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r7}, &(0x7f0000000280), &(0x7f0000000400)=r8}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r9}, 0x10)
r10 = msgget$private(0x0, 0x0)
msgsnd(r10, &(0x7f0000000340)=ANY=[@ANYRES16], 0x2000, 0x0)
msgrcv(r10, 0x0, 0x0, 0x2, 0x3000)
msgctl$IPC_SET(r10, 0x1, &(0x7f00000004c0)={{0x0, 0xee00, 0x0, 0x0, 0x0, 0x0, 0xfffe}, 0x0, 0x0, 0x4, 0x6f76, 0x7, 0x0, 0x1, 0x8, 0x7f, 0x3})
r11 = socket(0x11, 0x3, 0x0)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r13=>0x0})
bind$packet(r11, &(0x7f00000001c0)={0x11, 0x0, r13, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2e}}, 0x14)
setsockopt$packet_int(r11, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r11, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000600)=ANY=[@ANYBLOB="02011400012918000e1a80009f0001140000002f0600ac141430e0000003808a8972bd0b72e41082b1a3d206", @ANYRES8=r13, @ANYBLOB="887f318e60836ab46228ae6901ddbf4c74dc42e3f6c119b67036b2f6af787d03a6812a8a134fba001a30cae6c50d7a195bbfba06aab4"], 0xdd12}], 0x1, 0x0, 0x0, 0x4000007}, 0x4000)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000500)={'syztnl1\x00', &(0x7f0000000480)={'ip6_vti0\x00', 0x0, 0x29, 0xad, 0xf8, 0x1, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, @local, 0x8, 0x80, 0xfffffffa, 0x2}})
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000003b40))

2.098735052s ago: executing program 5 (id=692):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$KDGKBDIACR(0xffffffffffffffff, 0x4bfb, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)

2.046760794s ago: executing program 5 (id=695):
socket$pppl2tp(0x18, 0x1, 0x1)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x34, 0x0, 0x1, 0x70bd2e, 0x25dfdbfe, {}, [@ETHTOOL_A_CHANNELS_TX_COUNT={0x8}, @ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}]}]}, 0x34}}, 0x400c810)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000680), 0xc, 0x0, 0x1, 0x0, 0x0, 0x20008801}, 0x4c040)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_uring_setup(0x60f7, &(0x7f0000000a40)={0x0, 0x0, 0x30205, 0xfffffffe, 0x3bd})
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000300)=0x2)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x80}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r2}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)=@o_path={0x0, r3}, 0x18)

1.982987827s ago: executing program 0 (id=699):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{0x1, <r2=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f00000001c0)=r1}, 0x20)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000002c0), 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r2}, &(0x7f0000000280), &(0x7f0000000300)=r3}, 0x20)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r5 = epoll_create(0x4f01)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000080)={0x90000010})
r6 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000007fc0)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000100)=0x10)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
write$binfmt_script(r7, &(0x7f0000000040), 0x55af)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r7, 0x0)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r6, 0x84, 0x66, &(0x7f0000000080), &(0x7f0000000000)=0x8)

1.968632597s ago: executing program 5 (id=701):
r0 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000004c0)={0x0, @remote, @local}, &(0x7f0000000500)=0xc)
r2 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'lo\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x70bd27, 0x25dfdbff, {0xa, 0x17, 0x0, 0xff, r3}, [@IFA_LOCAL={0x14, 0x2, @loopback}, @IFA_FLAGS={0x8, 0x8, 0x288}]}, 0x34}, 0x1, 0x0, 0x0, 0x2004c040}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'bridge0\x00'})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='D\x00', @ANYRES32=0x0, @ANYBLOB="fda65f0500000000140012800c0001006d616376746170", @ANYBLOB='\b\x00\n'], 0x44}, 0x1, 0x0, 0x0, 0x308}, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x3, &(0x7f0000000800)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r6, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r7=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_lsm={0x6, 0x3, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r7}, 0x94)
sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x910)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
add_key(&(0x7f0000000040)='encrypted\x00', &(0x7f00000000c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)=ANY=[@ANYBLOB="240000003f000500000000000000df25047c0000040000000c0001"], 0x24}, 0x1, 0x0, 0x0, 0x48800}, 0x0)

1.921719439s ago: executing program 0 (id=703):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x19, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000400), 0x204000)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000800)={0x11, @time={0x3b8, 0x39c}, 0x4, {0x0, 0x2}, 0x7f, 0x0, 0x5})
r3 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
sendmsg(r3, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESOCT], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='itimer_state\x00', r4}, 0x18)
r6 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r8, <r10=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000280)=r9}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
sendmsg$nl_route_sched(r6, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)=@newqdisc={0x24, 0x24, 0x4, 0x0, 0xf1ffffff, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
setitimer(0x2, 0x0, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0x11, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000100008000000000460000001811", @ANYRES32=r8, @ANYBLOB="0000000000000000b700b7030000000000008500000083000000bf0900000000000055090100000000b0f6a8517807218a00182a0000000000000000", @ANYRES32=r5, @ANYBLOB="000000000b000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000540)='GPL\x00', 0x80, 0x7f, &(0x7f0000000580)=""/127, 0x40f00, 0x44, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0x7, 0x3}, 0x8, 0x10, &(0x7f0000000640)={0x4, 0x8, 0x4d14, 0x200}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000680)=[r10, r8, r10, r11, r10, r8, r10], &(0x7f0000000980)=[{0x0, 0x2, 0x8, 0xc}, {0x4, 0x4, 0xc, 0xb}], 0x10, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000940)='rcu_utilization\x00', r12, 0x0, 0xb}, 0x18)
r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
semget$private(0x0, 0x6c86b40eae3c8c32, 0x100)
r14 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0xfe, 0xff, 0xff, 0x0, 0x0, 0x18440, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc2d, 0x2, @perf_bp={&(0x7f0000000080)}, 0x2110, 0x5, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0, r13, 0x0, 0xfffffffffffffffc}, 0x18)
chroot(&(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ioctl$TUNSETIFF(r13, 0x400454ca, &(0x7f0000000380)={'batadv0\x00', 0x4000})
close(r14)

1.90848712s ago: executing program 5 (id=704):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3000046, &(0x7f0000000bc0)={[{@dioread_nolock}, {@data_err_abort}, {@inlinecrypt}, {@noauto_da_alloc}, {@data_err_ignore}, {@nojournal_checksum}, {@jqfmt_vfsold}, {@grpquota}, {@noblock_validity}, {@user_xattr}, {@dioread_lock}, {@errors_remount}]}, 0x11, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
syz_mount_image$ext4(&(0x7f0000000640)='ext4\x00', &(0x7f0000000200)='./file2\x00', 0x200000, &(0x7f0000000300), 0xfc, 0x580, &(0x7f0000000f80)="$eJzs3UtrXFUcAPD/nUzS9KFJoRR1IYEurNROmsRHBRd1KVos6L4OyTSUTDolMylNLNgu7MaNFEHEgujOhXuXxS/gpyhooUgJunATuZM76bSZaV4zmdT5/eC259xzZ/7nzL3nzLmPIQH0rbH0n1zEyxHxdRIx0lSWj6xwbG27lUc3ptMlidXVT/5KIsnWNbZPsv8PZ5mXIuK3LyNO5TbGrS4tzxXL5dJClh+vzV8dry4tn748X5wtzZauTE5NnX1ravLdd97uWFtfv/DPdx/f++DsVydWvv3lwdE7SZyLI1lZczt24WZzZizGss9kMM49teFEB4LtJ0mvK8CODGT9fDDSMWAkBtZzLayO7HX1gC76Iu3WQJ9K9H/oU415QOPcvkPnwc+Nh++vnQBtbH9+7dpIDNfPhg6tJNn1kDXp+e5oB+KnMX798+6ddInOXYcA2NTNWxFxJp/fOP4l2fi3c2e2sM3TMbL4bS5AAZ10L53/vNFq/pNbn/9Ei/nP4RZ9dyfa9P8muQcdCNNWOv97r+X8d/2m1ehAlnuhPucbTC5dLpfSse3FiDgZgwfS/DPu53yWW7m/2q6wef6XLmn8xlwwq8eD/IEnXzNTrBV31egmD29FvNJy/pus7/+kxf5PP48LW4xxvHT31XZlm7d/XVduMa3+GPFay/2fPBH4Gfcnx+vHw3jjqNjo79vHf28Xfxvt74qHP2eJ9u0fTZrv11a3H+OH4X9L7cp2evwPJZ/W00PZuuvFWm1hImIo+Wjj+snHr23kG9unx//JE88e/1od/wfTjr3F9t8+drt50+Httb+70vbPtD/+Bzbu/+0n7n/4+fft4m9t/79ZT53M1mxl/NtqBXf7+QEAAAAAAMB+kouII5HkCuvpXK5QWHu+41gcypUr1dqpS5XFKzNR/63saAzmGne6R5qeh5jInodt5Cefyk9FxNGI+GbgYD1fmK6UZ3rdeAAAAAAAAAAAAAAAAAAAANgnDkcMt/r9f+qPgV7XDui6fK8rAPRM+/6flXTiLz0B+9KOv/+HO1sPYO+Z/0P/0v+hf+n/0L/0f+hf+j/0r+b+P9TDegB7bzvf/z+d72JFAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/hwvnz6bK68ujGdJqfuba0OFe5dnqmVJ0rzC9OF6YrC1cLs5XKbLlUmK7Mb/Z+5Url6sRkLF4fr5WqtfHq0vLF+crildrFy/PF2dLF0uCetAoAAAAAAAAAAAAAAAAAAACeL9Wl5bliuVxakJDYUSK/P6oh0ZwY2v379HpkAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDH/gsAAP//3Kw5xQ==")
listxattr(&(0x7f0000000100)='./file1\x00', 0x0, 0x100000)

1.510471817s ago: executing program 5 (id=708):
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000540)={'batadv_slave_1\x00', <r2=>0x0})
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000000)={r2, 0x1, 0x6, @broadcast}, 0x10)
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000080)={r2, 0x1, 0x6, @broadcast}, 0x10)
sendmmsg$inet(r0, &(0x7f0000001100)=[{{&(0x7f00000000c0)={0x2, 0x4e20, @rand_addr=0x64010101}, 0x10, &(0x7f0000000780)=[{0x0}, {&(0x7f0000000300)="06fee5315091f133910dbe1b76de88972cd74b2d0570c115a1210ce3c3a205e053c3b5f456efc8aa68c9b494b63c0a532aca700050f7420db2b21273912889d8f64a775e5f2facc86764080aa84efa37139b137a10f669f214fae769b473d5b86814c2295be4ad327c31d7a25490af14e2b01350cd9da07d1129253d9e01131a75456a8fae431289a0e0b4fc0a5b29fb2122758753f9c4197e02d1878bea6f40f67cdf80835b9442bbe55f47", 0xac}, {&(0x7f00000003c0)="3f35f5059e84c1a9676a9e3ecf79b3a60aed2f39a7aed344e26d7faaa5e737378908e2dca411c0e2da137fcfacc118906d34c20f78147ca83656dbfb8e27a5c29d499823af986d54686f9bcbdcf0595c4c40193a75f3cfcdc276627c16a0df9ce469759a81fffb7c73a6d81e1f1b19807c998f0612ce8983af0c381e569533d03a35f3663f76c057c74f161e7a9c2c3dcbe0b9970028716af100c37f6383a1e99a2627fb32b042a0967a678016bc11ae2319017500b35067404006dd1ddf27dee0abc8c8", 0xc4}, {&(0x7f0000000200)="967db06d633191ca71c54fa43238d3b3a283e62b5e9e9d4bdc9591f4929457be70394812c5e93a96ce71a929023b056e81cacae9c9d259754867f0d7a17689e5a57b02fdc2eac759d99e4afd2e8df0030e979027af17b3cc", 0x58}, {&(0x7f0000002480)="32484b9a3291c95c4c568f2c50deda3a761c24dc3636be1b5547f23e686cdb44c348a5108b6df3519248d6205519b04c3ef06281c2b673e6024f0ca4838c600e5e4bd6bc8f47b0d10fdfd5b25b28b252b3558b23dffe1ff66911a5c5bf4c69888c9ae4f4d0cc4c9a618e172402506e72686f027c61bb8f0bbdbc995caf569f37ed9cb7eb31050229252add5c324df0980b594bc4a27632a43983f6f445a8dafb652f7a70756508614ceaa0bfe40832a361bc1f3ab802ff4664011a6d9c1d9b90c0a5822f15c05435f99fefc62624d2e00953f2c30486d79d511c6e3734cde10dbda413316e6096c5b2537d452e2db07cb300fc5a371821acd9a0177b776dbb4f5e4dfb2b908120c1b6654e19c6e7231a61c2f68eadbc32a9104860ea564c00fdaffd6f1da150b4c1edddd3ddada963572343cb01a5ce28d9b1da2c9ae4954fa652dd74232b2a211124d1c8c04a8d7a8f4705faa90071b4307cb5c60de9e530952e57674c05b9119ec616d3be552c802b9804ae619d06232895efb6bde69f9a079517086fd1c92b2ad799adf3b8fc97b872639087b8f37b64a53ccabdf917b665338c584740151d0bc2589f0f75c241690177fe04f42571417fa37fd4901f3d250aa033df9280511664de9e47aa67fe5428c0cef39a07c117b55c2290b0c14afadb3b0435649a003f1e67d97fe557e7e383bd586499afa19ca3cf32a5240ed97944fef055f0b4c88f100a32e2ec3dbd60819621aecd13684c1f54029af55c7917adf51ab5fee705446efa83f7b9c7f62affeb03dd9f6c1b9e8abf36482514993af999ccb1a620d0269b9ca1857383e04dd5e0ce7832c2bb49c13c84956e2084acd893a02d3bc9ce00860ce117ebc31fa6b153349e83c4d467e5b8543c2b307143733e153ace9058b5706b0f0cd697ecd9f7f799cb2544b02d79e43d3080180af504481f20ce69c58a437bee26e5ab696abbbfaf37455f0c861c681d5e5cde4ace03e66cced040bfd3cf97c88225ff91a5950c1d949a218b0fd2fe3b4d9d499eebf1dfab00f99c31e64292b855dea05956532700a6ab963f3ac3155c1e27c0524c12fe2ecec9a210ee87438e17ad56b23b366439a957f0fb2d912a77ce0088cd7d0503c6376f224961eb0f1b28bec83c826b9fb91e3bd6855660dc31b7c59bd5b3ce131d713e3531cdf208046576d6904d3bf6f304c9c8cca9c6b21718f32ed23e9bd00b5efa528471ae0f554b7c923ae56fce214ee96d73df49e7f63764ebc0cea42170d6ef3785c144b89502e58e8894873e3fba08f76a098f9d05f4a2263d3fb66c1bc4f54756d5ff42a488befaa851fafef11f92839a423f0a89d70b164198c2230bb5f157fdd29def27738adc09e2d2b24809d5f46955c28654ae21c00626bd9d7bef5ec64b62a880f1f3493402104f826764f37500d6230c4fb26c95068de2ac6e40bcc8a101926224d1e0692954c4100222f33be3909207181f36eb7cbddb6943cc29a906600c2f722236feddf53ed3f7603e313afebd0ea0ccea09c218bd6fd41db93c16a3be3a5c170fad7e58702777b620e0d2d49d25ae29744f4fd54b2b4be4b99257dcb4f9950455b08f53d5bc7fd972629ea3c6b0aa4ba8f5a9e8db8a832035eeb1e2d9ccdeb0ff5a16c0baa7fe10420ad610807b01bb167ec9812e54f0e6dad81d05a6312278788273121f84e54d87b090171184d713a842a780e49b2c2ce96083214e2121749b2bbdf3ebf7c18e79c5bfe38bf22b52a3fc207d20e7ed169a2da9dac0d2932b460e99fe1e5669a1340ff3c546e6b0710c542907586ea235ceb9ff44521133345ed6ffc24c92e4b49fc94fbe6ab0c081b02b382d3b30dfd363b30eb3285a893e1ec79012c9f9fddeedb5b8d95f477d0f6bd4eacfd5ead3f0fd70187c9076637e6c435f163fbd167fb3f876d9b81a5884d762fa90569ef5415831ce59182c3c5b80268a853985d5a3d5b4c0e9072bc8958d232d94579bf3effbbbc38ab3e2d96813e477158794a8bff7ba4512be0b84a44bd40de4d4d7193d4574d8c81985e17792a7cc04782258b9aea782e4b8be4916a74ac10ee32be3dfa00b223e2767d054a5e228164e06e9159a5c3fcd09445885605cf962145ccdb0c6ff86049c21f411e12b90a7bc60a1f50d04373977c6c73551844d4f6a391b5fe98ae4f207eb6e6f6cb4a524064a8e34b969fb3f4edbe93e4b9f6ec1e55848d50c9d9cecae91234b5dba0e0ae08339b5c7cc08d1397d09abfe24ee4db045e85ca439186159513bc7446ee539513c4fc765fe463b89e029d01372d142c3aefed34855fa093cddec39ed01b7bea158c1e87d3bc26060314b7346fde466ef7d51ff4cdb15cc197a4efe936b186c684efc312036ba819853aec372d6fd35855cb162fc0d5e034c1b229451c92c7d0b4c8d3a1d174975edc7ae55c7e27d1730c307114c068336dd4ec39fc6369e96ca630456423fafe8efd1b278494fca04a1d2271f044b3e189ae8f557df771cb40a136c0fbb9d0f077f9ddd0b8faaadbffcac467cce2b0add6a9a3f3fb8c5976cd45086a21079a2f577dfff16b213348ac0327677953c8b49617050846908925ab8a7e7c19bcb8027ded9e4c6477e382ef2cd9ad4e371a6c9a4cca94fb997220ca419e71c6b98ff5f470ac3481b6e753ea8f4721d816542994cbc1587a613351dd5a8629e9d971364b9fc5e9d64262ff2ee812b249c8ceeebbbea6f693bd70fad5fed5b3fb504b475149689bad27e3aee563c3ff9a238b24af8fbd21a07d2ed3cf39cdb655a73e7161ea59ffaf74b5a821c018de66ceb7162a12a232f7c5268b79d0566dcc60cef8b62a5e350c2f4cbf532bd52001206c962cbc83ac65dc165529849921ed9495efd231f8c402ced5bf18b2350b1849365298d61156fb35cae25e15466f423500fc29bb4b0e68979d37a98b83027ae32b8c95d4733a5f9da2a8391a94810d4d40a948eb9f5b1e0636aa7b68658adc122cf1d49d2eac5f2d826f48f93c2a8d81aab1d8f6b02fbd406e78d46bf78d1a74f8a074bb5792ffcc0937b8836292b877ca5917535fb602615d51a751d7e6e3b3983c1f6dd48bc5872300f762836f3f1a45d2868c4956d8e2925bff348490079cd650dc6505dce28b8b78c2ba504a5f7e9733c2a21cbe68dd815b0eaf16f24ba557c23f40bde8dfcae0afbdbddea0b222e4cd293ed9e6a2c60b95734ef04b2b7dcd90805b0a477bbdb6034442eef7236cc8861b6798bad9d5af7eaae4aac8f2c384daa1846b3de09586b673d195e6dc9cd0853f03cb6dc513073dee9e966b3faa687ed105e53761d27109ede9c0e72665d1ba79b10bf7df5c4dfcb56b9c94c5c12eda47c8311d528fd1774ba2395134ad12a4fba26de7a6f9f9822a0d50f91d3e2f816b7ceaabac06b73bcdecd62884b494502e64acc2b42314b53aeffaebe6812c60601c5ba6468b96f8dc25cdf1939bc61629bdaa4903a90a122dc10fc1964976e01f512144e05b036c9d8db64b498782dad178998783c9ef65f819ec3850a3a82c0f840a872fac2f5ea584d900cbbcdb9362052a942b32ba1f97c06028697101a07bc0356d9413b0e1944902ebab76c51ed9f8f6a77f5f6cab670832891abe916805d8994927f8a97eb868aaf0602144e6b4fb841ab2963db8768cbffca593a30aa7e136b322fb9e711e44fc52cbfea32ea93f4af166be91d425c309d207830c0e670d5d71c3f5a167814e9d8a295bb1011c308c33ec384efa3980ad51aa6b0fab7b0d09591d61ec5797707ca32e2e2a594ca68b5343494e60b740ef411bb0313a2491af0c5066cb5ddfdf610839373a654c0f7779bc8d26026131a0aa03b09d9aa35869f9668608430b69fb8d5340fb5fd6cf70de855ec3e7d8951ac0c042380786291b99439d01a7e96aaca4a02b0cbf7f5f3a0cf87cfdd6b08d6bbcb453f8eaf14680f01b5e43a1721b2faf32bf53983cc5171e40366fa01618d90a8871d79183dfd5e932fad83f55c75281f7a1e2541a2296f216b943a82dcf6ae695c7f3742772e453d59345fb66553d621f9a60cc4971c7d9793e8101c00e9027d0999f3389b376c6bf1cb1d61704ba3d3ec0091775ffc8274773645c4c2c17904dae265285777e6cd962eeb2cbcf6789ee7af04eaf367ace7c14afdae62ddbac4d969cfb6f31eded35c4432c4a882815b6fd6abaeb30897e58ae5370c96c6426c95811722d8d2cd9f99df471b49a92d5571655894d013000f3600832505c6318bb82c256dcc17b2cd53c9a81d4aecd9f755492566c32fbcfbc68523c87e4469325dc8b6ccbdb0580889f65d9fc8e7f0f587a7a1298ab8f84a91560617281ecc5e8b99f62e95e0a076953930d3dcc6422821b5ca91a2d6759b31250c04931ffa335afdde1e814b9b6ae4617f93cf6c02693715b658952170f868fb2ddbbd68d96e3213aec9c7eef5bfd2a10155ac2ea3bae95a8793c806ae6161bb828ee598dd4ebd0381ef00f38f02fe0e21cb4f72c87c18294eb5e09822103172b654f7bcc0d1d9185982fe5e99dca0a95be1fd280a7aaf0c5463aba2354abc79868ef545a2fa8b2fbc1c848a25d740a05d4cf66e69d728a692db2b9c1090238883df251ec4d4056b1d096466a4d72dfb7afa2ccff9136e5ec0f0d5824be7613ad41c2c3efe94fb69ec6e80b4f5c3687c6221bf8ec8fca5031d77c4344b20dbea1d71b9d3882cfe6151d6af2a4f61ab1686bdb7e0f4006e40976326a2c8f662d4b6ba2489d2464ca12e2d225b6baf6b4ca4a2ae5d6afde325f4d412211b2339c1cd876a8a3848a9c6c5cac0a52226dca3134e8eb75b04636c967a1b38d3f825cda362e23cd62bd76373c4902799de0fe4b1de030eb8586de34424187015fa963990fec1fddc24fb506cc6e326d57c4490281ca7ceddba78e6dcf19e7bf52dc4b1c55cca00a51313a345ef9a170e2615dadbf7da99198ffb1da71c1807fe9c0d8565200d6f7344ba8dcfea531169a7be0fb43fd59ebdac830a561070114d66222ba9ddd7e794d37d3e15b30fb456a82b94fe7d9fad9a6d6ba618a077189a7fa99f88f9e801fb5d7dbd26f54991d3e4002305661be728f99157f522e9b03985622e3c8c84e86cac2c94ad647bd9701cbf0bf101a6fe8028907107f25cdf5631348f1422e71890c7c59af2b2846a2aa4199660956f5a80c0ef4af05082b9efb47ce3ba3b6d5b16e79e5a9a2b5bbbaf683255a07f292565f8e0a1f4159a06c2cb031be945fefe4112554c01c66fb4daf95b16cd5f6bc467133ab2a802e7541f3e78726ce584813c10ce26afa3e0943ac8cec606718a6dba8e6e9a360ef549796fe29868c18fb7e8d6927d0ca70fa709fdaa2f51b593d5eb8c6e0843b08376229b197464acfc967096c4dd8c546e0aedee107e0ca706e16144e0d1a1c05644fe1222b222f4c241a7259d27c29c2a9cefdb2007ec7e6751d92304109951915a21f76c83022b85dfbc2e65af615a888e886781dd29685c7dfcdb0bed8583e6c7c0d15693281d40a4937b917de088a651a3bfad97b0d3b1af1436cbe311b6e6d08a068f36071a69f7867e224120a07ad11a9bcb03a1721c615b842735bec1ce24b1123de910c509fb6bb1990ece177005b52d17a8be98a369fb24384a2113e88ad713bb289d37eaa40d10da007c69a7097afbe18bc0fb9ce0869f7c65a0cadcb38d60957129e9ae619992f1e15fc7358f27885494776bcf480f56bad7a1251725a1a0373b2e13b26ff9e7dcdace27d659f2672b41900c7ad951e87ca0cf2bd06437b2a0d5dad7", 0x1000}, {&(0x7f0000000540)="75e725c03cd8646b14edfdaafc8ddcd0a3434444daa32939fd608527f9eddb9693b1d3faec63fb02df0721c3d8ca428b4038bbbfd16bd6f5aa922bbb0050f051791920a194383c6fec665511c7cbda12fe22aa1d57a140d04c5e369098d5ac0d92f4f1d85b47b9b48b29949d220292f118d617630a50b4577dc90790255b890e8819d59a399a3e40711d2eeab6c38924fc22a1002bf6c737eabc2ccba6b03330c1be2afca67d132ff1aa1cbe0c926a65fd5bca50ff2397bef7df9bc62e56b3c724f91791fb868c1cc0b636f1520e13597933e6f6facdf75a2ba43dd9766a105b65a2bb9d10daf21efdb6059a9ad71a83349985ddb6", 0xf5}, {&(0x7f0000000640)="6bd99827158eb6ea1f0e2c44afc00b2d0579a7476545623a630f1e33b68551d44eac55be39b476b363204feb5481ad26e32db23abacfd967049cf4837d6385961b546bcebf6e3ad84f1ec5102edc59c505299fd2c1e2b235314abbe1f8d8364f919e884ad3097200af26e44647f4911bf0534ab5f8eaafd012a38d426ab569b1210e2bc02201bfc056c73772ec99d91bd85af270eca357", 0x97}, {&(0x7f0000000700)="9e5980005b109704454c2a5b5605b679032aa77c9a86e5816d007c56c56afca4d0e1e2760819be28b137280419e9873e7b6acad13e3289fb810ee38fb237ef5ab7d85f1f389e59a9c6fbfa4e7ac4f38802fd6700822572d362d57cdf653593afc3cf869bb205da25543c853fe52b5d3416ef85bff6f1", 0x76}], 0x8}}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000800)="adda29e223c18d82c4cc6d3ac1750379234d5e1e5cc5ed2ac9c043df6b1b5ad656edc25de5784899c02255f0edf1e092130c65db03767b6cd7271d570bf7b95d444a3c8f49", 0x45}], 0x1}}, {{&(0x7f00000008c0)={0x2, 0x4e24, @private=0xa010101}, 0x10, &(0x7f0000000b00)=[{&(0x7f0000000900)="81e59d7aa665b848b843d2048a648dfff9128709ddc28e84ae0415f3c0ddf5d07e3a183291bd704776ed150d17056d552760965acbe84de6e51b1206d52963575eed", 0x42}, {&(0x7f0000000980)="9c2b934353c6d439baf531c09ea186bb7f29bbfc908ba7696c9e3b50c4f4f1739d60a9bc87947dbf84", 0x29}, {&(0x7f00000009c0)="94892df42f376ce19e9f0886b01027f4beac6a4c99caa4aff6e461cff0a4e286278416121c7eeed114bdc8ea77bd39507e15ab7dad7f0d22f968f5a009215728123b69b260a0d87e67bc9a2b9edd296e28d8d250f597200463b9f79d08adfd5ac9bc21974f6ec1c75b85fa06ff84df3181349db1ebc019850d2268bbdda63a373b8bc27d0b3192f7924d823a4e633d3693dfbe41979810bc2fb135137c3a85df76691bdd2cfcd39d23119273c43ddc1dbe22b5e5378894ad4dd7d6d67212261b391c100bc70d01e6ff38e9168a051c7b0ca7de4e5d033e3930d00bf084f976fbec30e8e1924d4c", 0xe7}, {&(0x7f0000000ac0)}], 0x4, &(0x7f0000003480)=ANY=[@ANYBLOB="110000000000000000000000010000000400000079486014267341f5b642fbec64000000001400000000000000000000000200000004000000000000000800000000000000000000000100000008000000040000003000000000000000000000000700000044207880000004780000000400000fff00000002000000010000002500000004140000000000000000000000020000000000000000000000b8001500000000000000000007000000940400004408541000007fff0713d5640101007f000001e0000001000000008307f164010102071bc564010101ac1414aaac140000000000008eb7140ee000000244184890080000000000000c000000c100000200ffffffff44085ef00000fd068645000000030510739e4d63f8745d8001ee51ae1849010d4ef3c921af33621624e5c4010cc92b0be9f6db923667c70206ce110b4b00040071027b9bce95f286e2f9f923059fa8cf62986c0f797ec960c3bd6e8d8396541f6352c0f669ed85f82ce99c7e44bdad69fef5f979223fb80faf0edd0e947cf701966b1c8fb193"], 0x148}}, {{&(0x7f0000000cc0)={0x2, 0x4e23, @empty}, 0x10, &(0x7f0000000e80)=[{&(0x7f0000000d00)="ab682ab9702fda65b932b687cb5e5f7d12fb742ad9c1ae53a669798cf503800c7a7cf91c3f2151f1fbe5bb0fd455a80363c232b57f79e22889f94fca59d8cf85e95ae91092a70dda9748216c291360f5e01ab67da159b012191301a961ee0812c8fb921a8030eae8d16b09eaaee19fe20adcdeb2bf5efd2dd7dbf0a40d29e78ca8af66ea88f01af6a7f1c4b344024a6d7829a107e6638a3f15338035e725d943c697dd02b834", 0xa6}, {&(0x7f0000000dc0)="880fda2c774164fd241dad2575ca63e7bc316594e71c36afcc0a0d46f93f399e652a31d15c79588b66ef7b0c5f42a61492db51a8e16913213a9aee454cddaf8aee90feeb99c1240d09340c3eca70e081a16799029289be91b74f67480e0596848ccf157d9aabc1730c95371e58090686bcc3066f1cae6767651e158377705be8aec0ee57aa4f59c463715c6059f065d126f55e7909dbbbaf44ff6b2e104d5302bbf2ad385bd341cb42fa2946", 0xac}], 0x2}}, {{&(0x7f0000000ec0)={0x2, 0x4e23, @multicast2}, 0x10, &(0x7f0000001000)=[{&(0x7f0000000f00)}, {&(0x7f0000000f40)="9b77fa8b57aa60468ba3ef9aab4a1902bd68778dfdf2d9c6fa572530b9b7be79cea5cfe4d3dc720edebcc1a4054a662d995bf28388a6781c0a9efbc5fb33194a1c0c21e3837ee168c7b3775b2f4566ce99e5d4b9e5477c898bf52ca92e4715161273cd88c2b410d49ceb64407eecb7c1ba9436cc017f6a377fe801d98dc86f57b6049494c9a257fab3194d1d5b4485dd2ca354103f324eafe50ad11920d18535206a08e6f2b1fa0725f7920cc4ad0b", 0xaf}], 0x2, &(0x7f0000001040)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @dev={0xac, 0x14, 0x14, 0x15}, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1}}}, @ip_retopts={{0x2c, 0x0, 0x7, {[@timestamp_prespec={0x44, 0x1c, 0xbe, 0x3, 0x8, [{@multicast2, 0x7fff}, {@multicast1, 0x4}, {@loopback, 0x4}]}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x19}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x8}}], 0xa0}}], 0x5, 0x20040841)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000180)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYBLOB], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
request_key(&(0x7f0000002740)='asymmetric\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000000)=',*[\\/&)\x00', 0xffffffffffffffff)
r5 = socket(0x10, 0x3, 0x0)
connect$netlink(r5, &(0x7f0000000300)=@proc={0x10, 0x0, 0x25dfdffc}, 0xc)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r7, &(0x7f0000000380)={0xa, 0x14e24}, 0x1c)
connect$inet6(r7, &(0x7f0000000100)={0xa, 0x4e24, 0x0, @rand_addr, 0x1}, 0x1c)
sendmmsg$inet6(r7, &(0x7f00000003c0)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000600)="ba", 0x1}], 0x1}}], 0x1, 0xc8040)
sendmmsg(r7, &(0x7f00000092c0), 0x4ff, 0x0)
splice(r7, 0x0, r6, 0x0, 0x7ffff000, 0x6)
sendmsg$nl_route_sched(r5, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x18, 0x32, 0x829, 0x0, 0x0, {0x0, 0x0, 0x2}, [{0x4}]}, 0x18}}, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f00000001c0)='./bus\x00', 0xa08012, &(0x7f0000000000)=ANY=[@ANYRES16, @ANYRESHEX], 0x1, 0x11dc, &(0x7f0000001280)="$eJzs3MGLG1UcB/DfrrWtqbtZba22ID70opeh2YMXvQRZQRpQ2kZoC8LUnWjImIRMWIiI1ZNX/w7x6E0Qb3rZi3+Dt7147EEcMVHbLfFQ7G5g+Xwu+cHvfcl7DAy8Yd4cvPn1J4NelfXyaayvrcX6OCLdS5FiPf7xRbz2xk8/v3j95q2r7U5n51pai/aN1usppc2Xfrj92bcv/zg99/53m9+fif2tDw5+2/51/+L+pYM/bnzcr1K/SsPRNOXpzmg0ze+URdrtV4MspffKIq+K1B9WxeRQv1eOxuNZyoe7G43xpKiq87eHszQoZmk6StPJLOUf5f1hyrIsbTSC/6P7zb26riPq+sk4HXVd109FI87F07ERm9GMrXgmno3zcSGei4vxfLwQl+ajVj1vAAAAAAAAAAAAAAAAAAAAOFmc/wcAAAAAAAAAAAAAAAAAAIDVu37z1tV2p7NzLaWzEeVXe9297uJ30W/3oh9lFHElmvF7zE//Lyzqt9/p7FxJc1vxZXn37/zdve4Th/Ot+ecEluZbi3w6nD8TjQfz29GMC8vz20vzZ+PVVx7IZ9GMXz6MUZSxG39l7+c/b6X01rudh/KX5+MAAADgJMjSv5bu37Psv/qL/CM8H3hof30qLp9a7dqJqGafDvKyLCZHVpyOI/8LhULxmItV35k4Dvcv+qpnAgAAAAAAAAAAwKM4jtcJV71GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgT3bgWAAAAABAmL91Gh0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8FQAA//+QsdQ3")
openat$dir(0xffffffffffffff9c, &(0x7f0000000b40)='./bus\x00', 0x442002, 0x40)
r8 = socket(0x10, 0x3, 0x0)
r9 = socket(0x8000000010, 0x2, 0x0)
write(r9, &(0x7f00000008c0)="fc0000001c000704ab5b2509b86803000aab02000000000000000e93210001c0f003058405006b49153312f2ba60100000000081039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d440000405608ec30033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e2c8d594dcc4ebc21077a9ca38ca070914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c8", 0xfc)
setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000280)={0xfffffffc, 0x0, 0xfffffffe}, 0x10)

1.43002968s ago: executing program 2 (id=710):
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000480), 0x80200, 0x0)
ioctl$PTP_SYS_OFFSET_EXTENDED(r0, 0xc4c03d09, &(0x7f0000000a80)={0x19})
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, 0x0, 0x8)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000540)={'ip6tnl0\x00', &(0x7f00000005c0)={'syztnl1\x00', <r2=>0x0, 0x29, 0x9, 0x7, 0x8000, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, @mcast2, 0x8, 0x7800, 0x4b41, 0x1}})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="07000000020000000700fdff0500000000820400", @ANYRES32=r0, @ANYBLOB="f40100"/20, @ANYRES32=r2, @ANYRES32, @ANYBLOB="040000000200"/20, @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00'], 0x50)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r6}, 0x18)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x2, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0, 0x6}, {0xd, 0x1}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0xa, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x5, 0x48f, 0x8000, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x40080}, 0x4000440)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f00000001c0)=0x3)
ioctl$PPPIOCSPASS(r5, 0x40107447, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x60, 0x6, 0x8}]})
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f8, 0x328, 0xc8, 0x8, 0x1a0, 0x5803, 0x328, 0x2e8, 0x2e8, 0x328, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0x138, 0x1a0, 0x0, {0x0, 0x2000000000000}, [@common=@ipv6header={{0x28}, {0x6, 0x4d, 0x1}}, @common=@unspec=@physdev={{0x68}, {'ip6gre0\x00', {}, 'macvlan1\x00', {0xff}, 0x12, 0x5}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x5, 0x8, 0x401, 'netbios-ns\x00', 'syz0\x00'}}}, {{@ipv6={@private0={0xfc, 0x0, '\x00', 0x7}, @remote, [0xffffffff, 0xffffff, 0xff, 0xff000000], [0x0, 0x0, 0xffffff00, 0xffffff00], 'gre0\x00', 'nicvf0\x00', {0x44ed33f51a235323}, {}, 0x32, 0xfc, 0x4}, 0x0, 0x160, 0x188, 0x0, {}, [@common=@inet=@set1={{0x28}, {{0x2, 0x0, 0x7}}}, @common=@srh1={{0x90}, {0x2f, 0x11, 0x0, 0xd, 0x1c, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @empty, @dev={0xfe, 0x80, '\x00', 0x1e}, [0xffffffff, 0xffffffff, 0xffffffff, 0xff], [0xff000000, 0x0, 0x114071d1588b71c6, 0xffffffff], [0xffffffff, 0xff000000, 0xff000000, 0x7fffff00], 0x0, 0x1020}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x9, 0x7}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x0, 0xfffffffb}}}}, 0x458)
connect$inet6(r1, &(0x7f00000003c0)={0xa, 0xfffe, 0x7, @mcast2, 0x6}, 0x1c)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f00000006c0)=@gcm_256={{0x303}, "591d76fbf0466d6d", "7806e2baf1f0bcac2e1ac3a3b65515cc4c27f7c05fdfb7eaf2f34efcf8ecaf45", "fa8cd6a9", "477cc0b9532fb396"}, 0x38)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYRESHEX=r7], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r8}, &(0x7f0000000340), &(0x7f0000000300)=r9}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='kmem_cache_free\x00'}, 0x18)
r10 = timerfd_create(0x0, 0x80000)
timerfd_gettime(r10, &(0x7f0000000040))
syz_open_procfs(0x0, &(0x7f0000000040)='loginuid\x00')
write(r1, &(0x7f0000000740)="000000000002ffff18a7897475539bf598ade5d70d2af71cc20e1c9a00ef931d77c47c0d123ae978347712fdd70cc80030d64a20a96095a26f3a5d8b666469c140939b8faa620df606b90accced43a", 0x38)

1.357907163s ago: executing program 3 (id=713):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000)={[{}, {@data_err_ignore}]}, 0xfe, 0x55b, &(0x7f0000000980)="$eJzs3c9vFFUcAPDvbFt+FaUkhKgH04SDGGRLW39g4gGPRokkesdNOzSkW5Z0t4RWEuEgFy+GmBgjifEP8O6R+A/4V5AoCTGk0YOXNbOdhaXdH6UsdGU/n2TgvXmzvHkz8328t283G8DQmsz+KES8GhHfJhGHWspGIy+c3Dhu/cG1uWxLol7/7K8kknxf8/gk/3s8z7wSEb99HXGisLXe6uraYqlcTpfz/FRt6fJUdXXt5MWl0kK6kF6amZ09/c7szPvvvbv1xXt31tY3z/3zw6d3Pjr9zbH173+5d/hWEmfiYF7W2o6ncL01MxmT+TUZizObDpzuQ2WDJNntE2BHRvI4H4usDzgUI3nUAy++ryKiDgypRPzDkGqOA5pz+67z4PqLN8u7/+HGBGhr+5ON90ZiX2NudGA9eWxmlF2JiT7Un9Xx65+3b2Vb9O99CICert+IiFOjo4/1fy9HS/+3c6e2cczmOvR/8PzcycY/b+1tM/4pPBz/RJvxz3ib2N2J3vFfuNeHajrKxn8ftB3/Ply0mhjJcy81xnxjyYWL5TTr27Ju8niM7c3y3dZzTq/frXcqax3/ZVtWf3MsmJ/HvdFN613zpVrpadrc6v6NiNd6jH+TNvc/ux7ntlnH0fT2653Kerf/2ar/HPFG2/v/aK6TdF+fnGo8D1PNp2Krv28e/b1T/bvd/uz+H+je/omkdb22+uR1/LTv37RT2WSSL5o+4fO/J/m8kd6T77taqtWWpyP2JJ9s3T/z6LXNfPP4rP3Hj7WP/27P//6I+GKb7b955GbHQwfh/s8/0f3vkKgnHYvufvzlj53q317/93YjdTzfs53+r8uZPpZ4mmsHAAAAAAAAg6YQEQcjKRQfpguFYnHj8x1H4kChXKnWTlyorFyaj8Z3ZSdirNBc6R5v+TzEdP552GZ+ZlN+NiIOR8R3I/sb+eJcpTy/240HAAAAAAAAAAAAAAAAAACAATHe4fv/mT9GdvvsgGfOT37D8OoZ//34pSdgIPn/H4aX+IfhJf5heIl/GF7iH4aX+IfhJf5heIl/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KtzZ89mW339wbW5LD9/ZXVlsXLl5HxaXSwurcwV5yrLl4sLlcpCOS3OVZZ6/XvlSuXy9EysXJ2qpUltqrq6dn6psnKpdv7iUmkhPZ+OPZdWAQAAAAAAAAAAAAAAAAAAwP9LdXVtsVQup8sSEjtKjA7GaUj0ObHbPRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPJfAAAA//9j0zaD")
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
vmsplice(r1, &(0x7f0000000140)=[{&(0x7f0000000100)='\x00', 0x20000101}], 0x1000000000000044, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x9, 0xffffffff, 0x4e, 0x567}, 0x13)
setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x12, &(0x7f00000003c0)=0xe3c, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='sched_switch\x00', r0}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x5, &(0x7f00000003c0)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x7, 0x90, &(0x7f0000000100)=""/144}, 0x94)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), r1)
sendmsg$DEVLINK_CMD_RATE_SET(r1, &(0x7f0000000780)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x1c, r3, 0x10, 0x70bd29, 0x25dfdbfe, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000004}, 0x91)
open(&(0x7f0000000080)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r4, 0x0, 0x3}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x16, 0x21, &(0x7f00000001c0)=ANY=[], &(0x7f00000007c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x31, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b80a0005fffff000", &(0x7f0000000300)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0xa0000, 0x0)
ppoll(&(0x7f0000001780)=[{r6, 0x2}], 0x1, 0x0, 0x0, 0x0)
setregid(0xffffffffffffffff, 0x0)

1.254559028s ago: executing program 3 (id=714):
r0 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000004c0)={0x0, @remote, @local}, &(0x7f0000000500)=0xc)
r2 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'lo\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x70bd27, 0x25dfdbff, {0xa, 0x17, 0x0, 0xff, r3}, [@IFA_LOCAL={0x14, 0x2, @loopback}, @IFA_FLAGS={0x8, 0x8, 0x288}]}, 0x34}, 0x1, 0x0, 0x0, 0x2004c040}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'bridge0\x00'})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='D\x00', @ANYRES32=0x0, @ANYBLOB="fda65f0500000000140012800c0001006d616376746170", @ANYBLOB='\b\x00\n'], 0x44}, 0x1, 0x0, 0x0, 0x308}, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x3, &(0x7f0000000800)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r6, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r7=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_lsm={0x6, 0x3, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r7}, 0x94)
sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x910)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
add_key(&(0x7f0000000040)='encrypted\x00', &(0x7f00000000c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)=ANY=[@ANYBLOB="240000003f000500000000000000df25047c0000040000000c0001"], 0x24}, 0x1, 0x0, 0x0, 0x48800}, 0x0)

1.199380729s ago: executing program 2 (id=716):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0200000004000000080000020100000080000000d8a2bb7d1c9a46db730ca37db0eee396d1cf61f695c9314f58aa7a1b421d1f7488eaf74c11311700dc4fbd239b02c525b9ad31db983d0eb5729fc8b197c682281a8d855af2ee131691506bef3932fce441af135643c94c8873cb4f0a42ed750fc71538165402427a33a6fea4f1bad0dd383453", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000300), 0x4)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYRES64=r3], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x33fabe53b73c3a5a}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6, 0x0, 0x40000000000000}, 0x18)
r7 = socket$netlink(0x10, 0x3, 0x14)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000040)={0x0, <r8=>0x0}, &(0x7f00000000c0)=0xc)
sendmsg$nl_generic(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000100)={0x28, 0x18, 0x1, 0x0, 0x0, {0x3}, [@typed={0x8, 0x800, 0x0, 0x0, @ipv4=@multicast2}, @nested={0xc, 0x8, 0x0, 0x1, [@typed={0x8, 0xc, 0x0, 0x0, @uid=r8}]}]}, 0x28}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000005dc0)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r9, {0x0, 0x2400}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_route={{0xa}, {0x10, 0x2, [@TCA_ROUTE4_ACT={0x4}, @TCA_ROUTE4_TO={0x8, 0x2, 0x7d}]}}]}, 0x40}}, 0x0)
r10 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', r9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xd, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r10}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1800}, {0x3, 0x3, 0x3, 0xa, 0x2}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x0, 0x6, 0xa, 0x8, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r2}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mount_setattr(r5, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0xb, 0x0, 0x100000}, 0x20)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000140), r11)
sendmsg$NLBL_CIPSOV4_C_ADD(r11, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r12, @ANYBLOB="010000000000000000000100000008000100030000002c0004800500030080ff00000500030080ff00000500030003000000050003000100000005000300800000000800020003"], 0x50}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r13 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r14 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000080), r11)
r15 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r16 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r15, 0x8933, &(0x7f00000001c0)={'wpan1\x00', <r17=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r15, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r16, @ANYBLOB="3f9d000000000000000017000000", @ANYRES32=r17, @ANYBLOB="60003080050002000000000014000400403a050c5bae9c544ef2b6d713459a7a1c0001800500020000000000080004000500000008000100020000"], 0x7c}, 0x1, 0x0, 0x0, 0x4004}, 0x0)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r13, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000001c0)={&(0x7f00000000c0)={0x60, r14, 0x4, 0x70bd25, 0x25dfdbfe, {}, [@IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r17}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x2}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0xf8}]}, 0x60}, 0x1, 0x0, 0x0, 0x14}, 0x24000000)

1.166284501s ago: executing program 3 (id=717):
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kmem_cache_free\x00', 0xffffffffffffffff, 0x0, 0x200000000000006}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
kexec_load(0x0, 0x0, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
sigaltstack(&(0x7f0000000400)={&(0x7f0000000640)=""/75, 0x80000000, 0x4b}, &(0x7f0000000740)={&(0x7f00000006c0)=""/121, 0x0, 0x79}) (fail_nth: 10)

1.095912364s ago: executing program 2 (id=720):
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x800)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d000000"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000440)='kmem_cache_free\x00', r0}, 0x18)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffa}, [@call={0x85, 0x0, 0x0, 0xd0}, @call={0x85, 0x0, 0x0, 0x11}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, &(0x7f00000007c0)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_SCRNMAP(r2, 0x4b41, &(0x7f0000000200))
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4c000000020601080000000000000000000000400500050002000000050004000310000005000100070000000900020073797a310000000011000300686173683a69702c6d61726b00000000"], 0x4c}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x48, 0x9, 0x6, 0x801, 0x0, 0x0, {0x2, 0x0, 0x9}, [@IPSET_ATTR_DATA={0x20, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @multicast2}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x2}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x2}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}, 0x1, 0x0, 0x0, 0xcb58c9f2fa78421b}, 0x40c0080)
sendmsg$IPSET_CMD_LIST(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)
syz_usb_disconnect(0xffffffffffffffff)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
syz_usbip_server_init(0x4)

920.141991ms ago: executing program 0 (id=721):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x19, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001800", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000400), 0x204000)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000800)={0x11, @time={0x3b8, 0x39c}, 0x4, {0x0, 0x2}, 0x7f, 0x0, 0x5})
r3 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
sendmsg(r3, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESOCT], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='itimer_state\x00', r4}, 0x18)
r6 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r8, <r10=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000280)=r9}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
sendmsg$nl_route_sched(r6, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)=@newqdisc={0x24, 0x24, 0x4, 0x0, 0xf1ffffff, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
setitimer(0x2, 0x0, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0x11, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001000080000000004600000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b700b7030000000000008500000083000000bf0900000000000055090100000000b0f6a8517807218a00182a0000000000000000", @ANYRES32=r5, @ANYBLOB="000000000b000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000540)='GPL\x00', 0x80, 0x7f, &(0x7f0000000580)=""/127, 0x40f00, 0x44, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0x7, 0x3}, 0x8, 0x10, &(0x7f0000000640)={0x4, 0x8, 0x4d14, 0x200}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000680)=[r10, r8, r10, r11, r10, r8, r10], &(0x7f0000000980)=[{0x0, 0x2, 0x8, 0xc}, {0x4, 0x4, 0xc, 0xb}], 0x10, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000940)='rcu_utilization\x00', r12, 0x0, 0xb}, 0x18)
r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r14 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0xfe, 0xff, 0xff, 0x0, 0x0, 0x18440, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc2d, 0x2, @perf_bp={&(0x7f0000000080)}, 0x2110, 0x5, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0, r13, 0x0, 0xfffffffffffffffc}, 0x18)
ioctl$TUNSETIFF(r13, 0x400454ca, &(0x7f0000000380)={'batadv0\x00', 0x4000})
close(r14)

648.861963ms ago: executing program 4 (id=723):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10208}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x2, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703410000ff4000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)

647.782113ms ago: executing program 0 (id=724):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x7, 0x441e, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x2020005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000000)={[{}, {@data_err_ignore}]}, 0xfe, 0x55b, &(0x7f0000000980)="$eJzs3c9vFFUcAPDvbFt+FaUkhKgH04SDGGRLW39g4gGPRokkesdNOzSkW5Z0t4RWEuEgFy+GmBgjifEP8O6R+A/4V5AoCTGk0YOXNbOdhaXdH6UsdGU/n2TgvXmzvHkz8328t283G8DQmsz+KES8GhHfJhGHWspGIy+c3Dhu/cG1uWxLol7/7K8kknxf8/gk/3s8z7wSEb99HXGisLXe6uraYqlcTpfz/FRt6fJUdXXt5MWl0kK6kF6amZ09/c7szPvvvbv1xXt31tY3z/3zw6d3Pjr9zbH173+5d/hWEmfiYF7W2o6ncL01MxmT+TUZizObDpzuQ2WDJNntE2BHRvI4H4usDzgUI3nUAy++ryKiDgypRPzDkGqOA5pz+67z4PqLN8u7/+HGBGhr+5ON90ZiX2NudGA9eWxmlF2JiT7Un9Xx65+3b2Vb9O99CICert+IiFOjo4/1fy9HS/+3c6e2cczmOvR/8PzcycY/b+1tM/4pPBz/RJvxz3ib2N2J3vFfuNeHajrKxn8ftB3/Ply0mhjJcy81xnxjyYWL5TTr27Ju8niM7c3y3dZzTq/frXcqax3/ZVtWf3MsmJ/HvdFN613zpVrpadrc6v6NiNd6jH+TNvc/ux7ntlnH0fT2653Kerf/2ar/HPFG2/v/aK6TdF+fnGo8D1PNp2Krv28e/b1T/bvd/uz+H+je/omkdb22+uR1/LTv37RT2WSSL5o+4fO/J/m8kd6T77taqtWWpyP2JJ9s3T/z6LXNfPP4rP3Hj7WP/27P//6I+GKb7b955GbHQwfh/s8/0f3vkKgnHYvufvzlj53q317/93YjdTzfs53+r8uZPpZ4mmsHAAAAAAAAg6YQEQcjKRQfpguFYnHj8x1H4kChXKnWTlyorFyaj8Z3ZSdirNBc6R5v+TzEdP552GZ+ZlN+NiIOR8R3I/sb+eJcpTy/240HAAAAAAAAAAAAAAAAAACAATHe4fv/mT9GdvvsgGfOT37D8OoZ//34pSdgIPn/H4aX+IfhJf5heIl/GF7iH4aX+IfhJf5heIl/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KtzZ89mW339wbW5LD9/ZXVlsXLl5HxaXSwurcwV5yrLl4sLlcpCOS3OVZZ6/XvlSuXy9EysXJ2qpUltqrq6dn6psnKpdv7iUmkhPZ+OPZdWAQAAAAAAAAAAAAAAAAAAwP9LdXVtsVQup8sSEjtKjA7GaUj0ObHbPRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPPJfAAAA//9j0zaD")
pipe2(&(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
vmsplice(r1, &(0x7f0000000140)=[{&(0x7f0000000100)='\x00', 0x20000101}], 0x1000000000000044, 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000040)={0x9, 0xffffffff, 0x4e, 0x567}, 0x13)
setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x12, &(0x7f00000003c0)=0xe3c, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000380)='sched_switch\x00', r0}, 0x18)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x5, &(0x7f00000003c0)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x7, 0x90, &(0x7f0000000100)=""/144}, 0x94)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000440), r1)
sendmsg$DEVLINK_CMD_RATE_SET(r1, &(0x7f0000000780)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000680)={&(0x7f0000000640)={0x1c, r3, 0x10, 0x70bd29, 0x25dfdbfe, {}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000004}, 0x91)
open(&(0x7f0000000080)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xc, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r4, 0x0, 0x3}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x16, 0x21, &(0x7f00000001c0)=ANY=[], &(0x7f00000007c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x31, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b80a0005fffff000", &(0x7f0000000300)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0xa0000, 0x0)
ppoll(&(0x7f0000001780)=[{r6, 0x2}], 0x1, 0x0, 0x0, 0x0)
setregid(0xffffffffffffffff, 0x0)

572.229066ms ago: executing program 4 (id=725):
socket$pppl2tp(0x18, 0x1, 0x1)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x34, 0x0, 0x1, 0x70bd2e, 0x25dfdbfe, {}, [@ETHTOOL_A_CHANNELS_TX_COUNT={0x8}, @ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}]}]}, 0x34}}, 0x400c810)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000680), 0xc, 0x0, 0x1, 0x0, 0x0, 0x20008801}, 0x4c040)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_uring_setup(0x60f7, &(0x7f0000000a40)={0x0, 0x0, 0x30205, 0xfffffffe, 0x3bd})
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000300)=0x2)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x80}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r2}, 0x10)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000140)=@o_path={0x0, r3}, 0x18)

571.628396ms ago: executing program 0 (id=726):
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000480), 0x80200, 0x0)
ioctl$PTP_SYS_OFFSET_EXTENDED(r0, 0xc4c03d09, &(0x7f0000000a80)={0x19})
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, 0x0, 0x8)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000540)={'ip6tnl0\x00', &(0x7f00000005c0)={'syztnl1\x00', <r2=>0x0, 0x29, 0x9, 0x7, 0x8000, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, @mcast2, 0x8, 0x7800, 0x4b41, 0x1}})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="07000000020000000700fdff0500000000820400", @ANYRES32=r0, @ANYBLOB="f40100"/20, @ANYRES32=r2, @ANYRES32, @ANYBLOB="040000000200"/20, @ANYRES32=r0, @ANYBLOB='\x00\x00\x00\x00'], 0x50)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000280)='kfree\x00', r6}, 0x18)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x2, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0, 0x6}, {0xd, 0x1}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0xa, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x5, 0x48f, 0x8000, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x40080}, 0x4000440)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f00000001c0)=0x3)
ioctl$PPPIOCSPASS(r5, 0x40107447, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x60, 0x6, 0x8}]})
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f8, 0x328, 0xc8, 0x8, 0x1a0, 0x5803, 0x328, 0x2e8, 0x2e8, 0x328, 0x2e8, 0x3, 0x0, {[{{@uncond, 0x0, 0x138, 0x1a0, 0x0, {0x0, 0x2000000000000}, [@common=@ipv6header={{0x28}, {0x6, 0x4d, 0x1}}, @common=@unspec=@physdev={{0x68}, {'ip6gre0\x00', {}, 'macvlan1\x00', {0xff}, 0x12, 0x5}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x5, 0x8, 0x401, 'netbios-ns\x00', 'syz0\x00'}}}, {{@ipv6={@private0={0xfc, 0x0, '\x00', 0x7}, @remote, [0xffffffff, 0xffffff, 0xff, 0xff000000], [0x0, 0x0, 0xffffff00, 0xffffff00], 'gre0\x00', 'nicvf0\x00', {0x44ed33f51a235323}, {}, 0x32, 0xfc, 0x4}, 0x0, 0x160, 0x188, 0x0, {}, [@common=@inet=@set1={{0x28}, {{0x2, 0x0, 0x7}}}, @common=@srh1={{0x90}, {0x2f, 0x11, 0x0, 0xd, 0x1c, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @empty, @dev={0xfe, 0x80, '\x00', 0x1e}, [0xffffffff, 0xffffffff, 0xffffffff, 0xff], [0xff000000, 0x0, 0x114071d1588b71c6, 0xffffffff], [0xffffffff, 0xff000000, 0xff000000, 0x7fffff00], 0x0, 0x1020}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x9, 0x7}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x0, 0xfffffffb}}}}, 0x458)
connect$inet6(r1, &(0x7f00000003c0)={0xa, 0xfffe, 0x7, @mcast2, 0x6}, 0x1c)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x1, &(0x7f00000006c0)=@gcm_256={{0x303}, "591d76fbf0466d6d", "7806e2baf1f0bcac2e1ac3a3b65515cc4c27f7c05fdfb7eaf2f34efcf8ecaf45", "fa8cd6a9", "477cc0b9532fb396"}, 0x38)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYRESHEX=r7], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r8}, &(0x7f0000000340), &(0x7f0000000300)=r9}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000cc0)='kmem_cache_free\x00'}, 0x18)
r10 = timerfd_create(0x0, 0x80000)
timerfd_gettime(r10, &(0x7f0000000040))
syz_open_procfs(0x0, &(0x7f0000000040)='loginuid\x00')
write(r1, &(0x7f0000000740)="000000000002ffff18a7897475539bf598ade5d70d2af71cc20e1c9a00ef931d77c47c0d123ae978347712fdd70cc80030d64a20a96095a26f3a5d8b666469c140939b8faa620df606b90accced43a", 0x38)

566.542106ms ago: executing program 3 (id=727):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
sendmsg$NL80211_CMD_GET_WIPHY(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0103000000000000000001"], 0x30}}, 0x44) (fail_nth: 4)

336.737006ms ago: executing program 3 (id=728):
r0 = perf_event_open(0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, r0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
getsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f00000004c0)={0x0, @remote, @local}, &(0x7f0000000500)=0xc)
r2 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000200)={'lo\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newaddr={0x34, 0x14, 0x9535393fea6295b5, 0x70bd27, 0x25dfdbff, {0xa, 0x17, 0x0, 0xff, r3}, [@IFA_LOCAL={0x14, 0x2, @loopback}, @IFA_FLAGS={0x8, 0x8, 0x288}]}, 0x34}, 0x1, 0x0, 0x0, 0x2004c040}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'bridge0\x00'})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='D\x00', @ANYRES32=0x0, @ANYBLOB="fda65f0500000000140012800c0001006d616376746170", @ANYBLOB='\b\x00\n'], 0x44}, 0x1, 0x0, 0x0, 0x308}, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x3, &(0x7f0000000800)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r6, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r7=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000005c0)=@bpf_lsm={0x6, 0x3, 0x0, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r7}, 0x94)
sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x910)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(0xffffffffffffffff, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
add_key(0x0, &(0x7f00000000c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000980)=ANY=[@ANYBLOB="240000003f000500000000000000df25047c0000040000000c0001"], 0x24}, 0x1, 0x0, 0x0, 0x48800}, 0x0)

329.737666ms ago: executing program 4 (id=729):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x8090}, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000800000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d38001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c00028008000140000000080800034000000110"], 0xc4}}, 0x0) (fail_nth: 5)

257.691449ms ago: executing program 4 (id=730):
socket$xdp(0x2c, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x400000000000004) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="180000001700000000000000000000009500000040000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) (async)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0x44, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40040, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x528, 0x0, @perf_bp={0x0, 0x1}, 0x419, 0x40000000, 0x0, 0x8, 0x103fb, 0x1ff, 0x1ff, 0x0, 0x0, 0x0, 0x400000000000007}, 0x0, 0x1, 0xffffffffffffffff, 0xb) (async)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil) (async, rerun: 64)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) (async, rerun: 64)
r2 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r2, &(0x7f0000000000)={0x18, 0x0, {0x1, @empty, 'lo\x00'}}, 0x1e)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="020000000400000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000", @ANYRES32=r3, @ANYBLOB='\x00\x00\x00'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
close(r2) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000060a0b0400000000000000000200fffe540004802800018007000100637400001c0002800800014000000002080002400000001405000300010000002800018007000100637400001c0002800800024000000011080004400000000c05000300010000000900010073797a30000000000900020073797a320000000014000000110001"], 0xa8}, 0x1, 0x0, 0x0, 0x840}, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x14, 0x19, 0xa, 0x101, 0x0, 0x0, {0x2}}, 0x14}}, 0x8004) (async)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b) (async)
r6 = socket(0x10, 0x2, 0x0)
ioctl$BINDER_CTL_ADD(r1, 0xc1086201, &(0x7f0000000480)={'binder0\x00'})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', <r7=>0x0, 0x0, 0x0, 0x1, 0x2, 0x0, @initdev={0xfe, 0x88, '\x00', 0xfe, 0x0}, @private1={0xfc, 0x1, '\x00', 0x4}, 0x0, 0x8000, 0x0, 0x80000}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r6, 0x89f3, &(0x7f0000000440)={'syztnl1\x00', &(0x7f0000000640)={'ip6_vti0\x00', r7, 0x0, 0x0, 0x3, 0x0, 0x0, @loopback={0x30000}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0x0, 0x6}}) (async, rerun: 32)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x15) (rerun: 32)
rename(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='./file0\x00')

257.050789ms ago: executing program 0 (id=731):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x19, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000400), 0x204000)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000800)={0x11, @time={0x3b8, 0x39c}, 0x4, {0x0, 0x2}, 0x7f, 0x0, 0x5})
r3 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1, 0x5}, 0x1c)
sendmsg(r3, &(0x7f00000000c0)={0x0, 0x953c, &(0x7f0000000100)=[{&(0x7f0000000000)="2b10", 0xffbd}], 0x1, 0x0, 0x0, 0x2c}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESOCT], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='itimer_state\x00', r4}, 0x18)
r6 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0})
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r8, <r10=>0xffffffffffffffff}, &(0x7f0000000200), &(0x7f0000000280)=r9}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
sendmsg$nl_route_sched(r6, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)=@newqdisc={0x24, 0x24, 0x4, 0x0, 0xf1ffffff, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
setitimer(0x2, 0x0, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r12 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0x11, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000100008000000000460000001811", @ANYRES32=r8, @ANYBLOB="0000000000000000b700b7030000000000008500000083000000bf0900000000000055090100000000b0f6a8517807218a00182a0000000000000000", @ANYRES32=r5, @ANYBLOB="000000000b000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000540)='GPL\x00', 0x80, 0x7f, &(0x7f0000000580)=""/127, 0x40f00, 0x44, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000600)={0x7, 0x3}, 0x8, 0x10, &(0x7f0000000640)={0x4, 0x8, 0x4d14, 0x200}, 0x10, 0x0, 0x0, 0x2, &(0x7f0000000680)=[r10, r8, r10, r11, r10, r8, r10], &(0x7f0000000980)=[{0x0, 0x2, 0x8, 0xc}, {0x4, 0x4, 0xc, 0xb}], 0x10, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000940)='rcu_utilization\x00', r12, 0x0, 0xb}, 0x18)
r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
semget$private(0x0, 0x6c86b40eae3c8c32, 0x100)
r14 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0xfe, 0xff, 0xff, 0x0, 0x0, 0x18440, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc2d, 0x2, @perf_bp={&(0x7f0000000080)}, 0x2110, 0x5, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={0x0, r13, 0x0, 0xfffffffffffffffc}, 0x18)
chroot(&(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ioctl$TUNSETIFF(r13, 0x400454ca, &(0x7f0000000380)={'batadv0\x00', 0x4000})
close(r14)

180.227922ms ago: executing program 4 (id=732):
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000600)=<r0=>0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
r2 = dup(r1)
sendmsg$NFT_BATCH(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000030000000600001600000a6c00008134e9c4bbfb24eebe1d43b0e500180a01020000000000000000020000030900020073797a30000000000900010073797a300000000014000000110001"], 0x54}, 0x1, 0x0, 0x0, 0x40044}, 0x20008000)
r3 = perf_event_open(&(0x7f0000000380)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0}, 0x2412, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfeffffffffffffff}, r0, 0x0, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="070000000400000008020000d900000000000000", @ANYRES32, @ANYBLOB="00ac9d00"/22, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r3}, 0x8)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={0xffffffffffffffff, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000140)=[0x0], ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x3, 0x4, &(0x7f0000000180)=[0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0], <r6=>0x0, 0xb8, &(0x7f0000000240)=[{}], 0x8, 0x10, &(0x7f0000000300), &(0x7f0000000340), 0x8, 0xe9, 0x8, 0x8, &(0x7f0000000400)}}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xc, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="b7080000000000007b8af8ff00000000b7080000fdff55a901ba0b69a354ffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000a5000000185400000d00"/40], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r2, 0x89f0, &(0x7f0000000740)={'syztnl0\x00', &(0x7f0000000580)={'ip6_vti0\x00', <r9=>r5, 0x29, 0x4, 0xf3, 0x2, 0x46, @private2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x10, 0x8000, 0x4, 0x2}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYRES32=r8, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r9, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r7}, 0x18)
sendmsg$nl_xfrm(r2, &(0x7f0000000880)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000840)={&(0x7f0000000a00)=@getae={0x5cc, 0x1f, 0x1, 0x70bd29, 0x25dfdbfb, {{@in=@multicast1, 0x4d5, 0x2, 0xff}, @in6=@mcast2, 0x0, 0x3504}, [@tmpl={0x184, 0x5, [{{@in=@empty, 0x4d5, 0x6c}, 0xa, @in6=@remote, 0x3504, 0x3, 0x0, 0x2, 0x3, 0x7, 0x7}, {{@in=@loopback, 0x4d3, 0x33}, 0xa, @in=@multicast1, 0x0, 0x2, 0x2, 0x7, 0x6, 0x5c9, 0x4}, {{@in6=@loopback, 0x4d3, 0xff}, 0x2, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x6, 0x0, 0xc, 0x6, 0x6, 0x7}, {{@in6=@mcast1, 0x4d5, 0x33}, 0xa, @in6=@mcast2, 0x3503, 0x3, 0x3, 0x3, 0x4, 0x7, 0x8}, {{@in=@multicast1, 0x4d2, 0x2b}, 0xa, @in6=@empty, 0x3501, 0x3, 0x0, 0xb, 0x3, 0x7f, 0xde5}, {{@in=@multicast2, 0x4d2, 0xaa}, 0x2, @in6=@loopback, 0x3503, 0x2, 0x0, 0x4, 0x6, 0x3, 0x40}]}, @algo_auth={0xd8, 0x1, {{'xcbc-aes-ce\x00'}, 0x480, "92deba42277e9fd9616a71829609778cf0cefe3f974927520617e68075e5484c402ce66e51a34f38e340d747c4cc8d1c9905be883053ca349755ffbbb425d3b6be950bdbfcce01507ad1a6d10d96aa22d0daddb77fb836830a2c3a435d10e27e0366f0a2c22067bbfecca50da2fac0e669f4bb6e4efcf2739aa843b6a31e2c92cfb5acad96b626913cf4ba82b8e5d8f2"}}, @replay_esn_val={0x24, 0x17, {0x2, 0x70bd27, 0x7f, 0x70bd26, 0x70bd2a, 0x8, [0x6, 0x5]}}, @srcaddr={0x14, 0xd, @in6=@private1={0xfc, 0x1, '\x00', 0x1}}, @replay_esn_val={0x3c, 0x17, {0x8, 0x70bd2c, 0x70bd25, 0x70bd2c, 0x70bd29, 0x4, [0x5, 0x6, 0x78dd, 0x8, 0x6, 0x34e, 0x8, 0x3]}}, @replay_esn_val={0x2c, 0x17, {0x4, 0x70bd27, 0x70bd28, 0x70bd2d, 0x70bd26, 0x9, [0x3, 0x3, 0x1, 0x8]}}, @tmpl={0x184, 0x5, [{{@in6=@mcast1, 0x4d2, 0xff}, 0xa, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x3500, 0x2, 0x2, 0xb, 0x8, 0x6, 0x75}, {{@in=@broadcast, 0x4d3, 0x32}, 0x2, @in6=@private1, 0x0, 0x3, 0x0, 0x7, 0x5, 0xe6, 0x6}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4d3, 0x32}, 0x2, @in=@private=0xa010102, 0x3503, 0x0, 0x3, 0x0, 0x4, 0x62, 0xd0}, {{@in6=@mcast1, 0x4d3, 0x2b}, 0x2, @in=@empty, 0x3502, 0x0, 0x1, 0x5, 0x1, 0x9, 0xfc160df7}, {{@in6=@mcast1, 0x4d5, 0x33}, 0xa, @in=@loopback, 0x34ff, 0x4, 0x0, 0xfd, 0xfffffff5, 0x9, 0x8001}, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4d4, 0xff}, 0xa, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x3504, 0x2, 0x2, 0x8, 0xc1, 0x6}]}, @algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @algo_comp={0xb9, 0x3, {{'lzs\x00'}, 0x388, "e0d4d293c959aaa78174a8cd04c3c4a2c97d78aa5529285860601d73348669d08fb271b364040d45c66fec93c7dc5ee5ad675983552fc8f34c27f09926855b0b5a7e466bec6c320633d39625e3adddbe2c2d899c8c2c35d96bf46617f8cad9678ba624eefbc2b1517f6fdb4817af0dd097"}}, @extra_flags={0x8, 0x18, 0x5}]}, 0x5cc}, 0x1, 0x0, 0x0, 0xc040}, 0x40001)
ioctl$PERF_EVENT_IOC_SET_BPF(r3, 0x40042408, r2)

14.95091ms ago: executing program 3 (id=733):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
io_uring_setup(0x68af, &(0x7f0000000480)={0x0, 0x0, 0x1880, 0x1})
r2 = socket(0x2, 0x1, 0x0)
ioctl$sock_ifreq(r2, 0x8991, &(0x7f0000000040)={'bond0\x00', @ifru_names='bond_slave_1\x00'})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)=ANY=[@ANYRES64=0x0], 0x58}}, 0x84000)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000180)={'wlan1\x00'})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000015c0)=ANY=[@ANYBLOB="1400000010000100e4ffffffffffffff0000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000020a01"], 0x13a8}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)

0s ago: executing program 4 (id=734):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) (async)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) (async)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_open_dev$usbmon(&(0x7f0000000000), 0x1, 0x0)
preadv(r3, &(0x7f0000000480)=[{&(0x7f00000000c0)=""/148, 0x94}], 0x1, 0x1, 0x0) (async)
socket$nl_sock_diag(0x10, 0x3, 0x4) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async, rerun: 64)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async, rerun: 64)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={0xffffffffffffffff, 0xffffff4c, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x37, 0x0, 0x0, 0x10, &(0x7f0000002e00), &(0x7f0000000640), 0x8, 0x3, 0x8, 0x0, 0x0}}, 0x6c)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={r4, 0x10a, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x5, 0x2c, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x402b3, 0x8, 0x42, 0x0}}, 0x10)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000400)={0x0, 0xffffffffffffff1a, &(0x7f0000009b00)={&(0x7f0000000380)=ANY=[], 0x88}, 0x1, 0x0, 0x0, 0x6040850}, 0x20000050) (async)
connect$inet(0xffffffffffffffff, 0x0, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async, rerun: 64)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async, rerun: 64)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) (async)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r5, 0x8983, &(0x7f0000000180)={0x6, 'netpci0\x00', {0x7f}, 0x1}) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) (async)
r6 = getpid() (async, rerun: 64)
socketpair$unix(0x1, 0x6, 0x0, &(0x7f00000002c0)) (rerun: 64)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xb2570000)

kernel console output (not intermixed with test programs):

 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90
[   47.914180][ T4328] RSP: 0018:ffffc90000e3be78 EFLAGS: 00050202
[   47.914258][ T4328] RAX: 0000000000000008 RBX: 0000000000000000 RCX: 0000200000001480
[   47.914281][ T4328] RDX: ffff88810320d280 RSI: 0000000000000009 RDI: 0000000000000000
[   47.914294][ T4328] RBP: 0000000000000008 R08: 0001ffff8684810f R09: 0000000000000000
[   47.914305][ T4328] R10: 000188811a583ea0 R11: 000188811a583ea7 R12: 0000200000001480
[   47.914317][ T4328] R13: 0000000000000002 R14: 0000000000000001 R15: 0000000000000000
[   47.914357][ T4328]  __sys_socketpair+0xa6/0x430
[   47.914382][ T4328]  ? ksys_write+0x192/0x1a0
[   47.914405][ T4328]  __x64_sys_socketpair+0x52/0x60
[   47.914435][ T4328]  x64_sys_call+0x2bf6/0x3000
[   47.914458][ T4328]  do_syscall_64+0xd2/0x200
[   47.914528][ T4328]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   47.914568][ T4328]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   47.914597][ T4328]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   47.914615][ T4328] RIP: 0033:0x7f7938fdf749
[   47.914629][ T4328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   47.914725][ T4328] RSP: 002b:00007f7937a3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[   47.914746][ T4328] RAX: ffffffffffffffda RBX: 00007f7939235fa0 RCX: 00007f7938fdf749
[   47.914760][ T4328] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000001
[   47.914774][ T4328] RBP: 00007f7937a3f090 R08: 0000000000000000 R09: 0000000000000000
[   47.914787][ T4328] R10: 0000200000001480 R11: 0000000000000246 R12: 0000000000000001
[   47.914801][ T4328] R13: 00007f7939236038 R14: 00007f7939235fa0 R15: 00007ffc855143e8
[   47.914818][ T4328]  </TASK>
[   48.322506][ T4337] loop0: detected capacity change from 0 to 1024
[   48.333099][ T4337] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   48.377467][ T4315] chnl_net:caif_netlink_parms(): no params data found
[   48.405872][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.473682][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.516174][ T4315] bridge0: port 1(bridge_slave_0) entered blocking state
[   48.523379][ T4315] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.538686][ T4315] bridge_slave_0: entered allmulticast mode
[   48.557303][ T4315] bridge_slave_0: entered promiscuous mode
[   48.589808][ T4315] bridge0: port 2(bridge_slave_1) entered blocking state
[   48.597212][ T4315] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.612803][ T4315] bridge_slave_1: entered allmulticast mode
[   48.619504][ T4315] bridge_slave_1: entered promiscuous mode
[   48.633016][   T41] bridge_slave_1: left allmulticast mode
[   48.638694][   T41] bridge_slave_1: left promiscuous mode
[   48.644582][   T41] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.656349][   T41] bridge_slave_0: left allmulticast mode
[   48.662098][   T41] bridge_slave_0: left promiscuous mode
[   48.667776][   T41] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.671270][ T4358] __nla_validate_parse: 10 callbacks suppressed
[   48.671284][ T4358] netlink: 4 bytes leftover after parsing attributes in process `syz.0.272'.
[   48.733743][ T4357] netlink: 20 bytes leftover after parsing attributes in process `syz.3.273'.
[   48.742695][ T4357] netlink: 12 bytes leftover after parsing attributes in process `syz.3.273'.
[   48.752075][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.774652][   T41] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   48.791312][   T41] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   48.800357][   T41] bond0 (unregistering): Released all slaves
[   48.837721][ T4315] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   48.849594][   T41] hsr_slave_0: left promiscuous mode
[   48.855391][   T41] hsr_slave_1: left promiscuous mode
[   48.861423][   T41] batman_adv: batadv0: Removing interface: batadv_slave_0
[   48.881290][   T41] batman_adv: batadv0: Removing interface: batadv_slave_1
[   48.924791][ T4374] loop0: detected capacity change from 0 to 1024
[   48.952174][ T4377] loop2: detected capacity change from 0 to 1024
[   48.962248][ T4374] EXT4-fs: Ignoring removed orlov option
[   48.973438][ T4374] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   48.990213][ T4377] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.006232][   T41] team0 (unregistering): Port device team_slave_1 removed
[   49.039606][ T4374] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.041087][   T41] team0 (unregistering): Port device team_slave_0 removed
[   49.070115][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.087395][ T4315] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   49.107430][ T3314] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.197981][ T4315] team0: Port device team_slave_0 added
[   49.216286][ T4392] netlink: 60 bytes leftover after parsing attributes in process `syz.0.282'.
[   49.232098][ T4315] team0: Port device team_slave_1 added
[   49.254055][ T4315] batman_adv: batadv0: Adding interface: batadv_slave_0
[   49.261105][ T4315] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   49.287037][ T4315] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   49.300772][ T4392] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[   49.334315][ T4315] batman_adv: batadv0: Adding interface: batadv_slave_1
[   49.341533][ T4315] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   49.367754][ T4315] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   49.393322][ T4407] loop4: detected capacity change from 0 to 512
[   49.432048][ T4407] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   49.441091][ T4402] loop3: detected capacity change from 0 to 8192
[   49.462386][ T4402] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   49.477347][ T4407] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   49.505287][ T4416] netlink: 4580 bytes leftover after parsing attributes in process `syz.0.287'.
[   49.513225][ T4407] ext4 filesystem being mounted at /62/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   49.514414][ T4416] netlink: 4580 bytes leftover after parsing attributes in process `syz.0.287'.
[   49.563408][ T4315] hsr_slave_0: entered promiscuous mode
[   49.565381][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   49.570300][ T4315] hsr_slave_1: entered promiscuous mode
[   49.584258][ T4315] debugfs: 'hsr0' already exists in 'hsr'
[   49.590004][ T4315] Cannot create hsr debugfs directory
[   49.603070][ T4418] batman_adv: batadv0: Removing interface: batadv_slave_0
[   49.720273][ T4315] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   49.730099][ T4315] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   49.867383][ T4439] loop0: detected capacity change from 0 to 512
[   49.912136][ T4439] EXT4-fs (loop0): revision level too high, forcing read-only mode
[   49.920305][ T4439] EXT4-fs (loop0): orphan cleanup on readonly fs
[   49.929676][ T4439] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[   49.941586][ T4439] EXT4-fs (loop0): Remounting filesystem read-only
[   49.948225][ T4439] EXT4-fs (loop0): 1 truncate cleaned up
[   49.982016][ T4437] 9pnet: Could not find request transport: f
[   50.142619][ T4315] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   50.179012][ T4315] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   50.390468][ T2637] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   50.401189][ T2637] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   50.418889][ T2637] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[   50.435335][ T4439] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   50.452590][ T4315] 8021q: adding VLAN 0 to HW filter on device bond0
[   50.490122][ T4315] 8021q: adding VLAN 0 to HW filter on device team0
[   50.516184][   T57] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.523364][   T57] bridge0: port 1(bridge_slave_0) entered forwarding state
[   50.573682][   T57] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.580819][   T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[   50.607472][ T4424] lo speed is unknown, defaulting to 1000
[   50.757874][ T4315] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   50.757955][ T4315] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   50.821595][ T4494] netlink: 'syz.0.299': attribute type 11 has an invalid length.
[   50.821613][ T4494] netlink: 132 bytes leftover after parsing attributes in process `syz.0.299'.
[   50.879002][ T4504] loop0: detected capacity change from 0 to 512
[   50.879755][ T4315] 8021q: adding VLAN 0 to HW filter on device batadv0
[   51.031916][ T4530] netlink: 28 bytes leftover after parsing attributes in process `syz.0.300'.
[   51.160349][ T4315] veth0_vlan: entered promiscuous mode
[   51.168398][ T4553] loop4: detected capacity change from 0 to 512
[   51.169927][ T4315] veth1_vlan: entered promiscuous mode
[   51.176695][ T4553] EXT4-fs: Ignoring removed oldalloc option
[   51.214030][ T4553] EXT4-fs (loop4): 1 truncate cleaned up
[   51.235100][ T4315] veth0_macvtap: entered promiscuous mode
[   51.235628][ T4561] netlink: 388 bytes leftover after parsing attributes in process `syz.0.311'.
[   51.249881][ T4315] veth1_macvtap: entered promiscuous mode
[   51.267730][ T4561] lo: entered promiscuous mode
[   51.272748][ T4561] netlink: 54 bytes leftover after parsing attributes in process `syz.0.311'.
[   51.282062][ T4561] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   51.298948][ T4553] netlink: 'syz.4.309': attribute type 1 has an invalid length.
[   51.308416][ T4315] batman_adv: batadv0: Interface activated: batadv_slave_0
[   51.320115][ T4315] batman_adv: batadv0: Interface activated: batadv_slave_1
[   51.342774][ T1687] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   51.364142][ T4561] capability: warning: `syz.0.311' uses 32-bit capabilities (legacy support in use)
[   51.376497][ T4565] FAULT_INJECTION: forcing a failure.
[   51.376497][ T4565] name failslab, interval 1, probability 0, space 0, times 0
[   51.377738][   T41] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   51.389457][ T4565] CPU: 1 UID: 0 PID: 4565 Comm: syz.2.313 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   51.389491][ T4565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   51.389502][ T4565] Call Trace:
[   51.389507][ T4565]  <TASK>
[   51.389591][ T4565]  __dump_stack+0x1d/0x30
[   51.389614][ T4565]  dump_stack_lvl+0xe8/0x140
[   51.389634][ T4565]  dump_stack+0x15/0x1b
[   51.389651][ T4565]  should_fail_ex+0x265/0x280
[   51.389687][ T4565]  should_failslab+0x8c/0xb0
[   51.389714][ T4565]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   51.389781][ T4565]  ? __alloc_skb+0x101/0x320
[   51.389816][ T4565]  __alloc_skb+0x101/0x320
[   51.389854][ T4565]  ? audit_log_start+0x342/0x720
[   51.389874][ T4565]  audit_log_start+0x3a0/0x720
[   51.389894][ T4565]  ? kstrtouint+0x76/0xc0
[   51.390048][ T4565]  audit_seccomp+0x48/0x100
[   51.390076][ T4565]  ? __seccomp_filter+0x82d/0x1250
[   51.390101][ T4565]  __seccomp_filter+0x83e/0x1250
[   51.390127][ T4565]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   51.390171][ T4565]  ? vfs_write+0x7e8/0x960
[   51.390194][ T4565]  ? __rcu_read_unlock+0x4f/0x70
[   51.390218][ T4565]  ? __fget_files+0x184/0x1c0
[   51.390282][ T4565]  __secure_computing+0x82/0x150
[   51.390307][ T4565]  syscall_trace_enter+0xcf/0x1e0
[   51.390334][ T4565]  do_syscall_64+0xac/0x200
[   51.390354][ T4565]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   51.390423][ T4565]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   51.390590][ T4565]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.390611][ T4565] RIP: 0033:0x7f7938fdf749
[   51.390626][ T4565] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.390642][ T4565] RSP: 002b:00007f7937a3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[   51.390708][ T4565] RAX: ffffffffffffffda RBX: 00007f7939235fa0 RCX: 00007f7938fdf749
[   51.390721][ T4565] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   51.390733][ T4565] RBP: 00007f7937a3f090 R08: 0000000000000000 R09: 0000000000000000
[   51.390744][ T4565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.390756][ T4565] R13: 00007f7939236038 R14: 00007f7939235fa0 R15: 00007ffc855143e8
[   51.390773][ T4565]  </TASK>
[   51.398786][ T4561] mmap: syz.0.311 (4561) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   51.433347][   T41] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   51.643811][   T41] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   51.662890][ T4569] netlink: 'syz.3.315': attribute type 8 has an invalid length.
[   51.760110][ T4582] loop3: detected capacity change from 0 to 1024
[   51.773161][   T29] kauditd_printk_skb: 245 callbacks suppressed
[   51.773178][   T29] audit: type=1326 audit(1764271568.766:1539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4585 comm="syz.2.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7938fdf749 code=0x7ffc0000
[   51.803196][   T29] audit: type=1326 audit(1764271568.766:1540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4585 comm="syz.2.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7938fdf749 code=0x7ffc0000
[   51.826682][   T29] audit: type=1326 audit(1764271568.766:1541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4585 comm="syz.2.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7938fdf749 code=0x7ffc0000
[   51.850247][   T29] audit: type=1326 audit(1764271568.766:1542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4585 comm="syz.2.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7938fdf749 code=0x7ffc0000
[   51.873809][   T29] audit: type=1326 audit(1764271568.766:1543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4585 comm="syz.2.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7938fdf749 code=0x7ffc0000
[   51.897192][   T29] audit: type=1326 audit(1764271568.766:1544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4585 comm="syz.2.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7938fdf749 code=0x7ffc0000
[   51.920677][   T29] audit: type=1326 audit(1764271568.766:1545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4585 comm="syz.2.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7938fdf749 code=0x7ffc0000
[   51.944070][   T29] audit: type=1326 audit(1764271568.766:1546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4585 comm="syz.2.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7938fdf749 code=0x7ffc0000
[   51.944573][ T4588] loop2: detected capacity change from 0 to 1024
[   51.967517][   T29] audit: type=1326 audit(1764271568.766:1547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4585 comm="syz.2.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7938fdf749 code=0x7ffc0000
[   51.999077][   T29] audit: type=1326 audit(1764271568.796:1548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4585 comm="syz.2.320" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7938fdf749 code=0x7ffc0000
[   52.025842][ T4588] EXT4-fs: inline encryption not supported
[   52.034447][ T4582] netlink: 'syz.3.319': attribute type 11 has an invalid length.
[   52.071811][ T4588] lo speed is unknown, defaulting to 1000
[   52.078655][ T4599] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   52.098169][ T4599] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   52.183594][ T4603] FAULT_INJECTION: forcing a failure.
[   52.183594][ T4603] name failslab, interval 1, probability 0, space 0, times 0
[   52.196294][ T4603] CPU: 1 UID: 0 PID: 4603 Comm: syz.2.324 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.196323][ T4603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   52.196335][ T4603] Call Trace:
[   52.196341][ T4603]  <TASK>
[   52.196349][ T4603]  __dump_stack+0x1d/0x30
[   52.196495][ T4603]  dump_stack_lvl+0xe8/0x140
[   52.196531][ T4603]  dump_stack+0x15/0x1b
[   52.196615][ T4603]  should_fail_ex+0x265/0x280
[   52.196634][ T4603]  should_failslab+0x8c/0xb0
[   52.196665][ T4603]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   52.196696][ T4603]  ? __alloc_skb+0x101/0x320
[   52.196804][ T4603]  __alloc_skb+0x101/0x320
[   52.196835][ T4603]  netlink_alloc_large_skb+0xbf/0xf0
[   52.196868][ T4603]  netlink_sendmsg+0x3cf/0x6b0
[   52.196937][ T4603]  ? __pfx_netlink_sendmsg+0x10/0x10
[   52.196955][ T4603]  __sock_sendmsg+0x145/0x180
[   52.196976][ T4603]  ____sys_sendmsg+0x31e/0x4e0
[   52.197037][ T4603]  ___sys_sendmsg+0x17b/0x1d0
[   52.197068][ T4603]  __x64_sys_sendmsg+0xd4/0x160
[   52.197155][ T4603]  x64_sys_call+0x191e/0x3000
[   52.197184][ T4603]  do_syscall_64+0xd2/0x200
[   52.197203][ T4603]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   52.197227][ T4603]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   52.197337][ T4603]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.197356][ T4603] RIP: 0033:0x7f7938fdf749
[   52.197372][ T4603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.197388][ T4603] RSP: 002b:00007f7937a3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   52.197406][ T4603] RAX: ffffffffffffffda RBX: 00007f7939235fa0 RCX: 00007f7938fdf749
[   52.197419][ T4603] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[   52.197432][ T4603] RBP: 00007f7937a3f090 R08: 0000000000000000 R09: 0000000000000000
[   52.197474][ T4603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.197486][ T4603] R13: 00007f7939236038 R14: 00007f7939235fa0 R15: 00007ffc855143e8
[   52.197507][ T4603]  </TASK>
[   52.598940][ T4615] FAULT_INJECTION: forcing a failure.
[   52.598940][ T4615] name failslab, interval 1, probability 0, space 0, times 0
[   52.611719][ T4615] CPU: 1 UID: 0 PID: 4615 Comm: syz.3.329 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.611746][ T4615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   52.611757][ T4615] Call Trace:
[   52.611762][ T4615]  <TASK>
[   52.611769][ T4615]  __dump_stack+0x1d/0x30
[   52.611850][ T4615]  dump_stack_lvl+0xe8/0x140
[   52.611868][ T4615]  dump_stack+0x15/0x1b
[   52.611884][ T4615]  should_fail_ex+0x265/0x280
[   52.611905][ T4615]  should_failslab+0x8c/0xb0
[   52.611971][ T4615]  __kmalloc_noprof+0xa5/0x570
[   52.612002][ T4615]  ? sel_write_member+0x18c/0x370
[   52.612023][ T4615]  sel_write_member+0x18c/0x370
[   52.612042][ T4615]  selinux_transaction_write+0xc6/0x110
[   52.612063][ T4615]  ? __pfx_selinux_transaction_write+0x10/0x10
[   52.612147][ T4615]  vfs_write+0x269/0x960
[   52.612170][ T4615]  ? __rcu_read_unlock+0x4f/0x70
[   52.612197][ T4615]  ? __fget_files+0x184/0x1c0
[   52.612256][ T4615]  ksys_write+0xda/0x1a0
[   52.612280][ T4615]  __x64_sys_write+0x40/0x50
[   52.612302][ T4615]  x64_sys_call+0x2802/0x3000
[   52.612398][ T4615]  do_syscall_64+0xd2/0x200
[   52.612421][ T4615]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   52.612451][ T4615]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   52.612555][ T4615]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.612632][ T4615] RIP: 0033:0x7f4de9d6f749
[   52.612646][ T4615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.612697][ T4615] RSP: 002b:00007f4de87d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   52.612717][ T4615] RAX: ffffffffffffffda RBX: 00007f4de9fc5fa0 RCX: 00007f4de9d6f749
[   52.612760][ T4615] RDX: 0000000000000056 RSI: 00002000000004c0 RDI: 0000000000000003
[   52.612785][ T4615] RBP: 00007f4de87d7090 R08: 0000000000000000 R09: 0000000000000000
[   52.612796][ T4615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.612806][ T4615] R13: 00007f4de9fc6038 R14: 00007f4de9fc5fa0 R15: 00007ffcb82c92c8
[   52.612822][ T4615]  </TASK>
[   52.904137][ T4625] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   52.912539][ T4625] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   52.943122][ T4633] loop2: detected capacity change from 0 to 1024
[   52.963587][ T4633] EXT4-fs: inline encryption not supported
[   53.012349][ T4633] lo speed is unknown, defaulting to 1000
[   53.152312][ T4653] loop0: detected capacity change from 0 to 1024
[   53.159100][ T4653] EXT4-fs: inline encryption not supported
[   53.200109][ T4653] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:4193: comm syz.0.336: Allocating blocks 385-513 which overlap fs metadata
[   53.224234][ T4663] loop3: detected capacity change from 0 to 1024
[   53.232542][ T4663] EXT4-fs: Ignoring removed orlov option
[   53.245656][ T4652] EXT4-fs (loop0): pa ffff888106a741c0: logic 16, phys. 129, len 24
[   53.250579][ T4663] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   53.253802][ T4652] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 8
[   53.308277][ T4668] loop5: detected capacity change from 0 to 2048
[   53.368065][ T4682] netlink: 'syz.4.345': attribute type 13 has an invalid length.
[   53.404952][ T4684] hub 6-0:1.0: USB hub found
[   53.409805][ T4684] hub 6-0:1.0: 8 ports detected
[   53.432546][ T4686] loop4: detected capacity change from 0 to 164
[   53.439230][ T4668] atomic_op ffff88811a093d28 conn xmit_atomic 0000000000000000
[   53.457270][ T4686] Unable to read rock-ridge attributes
[   53.472255][ T4668] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[   53.486765][ T4668] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 18 with max blocks 480 with error 28
[   53.489962][ T4686] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[   53.499597][ T4668] EXT4-fs (loop5): This should not happen!! Data will be lost
[   53.499597][ T4668] 
[   53.499614][ T4668] EXT4-fs (loop5): Total free blocks count 0
[   53.499630][ T4668] EXT4-fs (loop5): Free/Dirty block details
[   53.499642][ T4668] EXT4-fs (loop5): free_blocks=4096
[   53.499655][ T4668] EXT4-fs (loop5): dirty_blocks=512
[   53.499669][ T4668] EXT4-fs (loop5): Block reservation details
[   53.548184][ T4668] EXT4-fs (loop5): i_reserved_data_blocks=32
[   53.562334][ T4689] loop2: detected capacity change from 0 to 1024
[   53.570164][ T4689] EXT4-fs: inline encryption not supported
[   53.611951][ T4689] lo speed is unknown, defaulting to 1000
[   53.721248][ T4667] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   53.733603][ T4667] EXT4-fs (loop5): This should not happen!! Data will be lost
[   53.733603][ T4667] 
[   53.744855][ T4668] syz.5.341 (4668) used greatest stack depth: 10168 bytes left
[   53.917895][ T4706] __nla_validate_parse: 4 callbacks suppressed
[   53.917911][ T4706] netlink: 12 bytes leftover after parsing attributes in process `syz.2.349'.
[   53.930775][ T4708] loop5: detected capacity change from 0 to 736
[   53.933219][ T4706] netlink: 12 bytes leftover after parsing attributes in process `syz.2.349'.
[   54.021199][ T4706] loop2: detected capacity change from 0 to 512
[   54.052501][ T4706] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   54.060989][ T4706] EXT4-fs (loop2): orphan cleanup on readonly fs
[   54.069487][ T4706] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[   54.083527][ T4706] EXT4-fs (loop2): Remounting filesystem read-only
[   54.090181][ T4706] EXT4-fs (loop2): 1 truncate cleaned up
[   54.096364][   T41] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   54.106951][   T41] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   54.123796][ T4717] loop5: detected capacity change from 0 to 1024
[   54.139401][   T41] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   54.142772][ T4719] netlink: 'syz.3.358': attribute type 13 has an invalid length.
[   54.175011][ T4723] netlink: 116 bytes leftover after parsing attributes in process `syz.0.359'.
[   54.184649][ T4714] netlink: 'syz.5.357': attribute type 11 has an invalid length.
[   54.268919][ T4723] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   54.399685][ T4732] FAULT_INJECTION: forcing a failure.
[   54.399685][ T4732] name failslab, interval 1, probability 0, space 0, times 0
[   54.412543][ T4732] CPU: 0 UID: 0 PID: 4732 Comm: syz.5.361 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   54.412573][ T4732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   54.412585][ T4732] Call Trace:
[   54.412592][ T4732]  <TASK>
[   54.412601][ T4732]  __dump_stack+0x1d/0x30
[   54.412648][ T4732]  dump_stack_lvl+0xe8/0x140
[   54.412668][ T4732]  dump_stack+0x15/0x1b
[   54.412686][ T4732]  should_fail_ex+0x265/0x280
[   54.412783][ T4732]  should_failslab+0x8c/0xb0
[   54.412813][ T4732]  kmem_cache_alloc_noprof+0x50/0x480
[   54.412842][ T4732]  ? __se_sys_mbind+0x3d7/0xac0
[   54.412926][ T4732]  ? get_pid_task+0x96/0xd0
[   54.412947][ T4732]  __se_sys_mbind+0x3d7/0xac0
[   54.413026][ T4732]  ? vfs_write+0x7e8/0x960
[   54.413060][ T4732]  ? __rcu_read_unlock+0x4f/0x70
[   54.413091][ T4732]  __x64_sys_mbind+0x78/0x90
[   54.413185][ T4732]  x64_sys_call+0x2936/0x3000
[   54.413269][ T4732]  do_syscall_64+0xd2/0x200
[   54.413293][ T4732]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   54.413320][ T4732]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   54.413348][ T4732]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.413397][ T4732] RIP: 0033:0x7f0383b0f749
[   54.413415][ T4732] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.413474][ T4732] RSP: 002b:00007f0382577038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[   54.413504][ T4732] RAX: ffffffffffffffda RBX: 00007f0383d65fa0 RCX: 00007f0383b0f749
[   54.413518][ T4732] RDX: 0000000000000002 RSI: 0000000000600000 RDI: 0000200000000000
[   54.413532][ T4732] RBP: 00007f0382577090 R08: 0000000000000008 R09: 0000000000000000
[   54.413545][ T4732] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.413593][ T4732] R13: 00007f0383d66038 R14: 00007f0383d65fa0 R15: 00007ffe5e687848
[   54.413612][ T4732]  </TASK>
[   54.682210][ T4737] netlink: 4 bytes leftover after parsing attributes in process `syz.5.363'.
[   54.683994][ T4719] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.698205][ T4719] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.910338][ T4719] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   54.931884][    C0] vcan0: j1939_tp_rxtimer: 0xffff888119f05e00: rx timeout, send abort
[   54.968293][ T4719] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   55.152624][ T2968] lo speed is unknown, defaulting to 1000
[   55.158401][ T2968] syz0: Port: 1 Link DOWN
[   55.172708][ T1687] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   55.182982][ T1687] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   55.204047][ T4706] lo speed is unknown, defaulting to 1000
[   55.205217][ T1687] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   55.290837][ T1687] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   55.359978][ T4747] loop3: detected capacity change from 0 to 1024
[   55.371336][ T4747] EXT4-fs: Ignoring removed orlov option
[   55.384398][ T4747] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   55.695197][ T4764] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[   55.703461][ T4764] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[   55.809735][ T4730] netlink: 24 bytes leftover after parsing attributes in process `syz.4.360'.
[   55.819387][ T4730] IPVS: Error connecting to the multicast addr
[   55.862378][ T4769] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4769 comm=syz.5.373
[   55.879947][ T4770] loop0: detected capacity change from 0 to 1024
[   55.900540][ T4769] netlink: 'syz.5.373': attribute type 1 has an invalid length.
[   55.924584][ T4770] netlink: 'syz.0.372': attribute type 11 has an invalid length.
[   56.193094][ T4792] netlink: 'syz.0.380': attribute type 13 has an invalid length.
[   56.380123][ T4802] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4802 comm=syz.2.385
[   56.403155][ T4805] loop3: detected capacity change from 0 to 1024
[   56.405542][ T4802] netlink: 'syz.2.385': attribute type 1 has an invalid length.
[   56.427005][ T4805] netlink: 'syz.3.386': attribute type 11 has an invalid length.
[   56.562272][ T4820] netlink: 92 bytes leftover after parsing attributes in process `syz.3.389'.
[   56.571331][ T4820] netlink: 48 bytes leftover after parsing attributes in process `syz.3.389'.
[   56.665951][ T4823] loop2: detected capacity change from 0 to 512
[   56.781638][ T4823] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   56.789762][ T4823] EXT4-fs (loop2): orphan cleanup on readonly fs
[   56.798562][ T4823] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[   56.810375][ T4823] EXT4-fs (loop2): Remounting filesystem read-only
[   56.817553][ T4823] EXT4-fs (loop2): 1 truncate cleaned up
[   56.908312][   T29] kauditd_printk_skb: 508 callbacks suppressed
[   56.908330][   T29] audit: type=1400 audit(1764271573.896:2051): avc:  denied  { connect } for  pid=4829 comm="syz.3.391" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   56.942603][   T29] audit: type=1400 audit(1764271573.936:2052): avc:  denied  { write } for  pid=4829 comm="syz.3.391" lport=60 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   56.993201][   T41] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   57.003973][   T41] Quota error (device loop2): write_blk: dquota write failed
[   57.011472][   T41] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[   57.021516][   T41] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   57.032241][   T41] Quota error (device loop2): write_blk: dquota write failed
[   57.039823][   T41] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[   57.049766][   T41] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   57.059923][   T41] Quota error (device loop2): v2_write_file_info: Can't write info structure
[   57.074482][   T41] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   57.095357][   T29] audit: type=1400 audit(1764271574.076:2053): avc:  denied  { module_request } for  pid=4834 comm="syz.5.393" kmod="9p-f" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[   57.126313][ T4818] lo speed is unknown, defaulting to 1000
[   57.153365][   T29] audit: type=1400 audit(1764271574.146:2054): avc:  denied  { create } for  pid=4834 comm="syz.5.393" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   57.157995][ T4835] 9pnet: Could not find request transport: f
[   57.215996][ T4840] loop3: detected capacity change from 0 to 1024
[   57.223569][ T4840] EXT4-fs: inline encryption not supported
[   57.270149][ T4847] loop0: detected capacity change from 0 to 1024
[   57.284932][ T4847] EXT4-fs: inline encryption not supported
[   57.328671][ T4840] lo speed is unknown, defaulting to 1000
[   57.378533][ T4842] loop5: detected capacity change from 0 to 8192
[   57.412821][ T4858] FAULT_INJECTION: forcing a failure.
[   57.412821][ T4858] name failslab, interval 1, probability 0, space 0, times 0
[   57.425521][ T4858] CPU: 1 UID: 0 PID: 4858 Comm: syz.4.400 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   57.425549][ T4858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   57.425562][ T4858] Call Trace:
[   57.425567][ T4858]  <TASK>
[   57.425574][ T4858]  __dump_stack+0x1d/0x30
[   57.425657][ T4858]  dump_stack_lvl+0xe8/0x140
[   57.425675][ T4858]  dump_stack+0x15/0x1b
[   57.425691][ T4858]  should_fail_ex+0x265/0x280
[   57.425709][ T4858]  should_failslab+0x8c/0xb0
[   57.425734][ T4858]  kmem_cache_alloc_node_noprof+0x57/0x4a0
[   57.425833][ T4858]  ? __alloc_skb+0x101/0x320
[   57.425904][ T4858]  __alloc_skb+0x101/0x320
[   57.425963][ T4858]  netlink_alloc_large_skb+0xbf/0xf0
[   57.426059][ T4858]  netlink_sendmsg+0x3cf/0x6b0
[   57.426079][ T4858]  ? __pfx_netlink_sendmsg+0x10/0x10
[   57.426174][ T4858]  __sock_sendmsg+0x145/0x180
[   57.426214][ T4858]  ____sys_sendmsg+0x31e/0x4e0
[   57.426233][ T4858]  ___sys_sendmsg+0x17b/0x1d0
[   57.426330][ T4858]  __x64_sys_sendmsg+0xd4/0x160
[   57.426398][ T4858]  x64_sys_call+0x191e/0x3000
[   57.426422][ T4858]  do_syscall_64+0xd2/0x200
[   57.426444][ T4858]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   57.426473][ T4858]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   57.426574][ T4858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.426592][ T4858] RIP: 0033:0x7fd2a2bef749
[   57.426689][ T4858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.426706][ T4858] RSP: 002b:00007fd2a164f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   57.426728][ T4858] RAX: ffffffffffffffda RBX: 00007fd2a2e45fa0 RCX: 00007fd2a2bef749
[   57.426742][ T4858] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[   57.426756][ T4858] RBP: 00007fd2a164f090 R08: 0000000000000000 R09: 0000000000000000
[   57.426781][ T4858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.426815][ T4858] R13: 00007fd2a2e46038 R14: 00007fd2a2e45fa0 R15: 00007fff5314aad8
[   57.426834][ T4858]  </TASK>
[   57.651670][ T4855] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[   57.658226][ T4855] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   57.665678][ T4855] vhci_hcd vhci_hcd.0: Device attached
[   57.694274][ T4860] vhci_hcd: connection closed
[   57.696157][ T1687] vhci_hcd: stop threads
[   57.705234][ T1687] vhci_hcd: release socket
[   57.705246][ T1687] vhci_hcd: disconnect device
[   57.748969][ T4865] loop0: detected capacity change from 0 to 1024
[   57.789856][ T4865] netlink: 'syz.0.399': attribute type 11 has an invalid length.
[   57.828616][ T4876] 9pnet: Could not find request transport: f
[   57.979657][ T4893] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4893 comm=syz.0.411
[   58.167377][ T4914] loop3: detected capacity change from 0 to 1024
[   58.187296][ T4914] netlink: 'syz.3.417': attribute type 11 has an invalid length.
[   58.226513][ T4901] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(8)
[   58.233053][ T4901] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   58.240523][ T4901] vhci_hcd vhci_hcd.0: Device attached
[   58.246550][ T4918] vhci_hcd: connection closed
[   58.246737][ T1687] vhci_hcd: stop threads
[   58.255779][ T1687] vhci_hcd: release socket
[   58.260207][ T1687] vhci_hcd: disconnect device
[   58.289369][ T4921] 9pnet: Could not find request transport: f
[   58.307400][ T4924] netlink: 12 bytes leftover after parsing attributes in process `syz.3.419'.
[   58.330922][ T4924] 8021q: adding VLAN 0 to HW filter on device bond1
[   58.342243][ T4924] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   58.349782][ T4924] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   58.492409][ T4939] FAULT_INJECTION: forcing a failure.
[   58.492409][ T4939] name failslab, interval 1, probability 0, space 0, times 0
[   58.505459][ T4939] CPU: 0 UID: 0 PID: 4939 Comm: syz.5.425 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   58.505479][ T4939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   58.505486][ T4939] Call Trace:
[   58.505491][ T4939]  <TASK>
[   58.505497][ T4939]  __dump_stack+0x1d/0x30
[   58.505589][ T4939]  dump_stack_lvl+0xe8/0x140
[   58.505686][ T4939]  dump_stack+0x15/0x1b
[   58.505698][ T4939]  should_fail_ex+0x265/0x280
[   58.505711][ T4939]  should_failslab+0x8c/0xb0
[   58.505728][ T4939]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[   58.505767][ T4939]  ? sidtab_sid2str_get+0xa0/0x130
[   58.505787][ T4939]  kmemdup_noprof+0x2b/0x70
[   58.505803][ T4939]  sidtab_sid2str_get+0xa0/0x130
[   58.505821][ T4939]  security_sid_to_context_core+0x1eb/0x2e0
[   58.505961][ T4939]  security_sid_to_context+0x27/0x40
[   58.506030][ T4939]  selinux_lsmprop_to_secctx+0x67/0xf0
[   58.506049][ T4939]  security_lsmprop_to_secctx+0x1a3/0x1c0
[   58.506139][ T4939]  audit_log_subj_ctx+0xa4/0x3e0
[   58.506152][ T4939]  ? skb_put+0xa9/0xf0
[   58.506171][ T4939]  audit_log_task_context+0x48/0x70
[   58.506218][ T4939]  audit_log_task+0xf4/0x250
[   58.506238][ T4939]  ? kstrtouint+0x76/0xc0
[   58.506256][ T4939]  audit_seccomp+0x61/0x100
[   58.506313][ T4939]  ? __seccomp_filter+0x82d/0x1250
[   58.506409][ T4939]  __seccomp_filter+0x83e/0x1250
[   58.506432][ T4939]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   58.506451][ T4939]  ? vfs_write+0x7e8/0x960
[   58.506491][ T4939]  ? __rcu_read_unlock+0x4f/0x70
[   58.506571][ T4939]  ? __fget_files+0x184/0x1c0
[   58.506589][ T4939]  __secure_computing+0x82/0x150
[   58.506605][ T4939]  syscall_trace_enter+0xcf/0x1e0
[   58.506622][ T4939]  do_syscall_64+0xac/0x200
[   58.506681][ T4939]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   58.506708][ T4939]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   58.506787][ T4939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.506800][ T4939] RIP: 0033:0x7f0383b0f749
[   58.506811][ T4939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.506840][ T4939] RSP: 002b:00007f0382577038 EFLAGS: 00000246 ORIG_RAX: 0000000000000005
[   58.506854][ T4939] RAX: ffffffffffffffda RBX: 00007f0383d65fa0 RCX: 00007f0383b0f749
[   58.506862][ T4939] RDX: 0000000000000000 RSI: 00002000000051c0 RDI: 0000000000000004
[   58.506870][ T4939] RBP: 00007f0382577090 R08: 0000000000000000 R09: 0000000000000000
[   58.506878][ T4939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.506954][ T4939] R13: 00007f0383d66038 R14: 00007f0383d65fa0 R15: 00007ffe5e687848
[   58.506966][ T4939]  </TASK>
[   58.809407][ T4944] loop5: detected capacity change from 0 to 512
[   58.828502][ T4953] loop2: detected capacity change from 0 to 1024
[   58.843851][ T4950] 9pnet: Could not find request transport: f
[   58.855193][ T4953] netlink: 'syz.2.429': attribute type 11 has an invalid length.
[   58.855206][ T4944] ext4 filesystem being mounted at /25/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   59.015457][ T4966] loop3: detected capacity change from 0 to 1024
[   59.076582][ T4968] loop4: detected capacity change from 0 to 1024
[   59.091169][ T4968] EXT4-fs: Ignoring removed orlov option
[   59.098323][ T4968] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   59.123460][ T4972] loop2: detected capacity change from 0 to 1024
[   59.168133][ T4972] EXT4-fs: Ignoring removed orlov option
[   59.182624][ T4972] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   59.241978][ T4976] loop4: detected capacity change from 0 to 1024
[   59.285782][ T4970] loop3: detected capacity change from 0 to 32768
[   59.316777][ T4984] loop4: detected capacity change from 0 to 1024
[   59.323690][ T4985] netlink: 'syz.3.445': attribute type 2 has an invalid length.
[   59.331587][ T4985] netlink: 'syz.3.445': attribute type 1 has an invalid length.
[   59.339259][ T4985] netlink: 152 bytes leftover after parsing attributes in process `syz.3.445'.
[   59.348418][ T4970]  loop3: p1 p2 p3 < > p4 < p5 p6 >
[   59.354170][ T4970] loop3: p1 start 460800 is beyond EOD, truncated
[   59.360674][ T4970] loop3: p2 size 83886080 extends beyond EOD, truncated
[   59.373364][ T4970] loop3: p5 start 460800 is beyond EOD, truncated
[   59.380048][ T4970] loop3: p6 size 83886080 extends beyond EOD, truncated
[   59.433145][ T4980] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[   59.439750][ T4980] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   59.447318][ T4980] vhci_hcd vhci_hcd.0: Device attached
[   59.470065][ T4990] vhci_hcd: connection closed
[   59.475061][ T4993] 9p: Unknown access argument : -22
[   59.485134][ T1687] vhci_hcd: stop threads
[   59.489383][ T1687] vhci_hcd: release socket
[   59.493850][ T1687] vhci_hcd: disconnect device
[   59.512266][ T4138] udevd[4138]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[   59.524212][ T4217] udevd[4217]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[   59.524266][ T4810] udevd[4810]: inotify_add_watch(7, /dev/loop3p6, 10) failed: No such file or directory
[   59.535979][ T4218] udevd[4218]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[   59.677574][ T5013] FAULT_INJECTION: forcing a failure.
[   59.677574][ T5013] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   59.690913][ T5013] CPU: 1 UID: 0 PID: 5013 Comm: syz.4.448 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   59.690943][ T5013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   59.690955][ T5013] Call Trace:
[   59.690961][ T5013]  <TASK>
[   59.690976][ T5013]  __dump_stack+0x1d/0x30
[   59.691002][ T5013]  dump_stack_lvl+0xe8/0x140
[   59.691046][ T5013]  dump_stack+0x15/0x1b
[   59.691062][ T5013]  should_fail_ex+0x265/0x280
[   59.691152][ T5013]  should_fail+0xb/0x20
[   59.691170][ T5013]  should_fail_usercopy+0x1a/0x20
[   59.691190][ T5013]  strncpy_from_user+0x25/0x230
[   59.691237][ T5013]  ? kmem_cache_alloc_noprof+0x242/0x480
[   59.691262][ T5013]  ? getname_flags+0x80/0x3b0
[   59.691288][ T5013]  getname_flags+0xae/0x3b0
[   59.691399][ T5013]  __se_sys_acct+0x6a/0x530
[   59.691515][ T5013]  __x64_sys_acct+0x1f/0x30
[   59.691550][ T5013]  x64_sys_call+0x2f3a/0x3000
[   59.691583][ T5013]  do_syscall_64+0xd2/0x200
[   59.691602][ T5013]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   59.691631][ T5013]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   59.691722][ T5013]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.691814][ T5013] RIP: 0033:0x7fd2a2bef749
[   59.691828][ T5013] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.691850][ T5013] RSP: 002b:00007fd2a164f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a3
[   59.691868][ T5013] RAX: ffffffffffffffda RBX: 00007fd2a2e45fa0 RCX: 00007fd2a2bef749
[   59.691881][ T5013] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[   59.691894][ T5013] RBP: 00007fd2a164f090 R08: 0000000000000000 R09: 0000000000000000
[   59.691908][ T5013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.691921][ T5013] R13: 00007fd2a2e46038 R14: 00007fd2a2e45fa0 R15: 00007fff5314aad8
[   59.691992][ T5013]  </TASK>
[   59.955394][ T5019] loop5: detected capacity change from 0 to 1024
[   60.171437][ T5038] FAULT_INJECTION: forcing a failure.
[   60.171437][ T5038] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   60.184818][ T5038] CPU: 0 UID: 0 PID: 5038 Comm: syz.3.458 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   60.184878][ T5038] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   60.184942][ T5038] Call Trace:
[   60.184948][ T5038]  <TASK>
[   60.184955][ T5038]  __dump_stack+0x1d/0x30
[   60.184976][ T5038]  dump_stack_lvl+0xe8/0x140
[   60.184993][ T5038]  dump_stack+0x15/0x1b
[   60.185008][ T5038]  should_fail_ex+0x265/0x280
[   60.185085][ T5038]  should_fail+0xb/0x20
[   60.185148][ T5038]  should_fail_usercopy+0x1a/0x20
[   60.185165][ T5038]  strncpy_from_user+0x25/0x230
[   60.185188][ T5038]  ? __kmalloc_cache_noprof+0x249/0x4a0
[   60.185215][ T5038]  getname_flags+0x230/0x3b0
[   60.185296][ T5038]  __x64_sys_renameat2+0x5f/0x90
[   60.185319][ T5038]  x64_sys_call+0x3f9/0x3000
[   60.185351][ T5038]  do_syscall_64+0xd2/0x200
[   60.185369][ T5038]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   60.185394][ T5038]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   60.185497][ T5038]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   60.185516][ T5038] RIP: 0033:0x7f4de9d6f749
[   60.185530][ T5038] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   60.185624][ T5038] RSP: 002b:00007f4de87d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[   60.185696][ T5038] RAX: ffffffffffffffda RBX: 00007f4de9fc5fa0 RCX: 00007f4de9d6f749
[   60.185707][ T5038] RDX: ffffffffffffffff RSI: 0000200000002480 RDI: ffffffffffffff9c
[   60.185718][ T5038] RBP: 00007f4de87d7090 R08: 0000000000000004 R09: 0000000000000000
[   60.185728][ T5038] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   60.185738][ T5038] R13: 00007f4de9fc6038 R14: 00007f4de9fc5fa0 R15: 00007ffcb82c92c8
[   60.185754][ T5038]  </TASK>
[   60.615599][ T5059] loop3: detected capacity change from 0 to 1024
[   60.652498][ T5064] loop4: detected capacity change from 0 to 1024
[   60.733133][ T5081] veth0: entered promiscuous mode
[   60.744659][ T5081] netlink: 4 bytes leftover after parsing attributes in process `syz.4.471'.
[   60.778920][ T5081] veth0 (unregistering): left promiscuous mode
[   60.853343][ T5089] netlink: 8 bytes leftover after parsing attributes in process `syz.4.474'.
[   60.862503][ T5089] netlink: 48 bytes leftover after parsing attributes in process `syz.4.474'.
[   60.871500][ T5089] netlink: 16 bytes leftover after parsing attributes in process `syz.4.474'.
[   60.880385][ T5089] netlink: 48 bytes leftover after parsing attributes in process `syz.4.474'.
[   61.095826][ T5103] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   61.104316][ T5103] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   61.243837][ T5110] bridge0: port 3(vlan3) entered blocking state
[   61.250137][ T5110] bridge0: port 3(vlan3) entered disabled state
[   61.269898][ T5110] vlan3: entered allmulticast mode
[   61.275182][ T5110] bridge0: entered allmulticast mode
[   62.245117][ T5100] loop2: detected capacity change from 0 to 512
[   62.252100][ T5110] vlan3: left allmulticast mode
[   62.257041][ T5110] bridge0: left allmulticast mode
[   62.461956][ T5100] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.478: bad orphan inode 11862016
[   62.478168][ T5120] loop3: detected capacity change from 0 to 2048
[   62.804927][ T5119] loop5: detected capacity change from 0 to 512
[   62.861439][ T5100] ext4 filesystem being mounted at /102/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.872597][ T5119] EXT4-fs (loop5): revision level too high, forcing read-only mode
[   62.880642][ T5119] EXT4-fs (loop5): orphan cleanup on readonly fs
[   62.895059][ T5119] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[   62.907685][ T5119] EXT4-fs (loop5): Remounting filesystem read-only
[   62.909038][   T29] kauditd_printk_skb: 418 callbacks suppressed
[   62.909053][   T29] audit: type=1326 audit(1764271579.906:2472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5111 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4f863f749 code=0x7ffc0000
[   62.914398][ T5119] EXT4-fs (loop5): 1 truncate cleaned up
[   62.927761][   T29] audit: type=1326 audit(1764271579.906:2473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5111 comm="syz.0.484" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4f863f749 code=0x7ffc0000
[   62.980507][   T29] audit: type=1400 audit(1764271579.936:2474): avc:  denied  { search } for  pid=5125 comm="dhcpcd-run-hook" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   62.992124][   T52] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   63.002880][   T29] audit: type=1400 audit(1764271579.936:2475): avc:  denied  { search } for  pid=5125 comm="dhcpcd-run-hook" name="dhcpcd" dev="tmpfs" ino=477 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   63.013277][   T52] Quota error (device loop5): write_blk: dquota write failed
[   63.013293][   T52] Quota error (device loop5): remove_free_dqentry: Can't write block (5) with free entries
[   63.036148][   T29] audit: type=1400 audit(1764271579.936:2476): avc:  denied  { search } for  pid=5125 comm="dhcpcd-run-hook" name="hook-state" dev="tmpfs" ino=481 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   63.043544][   T52] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   63.053547][   T29] audit: type=1400 audit(1764271579.936:2477): avc:  denied  { search } for  pid=5125 comm="dhcpcd-run-hook" name="resolv.conf" dev="tmpfs" ino=482 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   63.076624][   T52] Quota error (device loop5): write_blk: dquota write failed
[   63.087223][   T29] audit: type=1400 audit(1764271579.946:2478): avc:  denied  { read open } for  pid=5128 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=482 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   63.110463][   T52] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[   63.265023][ T5113] lo speed is unknown, defaulting to 1000
[   63.543258][ T5162] loop5: detected capacity change from 0 to 1024
[   63.550214][ T5162] EXT4-fs: Ignoring removed orlov option
[   63.571352][ T5162] EXT4-fs (loop5): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   63.647323][ T5176] netlink: 4 bytes leftover after parsing attributes in process `syz.4.492'.
[   63.676422][ T5181] netlink: 12 bytes leftover after parsing attributes in process `syz.0.488'.
[   63.685390][ T5181] netlink: 12 bytes leftover after parsing attributes in process `syz.0.488'.
[   63.705608][ T5187] loop3: detected capacity change from 0 to 1024
[   63.731200][ T5187] EXT4-fs: Ignoring removed orlov option
[   63.738594][ T5186] netlink: 24 bytes leftover after parsing attributes in process `syz.4.492'.
[   63.816192][ T5187] bridge0: port 3(batadv1) entered blocking state
[   63.822745][ T5187] bridge0: port 3(batadv1) entered disabled state
[   63.869903][ T5187] batadv1: entered allmulticast mode
[   63.885852][ T5187] batadv1: entered promiscuous mode
[   63.942530][ T5181] lo speed is unknown, defaulting to 1000
[   64.011743][ T5213] xt_TCPMSS: Only works on TCP SYN packets
[   64.300773][   T52] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[   64.310022][   T52] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[   64.387478][ T5226] loop2: detected capacity change from 0 to 512
[   64.443161][ T5226] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   64.451613][ T5226] EXT4-fs (loop2): orphan cleanup on readonly fs
[   64.460597][ T5226] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[   64.475286][ T5226] EXT4-fs (loop2): Remounting filesystem read-only
[   64.482075][ T5226] EXT4-fs (loop2): 1 truncate cleaned up
[   64.488192][   T41] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   64.498795][   T41] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   64.701379][   T41] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   64.732385][ T5233] loop3: detected capacity change from 0 to 1024
[   64.778464][ T5224] lo speed is unknown, defaulting to 1000
[   64.934345][ T5251] loop4: detected capacity change from 0 to 1024
[   64.972955][ T5251] validate_nla: 1 callbacks suppressed
[   64.972973][ T5251] netlink: 'syz.4.504': attribute type 11 has an invalid length.
[   65.105078][ T5269] loop2: detected capacity change from 0 to 1024
[   65.112234][ T5269] EXT4-fs: inline encryption not supported
[   65.175975][ T5276] FAULT_INJECTION: forcing a failure.
[   65.175975][ T5276] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   65.189281][ T5276] CPU: 1 UID: 0 PID: 5276 Comm: syz.2.512 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   65.189434][ T5276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   65.189448][ T5276] Call Trace:
[   65.189456][ T5276]  <TASK>
[   65.189466][ T5276]  __dump_stack+0x1d/0x30
[   65.189575][ T5276]  dump_stack_lvl+0xe8/0x140
[   65.189595][ T5276]  dump_stack+0x15/0x1b
[   65.189611][ T5276]  should_fail_ex+0x265/0x280
[   65.189630][ T5276]  should_fail+0xb/0x20
[   65.189644][ T5276]  should_fail_usercopy+0x1a/0x20
[   65.189723][ T5276]  set_fd_set+0x29/0xa0
[   65.189744][ T5276]  core_sys_select+0x54d/0x6e0
[   65.189774][ T5276]  ? set_user_sigmask+0x84/0x190
[   65.189795][ T5276]  __se_sys_pselect6+0x216/0x280
[   65.189872][ T5276]  __x64_sys_pselect6+0x78/0x90
[   65.189933][ T5276]  x64_sys_call+0x28bd/0x3000
[   65.189958][ T5276]  do_syscall_64+0xd2/0x200
[   65.189982][ T5276]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   65.190061][ T5276]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   65.190099][ T5276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.190153][ T5276] RIP: 0033:0x7f7938fdf749
[   65.190168][ T5276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.190260][ T5276] RSP: 002b:00007f7937a3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[   65.190280][ T5276] RAX: ffffffffffffffda RBX: 00007f7939235fa0 RCX: 00007f7938fdf749
[   65.190295][ T5276] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000002000
[   65.190309][ T5276] RBP: 00007f7937a3f090 R08: 0000000000000000 R09: 0000000000000000
[   65.190373][ T5276] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[   65.190388][ T5276] R13: 00007f7939236038 R14: 00007f7939235fa0 R15: 00007ffc855143e8
[   65.190408][ T5276]  </TASK>
[   65.388920][ T5279] netlink: 16 bytes leftover after parsing attributes in process `syz.5.513'.
[   65.436522][ T5279] team0 (unregistering): Port device team_slave_0 removed
[   65.445847][ T5279] team0 (unregistering): Port device team_slave_1 removed
[   65.507790][ T5293] loop2: detected capacity change from 0 to 1024
[   65.524798][ T5293] netlink: 'syz.2.518': attribute type 11 has an invalid length.
[   65.638834][ T5306] FAULT_INJECTION: forcing a failure.
[   65.638834][ T5306] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   65.644711][ T5308] netlink: 'syz.2.523': attribute type 21 has an invalid length.
[   65.651957][ T5306] CPU: 0 UID: 0 PID: 5306 Comm: syz.4.522 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   65.651984][ T5306] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   65.651995][ T5306] Call Trace:
[   65.652002][ T5306]  <TASK>
[   65.652012][ T5306]  __dump_stack+0x1d/0x30
[   65.652107][ T5306]  dump_stack_lvl+0xe8/0x140
[   65.652127][ T5306]  dump_stack+0x15/0x1b
[   65.652209][ T5306]  should_fail_ex+0x265/0x280
[   65.652228][ T5306]  should_fail+0xb/0x20
[   65.652244][ T5306]  should_fail_usercopy+0x1a/0x20
[   65.652265][ T5306]  _copy_to_user+0x20/0xa0
[   65.652319][ T5306]  simple_read_from_buffer+0xb5/0x130
[   65.652344][ T5306]  proc_fail_nth_read+0x10e/0x150
[   65.652418][ T5306]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   65.652446][ T5306]  vfs_read+0x1a8/0x770
[   65.652468][ T5306]  ? __rcu_read_unlock+0x4f/0x70
[   65.652519][ T5306]  ? __fget_files+0x184/0x1c0
[   65.652546][ T5306]  ksys_read+0xda/0x1a0
[   65.652578][ T5306]  __x64_sys_read+0x40/0x50
[   65.652610][ T5306]  x64_sys_call+0x27c0/0x3000
[   65.652632][ T5306]  do_syscall_64+0xd2/0x200
[   65.652652][ T5306]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   65.652678][ T5306]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   65.652714][ T5306]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.652734][ T5306] RIP: 0033:0x7fd2a2bee15c
[   65.652750][ T5306] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   65.652766][ T5306] RSP: 002b:00007fd2a164f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   65.652791][ T5306] RAX: ffffffffffffffda RBX: 00007fd2a2e45fa0 RCX: 00007fd2a2bee15c
[   65.652804][ T5306] RDX: 000000000000000f RSI: 00007fd2a164f0a0 RDI: 0000000000000004
[   65.652816][ T5306] RBP: 00007fd2a164f090 R08: 0000000000000000 R09: 0000000000000000
[   65.652827][ T5306] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   65.652839][ T5306] R13: 00007fd2a2e46038 R14: 00007fd2a2e45fa0 R15: 00007fff5314aad8
[   65.652856][ T5306]  </TASK>
[   65.859210][ T5308] netlink: 'syz.2.523': attribute type 1 has an invalid length.
[   65.866975][ T5308] netlink: 144 bytes leftover after parsing attributes in process `syz.2.523'.
[   66.030671][ T5326] FAULT_INJECTION: forcing a failure.
[   66.030671][ T5326] name failslab, interval 1, probability 0, space 0, times 0
[   66.043391][ T5326] CPU: 0 UID: 0 PID: 5326 Comm: syz.4.530 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   66.043554][ T5326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   66.043575][ T5326] Call Trace:
[   66.043583][ T5326]  <TASK>
[   66.043590][ T5326]  __dump_stack+0x1d/0x30
[   66.043611][ T5326]  dump_stack_lvl+0xe8/0x140
[   66.043630][ T5326]  dump_stack+0x15/0x1b
[   66.043645][ T5326]  should_fail_ex+0x265/0x280
[   66.043722][ T5326]  should_failslab+0x8c/0xb0
[   66.043754][ T5326]  kmem_cache_alloc_noprof+0x50/0x480
[   66.043785][ T5326]  ? alloc_empty_file+0x76/0x200
[   66.043853][ T5326]  alloc_empty_file+0x76/0x200
[   66.043909][ T5326]  alloc_file_pseudo+0xc6/0x160
[   66.043933][ T5326]  sock_alloc_file+0x9c/0x1e0
[   66.043959][ T5326]  do_accept+0x1e4/0x3a0
[   66.043993][ T5326]  __sys_accept4+0xbf/0x140
[   66.044025][ T5326]  __x64_sys_accept+0x42/0x50
[   66.044056][ T5326]  x64_sys_call+0x212c/0x3000
[   66.044127][ T5326]  do_syscall_64+0xd2/0x200
[   66.044149][ T5326]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   66.044194][ T5326]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   66.044238][ T5326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.044258][ T5326] RIP: 0033:0x7fd2a2bef749
[   66.044275][ T5326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.044295][ T5326] RSP: 002b:00007fd2a162e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002b
[   66.044328][ T5326] RAX: ffffffffffffffda RBX: 00007fd2a2e46090 RCX: 00007fd2a2bef749
[   66.044343][ T5326] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[   66.044356][ T5326] RBP: 00007fd2a162e090 R08: 0000000000000000 R09: 0000000000000000
[   66.044427][ T5326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.044440][ T5326] R13: 00007fd2a2e46128 R14: 00007fd2a2e46090 R15: 00007fff5314aad8
[   66.044460][ T5326]  </TASK>
[   66.291240][ T5330] loop2: detected capacity change from 0 to 1024
[   66.329778][ T5330] netlink: 'syz.2.531': attribute type 11 has an invalid length.
[   66.455586][ T5345] netlink: 'syz.3.537': attribute type 39 has an invalid length.
[   66.507747][ T5348] netlink: 176 bytes leftover after parsing attributes in process `syz.3.537'.
[   67.144552][ T5360] loop4: detected capacity change from 0 to 512
[   67.200985][ T5360] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   67.209073][ T5360] EXT4-fs (loop4): orphan cleanup on readonly fs
[   67.232009][ T5360] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[   67.244070][ T5360] EXT4-fs (loop4): Remounting filesystem read-only
[   67.251333][ T5360] EXT4-fs (loop4): 1 truncate cleaned up
[   67.257352][   T57] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   67.267910][   T57] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   67.330030][   T57] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   67.401288][ T5360] EXT4-fs mount: 77 callbacks suppressed
[   67.401306][ T5360] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   67.481807][ T5360] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.496632][ T5369] loop3: detected capacity change from 0 to 1024
[   67.542765][ T5369] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.595472][ T5369] netlink: 'syz.3.544': attribute type 11 has an invalid length.
[   67.609874][ T5360] lo speed is unknown, defaulting to 1000
[   67.630603][ T5375] FAULT_INJECTION: forcing a failure.
[   67.630603][ T5375] name failslab, interval 1, probability 0, space 0, times 0
[   67.643321][ T5375] CPU: 1 UID: 0 PID: 5375 Comm: syz.2.545 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   67.643347][ T5375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   67.643357][ T5375] Call Trace:
[   67.643363][ T5375]  <TASK>
[   67.643369][ T5375]  __dump_stack+0x1d/0x30
[   67.643391][ T5375]  dump_stack_lvl+0xe8/0x140
[   67.643441][ T5375]  dump_stack+0x15/0x1b
[   67.643462][ T5375]  should_fail_ex+0x265/0x280
[   67.643555][ T5375]  ? tipc_group_create+0x66/0x290
[   67.643581][ T5375]  should_failslab+0x8c/0xb0
[   67.643607][ T5375]  __kmalloc_cache_noprof+0x4c/0x4a0
[   67.643667][ T5375]  tipc_group_create+0x66/0x290
[   67.643771][ T5375]  tipc_sk_join+0x130/0x2e0
[   67.643803][ T5375]  tipc_setsockopt+0x598/0x620
[   67.643833][ T5375]  ? __pfx_tipc_setsockopt+0x10/0x10
[   67.643910][ T5375]  __sys_setsockopt+0x184/0x200
[   67.643938][ T5375]  __x64_sys_setsockopt+0x64/0x80
[   67.643971][ T5375]  x64_sys_call+0x20ec/0x3000
[   67.643990][ T5375]  do_syscall_64+0xd2/0x200
[   67.644061][ T5375]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   67.644136][ T5375]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   67.644172][ T5375]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   67.644193][ T5375] RIP: 0033:0x7f7938fdf749
[   67.644208][ T5375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   67.644287][ T5375] RSP: 002b:00007f7937a3f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   67.644316][ T5375] RAX: ffffffffffffffda RBX: 00007f7939235fa0 RCX: 00007f7938fdf749
[   67.644328][ T5375] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000003
[   67.644350][ T5375] RBP: 00007f7937a3f090 R08: 0000000000000010 R09: 0000000000000000
[   67.644371][ T5375] R10: 0000200000000380 R11: 0000000000000246 R12: 0000000000000001
[   67.644458][ T5375] R13: 00007f7939236038 R14: 00007f7939235fa0 R15: 00007ffc855143e8
[   67.644501][ T5375]  </TASK>
[   67.921368][   T29] kauditd_printk_skb: 109 callbacks suppressed
[   67.921385][   T29] audit: type=1400 audit(1764271584.916:2573): avc:  denied  { mount } for  pid=5377 comm="syz.2.546" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[   67.995494][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.075561][ T5380] veth2: entered promiscuous mode
[   68.080777][ T5380] veth2: entered allmulticast mode
[   68.154978][ T5382] loop3: detected capacity change from 0 to 2048
[   68.208953][ T5382] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   68.261890][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.293210][   T29] audit: type=1400 audit(1764271585.286:2574): avc:  denied  { accept } for  pid=5377 comm="syz.2.546" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[   68.313488][ T5385] netlink: 96 bytes leftover after parsing attributes in process `syz.2.546'.
[   68.501699][   T29] audit: type=1326 audit(1764271585.486:2575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5392 comm="syz.0.552" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc4f863f749 code=0x0
[   68.542363][ T5399] netlink: 'syz.5.555': attribute type 3 has an invalid length.
[   68.550132][ T5399] netlink: 'syz.5.555': attribute type 3 has an invalid length.
[   68.564726][ T5401] loop4: detected capacity change from 0 to 1024
[   68.571885][ T5401] EXT4-fs: Ignoring removed orlov option
[   68.578816][ T5399] loop5: detected capacity change from 0 to 128
[   68.591214][ T5401] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   68.611560][ T5399] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   68.624767][ T5399] ext4 filesystem being mounted at /39/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   68.660926][ T5401] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.692365][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.704603][   T29] audit: type=1400 audit(1764271585.696:2576): avc:  denied  { ioctl } for  pid=5398 comm="syz.5.555" path="/39/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file1" dev="loop5" ino=12 ioctlcmd=0x89f1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   68.803396][ T4315] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   68.929209][ T5415] netlink: 'syz.5.558': attribute type 13 has an invalid length.
[   68.984858][ T5415] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.992417][ T5415] bridge0: port 1(bridge_slave_0) entered disabled state
[   69.073328][ T5415] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   69.080999][ T5421] loop4: detected capacity change from 0 to 512
[   69.110626][ T5421] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   69.120676][   T29] audit: type=1326 audit(1764271586.106:2577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5414 comm="syz.5.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0383b0f749 code=0x7ffc0000
[   69.138835][ T5421] EXT4-fs (loop4): orphan cleanup on readonly fs
[   69.158189][ T5415] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   69.194244][ T5421] EXT4-fs error (device loop4): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[   69.194314][   T29] audit: type=1326 audit(1764271586.116:2578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5414 comm="syz.5.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0383b0f749 code=0x7ffc0000
[   69.226465][ T5421] EXT4-fs (loop4): Remounting filesystem read-only
[   69.229213][   T29] audit: type=1326 audit(1764271586.116:2579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5414 comm="syz.5.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0383b0f749 code=0x7ffc0000
[   69.259178][   T29] audit: type=1326 audit(1764271586.116:2580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5414 comm="syz.5.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0383b0f749 code=0x7ffc0000
[   69.266100][ T5421] EXT4-fs (loop4): 1 truncate cleaned up
[   69.283745][   T29] audit: type=1326 audit(1764271586.116:2581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5414 comm="syz.5.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0383b0f749 code=0x7ffc0000
[   69.290287][   T31] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   69.313220][   T29] audit: type=1326 audit(1764271586.116:2582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5414 comm="syz.5.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0383b0f749 code=0x7ffc0000
[   69.323739][   T31] EXT4-fs (loop4): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   69.360773][   T31] EXT4-fs (loop4): Quota write (off=8, len=24) cancelled because transaction is not started
[   69.371564][ T5421] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   69.385130][ T5421] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.418507][ T5417] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[   69.426779][ T5417] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[   69.456435][   T31] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   69.486622][   T31] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   69.517705][   T31] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   69.546945][   T31] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   69.609082][ T5421] lo speed is unknown, defaulting to 1000
[   69.700523][ T5434] loop3: detected capacity change from 0 to 1024
[   69.811411][ T5440] FAULT_INJECTION: forcing a failure.
[   69.811411][ T5440] name failslab, interval 1, probability 0, space 0, times 0
[   69.811821][ T5434] EXT4-fs: Ignoring removed orlov option
[   69.824303][ T5440] CPU: 0 UID: 0 PID: 5440 Comm: syz.5.566 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   69.824377][ T5440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   69.824389][ T5440] Call Trace:
[   69.824395][ T5440]  <TASK>
[   69.824403][ T5440]  __dump_stack+0x1d/0x30
[   69.824425][ T5440]  dump_stack_lvl+0xe8/0x140
[   69.824522][ T5440]  dump_stack+0x15/0x1b
[   69.824539][ T5440]  should_fail_ex+0x265/0x280
[   69.824558][ T5440]  ? proc_do_submiturb+0x83d/0x1d20
[   69.824588][ T5440]  should_failslab+0x8c/0xb0
[   69.824650][ T5440]  __kmalloc_cache_noprof+0x4c/0x4a0
[   69.824702][ T5440]  proc_do_submiturb+0x83d/0x1d20
[   69.824784][ T5440]  ? proc_do_submiturb+0x171/0x1d20
[   69.824813][ T5440]  ? should_fail_ex+0xdb/0x280
[   69.824851][ T5440]  proc_submiturb+0x7b/0xa0
[   69.824878][ T5440]  usbdev_ioctl+0xcb6/0x1700
[   69.824903][ T5440]  ? __pfx_usbdev_ioctl+0x10/0x10
[   69.825037][ T5440]  __se_sys_ioctl+0xce/0x140
[   69.825086][ T5440]  __x64_sys_ioctl+0x43/0x50
[   69.825106][ T5440]  x64_sys_call+0x1816/0x3000
[   69.825127][ T5440]  do_syscall_64+0xd2/0x200
[   69.825156][ T5440]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   69.825182][ T5440]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   69.825268][ T5440]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.825289][ T5440] RIP: 0033:0x7f0383b0f749
[   69.825305][ T5440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   69.825322][ T5440] RSP: 002b:00007f0382577038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   69.825342][ T5440] RAX: ffffffffffffffda RBX: 00007f0383d65fa0 RCX: 00007f0383b0f749
[   69.825362][ T5440] RDX: 0000200000000140 RSI: 000000008038550a RDI: 0000000000000005
[   69.825396][ T5440] RBP: 00007f0382577090 R08: 0000000000000000 R09: 0000000000000000
[   69.825412][ T5440] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   69.825491][ T5440] R13: 00007f0383d66038 R14: 00007f0383d65fa0 R15: 00007ffe5e687848
[   69.825508][ T5440]  </TASK>
[   70.090966][ T5434] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   70.169956][ T5434] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.257903][ T5451] netlink: 12 bytes leftover after parsing attributes in process `syz.0.568'.
[   70.259075][ T5463] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[   70.275261][ T5463] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[   70.313461][ T5465] netlink: 'syz.5.572': attribute type 13 has an invalid length.
[   70.335491][ T5461] loop2: detected capacity change from 0 to 1024
[   70.391968][ T5461] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   70.403030][ T5461] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   70.451047][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.465157][ T5469] sch_tbf: peakrate 7 is lower than or equals to rate 7 !
[   70.478209][ T5461] JBD2: no valid journal superblock found
[   70.484058][ T5461] EXT4-fs (loop2): Could not load journal inode
[   70.571402][ T5461] bond1: option arp_interval: invalid value (18446744072065216082)
[   70.579615][ T5461] bond1: option arp_interval: allowed values 0 - 2147483647
[   70.590648][ T5461] bond1 (unregistering): Released all slaves
[   70.627517][ T5475] bond0: (slave bond_slave_1): Releasing backup interface
[   70.696968][ T5475] netlink: 40 bytes leftover after parsing attributes in process `syz.3.574'.
[   70.708930][ T5475] loop3: detected capacity change from 0 to 512
[   70.715720][ T5475] ext4: Bad value for 'min_batch_time'
[   70.919651][ T5490] loop4: detected capacity change from 0 to 1024
[   70.927507][ T5490] EXT4-fs: Ignoring removed orlov option
[   70.936657][ T5490] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   71.007876][ T5490] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.067609][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.213636][ T5512] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5512 comm=syz.0.586
[   71.282866][ T5512] netlink: 'syz.0.586': attribute type 1 has an invalid length.
[   71.320119][ T5519] loop5: detected capacity change from 0 to 1024
[   71.359473][ T5519] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   71.531668][ T4315] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.636492][ T5530] FAULT_INJECTION: forcing a failure.
[   71.636492][ T5530] name failslab, interval 1, probability 0, space 0, times 0
[   71.649251][ T5530] CPU: 1 UID: 0 PID: 5530 Comm: syz.0.591 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   71.649325][ T5530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   71.649339][ T5530] Call Trace:
[   71.649344][ T5530]  <TASK>
[   71.649350][ T5530]  __dump_stack+0x1d/0x30
[   71.649371][ T5530]  dump_stack_lvl+0xe8/0x140
[   71.649394][ T5530]  dump_stack+0x15/0x1b
[   71.649482][ T5530]  should_fail_ex+0x265/0x280
[   71.649500][ T5530]  ? ftrace_profile_set_filter+0xc2/0x1b0
[   71.649539][ T5530]  should_failslab+0x8c/0xb0
[   71.649565][ T5530]  __kmalloc_cache_noprof+0x4c/0x4a0
[   71.649659][ T5530]  ftrace_profile_set_filter+0xc2/0x1b0
[   71.649729][ T5530]  perf_ioctl+0x7b3/0x12e0
[   71.649768][ T5530]  ? ioctl_has_perm+0x289/0x2a0
[   71.649795][ T5530]  ? do_vfs_ioctl+0x866/0xe10
[   71.649819][ T5530]  ? selinux_file_ioctl+0x308/0x3a0
[   71.649856][ T5530]  ? __fget_files+0x184/0x1c0
[   71.649894][ T5530]  ? __pfx_perf_ioctl+0x10/0x10
[   71.649923][ T5530]  __se_sys_ioctl+0xce/0x140
[   71.649947][ T5530]  __x64_sys_ioctl+0x43/0x50
[   71.650014][ T5530]  x64_sys_call+0x1816/0x3000
[   71.650033][ T5530]  do_syscall_64+0xd2/0x200
[   71.650056][ T5530]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   71.650088][ T5530]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   71.650193][ T5530]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.650251][ T5530] RIP: 0033:0x7fc4f863f749
[   71.650266][ T5530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.650285][ T5530] RSP: 002b:00007fc4f70a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   71.650309][ T5530] RAX: ffffffffffffffda RBX: 00007fc4f8895fa0 RCX: 00007fc4f863f749
[   71.650321][ T5530] RDX: 00002000000001c0 RSI: 0000000040082406 RDI: 0000000000000003
[   71.650367][ T5530] RBP: 00007fc4f70a7090 R08: 0000000000000000 R09: 0000000000000000
[   71.650381][ T5530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.650394][ T5530] R13: 00007fc4f8896038 R14: 00007fc4f8895fa0 R15: 00007ffd5d92d4f8
[   71.650415][ T5530]  </TASK>
[   71.907786][ T5534] siw: device registration error -23
[   72.276553][ T5526] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[   72.283105][ T5526] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   72.290631][ T5526] vhci_hcd vhci_hcd.0: Device attached
[   72.383730][ T5533] vhci_hcd: connection closed
[   72.383905][ T3501] vhci_hcd: stop threads
[   72.393050][ T3501] vhci_hcd: release socket
[   72.393066][ T3501] vhci_hcd: disconnect device
[   72.414429][ T5546] loop3: detected capacity change from 0 to 256
[   72.477101][ T5522] Set syz1 is full, maxelem 65536 reached
[   72.686688][ T3395] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   72.695109][ T3395] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   72.805507][ T5553] loop2: detected capacity change from 0 to 2048
[   72.821408][ T5561] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5561 comm=syz.0.600
[   72.835068][ T5561] netlink: 'syz.0.600': attribute type 1 has an invalid length.
[   72.870787][ T4218]  loop2: p1 < > p4
[   72.875700][ T4218] loop2: p4 size 722688 extends beyond EOD, truncated
[   72.892516][ T5553]  loop2: p1 < > p4
[   72.917226][ T5553] loop2: p4 size 722688 extends beyond EOD, truncated
[   72.932628][   T29] kauditd_printk_skb: 357 callbacks suppressed
[   72.932644][   T29] audit: type=1326 audit(1764271589.926:2934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5567 comm="syz.0.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4f863f749 code=0x7ffc0000
[   72.962581][   T29] audit: type=1326 audit(1764271589.926:2935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5567 comm="syz.0.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4f863f749 code=0x7ffc0000
[   73.074976][   T29] audit: type=1326 audit(1764271589.926:2936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5567 comm="syz.0.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4f863f749 code=0x7ffc0000
[   73.098384][   T29] audit: type=1326 audit(1764271589.926:2937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5567 comm="syz.0.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4f863f749 code=0x7ffc0000
[   73.121729][   T29] audit: type=1326 audit(1764271589.926:2938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5567 comm="syz.0.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7fc4f863f749 code=0x7ffc0000
[   73.126403][ T5570] ------------[ cut here ]------------
[   73.145098][   T29] audit: type=1326 audit(1764271589.926:2939): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5567 comm="syz.0.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4f863f749 code=0x7ffc0000
[   73.150565][ T5570] verifier bug: REG INVARIANTS VIOLATION (true_reg1): range bounds violation u64=[0xffffdfcd, 0xffffffffffffdfcc] s64=[0x80000000ffffdfcd, 0x7fffffffffffdfcc] u32=[0xffffdfcd, 0xffffdfcc] s32=[0xffffdfcd, 0xffffdfcc] var_off=(0xffffdfcc, 0xffffffff00000000)
[   73.150869][ T5570] WARNING: CPU: 1 PID: 5570 at kernel/bpf/verifier.c:2721 reg_bounds_sanity_check+0x673/0x680
[   73.174067][   T29] audit: type=1326 audit(1764271589.926:2940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5567 comm="syz.0.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4f863f749 code=0x7ffc0000
[   73.198719][ T5570] Modules linked in:
[   73.198739][ T5570] CPU: 1 UID: 0 PID: 5570 Comm: syz.3.604 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   73.198769][ T5570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   73.198798][ T5570] RIP: 0010:reg_bounds_sanity_check+0x673/0x680
[   73.198832][ T5570] Code: 7c 24 18 41 ff 74 24 20 55 41 56 4d 89 ee 53 48 8b 5c 24 30 ff 74 24 40 ff 74 24 50 ff 74 24 30 e8 f2 f6 ba ff 48 83 c4 38 90 <0f> 0b 90 90 e9 02 fb ff ff 0f 1f 40 00 90 90 90 90 90 90 90 90 90
[   73.198852][ T5570] RSP: 0018:ffffc90000e8b408 EFLAGS: 00010282
[   73.198871][ T5570] RAX: e7a789fec42f8300 RBX: ffff888119233270 RCX: 0000000000080000
[   73.198885][ T5570] RDX: ffffc90005e58000 RSI: 0000000000070b16 RDI: 0000000000070b17
[   73.198907][ T5570] RBP: 00000000ffffdfcc R08: 0001ffff8684810f R09: 0000000000000000
[   73.198923][ T5570] R10: 00000000ffffffff R11: 0000000000000002 R12: ffff888119233230
[   73.198938][ T5570] R13: ffff8881248c0000 R14: ffff8881248c0000 R15: ffff888119233268
[   73.198953][ T5570] FS:  00007f4de87d76c0(0000) GS:ffff8882aef11000(0000) knlGS:0000000000000000
[   73.198972][ T5570] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   73.198986][ T5570] CR2: 0000200000001000 CR3: 000000011a5b6000 CR4: 00000000003506f0
[   73.199007][ T5570] DR0: 0000000000000002 DR1: 0000000000000000 DR2: 0000000000000000
[   73.209362][   T29] audit: type=1326 audit(1764271589.926:2941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5567 comm="syz.0.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc4f863f749 code=0x7ffc0000
[   73.232707][ T5570] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[   73.236768][   T29] audit: type=1326 audit(1764271589.926:2942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5567 comm="syz.0.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4f863f749 code=0x7ffc0000
[   73.246580][ T5570] Call Trace:
[   73.246588][ T5570]  <TASK>
[   73.256713][   T29] audit: type=1326 audit(1764271589.926:2943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5567 comm="syz.0.603" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc4f863f749 code=0x7ffc0000
[   73.445543][ T5570]  reg_set_min_max+0x1c1/0x260
[   73.450362][ T5570]  check_cond_jmp_op+0x1370/0x19e0
[   73.455591][ T5570]  do_check+0x3363/0x8460
[   73.460034][ T5570]  do_check_common+0xc5e/0x12b0
[   73.464942][ T5570]  bpf_check+0xaaae/0xd9d0
[   73.469402][ T5570]  ? __alloc_frozen_pages_noprof+0x188/0x360
[   73.475536][ T5570]  ? alloc_pages_bulk_noprof+0x4a6/0x530
[   73.481378][ T5570]  ? __vmap_pages_range_noflush+0xbc4/0xcf0
[   73.487419][ T5570]  ? try_charge_memcg+0x215/0xa10
[   73.492596][ T5570]  ? _find_next_zero_bit+0x64/0xa0
[   73.497746][ T5570]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[   73.503889][ T5570]  ? pcpu_block_update_hint_alloc+0x63d/0x660
[   73.510063][ T5570]  ? css_rstat_updated+0xb7/0x240
[   73.515139][ T5570]  ? __rcu_read_unlock+0x4f/0x70
[   73.520158][ T5570]  ? pcpu_memcg_post_alloc_hook+0xf1/0x150
[   73.526032][ T5570]  ? bpf_prog_alloc+0x5b/0x150
[   73.530867][ T5570]  ? pcpu_alloc_noprof+0xd29/0x1250
[   73.536103][ T5570]  ? should_fail_ex+0x30/0x280
[   73.539759][ T4138] udevd[4138]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[   73.540918][ T5570]  ? should_failslab+0x8c/0xb0
[   73.555610][ T5570]  ? __kmalloc_noprof+0x2a2/0x570
[   73.560777][ T5570]  ? security_bpf_prog_load+0x60/0x140
[   73.566267][ T5570]  ? selinux_bpf_prog_load+0xad/0xd0
[   73.571676][ T5570]  ? security_bpf_prog_load+0x9e/0x140
[   73.573601][ T4218] udevd[4218]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   73.577365][ T5570]  bpf_prog_load+0xf6e/0x1100
[   73.592276][ T5570]  ? security_bpf+0x2b/0x90
[   73.596816][ T5570]  __sys_bpf+0x469/0x7c0
[   73.601222][ T5570]  __x64_sys_bpf+0x41/0x50
[   73.605784][ T5570]  x64_sys_call+0x2aee/0x3000
[   73.610493][ T5570]  do_syscall_64+0xd2/0x200
[   73.615067][ T5570]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   73.621271][ T5570]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   73.627057][ T5570]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.633014][ T5570] RIP: 0033:0x7f4de9d6f749
[   73.637508][ T5570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.657290][ T5570] RSP: 002b:00007f4de87d7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   73.665744][ T5570] RAX: ffffffffffffffda RBX: 00007f4de9fc5fa0 RCX: 00007f4de9d6f749
[   73.673792][ T5570] RDX: 0000000000000049 RSI: 0000200000000140 RDI: 0000000000000005
[   73.681890][ T5570] RBP: 00007f4de9df3f91 R08: 0000000000000000 R09: 0000000000000000
[   73.689858][ T5570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   73.697946][ T5570] R13: 00007f4de9fc6038 R14: 00007f4de9fc5fa0 R15: 00007ffcb82c92c8
[   73.706072][ T5570]  </TASK>
[   73.709091][ T5570] ---[ end trace 0000000000000000 ]---
[   73.722358][ T5581] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[   73.730720][ T5581] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[   73.765184][ T5583] batadv_slave_1: entered promiscuous mode
[   74.005427][ T5605] FAULT_INJECTION: forcing a failure.
[   74.005427][ T5605] name failslab, interval 1, probability 0, space 0, times 0
[   74.018179][ T5605] CPU: 1 UID: 0 PID: 5605 Comm: syz.0.617 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   74.018287][ T5605] Tainted: [W]=WARN
[   74.018295][ T5605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   74.018387][ T5605] Call Trace:
[   74.018394][ T5605]  <TASK>
[   74.018402][ T5605]  __dump_stack+0x1d/0x30
[   74.018426][ T5605]  dump_stack_lvl+0xe8/0x140
[   74.018449][ T5605]  dump_stack+0x15/0x1b
[   74.018468][ T5605]  should_fail_ex+0x265/0x280
[   74.018527][ T5605]  should_failslab+0x8c/0xb0
[   74.018559][ T5605]  __kvmalloc_node_noprof+0x12e/0x670
[   74.018595][ T5605]  ? xt_alloc_table_info+0x40/0x80
[   74.018645][ T5605]  xt_alloc_table_info+0x40/0x80
[   74.018682][ T5605]  do_ipt_set_ctl+0x59c/0x820
[   74.018703][ T5605]  ? _raw_spin_unlock_bh+0x36/0x40
[   74.018726][ T5605]  ? tcp_release_cb+0xf1/0x370
[   74.018746][ T5605]  nf_setsockopt+0x199/0x1b0
[   74.018811][ T5605]  ip_setsockopt+0x102/0x110
[   74.018918][ T5605]  tcp_setsockopt+0x98/0xb0
[   74.019079][ T5605]  sock_common_setsockopt+0x69/0x80
[   74.019105][ T5605]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   74.019128][ T5605]  smc_setsockopt+0x183/0x750
[   74.019213][ T5605]  ? __pfx_smc_setsockopt+0x10/0x10
[   74.019293][ T5605]  __sys_setsockopt+0x184/0x200
[   74.019434][ T5605]  __x64_sys_setsockopt+0x64/0x80
[   74.019469][ T5605]  x64_sys_call+0x20ec/0x3000
[   74.019489][ T5605]  do_syscall_64+0xd2/0x200
[   74.019508][ T5605]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   74.019580][ T5605]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   74.019617][ T5605]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.019670][ T5605] RIP: 0033:0x7fc4f863f749
[   74.019690][ T5605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.019706][ T5605] RSP: 002b:00007fc4f70a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   74.019728][ T5605] RAX: ffffffffffffffda RBX: 00007fc4f8895fa0 RCX: 00007fc4f863f749
[   74.019743][ T5605] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003
[   74.019757][ T5605] RBP: 00007fc4f70a7090 R08: 00000000000002f8 R09: 0000000000000000
[   74.019807][ T5605] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[   74.019821][ T5605] R13: 00007fc4f8896038 R14: 00007fc4f8895fa0 R15: 00007ffd5d92d4f8
[   74.019839][ T5605]  </TASK>
[   74.253443][ T5583] loop4: detected capacity change from 0 to 8192
[   74.322611][ T5612] lo speed is unknown, defaulting to 1000
[   74.593170][ T5583] vfat: Unknown parameter 'ÿÿ0xffffffffffffffff'
[   74.603452][ T5601] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(8)
[   74.610032][ T5601] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   74.617463][ T5601] vhci_hcd vhci_hcd.0: Device attached
[   74.850496][ T5606] vhci_hcd: connection closed
[   74.851674][ T2637] vhci_hcd: stop threads
[   74.860718][ T2637] vhci_hcd: release socket
[   74.865162][ T2637] vhci_hcd: disconnect device
[   74.874483][ T5583] netlink: 188 bytes leftover after parsing attributes in process `syz.4.609'.
[   74.930784][ T3409] vhci_hcd: vhci_device speed not set
[   74.961050][ T5617] netlink: 12 bytes leftover after parsing attributes in process `syz.0.619'.
[   74.970043][ T5617] netlink: 12 bytes leftover after parsing attributes in process `syz.0.619'.
[   75.046580][ T5621] loop2: detected capacity change from 0 to 1024
[   75.112806][ T5621] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.114402][ T5597] Set syz1 is full, maxelem 65536 reached
[   75.144543][ T5622] lo speed is unknown, defaulting to 1000
[   75.191070][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.492475][ T5641] loop3: detected capacity change from 0 to 512
[   75.581244][ T5643] loop3: detected capacity change from 0 to 1024
[   75.599195][ T5643] EXT4-fs: inline encryption not supported
[   75.615964][ T5643] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.733236][ T5655] netlink: 'syz.2.633': attribute type 1 has an invalid length.
[   75.743863][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.764716][ T5655] 8021q: adding VLAN 0 to HW filter on device bond1
[   75.926065][ T5667] FAULT_INJECTION: forcing a failure.
[   75.926065][ T5667] name failslab, interval 1, probability 0, space 0, times 0
[   75.938833][ T5667] CPU: 1 UID: 0 PID: 5667 Comm: syz.0.638 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   75.938868][ T5667] Tainted: [W]=WARN
[   75.938875][ T5667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   75.938905][ T5667] Call Trace:
[   75.938912][ T5667]  <TASK>
[   75.938921][ T5667]  __dump_stack+0x1d/0x30
[   75.938946][ T5667]  dump_stack_lvl+0xe8/0x140
[   75.939020][ T5667]  dump_stack+0x15/0x1b
[   75.939040][ T5667]  should_fail_ex+0x265/0x280
[   75.939122][ T5667]  should_failslab+0x8c/0xb0
[   75.939171][ T5667]  __kmalloc_noprof+0xa5/0x570
[   75.939200][ T5667]  ? iovec_from_user+0x84/0x210
[   75.939226][ T5667]  ? __rcu_read_unlock+0x4f/0x70
[   75.939253][ T5667]  iovec_from_user+0x84/0x210
[   75.939288][ T5667]  __import_iovec+0xf3/0x540
[   75.939312][ T5667]  ? aio_write+0x39e/0x410
[   75.939359][ T5667]  ? aio_prep_rw+0x551/0x5a0
[   75.939449][ T5667]  aio_read+0x135/0x2e0
[   75.939495][ T5667]  io_submit_one+0xab2/0x11d0
[   75.939539][ T5667]  __se_sys_io_submit+0xfb/0x280
[   75.939571][ T5667]  __x64_sys_io_submit+0x43/0x50
[   75.939650][ T5667]  x64_sys_call+0x2d6c/0x3000
[   75.939673][ T5667]  do_syscall_64+0xd2/0x200
[   75.939694][ T5667]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   75.939722][ T5667]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   75.939809][ T5667]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.939829][ T5667] RIP: 0033:0x7fc4f863f749
[   75.939865][ T5667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.939883][ T5667] RSP: 002b:00007fc4f70a7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[   75.939905][ T5667] RAX: ffffffffffffffda RBX: 00007fc4f8895fa0 RCX: 00007fc4f863f749
[   75.939919][ T5667] RDX: 0000200000000240 RSI: 0000000000000002 RDI: 00007fc4f93cf000
[   75.939932][ T5667] RBP: 00007fc4f70a7090 R08: 0000000000000000 R09: 0000000000000000
[   75.939946][ T5667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.939959][ T5667] R13: 00007fc4f8896038 R14: 00007fc4f8895fa0 R15: 00007ffd5d92d4f8
[   75.939987][ T5667]  </TASK>
[   76.174168][ T5673] FAULT_INJECTION: forcing a failure.
[   76.174168][ T5673] name failslab, interval 1, probability 0, space 0, times 0
[   76.177097][ T5671] sd 0:0:1:0: device reset
[   76.187039][ T5673] CPU: 1 UID: 0 PID: 5673 Comm: syz.2.639 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   76.187072][ T5673] Tainted: [W]=WARN
[   76.187079][ T5673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   76.187090][ T5673] Call Trace:
[   76.187097][ T5673]  <TASK>
[   76.187105][ T5673]  __dump_stack+0x1d/0x30
[   76.187139][ T5673]  dump_stack_lvl+0xe8/0x140
[   76.187159][ T5673]  dump_stack+0x15/0x1b
[   76.187209][ T5673]  should_fail_ex+0x265/0x280
[   76.187227][ T5673]  ? sctp_association_new+0x71/0x1200
[   76.187251][ T5673]  should_failslab+0x8c/0xb0
[   76.187279][ T5673]  __kmalloc_cache_noprof+0x4c/0x4a0
[   76.187316][ T5673]  sctp_association_new+0x71/0x1200
[   76.187341][ T5673]  ? __ipv6_addr_type+0x1ed/0x210
[   76.187393][ T5673]  sctp_connect_new_asoc+0x1a8/0x3a0
[   76.187420][ T5673]  sctp_sendmsg+0xf10/0x18d0
[   76.187443][ T5673]  ? selinux_socket_sendmsg+0x111/0x1b0
[   76.187487][ T5673]  ? __pfx_sctp_sendmsg+0x10/0x10
[   76.187516][ T5673]  inet_sendmsg+0xc5/0xd0
[   76.187538][ T5673]  __sock_sendmsg+0x102/0x180
[   76.187562][ T5673]  __sys_sendto+0x268/0x330
[   76.187654][ T5673]  __x64_sys_sendto+0x76/0x90
[   76.187681][ T5673]  x64_sys_call+0x2d14/0x3000
[   76.187702][ T5673]  do_syscall_64+0xd2/0x200
[   76.187754][ T5673]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   76.187781][ T5673]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   76.187811][ T5673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   76.187831][ T5673] RIP: 0033:0x7f7938fdf749
[   76.187917][ T5673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   76.187934][ T5673] RSP: 002b:00007f7937a3f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   76.188014][ T5673] RAX: ffffffffffffffda RBX: 00007f7939235fa0 RCX: 00007f7938fdf749
[   76.188027][ T5673] RDX: 0000000000000001 RSI: 0000200000000180 RDI: 0000000000000003
[   76.188160][ T5673] RBP: 00007f7937a3f090 R08: 0000200000000200 R09: 000000000000001c
[   76.188172][ T5673] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000001
[   76.188184][ T5673] R13: 00007f7939236038 R14: 00007f7939235fa0 R15: 00007ffc855143e8
[   76.188202][ T5673]  </TASK>
[   76.359780][ T5678] ip6_vti0 speed is unknown, defaulting to 1000
[   76.422188][ T5678] ip6_vti0 speed is unknown, defaulting to 1000
[   76.428790][ T5678] ip6_vti0 speed is unknown, defaulting to 1000
[   76.468346][ T5678] infiniband syz2: set down
[   76.472996][ T5678] infiniband syz2: added ip6_vti0
[   76.478975][ T3409] ip6_vti0 speed is unknown, defaulting to 1000
[   76.488652][ T5680] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5680 comm=syz.0.642
[   76.495047][ T5678] RDS/IB: syz2: added
[   76.509618][ T5678] smc: adding ib device syz2 with port count 1
[   76.516270][ T5678] smc:    ib device syz2 port 1 has no pnetid
[   76.522486][ T3409] ip6_vti0 speed is unknown, defaulting to 1000
[   76.529087][ T5678] ip6_vti0 speed is unknown, defaulting to 1000
[   76.559400][ T5680] netlink: 'syz.0.642': attribute type 1 has an invalid length.
[   76.574992][ T5678] ip6_vti0 speed is unknown, defaulting to 1000
[   76.620825][ T5678] ip6_vti0 speed is unknown, defaulting to 1000
[   76.657755][ T5678] ip6_vti0 speed is unknown, defaulting to 1000
[   76.693708][ T5678] ip6_vti0 speed is unknown, defaulting to 1000
[   76.786446][ T5582] batadv_slave_1: left promiscuous mode
[   76.924096][ T5705] netlink: 12 bytes leftover after parsing attributes in process `syz.5.646'.
[   76.933066][ T5705] netlink: 12 bytes leftover after parsing attributes in process `syz.5.646'.
[   76.945681][ T5709] netlink: 'syz.4.650': attribute type 10 has an invalid length.
[   76.954171][ T5709] netlink: 40 bytes leftover after parsing attributes in process `syz.4.650'.
[   76.979452][ T5713] netlink: 'syz.3.652': attribute type 13 has an invalid length.
[   76.991644][ T5705] loop5: detected capacity change from 0 to 512
[   77.044982][ T5705] EXT4-fs (loop5): revision level too high, forcing read-only mode
[   77.061060][ T5705] EXT4-fs (loop5): orphan cleanup on readonly fs
[   77.061907][ T5721] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5721 comm=syz.3.654
[   77.071469][ T5705] EXT4-fs error (device loop5): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[   77.083641][ T5723] loop2: detected capacity change from 0 to 1024
[   77.097762][ T5705] EXT4-fs (loop5): Remounting filesystem read-only
[   77.103317][ T5721] netlink: 'syz.3.654': attribute type 1 has an invalid length.
[   77.104501][ T5705] EXT4-fs (loop5): 1 truncate cleaned up
[   77.119975][ T5723] EXT4-fs: inline encryption not supported
[   77.145811][   T52] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   77.156413][   T52] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   77.167198][   T52] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[   77.177966][ T5705] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   77.191227][ T5705] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.241859][ T5731] batadv_slave_1: entered promiscuous mode
[   77.246826][ T5729] FAULT_INJECTION: forcing a failure.
[   77.246826][ T5729] name failslab, interval 1, probability 0, space 0, times 0
[   77.249097][ T5723] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.260725][ T5729] CPU: 1 UID: 0 PID: 5729 Comm: syz.4.657 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   77.260833][ T5729] Tainted: [W]=WARN
[   77.260840][ T5729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   77.260851][ T5729] Call Trace:
[   77.260857][ T5729]  <TASK>
[   77.260864][ T5729]  __dump_stack+0x1d/0x30
[   77.260886][ T5729]  dump_stack_lvl+0xe8/0x140
[   77.260905][ T5729]  dump_stack+0x15/0x1b
[   77.260956][ T5729]  should_fail_ex+0x265/0x280
[   77.260982][ T5729]  should_failslab+0x8c/0xb0
[   77.261008][ T5729]  __kmalloc_noprof+0xa5/0x570
[   77.261035][ T5729]  ? iter_file_splice_write+0xf9/0xa60
[   77.261089][ T5729]  iter_file_splice_write+0xf9/0xa60
[   77.261111][ T5729]  ? shmem_file_read_iter+0x488/0x540
[   77.261194][ T5729]  ? copy_splice_read+0x623/0x660
[   77.261216][ T5729]  ? copy_splice_read+0x623/0x660
[   77.261239][ T5729]  ? __pfx_iter_file_splice_write+0x10/0x10
[   77.261334][ T5729]  direct_splice_actor+0x156/0x2a0
[   77.261388][ T5729]  ? shmem_file_splice_read+0x1/0x600
[   77.261417][ T5729]  splice_direct_to_actor+0x312/0x680
[   77.261440][ T5729]  ? __pfx_direct_splice_actor+0x10/0x10
[   77.261509][ T5729]  do_splice_direct+0xda/0x150
[   77.261530][ T5729]  ? __pfx_direct_file_splice_eof+0x10/0x10
[   77.261556][ T5729]  do_sendfile+0x380/0x650
[   77.261604][ T5729]  __x64_sys_sendfile64+0x105/0x150
[   77.261633][ T5729]  x64_sys_call+0x2bb4/0x3000
[   77.261662][ T5729]  do_syscall_64+0xd2/0x200
[   77.261682][ T5729]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   77.261722][ T5729]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   77.261753][ T5729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   77.261774][ T5729] RIP: 0033:0x7fd2a2bef749
[   77.261858][ T5729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   77.261875][ T5729] RSP: 002b:00007fd2a164f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[   77.261968][ T5729] RAX: ffffffffffffffda RBX: 00007fd2a2e45fa0 RCX: 00007fd2a2bef749
[   77.261981][ T5729] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000005
[   77.261993][ T5729] RBP: 00007fd2a164f090 R08: 0000000000000000 R09: 0000000000000000
[   77.262037][ T5729] R10: 00008000fffffffc R11: 0000000000000246 R12: 0000000000000001
[   77.262049][ T5729] R13: 00007fd2a2e46038 R14: 00007fd2a2e45fa0 R15: 00007fff5314aad8
[   77.262066][ T5729]  </TASK>
[   77.281162][ T5729] loop4: detected capacity change from 0 to 512
[   77.329930][ T5705] lo speed is unknown, defaulting to 1000
[   77.343209][ T5729] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[   77.348626][ T5705] ip6_vti0 speed is unknown, defaulting to 1000
[   77.422389][ T3320] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.551118][ T5729] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=42c028, mo2=0002]
[   77.609799][ T5729] EXT4-fs (loop4): orphan cleanup on readonly fs
[   77.645292][ T5729] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.657: Allocating blocks 41-42 which overlap fs metadata
[   77.697656][ T5729] EXT4-fs (loop4): Remounting filesystem read-only
[   77.698670][ T5742] netlink: 'syz.0.660': attribute type 11 has an invalid length.
[   77.712201][ T5731] loop3: detected capacity change from 0 to 8192
[   77.719030][ T5731] vfat: Unknown parameter 'ÿÿ0xffffffffffffffff'
[   77.749422][ T5729] EXT4-fs (loop4): 1 truncate cleaned up
[   77.786398][ T5729] EXT4-fs (loop4): pa ffff888106a9b070: logic 1, phys. 41, len 23
[   77.803607][ T5731] netlink: 188 bytes leftover after parsing attributes in process `syz.3.658'.
[   77.820306][ T5729] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   77.849683][ T5753] netlink: 'syz.5.664': attribute type 13 has an invalid length.
[   77.911333][ T5729] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.956611][ T5729] syz.4.657 (5729) used greatest stack depth: 10160 bytes left
[   77.970997][   T29] kauditd_printk_skb: 351 callbacks suppressed
[   77.971012][   T29] audit: type=1326 audit(1764271594.956:3287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5752 comm="syz.5.664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f0383b0f749 code=0x7ffc0000
[   78.088844][ T5761] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5761 comm=syz.4.668
[   78.119089][ T5761] netlink: 'syz.4.668': attribute type 1 has an invalid length.
[   78.167828][ T5765] loop4: detected capacity change from 0 to 1024
[   78.186260][ T5766] netlink: 12 bytes leftover after parsing attributes in process `syz.2.663'.
[   78.195358][ T5766] netlink: 12 bytes leftover after parsing attributes in process `syz.2.663'.
[   78.206481][ T5765] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.229635][ T5766] loop2: detected capacity change from 0 to 512
[   78.251972][ T5766] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   78.267932][ T5766] EXT4-fs (loop2): orphan cleanup on readonly fs
[   78.280396][ T5766] EXT4-fs error (device loop2): ext4_do_update_inode:5632: inode #16: comm +}[@: corrupted inode contents
[   78.301335][ T5766] EXT4-fs (loop2): Remounting filesystem read-only
[   78.324934][ T5766] EXT4-fs (loop2): 1 truncate cleaned up
[   78.331744][ T3501] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   78.342401][ T3501] Quota error (device loop2): write_blk: dquota write failed
[   78.349796][ T3501] Quota error (device loop2): remove_free_dqentry: Can't write block (5) with free entries
[   78.359904][ T3501] EXT4-fs (loop2): Quota write (off=5120, len=1024) cancelled because transaction is not started
[   78.370548][ T3501] Quota error (device loop2): write_blk: dquota write failed
[   78.377943][ T3501] Quota error (device loop2): free_dqentry: Can't move quota data block (5) to free list
[   78.469634][ T3501] EXT4-fs (loop2): Quota write (off=8, len=24) cancelled because transaction is not started
[   78.479792][ T3501] Quota error (device loop2): v2_write_file_info: Can't write info structure
[   78.499216][ T3501] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   78.520264][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.531299][ T5766] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   78.557128][ T5775] netlink: 'syz.4.670': attribute type 10 has an invalid length.
[   78.565299][ T5775] netlink: 40 bytes leftover after parsing attributes in process `syz.4.670'.
[   78.577477][ T5766] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.670510][ T5777] loop4: detected capacity change from 0 to 512
[   78.678732][ T5766] lo speed is unknown, defaulting to 1000
[   78.701616][ T5766] ip6_vti0 speed is unknown, defaulting to 1000
[   78.710094][ T5777] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #15: comm syz.4.671: inode has both inline data and extents flags
[   78.731213][ T5777] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.671: couldn't read orphan inode 15 (err -117)
[   78.755328][ T5777] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.324305][ T5789] loop5: detected capacity change from 0 to 512
[   79.331532][ T5789] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[   79.349506][ T5789] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=42c028, mo2=0002]
[   79.360905][ T5789] EXT4-fs (loop5): orphan cleanup on readonly fs
[   79.368065][ T5789] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4193: comm syz.5.674: Allocating blocks 41-42 which overlap fs metadata
[   79.382405][ T5789] EXT4-fs (loop5): Remounting filesystem read-only
[   79.389069][ T5789] Quota error (device loop5): write_blk: dquota write failed
[   79.396489][ T5789] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[   79.406638][ T5789] EXT4-fs (loop5): 1 truncate cleaned up
[   79.412768][ T5789] EXT4-fs (loop5): pa ffff888106a9b070: logic 1, phys. 41, len 23
[   79.412943][ T5791] netlink: 12 bytes leftover after parsing attributes in process `syz.0.672'.
[   79.421079][ T5789] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   79.429517][ T5791] netlink: 12 bytes leftover after parsing attributes in process `syz.0.672'.
[   79.451692][ T5789] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.475959][ T5791] lo speed is unknown, defaulting to 1000
[   79.485691][ T5791] ip6_vti0 speed is unknown, defaulting to 1000
[   79.546130][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.617980][ T5795] netlink: 'syz.2.676': attribute type 13 has an invalid length.
[   79.645958][   T29] audit: type=1326 audit(1764271596.636:3288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5794 comm="syz.2.676" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7938fdf749 code=0x7ffc0000
[   79.687951][ T5805] loop5: detected capacity change from 0 to 1024
[   79.718313][ T5805] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.737848][ T5810] loop2: detected capacity change from 0 to 136
[   79.744734][ T5810] iso9660: Unknown parameter '@
'
[   79.802009][ T5816] netlink: 8 bytes leftover after parsing attributes in process `syz.4.684'.
[   79.849596][ T4315] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.983217][ T5821] SELinux:  policydb table sizes (0,0) do not match mine (8,7)
[   79.991183][ T5821] SELinux: failed to load policy
[   80.102301][ T5833] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5833 comm=syz.4.690
[   80.182372][ T5813] Set syz1 is full, maxelem 65536 reached
[   80.200050][ T5817] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[   80.206633][ T5817] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   80.214164][ T5817] vhci_hcd vhci_hcd.0: Device attached
[   80.240986][ T5730] batadv_slave_1: left promiscuous mode
[   80.246814][ T5836] vhci_hcd: connection closed
[   80.247057][ T3501] vhci_hcd: stop threads
[   80.256185][ T3501] vhci_hcd: release socket
[   80.260740][ T3501] vhci_hcd: disconnect device
[   80.327895][ T5858] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5858 comm=syz.5.701
[   80.353053][ T5862] loop4: detected capacity change from 0 to 512
[   80.373926][ T5862] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.395398][ T5862] ext4 filesystem being mounted at /156/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.406105][ T5871] loop5: detected capacity change from 0 to 1024
[   80.414996][ T5871] EXT4-fs: inline encryption not supported
[   80.416268][ T5862] FAULT_INJECTION: forcing a failure.
[   80.416268][ T5862] name failslab, interval 1, probability 0, space 0, times 0
[   80.433621][ T5862] CPU: 0 UID: 0 PID: 5862 Comm: syz.4.702 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   80.433719][ T5862] Tainted: [W]=WARN
[   80.433727][ T5862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   80.433739][ T5862] Call Trace:
[   80.433747][ T5862]  <TASK>
[   80.433756][ T5862]  __dump_stack+0x1d/0x30
[   80.433782][ T5862]  dump_stack_lvl+0xe8/0x140
[   80.433804][ T5862]  dump_stack+0x15/0x1b
[   80.433861][ T5862]  should_fail_ex+0x265/0x280
[   80.433885][ T5862]  should_failslab+0x8c/0xb0
[   80.433913][ T5862]  kmem_cache_alloc_noprof+0x50/0x480
[   80.433955][ T5862]  ? getname_flags+0x80/0x3b0
[   80.433983][ T5862]  getname_flags+0x80/0x3b0
[   80.434010][ T5862]  __x64_sys_mknodat+0x4f/0x70
[   80.434085][ T5862]  x64_sys_call+0x2ed7/0x3000
[   80.434153][ T5862]  do_syscall_64+0xd2/0x200
[   80.434234][ T5862]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   80.434263][ T5862]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   80.434368][ T5862]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.434390][ T5862] RIP: 0033:0x7fd2a2bef749
[   80.434409][ T5862] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   80.434430][ T5862] RSP: 002b:00007fd2a164f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000103
[   80.434510][ T5862] RAX: ffffffffffffffda RBX: 00007fd2a2e45fa0 RCX: 00007fd2a2bef749
[   80.434523][ T5862] RDX: 00000000000011c0 RSI: 0000200000000140 RDI: ffffffffffffff9c
[   80.434538][ T5862] RBP: 00007fd2a164f090 R08: 0000000000000000 R09: 0000000000000000
[   80.434585][ T5862] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.434599][ T5862] R13: 00007fd2a2e46038 R14: 00007fd2a2e45fa0 R15: 00007fff5314aad8
[   80.434618][ T5862]  </TASK>
[   80.620012][ T5871] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.634292][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.653032][ T3402] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x4
[   80.660954][ T3402] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x2
[   80.668855][ T3402] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   80.676655][ T3402] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   80.684475][ T3402] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   80.692667][ T3402] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   80.700507][ T3402] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   80.708278][ T3402] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   80.716045][ T3402] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   80.723805][ T3402] hid-generic 0000:3000000:0000.0002: unknown main item tag 0x0
[   80.732417][ T3402] hid-generic 0000:3000000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[   80.732495][ T4315] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.773539][ T5881] fido_id[5881]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   80.835207][ T5885] batadv_slave_1: entered promiscuous mode
[   80.898534][ T5892] validate_nla: 4 callbacks suppressed
[   80.898624][ T5892] netlink: 'syz.2.710': attribute type 13 has an invalid length.
[   80.934469][ T5897] loop3: detected capacity change from 0 to 1024
[   80.951385][ T3005] udevd[3005]: worker [4218] terminated by signal 33 (Unknown signal 33)
[   80.957182][ T5897] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.959962][ T3005] udevd[3005]: worker [4218] failed while handling '/devices/virtual/block/loop3'
[   81.008558][ T5885] loop5: detected capacity change from 0 to 8192
[   81.015682][ T5885] vfat: Unknown parameter 'ÿÿ0xffffffffffffffff'
[   81.038765][ T3324] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.066777][ T5903] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5903 comm=syz.3.714
[   81.088694][ T5903] netlink: 'syz.3.714': attribute type 1 has an invalid length.
[   81.096403][ T5901] sd 0:0:1:0: device reset
[   81.188323][ T5917] FAULT_INJECTION: forcing a failure.
[   81.188323][ T5917] name failslab, interval 1, probability 0, space 0, times 0
[   81.201154][ T5917] CPU: 0 UID: 0 PID: 5917 Comm: syz.3.717 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   81.201211][ T5917] Tainted: [W]=WARN
[   81.201218][ T5917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   81.201231][ T5917] Call Trace:
[   81.201238][ T5917]  <TASK>
[   81.201246][ T5917]  __dump_stack+0x1d/0x30
[   81.201267][ T5917]  dump_stack_lvl+0xe8/0x140
[   81.201286][ T5917]  dump_stack+0x15/0x1b
[   81.201304][ T5917]  should_fail_ex+0x265/0x280
[   81.201361][ T5917]  should_failslab+0x8c/0xb0
[   81.201388][ T5917]  __kmalloc_node_track_caller_noprof+0xa5/0x580
[   81.201422][ T5917]  ? sidtab_sid2str_get+0xa0/0x130
[   81.201481][ T5917]  kmemdup_noprof+0x2b/0x70
[   81.201509][ T5917]  sidtab_sid2str_get+0xa0/0x130
[   81.201540][ T5917]  security_sid_to_context_core+0x1eb/0x2e0
[   81.201651][ T5917]  security_sid_to_context+0x27/0x40
[   81.201680][ T5917]  selinux_lsmprop_to_secctx+0x67/0xf0
[   81.201772][ T5917]  security_lsmprop_to_secctx+0x1a3/0x1c0
[   81.201793][ T5917]  audit_log_subj_ctx+0xa4/0x3e0
[   81.201846][ T5917]  ? skb_put+0xa9/0xf0
[   81.201872][ T5917]  audit_log_task_context+0x48/0x70
[   81.201892][ T5917]  audit_log_task+0xf4/0x250
[   81.202026][ T5917]  audit_seccomp+0x61/0x100
[   81.202055][ T5917]  ? __seccomp_filter+0x82d/0x1250
[   81.202084][ T5917]  __seccomp_filter+0x83e/0x1250
[   81.202146][ T5917]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   81.202203][ T5917]  ? vfs_write+0x7e8/0x960
[   81.202228][ T5917]  ? __rcu_read_unlock+0x4f/0x70
[   81.202252][ T5917]  ? sigaltstack_size_valid+0x6f/0xd0
[   81.202406][ T5917]  __secure_computing+0x82/0x150
[   81.202442][ T5917]  syscall_trace_enter+0xcf/0x1e0
[   81.202471][ T5917]  do_syscall_64+0xac/0x200
[   81.202494][ T5917]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   81.202585][ T5917]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   81.202619][ T5917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.202642][ T5917] RIP: 0033:0x7f4de9d6e15c
[   81.202659][ T5917] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   81.202675][ T5917] RSP: 002b:00007f4de87b6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   81.202763][ T5917] RAX: ffffffffffffffda RBX: 00007f4de9fc6090 RCX: 00007f4de9d6e15c
[   81.202777][ T5917] RDX: 000000000000000f RSI: 00007f4de87b60a0 RDI: 0000000000000004
[   81.202858][ T5917] RBP: 00007f4de87b6090 R08: 0000000000000000 R09: 0000000000000000
[   81.202871][ T5917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   81.202884][ T5917] R13: 00007f4de9fc6128 R14: 00007f4de9fc6090 R15: 00007ffcb82c92c8
[   81.202900][ T5917]  </TASK>
[   81.293057][ T5916] Set syz1 is full, maxelem 65536 reached
[   81.562389][ T5926] bond0: (slave bond_slave_1): Releasing backup interface
[   81.603207][ T5916] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[   81.609860][ T5916] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[   81.617344][ T5916] vhci_hcd vhci_hcd.0: Device attached
[   81.634758][ T5929] vhci_hcd: connection closed
[   81.634931][   T41] vhci_hcd: stop threads
[   81.644019][   T41] vhci_hcd: release socket
[   81.644032][   T41] vhci_hcd: disconnect device
[   81.705590][ T5938] netlink: 'syz.0.726': attribute type 13 has an invalid length.
[   81.724970][ T5940] FAULT_INJECTION: forcing a failure.
[   81.724970][ T5940] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   81.738177][ T5940] CPU: 0 UID: 0 PID: 5940 Comm: syz.3.727 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   81.738276][ T5940] Tainted: [W]=WARN
[   81.738281][ T5940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   81.738288][ T5940] Call Trace:
[   81.738293][ T5940]  <TASK>
[   81.738298][ T5940]  __dump_stack+0x1d/0x30
[   81.738314][ T5940]  dump_stack_lvl+0xe8/0x140
[   81.738327][ T5940]  dump_stack+0x15/0x1b
[   81.738412][ T5940]  should_fail_ex+0x265/0x280
[   81.738425][ T5940]  should_fail+0xb/0x20
[   81.738435][ T5940]  should_fail_usercopy+0x1a/0x20
[   81.738448][ T5940]  _copy_from_iter+0xd2/0xe80
[   81.738461][ T5940]  ? __build_skb_around+0x1ab/0x200
[   81.738543][ T5940]  ? __alloc_skb+0x223/0x320
[   81.738566][ T5940]  netlink_sendmsg+0x471/0x6b0
[   81.738581][ T5940]  ? __pfx_netlink_sendmsg+0x10/0x10
[   81.738593][ T5940]  __sock_sendmsg+0x145/0x180
[   81.738608][ T5940]  ____sys_sendmsg+0x31e/0x4e0
[   81.738622][ T5940]  ___sys_sendmsg+0x17b/0x1d0
[   81.738653][ T5940]  __x64_sys_sendmsg+0xd4/0x160
[   81.738667][ T5940]  x64_sys_call+0x191e/0x3000
[   81.738681][ T5940]  do_syscall_64+0xd2/0x200
[   81.738712][ T5940]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   81.738737][ T5940]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   81.738756][ T5940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.738770][ T5940] RIP: 0033:0x7f4de9d6f749
[   81.738781][ T5940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.738823][ T5940] RSP: 002b:00007f4de87d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   81.738836][ T5940] RAX: ffffffffffffffda RBX: 00007f4de9fc5fa0 RCX: 00007f4de9d6f749
[   81.738845][ T5940] RDX: 0000000000000044 RSI: 00002000000007c0 RDI: 0000000000000006
[   81.738853][ T5940] RBP: 00007f4de87d7090 R08: 0000000000000000 R09: 0000000000000000
[   81.738929][ T5940] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.738937][ T5940] R13: 00007f4de9fc6038 R14: 00007f4de9fc5fa0 R15: 00007ffcb82c92c8
[   81.738950][ T5940]  </TASK>
[   81.951790][ T5942] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5942 comm=syz.3.728
[   81.966196][ T5944] FAULT_INJECTION: forcing a failure.
[   81.966196][ T5944] name failslab, interval 1, probability 0, space 0, times 0
[   81.971612][ T5942] netlink: 'syz.3.728': attribute type 1 has an invalid length.
[   81.979176][ T5944] CPU: 0 UID: 0 PID: 5944 Comm: syz.4.729 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   81.979211][ T5944] Tainted: [W]=WARN
[   81.979218][ T5944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   81.979229][ T5944] Call Trace:
[   81.979236][ T5944]  <TASK>
[   81.979244][ T5944]  __dump_stack+0x1d/0x30
[   81.979289][ T5944]  dump_stack_lvl+0xe8/0x140
[   81.979309][ T5944]  dump_stack+0x15/0x1b
[   81.979326][ T5944]  should_fail_ex+0x265/0x280
[   81.979346][ T5944]  should_failslab+0x8c/0xb0
[   81.979379][ T5944]  kmem_cache_alloc_noprof+0x50/0x480
[   81.979524][ T5944]  ? skb_clone+0x151/0x1f0
[   81.979544][ T5944]  skb_clone+0x151/0x1f0
[   81.979562][ T5944]  nfnetlink_rcv+0x2fc/0x16c0
[   81.979588][ T5944]  ? __account_obj_stock+0x211/0x350
[   81.979615][ T5944]  ? obj_cgroup_charge_account+0x122/0x1a0
[   81.979700][ T5944]  ? should_fail_ex+0x30/0x280
[   81.979717][ T5944]  ? xas_load+0x413/0x430
[   81.979734][ T5944]  ? xas_load+0x413/0x430
[   81.979753][ T5944]  ? __rcu_read_unlock+0x4f/0x70
[   81.979778][ T5944]  ? xa_load+0xb1/0xe0
[   81.979844][ T5944]  ? __account_obj_stock+0x211/0x350
[   81.979871][ T5944]  ? obj_cgroup_charge_account+0x122/0x1a0
[   81.979892][ T5944]  ? should_fail_ex+0x30/0x280
[   81.979970][ T5944]  ? __rcu_read_unlock+0x4f/0x70
[   81.980003][ T5944]  ? should_fail_ex+0xdb/0x280
[   81.980026][ T5944]  netlink_unicast+0x5c0/0x690
[   81.980055][ T5944]  netlink_sendmsg+0x58b/0x6b0
[   81.980076][ T5944]  ? __pfx_netlink_sendmsg+0x10/0x10
[   81.980095][ T5944]  __sock_sendmsg+0x145/0x180
[   81.980191][ T5944]  ____sys_sendmsg+0x31e/0x4e0
[   81.980211][ T5944]  ___sys_sendmsg+0x17b/0x1d0
[   81.980239][ T5944]  __x64_sys_sendmsg+0xd4/0x160
[   81.980314][ T5944]  x64_sys_call+0x191e/0x3000
[   81.980372][ T5944]  do_syscall_64+0xd2/0x200
[   81.980391][ T5944]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   81.980417][ T5944]  ? irqentry_exit_to_user_mode+0x7b/0xa0
[   81.980466][ T5944]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.980534][ T5944] RIP: 0033:0x7fd2a2bef749
[   81.980550][ T5944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.980567][ T5944] RSP: 002b:00007fd2a164f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   81.980648][ T5944] RAX: ffffffffffffffda RBX: 00007fd2a2e45fa0 RCX: 00007fd2a2bef749
[   81.980660][ T5944] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[   81.980673][ T5944] RBP: 00007fd2a164f090 R08: 0000000000000000 R09: 0000000000000000
[   81.980749][ T5944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.980761][ T5944] R13: 00007fd2a2e46038 R14: 00007fd2a2e45fa0 R15: 00007fff5314aad8
[   81.980778][ T5944]  </TASK>
[   82.291345][ T5967] ==================================================================
[   82.299473][ T5967] BUG: KCSAN: data-race in mas_state_walk / mas_wr_store_entry
[   82.307026][ T5967] 
[   82.309441][ T5967] write to 0xffff88810940ee00 of 8 bytes by task 5963 on cpu 1:
[   82.317069][ T5967]  mas_wr_store_entry+0x1e0d/0x2750
[   82.322270][ T5967]  mas_store_prealloc+0x760/0xa90
[   82.327297][ T5967]  vma_iter_store_new+0x1c5/0x200
[   82.332326][ T5967]  vma_complete+0x125/0x580
[   82.336832][ T5967]  __split_vma+0x591/0x650
[   82.341325][ T5967]  vma_modify+0x21e/0xc80
[   82.345746][ T5967]  vma_modify_flags+0x101/0x130
[   82.350597][ T5967]  mprotect_fixup+0x2cc/0x570
[   82.355278][ T5967]  do_mprotect_pkey+0x6d6/0x980
[   82.360207][ T5967]  __x64_sys_mprotect+0x48/0x60
[   82.365062][ T5967]  x64_sys_call+0x2752/0x3000
[   82.369754][ T5967]  do_syscall_64+0xd2/0x200
[   82.374259][ T5967]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.380161][ T5967] 
[   82.382491][ T5967] read to 0xffff88810940ee00 of 8 bytes by task 5967 on cpu 0:
[   82.390036][ T5967]  mas_state_walk+0x485/0x650
[   82.394719][ T5967]  mas_walk+0x60/0x150
[   82.398876][ T5967]  lock_vma_under_rcu+0x95/0x1b0
[   82.403915][ T5967]  do_user_addr_fault+0x233/0x1080
[   82.409029][ T5967]  exc_page_fault+0x62/0xa0
[   82.413549][ T5967]  asm_exc_page_fault+0x26/0x30
[   82.418850][ T5967] 
[   82.421184][ T5967] value changed: 0xffff88810017300e -> 0xffff88810940ee00
[   82.428311][ T5967] 
[   82.430638][ T5967] Reported by Kernel Concurrency Sanitizer on:
[   82.436876][ T5967] CPU: 0 UID: 0 PID: 5967 Comm: syz.4.734 Tainted: G        W           syzkaller #0 PREEMPT(voluntary) 
[   82.448300][ T5967] Tainted: [W]=WARN
[   82.452106][ T5967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[   82.462162][ T5967] ==================================================================
[   82.473928][ T5961] __nla_validate_parse: 7 callbacks suppressed
[   82.473946][ T5961] netlink: 40 bytes leftover after parsing attributes in process `syz.3.733'.
[   83.808376][ T5884] batadv_slave_1: left promiscuous mode