last executing test programs:

57.995230788s ago: executing program 4 (id=82):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000400000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r0, 0x0, 0x8000000000}, 0x18)
r1 = fsopen(&(0x7f0000000040)='sockfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
capset(0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x7, @empty, 0x3}, 0x1c)
recvmmsg(r2, &(0x7f0000001540)=[{{0x0, 0x0, 0x0}, 0x7fff}], 0x1, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000240), 0x800, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1b, 0x4, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000ffffffe5000000000000000085000000070000009500000000000000"], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = openat$selinux_access(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
write$selinux_access(r7, &(0x7f0000000740)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a6c645f736f5f7420704a122f7362696e2f6468636c69656e742030"], 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x19, 0x3, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r8}, 0x10)
r9 = socket$inet(0x2, 0x4, 0x0)
setsockopt$IP_VS_SO_SET_EDIT(r9, 0x0, 0x483, &(0x7f0000000300)={0xc7, @private=0xa010101, 0x4e22, 0x4, 'sed\x00', 0x8, 0x2, 0xe}, 0x2c)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
pause()
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6(0xa, 0x1, 0xc)

57.042870203s ago: executing program 4 (id=101):
socket(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYRESDEC, @ANYRES64], 0x48)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x27)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
chmod(0x0, 0x1d)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2eb1, @void, @value}, 0x94)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000b00)=ANY=[@ANYBLOB="20000000130a01010000000000000000020000070900010073797a3000000000c7afec65d1d2f27ad8fafb9384e04f31a364fe4ac94d6acfd66269e246b03d88183e4a9dc32db376a18358149cf270ac0583b80495b6bfafe757857fcce88afa5b817fe2077d5cec55b84c9775f8a9456c1dc36a942504a97bce28155cdeaede615aeed87091e11760eb04ca7084f8721d75a58d0abaade4b121335704ccb6b7c007d1a266724f0a6a9a242c9af9302535739303b9b52d0d98ecaeca75bd4fbd0818353bb11c4edc926f82b5aa761800826317a06dc611c85374a32698362b61ca1fe3c7de22f82fc7c4b529a8ea2ee9778c6c41a74012750c2f1f2e414c60dd0c9530568d6440e878f6f25f4da7b12f3f886169b5151b62e83afe506c18fbb4d45098703ea68deebb45fe196256927030f1361736897e72a6437a80f88035d0a33711b2c00402687a8f4f55950c2be4ecfd7b7807470178e0490d71661dfc9e60e62648"], 0x20}}, 0x0)

56.947180774s ago: executing program 4 (id=104):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$VT_DISALLOCATE(r0, 0x5608)
ioctl$TIOCSSOFTCAR(r0, 0x5453, 0x0)

56.928716905s ago: executing program 4 (id=106):
syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x880000, &(0x7f00000006c0)=ANY=[@ANYRESHEX, @ANYRES32, @ANYRES8, @ANYRES32, @ANYBLOB="b7ad7cd65c46a5be7840094fc88ed3944440d445ac89758d3aa4a6c77ea3e1e50196a99f88ba68f3377383de4de11c07aa5d22d9f4f3c58344d6011b6ea5ee82cf40e4ca5976370cb73c872e576f936791a0ffa5639ac237214be5926acea5405e00f1a144cf7a5240bc1e56ed617e19d6a5a268505f0012b4baf36d3a71eb34c8b67281dbbacb20c3d724ef150deff6f7d908bc72575a1f43b608e0d118", @ANYBLOB="a1fffd2e4c38a7b17fef1a78ad1943012e7b7711a1517cd8b4288a2fbb7d202d8c4a1809add074e6dde0703158125f2f114c49f5ee5f249d63ac0d851c212ccd8d82b7c694ead23c417021e8bc78d646d07e3513568bb81d2179a012dcdcb845b0a58b6d5e46a177de56e3e77ed573967e4eea299078019693ca486edbaa44e947802c7f46f1de18cf7f0e1af02964d04cc84d979855e8d3a3fda262f6a7d2b4b4849fd880c9b9af9be818ba05386754a3505e833ca0b9770f63e91f3a9a04e9fca51d88273d5491ed", @ANYRES8=0x0], 0x0, 0x7e0, &(0x7f0000001580)="$eJzs3U1sHOX5APBnjU3yN39FiKKQRiFMApWCFMx6DaYWB1jWY3tgvWvtritHbQURcZAVBxAUteTQNBdoK6qqpx5pr9x6qVpVKlIPbU+VyqGX3pA4VbRqpapVVcnVzO46/ljbCfkEfj8rntczz7zv86438+zYntkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKJUmy6Xx0tRzxqLS8k2QxGR3NuLnd+2eW1tba3b6vf3/qbFLuNGlPJ/sX9/HOquOnTv5c0H80/H40j3qyOxP1/sjwt3Hbz7yS8MD/X3357wNTt2hXGliO/kSZ07vbq6/NoNSOQm+v6vdts6PGjlv4vv+2zayNrNbL46myZZu5lMTU6WH52baSczWT1tn2p30vmk1kqrnWYrOVF7OBmfmppI0rFTzcXG7HS1nvZXPvFIpVyeTJ4duxgR7Wbj0WfH2rW5rF7PGrNFTKX8zchjnkhq063nsk7SSavzSXJ2ZXV5Yq/Z5UHju2w/8tDdH73x4T9WlvMn5E5Bpd4TszI+XqmMTz4+9fgT5fJwpVzZvKK8RaxHxFBEHnFDnrTcPopD5m6uz4EbroOhXv2PemTRiMVYimTAx0jUYjpa0Yz5/Os/jWyLiLV9G7p9/0uP/vUPu427sf73q/yhy5sPR1H/j3a/OrpT/R+Y6/X8GOrls9P21+PNuBDn4nSsxmosx2s3PKNr/Bi64shj/38FUbORRiOyaEczspiParEm6a1JYiomYzLK8XzMxUy0I4mZyKIeabTjVLSjE2nxjKpFK9KoRiea0YokTkQtHo4kxmMqpmIikkhjLE5FMxajEbMxHdWil7OxUjzuE1vyOvjtF3750h8/ejdvrweN7zKRUv5iLg/6+y5B28r9ldf/tehFqP+fd9f5CA6f3Fq//gMAAACfWaXip+/5+f9I3F+0ZrJ6+tVbnRYAAABwHRW/+T+SL0by1v1Rys//ywMiP7jpuQEAAADXR6m4xq4UEaPxQLfVv1xq0A8BAAAAgE+h4vf/R/PFaMTFYoXzfwAAAPiM+e5O99j/sH+P3fbCvtKv/xat1kjp0sLSQ6Xz1Tyuev6O7n69xVfWe+zMHC7tj24nRV+TwxfuKkXEcC09Uurf/fK/vbsFf1x8Pjy8vvtO9/ovbUlgfY87tk4pT+DAhS0JHCwGfieOdWOOnekuz/TienckHp3J6ulYrVl/srglYv6v88bLK9+KYvrfa8wfKMXZldXlsRdfWT1T5HIp7+XS+d4NFLfdR3FwLsWI6/dLvn/wjEeKCzF64452xy1v/AYMPV3sPrT7mKWNY74Vx7sxx0e7y9HN89+fjzk+9uR4VKsHhjrpUueNtQ2z72Uxfo0zfyse7MY8eOLB7mJAFpVNWby8PYvKxix6D8Iej8WeWYz0nljvHru49M/fNkvpxF5ZTGzJYv9VZgFwq5wt7vpzuQr9X1GF/rPWldf/y3U36Qb09I5y9613lR/l+mVgy1HubKxv6e+/odYNx7bqvvXlRWwZZYcj+oluzInu64nhwwPqSnnAEf3VlVd/1zuiP/bej3/y9aO//9knr27vxcPdmN4i7vnNDjU2n/MPGvOj/U6Xnuo1frrjuO16pRQjEXd84/yrcfD1Ny88snL+9EvLLy2/XKlMTJYfK5cfr8RI8VKht1B7ABhg7/fY2TOi9NgeZ9X3rP9JwVi8GK/EapyJk8XVBhHxwOBeRzf8GcLJOB7FyfIOZ62jG97h5eQe55aXYyvbY/uvK7bFTmx4xO77UbH41w38pgDADXZ8jzp8JfX/5B7n3Ztr+Zaz49i5lg/y5Rv6aADA50Pa+rg02nm71GplC8+PT02NVztzadJq1p5LWtn0bJpkjU7aqs1VG7NpstBqdpq1/g+Op9N20l5cWGi2OslMs5UsNNvZUvHO70nvrd/b6Xy10clq7YV6Wm2nSa3Z6FRrnWQ6a9eShTufqWftubRV7NxeSGvZTFardrJmI2k3F1u1dCxJ2mmaLCz2A7PptNHJZrK82UgWWtl8tXUpIuqL82kynbZrrWyh02x9Me+w1oxirKwx02zNF92ObZ/+X2724w0At4PX37xw7vTq6vJrmxsHYuuaLY3hKBp/3i2m37jVcwQANlOlAQAAAAAAAAAAAADg9rf9cr187Z6X9A1q7Iur32tfXNUQ19jIp9Zb887Pv/biJ57pp6ORT+82SOPWNl546qlzO8U8c/HQ3JX1M/h/yqBLXd8+EHHnL37YXfP0zZrpB5ef2Fez+1ppl5hbe1wCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEH+FwAA///kEFa5")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe2(&(0x7f0000000040), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000340)='GPL\x00', 0x2, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r1 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000000080)={0x6, {{0xa, 0x4e22, 0x9, @private1={0xfc, 0x1, '\x00', 0x1}, 0x1}}}, 0x88)
r2 = socket$inet6(0xa, 0x3, 0x8)
sendmmsg$inet6(r2, &(0x7f0000004580)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7}, 0x1c, 0x0, 0x0, &(0x7f00000004c0)=ANY=[], 0x28}}], 0x1, 0x20000000)
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000240)='./file1\x00', 0x4000, &(0x7f00000000c0), 0x2, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0")
r3 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000005a0000008500000022000000180100002020702500000000002020200100000000000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r5}, 0x9)
r6 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r6, 0x0, 0xca, &(0x7f0000000140)={0x5, 0x1, 0xc, 0x2, @vifc_lcl_addr=@rand_addr=0x64010102, @broadcast}, 0x10)
setsockopt$MRT_FLUSH(r6, 0x0, 0xd4, &(0x7f0000000040)=0x8, 0x4)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
write$binfmt_register(r3, &(0x7f0000000140)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x2007, 0x3a, 'M', 0x3a, '\x84\xa3\xea\xd6O\x89|\xeb\x80\xf0\xe96\xf4`&\xd4E\xe7L\x82n;H\xd8\xdf\x9a, \\E\xd4\xab\x1ed', 0x3a, './file2', 0x3a, [0x46]}, 0x4b)
r7 = syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1258438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
r8 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r8, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYRES64=r3, @ANYRESHEX=r8, @ANYRES8=r7], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r9}, &(0x7f0000000580), &(0x7f0000000540)}, 0x20)
r10 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r10, &(0x7f0000000180)={0x7, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="020100090a000000007fffffff0000000200100000e9000000e9000000000000030005000000000002000000ac1414000000000000000000030006000000000002"], 0x50}}, 0x0)
sendmmsg(r10, &(0x7f0000000180), 0x40000000000007b, 0x4004)

56.58480298s ago: executing program 4 (id=113):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x30, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000040), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = io_uring_setup(0x60f7, &(0x7f0000000a40)={0x0, 0x0, 0x2, 0xfffffffe, 0x3bd})
r3 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r3, &(0x7f0000000000)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x24)
listen(r3, 0x4)
close_range(r2, r3, 0x0)

55.92607492s ago: executing program 4 (id=130):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_INITIAL_QUANTUM={0x8, 0x5, 0xe}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x200040d5}, 0x0)

55.916227211s ago: executing program 32 (id=130):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_INITIAL_QUANTUM={0x8, 0x5, 0xe}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x200040d5}, 0x0)

1.534085516s ago: executing program 5 (id=1549):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB="0000000400000000000000000004000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe09, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f00004d1000/0x2000)=nil, 0x2000, 0x100000b, 0x12, 0xffffffffffffffff, 0x8000000)
r5 = syz_io_uring_setup(0x1778, &(0x7f00000001c0)={0x0, 0x1049, 0x800, 0x1, 0xf9}, &(0x7f00000003c0), &(0x7f0000000400)=<r6=>0x0)
syz_io_uring_submit(r4, r6, 0x0)
r7 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x216901, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000030000000100000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0xffffffffffffffef, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r9}, 0x10)
fcntl$setlease(r7, 0x400, 0x9001fc2094856845)
sendmsg$FOU_CMD_ADD(r8, 0x0, 0x4000045)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a05000000000000000000020000000900020073797a310008000008000440000000000900010073797a30000000000800034000000009"], 0x64}, 0x1, 0x0, 0x0, 0x20048801}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r10, 0x89f0, &(0x7f0000000900)={'sit0\x00', @random="0000230c1100"})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x20000000000003bf, &(0x7f0000000280)=ANY=[@ANYRES8=r1, @ANYRESDEC=r5, @ANYRESHEX=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.533739675s ago: executing program 0 (id=1550):
nanosleep(&(0x7f0000000000)={0x77359400}, &(0x7f0000000040))
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000001380)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000080)={[{@grpquota}, {@nodelalloc}]}, 0x1, 0x776, &(0x7f0000001900)="$eJzs3c1rHGUYAPBnNp9Nq4kgaD0FBA2UbkyNrYKHigcRLBT0bLtstqFmky3ZTWlCQIsIXgQVD4Jeevaj3rz6cdX/woNYqqbFigeJzGan2Ta7aRKTbHV/P5ju887M9n2fna83Oy+zAXSt0fSfXMThiHg/iRhuzE8ioq8e9UacXFvv1spyMZ2SWF199bekvs7NleViNL0ndbBReDQivnsn4khuY73VxaWZQrlcmm+Ux2uzF8ari0tHz88WpkvTpbnjE5OTx048c+L47uX6x49Lh6598NKTX5786+1Hrr73fRIn41BjWXMeu2U0RhufSV/6Ed7hxd2urMOSTjeAHUkPzZ61ozwOx3D01CMA4P/szYhYBQC6TOL6DwBdJvse4ObKcjGbOvuNxP66/kJEDK7ln93fXFvS27hnN1i/Dzp0M7njzkgSESO7UP9oRHz69eufp1Ps0X1IgFbeuhwRZ0dGN57/kw1jFrbrqU2W9TdeR++a7/wH++ebtP/zbKv+X+52/yda9H8GWhy7O3HP4//ALlSyibT/93zT2LZbTfk3jPQ0Sg/U+3x9ybnz5VJ6bnswIsaibyAtT2xSx9iNv2+0W9bc//v9wzc+S+tPX9fXyP3SO3Dne6YKtcK/ybnZ9csRj/W2yj+5vf2TNv3f01us4+Xn3v2k3bI0/zTfbNqYfzRGJ+2N1SsRT7Tc/usj2pJNxyeO13eH8WynaOGrnz4eald/8/ZPp7T+7G+B/ZBu/6HN8x9JmsdrVrdfxw9Xhr9tt+ze+bfe//uT1+px1o+4VKjV5ici+pNXNs4/tv7erJytn+Y/9njr43+z/b8v+uPsFvPvvfbrFzvPf2+l+U9ta/uvBwfi7jmtg6u3Znra1b+17T9Zj8Yac7Zy/ttKu3a2NwMAAAAAAAAAAAAAAAAAAAAAAADA9uUi4lAkufztOJfL59d+w/vhGMqVK9XakXOVhbmpqP9W9kj05bJHXQ43PQ91ovE8/Kx87K7y0xHxUER8NHAgyZ6jONXh3AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgc7DN7/+nfh7odOsAgD0z2OkGAAD7zvUfALqP6z8AdB/XfwDoPq7/ANBtBl3/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2GunT51Kp9U/V5aLaXnq4uLCTOXi0alSdSY/u1DMFyvzF/LTlcp0uZQvVmbv9f+VK5ULkzG3cGm8VqrWxquLS2dmKwtztTPnZwvTpTOlvn3JCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC2p7q4NFMol0vzgh0Eq/dHMzof9DR2p/ulPfsaJPdHM3Y56PCJCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA/4p8AAAD//+yLIjE=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0500000001000000400000004000"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000c40), &(0x7f0000000180), 0x1003, r0}, 0x38)
bpf$MAP_LOOKUP_ELEM(0x4, &(0x7f00000002c0)={r0, &(0x7f0000000300)='l', &(0x7f0000000b40)=""/31}, 0x20)
pipe2$9p(&(0x7f0000000200)={<r1=>0xffffffffffffffff}, 0x4800)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x6007, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {}, 0x2c, {[{@privport}, {@ignoreqv}, {@directio}, {@cachetag={'cachetag', 0x3d, '///,'}}], [{@mask={'mask', 0x3d, 'MAY_WRITE'}}, {@defcontext={'defcontext', 0x3d, 'system_u'}}]}})
bpf$BPF_BTF_GET_NEXT_ID(0x17, 0x0, 0x0)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600, 0x0, 0x49, 0x0, &(0x7f0000000680)="755bb05395201ad875a81f08fbf73c46403cbcf9922ed5e124d4576314b9d703e2270ea77e8be9b7d6a78d90f5cd95c2293b2397fd6fbb743e63ffe5e2e2d924e7f40180f4b1704f0f", 0x0}, 0x50)
syz_clone(0x20101000, 0x0, 0x40, 0x0, 0x0, &(0x7f00000000c0)="d891b35e480be8b1422cbe0864870fe55ada3f759457cad9aa6e57fa63b98a9c87599bd4555ced2d18006e29201e5d2fc72f4b32754668559d68edb924837e90a62202c7a40581aa42836da5c2f249ccd601eec24336db2b23e00a44a232bd975ad00be369aa1cdeba268c49a34b4f632f9f4e895ca9d9b6f9c2eea6010ee89968467ff30ad120ba813c5c8d493821ebc0462b95d90c45dc20be47609d950f335e656aac1d48cb15d5661000"/184)
ioprio_set$pid(0x2, 0x0, 0x0)

1.527445186s ago: executing program 3 (id=1551):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x50032, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r2, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x4000000000000)

1.383604278s ago: executing program 3 (id=1555):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x3, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="18020000800000000000000000000000850000009700000085000000070000009500000000280000723a0ac5ac59d459487d08f8200587401d7d165f95146c38d5095757fcf168e2a8afecccf65f98fe4c8cc12ff0ed046b341125d86b06fb5204acbe65f4d14a4c01c8ec48912aa14481a9316075f3db2f6774fa424bf58c7891883a587f15a116bfbb982d84c84a06c0f7c50a8cc00d2f18d3820ac3690058"], &(0x7f0000000680)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r2, 0x84, 0x7d, &(0x7f0000000040)="020000000980ffff", 0x8)
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000e00)=[{0x0}], 0x1}, 0x40002002)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000e200000000611118"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r6, 0x34}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
timerfd_settime(0xffffffffffffffff, 0x1, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_LIST(r1, 0x0, 0x20000080)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='\x00'/16, @ANYBLOB="00000000000000000000000000000000000000000000000000cc21bd0cb7eded9ba7e742192645e20010000000000000000000000000000000000000b1273b186af174d79299789df1de7ce94e98e886514f6ac08afd0791b5591b6c6849f9b7b0b9cd28c0de2c26db9edbe715dfca38b4db68b94402289e0408cd66146122604734d7cabc88ba1e23a8c9df75531d646e197cf1810158f98c92cf0145a0b10b19a89613778f72d381cbb23f147bdfd3b3e04e93d67c8a87d1986c83f090d1a3f7b77ab1b3d04955802efd4a1f68f403fdad3f502c001a57565a7603e7bd81b28427569a98da06111fb58291ab7f04446d6670d9cd4201fdcde4d9a730503eb03d06697b766cd6fe70cf14d40eb139574e6e6eb1459e7b20b0bffecf906effffffff00000000e8ddc0975c42d2db03d4700869a3c5d26727fab10cb468e9aef89c0a68a04137891c8577f15f597abbf1b1557d65a53be396f41303f8053dbc5e"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, @void, @value}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x40, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080)}, 0x10010, 0xffffffffffffdffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

1.333484259s ago: executing program 5 (id=1556):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r2}, 0x10)
sendmsg$NL80211_CMD_REGISTER_BEACONS(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[], 0x1c}}, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r3, 0x800448d2, &(0x7f0000000100))

1.299586569s ago: executing program 5 (id=1559):
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="050000000400"], 0x48)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, 0xffffffffffffffff, 0x0)
gettid()
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x1, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000140))
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
io_setup(0xf8, &(0x7f0000000400))
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
shutdown(r1, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r2, 0x11b, 0x6, 0x0, 0x0)
close(r2)
openat$misdntimer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000001c0)={[{@usrquota}, {@grpjquota}, {@nodelalloc}]}, 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r3 = open(&(0x7f00000005c0)='./bus\x00', 0x66842, 0x19)
r4 = open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0)
ftruncate(r1, 0x0)
sendfile(r4, r4, 0x0, 0x800000009)
pwritev2(r3, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0)
ustat(0x4, &(0x7f0000000080))
flistxattr(0xffffffffffffffff, 0x0, 0x0)

1.2432224s ago: executing program 3 (id=1562):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_RENAME(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x34, 0x5, 0x6, 0x401, 0x0, 0x0, {0x6, 0x0, 0x9}, [@IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x4800}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000004c0)={'#! ', './file0'}, 0xb)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x2, 0x82, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0xa1, 0x0, 0x0, 0x0, 0xfffffffc, 0xfffe, 0x0, 0x401, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
getrandom(&(0x7f00000000c0)=""/12, 0xc, 0x1)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x82, 0x0, 0x8404, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x3204, 0x10001, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x1, 0xffffffffffffffff, 0x0)

1.063929683s ago: executing program 3 (id=1567):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB="0000000400000000000000000004000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe09, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f00004d1000/0x2000)=nil, 0x2000, 0x100000b, 0x12, 0xffffffffffffffff, 0x8000000)
r5 = syz_io_uring_setup(0x1778, &(0x7f00000001c0)={0x0, 0x1049, 0x800, 0x1, 0xf9}, &(0x7f00000003c0), &(0x7f0000000400)=<r6=>0x0)
syz_io_uring_submit(r4, r6, 0x0)
r7 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x216901, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="01000000030000000100000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0xffffffffffffffef, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r9}, 0x10)
fcntl$setlease(r7, 0x400, 0x9001fc2094856845)
sendmsg$FOU_CMD_ADD(r8, 0x0, 0x4000045)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a05000000000000000000020000000900020073797a310008000008000440000000000900010073797a30000000000800034000000009"], 0x64}, 0x1, 0x0, 0x0, 0x20048801}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r10, 0x89f0, &(0x7f0000000900)={'sit0\x00', @random="0000230c1100"})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x20000000000003bf, &(0x7f0000000280)=ANY=[@ANYRES8=r1, @ANYRESDEC=r5, @ANYRESHEX=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

990.808644ms ago: executing program 2 (id=1571):
syz_emit_ethernet(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet(0x2, 0x3, 0x8)
setsockopt$inet_int(r3, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
r4 = socket$inet(0x2, 0x6000000000000003, 0x6)
r5 = dup3(r3, r4, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r6, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$inet_int(r5, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000001000010400"/20, @ANYRES32=r1, @ANYBLOB="0000000004a10100050027"], 0x28}}, 0x40000)

914.138346ms ago: executing program 2 (id=1574):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
socket$inet(0x2, 0x4000000805, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800080000fcffff08000900fcfc0000080011000000000008000e0080", @ANYRES64=r2], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0x40000000000002}, 0x18)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r3, 0x800448d2, &(0x7f0000000100))

906.463515ms ago: executing program 2 (id=1575):
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="8000000000010104000000000000000002000000240001801400018008000100e0000001080003"], 0x80}, 0x1, 0x0, 0x0, 0x4040011}, 0x40)
writev(0xffffffffffffffff, &(0x7f0000000040), 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32, @ANYRES32=r0, @ANYBLOB="0000000000850000007800000095"], 0x0, 0xe, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0x7, &(0x7f0000000140)={0x3, 0x6, 0x7, 0x4}, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000580)=ANY=[], 0x33fe0}, 0x1, 0x0, 0x0, 0x4040060}, 0x40)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000001a00010000000000000000001c"], 0x30}}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x2c)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000300)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

878.277366ms ago: executing program 2 (id=1576):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4080}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a090000000000000000000200000009000200"], 0x64}}, 0x4010)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000150a01020000000076a7cafd00"], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x4040808)

857.754516ms ago: executing program 3 (id=1577):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500001000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x10, 0x2, &(0x7f0000000b00)=ANY=[@ANYBLOB="9110150000000000950088fe000000af3839e5def69d6d2a48c0f9832e91e506ce6d2b279d43b43cbc24f636197f2673df3188fd9009f69033d53762c0c66b59ca2277c779560da293992b84a8bf08f965728a71632707d17ec9096465503b644db011b85f8b305615e389ccd146f118597ad3ea317bb263ea7da74aec7731e46c9e4f0a908a08894afbaa00abf0634bfc3c3e398b676fa61c017f89011826d91b0c4e8bf94b337d4a464f79e20fd2e2b1577c550892992bfa70bc9d2b8e5aa2943f89255c6d78c916716ee20669a47605c9e744ce0410f563c7c85f9960874684e1ed92c5bf022cb8fcf77599a781a836328af6b2c6b6ed5720f34c538c0de6ed11d0416ec19cae43c7b988d56d875894977eea154f8e"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000340)=ANY=[@ANYBLOB="18004000c9c50464000000000000e20000000000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095", @ANYRESDEC=r2, @ANYRES8=r2, @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18020c0000004ef06a5e527c0000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xa, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffd44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f00000004c0)='kfree\x00', r3}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = signalfd(0xffffffffffffffff, &(0x7f00000001c0)={[0x5]}, 0x8)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r8, &(0x7f0000000040), 0xfed8)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x10012, r8, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$netlink(r9, 0x10e, 0xb, 0x0, &(0x7f0000001100))
ioctl$TCSETS(r7, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x3, 0xfc, "0062ba7d820000000001001f820dac4eb71f11"})
r10 = syz_open_pts(r7, 0x0)
r11 = dup(r10)
fsetxattr$security_selinux(r11, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)
name_to_handle_at(r4, &(0x7f0000004740)='\x00', &(0x7f0000004780)=ANY=[@ANYBLOB='\f'], &(0x7f00000047c0), 0x1200)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)=@delqdisc={0x68, 0x25, 0x1, 0x70bd2b, 0x25dfdbfc, {0x0, 0x0, 0x0, r12, {0xb, 0xe}, {0x6, 0xa}, {0xfff3, 0x8}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x4}, @qdisc_kind_options=@q_red={{0x8}, {0x24, 0x2, [@TCA_RED_FLAGS={0xc}, @TCA_RED_PARMS={0x14, 0x1, {0x0, 0x4, 0xfff, 0x0, 0x2, 0x7, 0x2}}]}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x7}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x6}]}, 0x68}, 0x1, 0x0, 0x0, 0x80}, 0x0)

839.972937ms ago: executing program 2 (id=1579):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
setresuid(0xffffffffffffffff, 0xee00, 0xffffffffffffffff)
ioctl$TCSETA(r0, 0x5406, &(0x7f0000000000)={0x327, 0x8000, 0x7, 0x400, 0x1, "0000fffff000"})
ioctl$TIOCGPTPEER(r0, 0x5441, 0x0)

820.411197ms ago: executing program 2 (id=1580):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000000)={[{@minixdf}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r5, &(0x7f00000002c0)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r6, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000a9000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000500)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r7}, 0x10)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000002, 0x13, r8, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r5)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000980)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
mmap(&(0x7f0000002000/0x4000)=nil, 0x4000, 0x1000006, 0x30, r0, 0xbc5c0000)
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r6}}, 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$RDMA_USER_CM_CMD_BIND_IP(r1, &(0x7f0000000300)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e23, 0x8, @dev={0xfe, 0x80, '\x00', 0x16}, 0xc924}}}, 0x30)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r10}, 0x10)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

658.62707ms ago: executing program 0 (id=1583):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xb}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000300)=ANY=[], 0x1b0) (fail_nth: 3)

656.12423ms ago: executing program 1 (id=1584):
syz_emit_ethernet(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet(0x2, 0x3, 0x8)
setsockopt$inet_int(r3, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
r4 = socket$inet(0x2, 0x6000000000000003, 0x6)
r5 = dup3(r3, r4, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r6, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='workqueue_queue_work\x00', r7}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$inet_int(r5, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="280000001000010400"/20, @ANYRES32=r1, @ANYBLOB="0000000004a10100050027"], 0x28}}, 0x40000)

368.832074ms ago: executing program 1 (id=1585):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
socket$inet(0x2, 0x4000000805, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800080000fcffff08000900fcfc0000080011000000000008000e0080", @ANYRES64=r2], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', 0xffffffffffffffff, 0x0, 0x40000000000002}, 0x18)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r3, 0x800448d2, &(0x7f0000000100))

367.557574ms ago: executing program 3 (id=1586):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x6, &(0x7f0000000380)={0x7d, {{0x29, 0x0, 0x2000000, @empty, 0x8000005}}}, 0x88)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000100)='kfree\x00', 0xffffffffffffffff, 0x0, 0x1}, 0x18)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000f40)={'filter\x00', 0x10, 0x4, 0x3f0, 0x110, 0x0, 0x0, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@random="e5fce0c960bc", @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x1e}, 0xf, 0xffffffff}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x2}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@remote, @broadcast, @loopback, 0x1, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)
setsockopt$RXRPC_EXCLUSIVE_CONNECTION(0xffffffffffffffff, 0x110, 0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
openat$selinux_relabel(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x48, &(0x7f00000001c0)=ANY=[@ANYBLOB="daf8", @ANYRESOCT], 0x28)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f00000003c0)='kmem_cache_free\x00', r3, 0x0, 0x2}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00'}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, 0x0, 0x0, 0x4, 0x0)
r5 = syz_pidfd_open(r4, 0x0)
pidfd_send_signal(r5, 0x2, 0x0, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000340)="5c00000013006bcd9e3fe3dc4e48aa31086b8703140000001f03000000000000040014000d000a000d0000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c00712152230000000010902"], 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, &(0x7f0000000040)={'batadv0\x00', <r9=>0x0})
sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@setlink={0x3c, 0x13, 0x1, 0x0, 0x0, {}, [@IFLA_MASTER={0x8, 0xa, r9}, @IFLA_ALT_IFNAME={0x14, 0x35, 'dummy0\x00'}]}, 0x3c}}, 0x0)
r10 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r10, 0x8922, &(0x7f0000000080)={'dummy0\x00'})

354.873354ms ago: executing program 0 (id=1587):
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[], 0x48)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="8000000000010104000000000000000002000000240001801400018008000100e0000001080003"], 0x80}, 0x1, 0x0, 0x0, 0x4040011}, 0x40)
writev(0xffffffffffffffff, &(0x7f0000000040), 0x2)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYRES32, @ANYRES32=r0, @ANYBLOB="0000000000850000007800000095"], 0x0, 0xe, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0x7, &(0x7f0000000140)={0x3, 0x6, 0x7, 0x4}, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000580)=ANY=[], 0x33fe0}, 0x1, 0x0, 0x0, 0x4040060}, 0x40)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000001a00010000000000000000001c"], 0x30}}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x2c)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000300)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)

352.169064ms ago: executing program 1 (id=1588):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d0000008500000050000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_CREATE(r1, &(0x7f0000000a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000000940)=""/3, 0x3, 0x0, 0x4, 0x0, 0x0, 0xc08}}, 0x120)
readv(r1, &(0x7f0000000140)=[{&(0x7f0000000080)=""/155, 0x9b}], 0x1)

299.109965ms ago: executing program 0 (id=1589):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB="0000000400000000000000000004000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe09, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
r4 = mmap$IORING_OFF_CQ_RING(&(0x7f00004d1000/0x2000)=nil, 0x2000, 0x100000b, 0x12, 0xffffffffffffffff, 0x8000000)
r5 = syz_io_uring_setup(0x1778, &(0x7f00000001c0)={0x0, 0x1049, 0x800, 0x1, 0xf9}, &(0x7f00000003c0), &(0x7f0000000400)=<r6=>0x0)
syz_io_uring_submit(r4, r6, 0x0)
r7 = bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x216901, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\n'], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0xffffffffffffffef, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r10}, 0x10)
fcntl$setlease(r7, 0x400, 0x9001fc2094856845)
sendmsg$FOU_CMD_ADD(r8, 0x0, 0x4000045)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a05000000000000000000020000000900020073797a310008000008000440000000000900010073797a30000000000800034000000009"], 0x64}, 0x1, 0x0, 0x0, 0x20048801}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r11, 0x89f0, &(0x7f0000000900)={'sit0\x00', @random="0000230c1100"})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x20000000000003bf, &(0x7f0000000280)=ANY=[@ANYRES8=r1, @ANYRESDEC=r5, @ANYRESHEX=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

247.323276ms ago: executing program 1 (id=1590):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000de0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x10)
setresuid(0xffffffffffffffff, 0xee00, 0xffffffffffffffff)
ioctl$TCSETA(r0, 0x5406, &(0x7f0000000000)={0x327, 0x8000, 0x7, 0x400, 0x1, "0000fffff000"})
ioctl$TIOCGPTPEER(r0, 0x5441, 0x0)

246.862746ms ago: executing program 5 (id=1591):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4080}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000000000000020000000900020073797a31000000000800044000000000090001007379"], 0x64}}, 0x4010)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000150a01020000000076a7cafd00"], 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x4040808)

223.411496ms ago: executing program 1 (id=1592):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x62, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
socket$inet(0x2, 0x4000000805, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000001400000008000a00fc00000018000180140002006e657464657673696d300000000000000800080000fcffff08000900fcfc0000080011000000000008000e00800000000800", @ANYRES64=r2], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r4, 0x800448d2, &(0x7f0000000100))

171.143567ms ago: executing program 5 (id=1593):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r2, 0x84, 0x7d, &(0x7f0000000040)="020000000980ffff", 0x8)
r3 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)=r3}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000e00)=[{0x0}], 0x1}, 0x40002002)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000e200000000611118"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r6, 0x34}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
timerfd_settime(0xffffffffffffffff, 0x1, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_LIST(r1, 0x0, 0x20000080)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='\x00'/16, @ANYBLOB="00000000000000000000000000000000000000000000000000cc21bd0cb7eded9ba7e742192645e20010000000000000000000000000000000000000b1273b186af174d79299789df1de7ce94e98e886514f6ac08afd0791b5591b6c6849f9b7b0b9cd28c0de2c26db9edbe715dfca38b4db68b94402289e0408cd66146122604734d7cabc88ba1e23a8c9df75531d646e197cf1810158f98c92cf0145a0b10b19a89613778f72d381cbb23f147bdfd3b3e04e93d67c8a87d1986c83f090d1a3f7b77ab1b3d04955802efd4a1f68f403fdad3f502c001a57565a7603e7bd81b28427569a98da06111fb58291ab7f04446d6670d9cd4201fdcde4d9a730503eb03d06697b766cd6fe70cf14d40eb139574e6e6eb1459e7b20b0bffecf906effffffff00000000e8ddc0975c42d2db03d4700869a3c5d26727fab10cb468e9aef89c0a68a04137891c8577f15f597abbf1b1557d65a53be396f41303f8053dbc5e"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008f00850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, @void, @value}, 0x94)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x40, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={&(0x7f0000000080)}, 0x10010, 0xffffffffffffdffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

123.888388ms ago: executing program 1 (id=1594):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000000)={<r2=>0x0}, &(0x7f0000000040)=0xc)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xf, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffc52, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'hsr0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000006c0)=ANY=[@ANYBLOB="440000001000030428b57000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="a100000000000000140012800c0001006d616376746170000400028008000500", @ANYRES32=r6, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r6], 0x44}, 0x1, 0xba01, 0x0, 0x4004}, 0x810)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000bc0000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x6, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kfree\x00', r7, 0x0, 0x3}, 0x18)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="02142000110000000040000000000000030005000000000002000000ffffffff0000000000000000080012000000010000000000000000000600000000000027b20e97a6a9ecae000000ee00000000000000000000000000fc020000000000000000000000000000030006000000000002000000e00000010000000000000000010018"], 0x88}}, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000640)={&(0x7f00000001c0)='signal_generate\x00', r9}, 0x10)
r10 = socket$inet6(0xa, 0x80002, 0x0)
sendto$inet6(r10, 0x0, 0x64, 0x1208c081, &(0x7f0000000280)={0xa, 0xe20, 0xfffffbff, @remote, 0x8000003}, 0x1c)
sendto$inet6(r10, &(0x7f00000009c0)="c7cfcaaa22e10542fca5c0195350f15147657e0bfc59d383a47190db88690e6fedc3040ab5809ae02a54cd429cc3338c5afa0c9dce3f91950d1f567f358ac21154159130e88cbb6c43197813b2f23f3e442f80877490b393408142ebcfea6821f543e5ee9e27032e2b75d78f1b79f5a6bb6f0645e267770ef7e8f3a92148091217450ce8581e54223eeb6486205a209bf1fe854d211c03f8c3140fc3979d824082990d119473d20e94f253c9621fac339560ae46cb24b88bf2d01559bb658e343257b90f233b81bc5c398be3bbddb23a1e", 0xffd6, 0xc001, 0x0, 0xffffffffffffff0c)
setsockopt$inet6_mtu(r10, 0x29, 0x17, &(0x7f0000000640)=0x3, 0x4)
sendto$inet6(r10, 0x0, 0x156, 0x4010, 0x0, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r11}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
r12 = syz_open_procfs(0x0, &(0x7f0000000000)='net/rt_acct\x00')
r13 = socket(0x18, 0x3, 0x0)
connect$pppoe(r13, &(0x7f0000000100)={0x18, 0x0, {0x2, @broadcast, 'vxcan1\x00'}}, 0x1e)
sendfile(r13, r12, 0x0, 0x8)
capset(&(0x7f0000000080)={0x20071026, r2}, &(0x7f00000000c0)={0x8, 0x6, 0x0, 0x6, 0x3, 0x83c})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)

29.13997ms ago: executing program 0 (id=1595):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x100000}], 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000004c0)=[{&(0x7f0000000080)=""/28, 0x1c}], 0x1}}], 0x90}, 0x0)

2.50426ms ago: executing program 5 (id=1596):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000480)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$VT_DISALLOCATE(r1, 0x5608)
perf_event_open(&(0x7f0000000800)={0x2, 0x80, 0xa4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xfffffdffffffffff, 0xffffffffffffffff, 0x0)
sync()
ioctl$TIOCSSOFTCAR(r1, 0x5453, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, 0x0, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x70}}, 0x0)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x2800, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, r3, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)

0s ago: executing program 0 (id=1597):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100030f031ede85bd80600000000000a3c000000120a09000000000000000000020000000900020073797a310000000008000440000000000900010073797a30000000000800034000000005520000001100010000000000000000000000000a6dada20ddfc9252fd83bb49d4781250f6cc45663644e3d7929d48cde212ea99bd604499d613f99c3b3db901f77e10b9aaccaab0bc062a7f2996f592435ef5870af1303645a20086328"], 0x64}, 0x1, 0x0, 0x0, 0x890}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r4 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
r5 = getpgrp(0x0)
rt_sigqueueinfo(r5, 0x22, &(0x7f0000000000)={0x3c, 0x10000, 0x9})
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000080)=@chain)
pipe2$9p(&(0x7f0000000240)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
r8 = dup(r3)
write$P9_RLERRORu(r8, &(0x7f0000000500)=ANY=[@ANYBLOB="5300000007000046009d"], 0x53)
mount$9p_fd(0x0, &(0x7f0000001a00)='./file0\x00', &(0x7f0000000580), 0x0, &(0x7f0000001a40)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',o=', @ANYRESHEX=r8, @ANYBLOB=',dfltuid=', @ANYRESHEX=0xee00, @ANYBLOB=',k'])
setsockopt$SO_J1939_SEND_PRIO(r8, 0x6b, 0x3, &(0x7f0000000740)=0x4, 0x4)
syz_genetlink_get_family_id$team(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000002c0))
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r9, &(0x7f0000000500)={0xa, 0x2, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_int(r9, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r9, &(0x7f00000000c0)="04", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
setsockopt$inet6_tcp_TCP_MD5SIG(r9, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x4e24, 0x0, @loopback, 0x1}}, 0x0, 0x0, 0x6, 0x0, "10baa70a93289349d889de25b87376f64276337642b890d33cb5b592e66e6229bc5c7ac135fee1b3871b7ef6619db5b2a94edb6f73ea08b02aa3b47debd38b6d889a8c986b33eb49c3157f1f370dfd67"}, 0xd8)
r10 = dup(r9)
write$UHID_INPUT(r10, &(0x7f0000001840)={0xfc, {"a2e3ad21ed0d1bf91b29420987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f31096c060890e0878f0e1ac6e7049b096e959b509a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b074b0d36cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130f91850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d86526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e613e20d80421d653a500008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec6bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f4077fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f8302d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153fae46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a922705391dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c343f7f140f319539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474b0679dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691951264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf040000006ebecd8d984836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238226407a4eddd5d0fc5a752f9000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e00", 0x1000}}, 0xff39)
setsockopt$inet6_tcp_int(r9, 0x6, 0x1, &(0x7f0000000400)=0x7, 0x4)

kernel console output (not intermixed with test programs):

59.993313][ T5000] R13: 0000000000000000 R14: 00007fec49585fa0 R15: 00007ffe3ae92d68
[   59.993342][ T5000]  </TASK>
[   60.296874][ T5014] netlink: 'syz.1.539': attribute type 10 has an invalid length.
[   60.320103][ T5009] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   60.336066][ T5009] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   60.351692][ T5012] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   60.446816][ T5019] loop5: detected capacity change from 0 to 1024
[   60.462260][ T5019] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   60.542014][ T5019] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:483: comm syz.5.538: Invalid block bitmap block 0 in block_group 0
[   60.556502][ T5019] EXT4-fs error (device loop5): ext4_acquire_dquot:6935: comm syz.5.538: Failed to acquire dquot type 0
[   60.569930][ T5019] EXT4-fs error (device loop5): ext4_free_blocks:6589: comm syz.5.538: Freeing blocks not in datazone - block = 0, count = 4096
[   60.586117][ T5019] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.538: Invalid inode bitmap blk 0 in block_group 0
[   60.599148][ T5019] EXT4-fs error (device loop5) in ext4_free_inode:361: Corrupt filesystem
[   60.607866][   T12] EXT4-fs error (device loop5): ext4_release_dquot:6971: comm kworker/u8:0: Failed to release dquot type 0
[   60.621654][ T5019] EXT4-fs (loop5): 1 orphan inode deleted
[   60.909903][ T5033] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   61.112836][ T5040] 9pnet_fd: p9_fd_create_tcp (5040): problem connecting socket to 127.0.0.1
[   61.165235][ T5043] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   61.205909][ T5047] xt_hashlimit: size too large, truncated to 1048576
[   61.225606][ T5046] loop3: detected capacity change from 0 to 1024
[   61.369893][ T5046] EXT4-fs: Ignoring removed orlov option
[   61.388038][ T5046] EXT4-fs: Ignoring removed nomblk_io_submit option
[   61.504765][ T5046] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   61.530485][ T5054] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   61.537930][ T5056] 9pnet_fd: p9_fd_create_tcp (5056): problem connecting socket to 127.0.0.1
[   61.538962][ T5054] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   61.551509][ T5056] xt_hashlimit: size too large, truncated to 1048576
[   61.771082][ T5061] __nla_validate_parse: 5 callbacks suppressed
[   61.771102][ T5061] netlink: 4 bytes leftover after parsing attributes in process `syz.2.554'.
[   61.818480][ T5063] FAULT_INJECTION: forcing a failure.
[   61.818480][ T5063] name failslab, interval 1, probability 0, space 0, times 0
[   61.831371][ T5063] CPU: 0 UID: 0 PID: 5063 Comm: syz.2.555 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(voluntary) 
[   61.831404][ T5063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   61.831421][ T5063] Call Trace:
[   61.831427][ T5063]  <TASK>
[   61.831434][ T5063]  dump_stack_lvl+0xf6/0x150
[   61.831467][ T5063]  dump_stack+0x15/0x1a
[   61.831559][ T5063]  should_fail_ex+0x261/0x270
[   61.831672][ T5063]  should_failslab+0x8f/0xb0
[   61.831693][ T5063]  kmem_cache_alloc_node_noprof+0x5c/0x340
[   61.831729][ T5063]  ? __alloc_skb+0x10d/0x320
[   61.831752][ T5063]  __alloc_skb+0x10d/0x320
[   61.831845][ T5063]  netlink_alloc_large_skb+0xad/0xe0
[   61.831867][ T5063]  netlink_sendmsg+0x3da/0x720
[   61.831893][ T5063]  ? __pfx_netlink_sendmsg+0x10/0x10
[   61.831973][ T5063]  __sock_sendmsg+0x140/0x180
[   61.831994][ T5063]  ____sys_sendmsg+0x350/0x4e0
[   61.832031][ T5063]  __sys_sendmsg+0x1a0/0x240
[   61.832119][ T5063]  __x64_sys_sendmsg+0x46/0x50
[   61.832151][ T5063]  x64_sys_call+0x26f3/0x2e10
[   61.832175][ T5063]  do_syscall_64+0xc9/0x1c0
[   61.832288][ T5063]  ? clear_bhb_loop+0x25/0x80
[   61.832306][ T5063]  ? clear_bhb_loop+0x25/0x80
[   61.832323][ T5063]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   61.832346][ T5063] RIP: 0033:0x7fc0b54fd169
[   61.832366][ T5063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   61.832385][ T5063] RSP: 002b:00007fc0b3b67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   61.832464][ T5063] RAX: ffffffffffffffda RBX: 00007fc0b5715fa0 RCX: 00007fc0b54fd169
[   61.832474][ T5063] RDX: 0100000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[   61.832484][ T5063] RBP: 00007fc0b3b67090 R08: 0000000000000000 R09: 0000000000000000
[   61.832494][ T5063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   61.832506][ T5063] R13: 0000000000000000 R14: 00007fc0b5715fa0 R15: 00007ffdee7dd648
[   61.832526][ T5063]  </TASK>
[   62.087558][ T5067] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   62.202273][ T5075] netlink: 'syz.0.559': attribute type 10 has an invalid length.
[   62.210062][ T5075] netlink: 40 bytes leftover after parsing attributes in process `syz.0.559'.
[   62.227875][ T5071] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   62.247667][ T5071] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   62.285717][ T5071] batadv0: mtu less than device minimum
[   62.291979][ T5071] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   62.302638][ T5071] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   62.313308][ T5071] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   62.323989][ T5071] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   62.334922][ T5071] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   62.345770][ T5071] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   62.356442][ T5071] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[   62.462810][ T5078] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   62.590439][ T5084] netlink: 12 bytes leftover after parsing attributes in process `syz.5.563'.
[   62.626997][ T5090] netlink: 4 bytes leftover after parsing attributes in process `syz.1.565'.
[   62.658115][ T5094] loop2: detected capacity change from 0 to 2048
[   62.686359][   T29] kauditd_printk_skb: 19 callbacks suppressed
[   62.686383][   T29] audit: type=1326 audit(1743306193.465:1100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.2.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0b54fd169 code=0x7ffc0000
[   62.719799][   T29] audit: type=1326 audit(1743306193.475:1101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.2.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0b54fd169 code=0x7ffc0000
[   62.743350][   T29] audit: type=1326 audit(1743306193.475:1102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.2.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc0b54fd169 code=0x7ffc0000
[   62.757494][ T5100] netlink: 48 bytes leftover after parsing attributes in process `+}[@'.
[   62.766951][   T29] audit: type=1326 audit(1743306193.475:1103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.2.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0b54fd169 code=0x7ffc0000
[   62.798527][   T29] audit: type=1326 audit(1743306193.475:1104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.2.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0b54fd169 code=0x7ffc0000
[   62.821945][   T29] audit: type=1326 audit(1743306193.475:1105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.2.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc0b54fd169 code=0x7ffc0000
[   62.845407][   T29] audit: type=1326 audit(1743306193.475:1106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.2.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0b54fd169 code=0x7ffc0000
[   62.868759][   T29] audit: type=1326 audit(1743306193.475:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.2.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc0b54fd169 code=0x7ffc0000
[   62.892631][   T29] audit: type=1326 audit(1743306193.495:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.2.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0b54fd169 code=0x7ffc0000
[   62.916078][   T29] audit: type=1326 audit(1743306193.495:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5093 comm="syz.2.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0b54fd169 code=0x7ffc0000
[   63.028209][ T5117] 9pnet_fd: p9_fd_create_tcp (5117): problem connecting socket to 127.0.0.1
[   63.038411][ T5117] xt_hashlimit: size too large, truncated to 1048576
[   63.245038][ T5124] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   63.299399][ T5136] netlink: 4 bytes leftover after parsing attributes in process `syz.0.581'.
[   63.412890][ T5152] netlink: 'syz.3.585': attribute type 10 has an invalid length.
[   63.420830][ T5152] netlink: 40 bytes leftover after parsing attributes in process `syz.3.585'.
[   63.448133][ T5143] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   63.459116][ T5143] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   63.479166][ T5158] 9pnet_fd: p9_fd_create_tcp (5158): problem connecting socket to 127.0.0.1
[   63.489565][ T5158] xt_hashlimit: size too large, truncated to 1048576
[   63.653963][ T5166] netlink: 24 bytes leftover after parsing attributes in process `syz.1.595'.
[   63.734991][ T5173] netlink: 12 bytes leftover after parsing attributes in process `syz.0.597'.
[   63.754298][ T5176] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   63.764690][ T5174] netlink: 4 bytes leftover after parsing attributes in process `syz.1.598'.
[   63.907477][ T5198] x_tables: ip6_tables: tcp match: only valid for protocol 6
[   64.016018][ T5211] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   64.088163][ T5219] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   64.189723][ T5249] loop3: detected capacity change from 0 to 512
[   64.198161][ T5251] loop2: detected capacity change from 0 to 1024
[   64.198774][ T5249] EXT4-fs: Ignoring removed orlov option
[   64.213700][ T5249] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   64.232542][ T5251] loop2: detected capacity change from 0 to 512
[   64.247672][ T5249] EXT4-fs error (device loop3): ext4_orphan_get:1390: inode #15: comm syz.3.627: casefold flag without casefold feature
[   64.263319][ T5249] EXT4-fs error (device loop3): ext4_orphan_get:1395: comm syz.3.627: couldn't read orphan inode 15 (err -117)
[   64.289526][ T5251] ext4 filesystem being mounted at /128/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   64.309225][ T5261] netlink: 'syz.1.631': attribute type 10 has an invalid length.
[   64.319044][ T5257] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   64.333533][ T5257] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   64.467261][ T5278] FAULT_INJECTION: forcing a failure.
[   64.467261][ T5278] name failslab, interval 1, probability 0, space 0, times 0
[   64.480084][ T5278] CPU: 1 UID: 0 PID: 5278 Comm: syz.2.638 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(voluntary) 
[   64.480116][ T5278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   64.480130][ T5278] Call Trace:
[   64.480137][ T5278]  <TASK>
[   64.480145][ T5278]  dump_stack_lvl+0xf6/0x150
[   64.480173][ T5278]  dump_stack+0x15/0x1a
[   64.480217][ T5278]  should_fail_ex+0x261/0x270
[   64.480255][ T5278]  should_failslab+0x8f/0xb0
[   64.480294][ T5278]  __kvmalloc_node_noprof+0x12c/0x520
[   64.480388][ T5278]  ? xt_alloc_table_info+0x3d/0x80
[   64.480413][ T5278]  ? should_fail_ex+0xd7/0x270
[   64.480446][ T5278]  xt_alloc_table_info+0x3d/0x80
[   64.480471][ T5278]  do_arpt_set_ctl+0x672/0xa30
[   64.480504][ T5278]  ? _raw_spin_unlock_bh+0x36/0x40
[   64.480553][ T5278]  nf_setsockopt+0x195/0x1b0
[   64.480586][ T5278]  ip_setsockopt+0xea/0x100
[   64.480607][ T5278]  udp_setsockopt+0x95/0xb0
[   64.480644][ T5278]  sock_common_setsockopt+0x64/0x80
[   64.480669][ T5278]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   64.480760][ T5278]  __sys_setsockopt+0x187/0x200
[   64.480794][ T5278]  __x64_sys_setsockopt+0x66/0x80
[   64.480827][ T5278]  x64_sys_call+0x2a09/0x2e10
[   64.480853][ T5278]  do_syscall_64+0xc9/0x1c0
[   64.480883][ T5278]  ? clear_bhb_loop+0x25/0x80
[   64.480940][ T5278]  ? clear_bhb_loop+0x25/0x80
[   64.480966][ T5278]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.480991][ T5278] RIP: 0033:0x7fc0b54fd169
[   64.481007][ T5278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.481028][ T5278] RSP: 002b:00007fc0b3b67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   64.481050][ T5278] RAX: ffffffffffffffda RBX: 00007fc0b5715fa0 RCX: 00007fc0b54fd169
[   64.481064][ T5278] RDX: 0000000000000060 RSI: 0a02000000000000 RDI: 0000000000000003
[   64.481107][ T5278] RBP: 00007fc0b3b67090 R08: 0000000000000438 R09: 0000000000000000
[   64.481121][ T5278] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.481135][ T5278] R13: 0000000000000000 R14: 00007fc0b5715fa0 R15: 00007ffdee7dd648
[   64.481158][ T5278]  </TASK>
[   64.782395][ T5294] loop2: detected capacity change from 0 to 512
[   64.803529][ T5294] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[   64.812669][ T5293] FAULT_INJECTION: forcing a failure.
[   64.812669][ T5293] name failslab, interval 1, probability 0, space 0, times 0
[   64.825403][ T5293] CPU: 1 UID: 0 PID: 5293 Comm: syz.5.645 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(voluntary) 
[   64.825436][ T5293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   64.825451][ T5293] Call Trace:
[   64.825458][ T5293]  <TASK>
[   64.825466][ T5293]  dump_stack_lvl+0xf6/0x150
[   64.825495][ T5293]  dump_stack+0x15/0x1a
[   64.825515][ T5293]  should_fail_ex+0x261/0x270
[   64.825602][ T5293]  should_failslab+0x8f/0xb0
[   64.825627][ T5293]  __kmalloc_noprof+0xad/0x410
[   64.825658][ T5293]  ? io_cqring_event_overflow+0x5a/0x300
[   64.825715][ T5293]  io_cqring_event_overflow+0x5a/0x300
[   64.825792][ T5293]  ? kmem_cache_alloc_bulk_noprof+0x320/0x4a0
[   64.825830][ T5293]  io_req_cqe_overflow+0x89/0xb0
[   64.825872][ T5293]  __io_submit_flush_completions+0x361/0xa00
[   64.825942][ T5293]  io_submit_sqes+0xe71/0x1050
[   64.825993][ T5293]  __se_sys_io_uring_enter+0x1ce/0x1c00
[   64.826109][ T5293]  ? 0xffffffff81000000
[   64.826126][ T5293]  ? get_pid_task+0x94/0xd0
[   64.826155][ T5293]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   64.826186][ T5293]  ? vfs_write+0x669/0x950
[   64.826205][ T5293]  ? putname+0xe1/0x100
[   64.826310][ T5293]  ? __fget_files+0x186/0x1c0
[   64.826332][ T5293]  ? perf_trace_sys_enter+0x73/0x2b0
[   64.826357][ T5293]  ? trace_sys_enter+0xcd/0x110
[   64.826381][ T5293]  __x64_sys_io_uring_enter+0x78/0x90
[   64.826473][ T5293]  x64_sys_call+0x26cb/0x2e10
[   64.826493][ T5293]  do_syscall_64+0xc9/0x1c0
[   64.826540][ T5293]  ? clear_bhb_loop+0x25/0x80
[   64.826563][ T5293]  ? clear_bhb_loop+0x25/0x80
[   64.826608][ T5293]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   64.826649][ T5293] RIP: 0033:0x7f87843ed169
[   64.826665][ T5293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   64.826684][ T5293] RSP: 002b:00007f8782a4f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   64.826704][ T5293] RAX: ffffffffffffffda RBX: 00007f8784605fa0 RCX: 00007f87843ed169
[   64.826717][ T5293] RDX: 0000000000000000 RSI: 0000000000002d3e RDI: 000000000000000f
[   64.826730][ T5293] RBP: 00007f8782a4f090 R08: 0000000000000000 R09: 0000000000000000
[   64.826743][ T5293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   64.826784][ T5293] R13: 0000000000000000 R14: 00007f8784605fa0 R15: 00007ffd21a09d78
[   64.826804][ T5293]  </TASK>
[   64.827586][ T5294] EXT4-fs (loop2): invalid journal inode
[   64.832903][ T5297] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   64.841171][ T5294] EXT4-fs (loop2): can't get journal size
[   64.958528][ T5308] IPv6: Can't replace route, no match found
[   64.961928][ T5294] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e056c118, mo2=0002]
[   65.094397][ T5294] System zones: 1-12, 13-13
[   65.100494][ T5294] EXT4-fs (loop2): 1 truncate cleaned up
[   65.173103][ T5322] netlink: 'syz.1.661': attribute type 10 has an invalid length.
[   65.186544][ T5324] loop3: detected capacity change from 0 to 512
[   65.211900][ T5324] EXT4-fs: Ignoring removed orlov option
[   65.212700][ T5322] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   65.228171][ T5322] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   65.236217][ T5324] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   65.256713][ T5324] EXT4-fs (loop3): 1 orphan inode deleted
[   65.262548][ T5324] EXT4-fs (loop3): 1 truncate cleaned up
[   65.305029][ T5316] EXT4-fs error (device loop3): ext4_inlinedir_to_tree:1339: inode #12: block 7: comm syz.3.651: path /147/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=20, inode=13, rec_len=16, size=60 fake=0
[   65.332390][ T5337] siw: device registration error -23
[   65.347041][ T5316] EXT4-fs (loop3): Remounting filesystem read-only
[   65.404216][ T5321] loop2: detected capacity change from 0 to 2048
[   65.431797][ T5321] ext4 filesystem being mounted at /135/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.582308][ T5361] xt_CT: You must specify a L4 protocol and not use inversions on it
[   65.613620][ T5335] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.652: bg 0: block 345: padding at end of block bitmap is not set
[   65.631634][ T5335] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 117
[   65.644163][ T5335] EXT4-fs (loop2): This should not happen!! Data will be lost
[   65.644163][ T5335] 
[   65.678602][ T5369] FAULT_INJECTION: forcing a failure.
[   65.678602][ T5369] name failslab, interval 1, probability 0, space 0, times 0
[   65.691412][ T5369] CPU: 0 UID: 0 PID: 5369 Comm: syz.5.669 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(voluntary) 
[   65.691439][ T5369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   65.691512][ T5369] Call Trace:
[   65.691519][ T5369]  <TASK>
[   65.691526][ T5369]  dump_stack_lvl+0xf6/0x150
[   65.691548][ T5369]  dump_stack+0x15/0x1a
[   65.691564][ T5369]  should_fail_ex+0x261/0x270
[   65.691601][ T5369]  should_failslab+0x8f/0xb0
[   65.691674][ T5369]  kmem_cache_alloc_node_noprof+0x5c/0x340
[   65.691708][ T5369]  ? __alloc_skb+0x10d/0x320
[   65.691738][ T5369]  __alloc_skb+0x10d/0x320
[   65.691806][ T5369]  netlink_alloc_large_skb+0xad/0xe0
[   65.691832][ T5369]  netlink_sendmsg+0x3da/0x720
[   65.691863][ T5369]  ? __pfx_netlink_sendmsg+0x10/0x10
[   65.691892][ T5369]  __sock_sendmsg+0x140/0x180
[   65.691915][ T5369]  ____sys_sendmsg+0x350/0x4e0
[   65.692017][ T5369]  __sys_sendmsg+0x1a0/0x240
[   65.692066][ T5369]  __x64_sys_sendmsg+0x46/0x50
[   65.692130][ T5369]  x64_sys_call+0x26f3/0x2e10
[   65.692156][ T5369]  do_syscall_64+0xc9/0x1c0
[   65.692183][ T5369]  ? clear_bhb_loop+0x25/0x80
[   65.692280][ T5369]  ? clear_bhb_loop+0x25/0x80
[   65.692302][ T5369]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   65.692321][ T5369] RIP: 0033:0x7f87843ed169
[   65.692339][ T5369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   65.692361][ T5369] RSP: 002b:00007f8782a4f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   65.692383][ T5369] RAX: ffffffffffffffda RBX: 00007f8784605fa0 RCX: 00007f87843ed169
[   65.692428][ T5369] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000003
[   65.692439][ T5369] RBP: 00007f8782a4f090 R08: 0000000000000000 R09: 0000000000000000
[   65.692450][ T5369] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   65.692461][ T5369] R13: 0000000000000000 R14: 00007f8784605fa0 R15: 00007ffd21a09d78
[   65.692481][ T5369]  </TASK>
[   66.041174][   T12] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 117
[   66.053925][   T12] EXT4-fs (loop2): This should not happen!! Data will be lost
[   66.053925][   T12] 
[   66.066179][ T5385] net_ratelimit: 16 callbacks suppressed
[   66.066194][ T5385] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   66.095997][   T12] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 2081 with max blocks 2024 with error 28
[   66.108799][   T12] EXT4-fs (loop2): This should not happen!! Data will be lost
[   66.108799][   T12] 
[   66.118527][   T12] EXT4-fs (loop2): Total free blocks count 0
[   66.124762][   T12] EXT4-fs (loop2): Free/Dirty block details
[   66.130816][   T12] EXT4-fs (loop2): free_blocks=0
[   66.135768][   T12] EXT4-fs (loop2): dirty_blocks=2032
[   66.198045][ T5398] FAULT_INJECTION: forcing a failure.
[   66.198045][ T5398] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   66.211255][ T5398] CPU: 0 UID: 0 PID: 5398 Comm: syz.2.677 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(voluntary) 
[   66.211281][ T5398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   66.211293][ T5398] Call Trace:
[   66.211300][ T5398]  <TASK>
[   66.211307][ T5398]  dump_stack_lvl+0xf6/0x150
[   66.211335][ T5398]  dump_stack+0x15/0x1a
[   66.211413][ T5398]  should_fail_ex+0x261/0x270
[   66.211449][ T5398]  should_fail+0xb/0x10
[   66.211554][ T5398]  should_fail_usercopy+0x1a/0x20
[   66.211592][ T5398]  _copy_from_user+0x1c/0xa0
[   66.211616][ T5398]  io_openat2_prep+0xbd/0x310
[   66.211717][ T5398]  io_submit_sqes+0x607/0x1050
[   66.211794][ T5398]  __se_sys_io_uring_enter+0x1ce/0x1c00
[   66.211917][ T5398]  ? read_word_at_a_time+0x10/0x20
[   66.211953][ T5398]  ? sized_strscpy+0x1b6/0x1d0
[   66.212055][ T5398]  ? bpf_get_current_comm+0x90/0xc0
[   66.212085][ T5398]  ? __rcu_read_unlock+0x4e/0x70
[   66.212111][ T5398]  ? bpf_trace_run2+0x12c/0x1d0
[   66.212193][ T5398]  ? __bpf_trace_sys_enter+0x10/0x30
[   66.212224][ T5398]  ? trace_sys_enter+0xcd/0x110
[   66.212270][ T5398]  __x64_sys_io_uring_enter+0x78/0x90
[   66.212377][ T5400] netlink: 'syz.5.682': attribute type 10 has an invalid length.
[   66.212383][ T5398]  x64_sys_call+0x26cb/0x2e10
[   66.212410][ T5398]  do_syscall_64+0xc9/0x1c0
[   66.212439][ T5398]  ? clear_bhb_loop+0x25/0x80
[   66.212460][ T5398]  ? clear_bhb_loop+0x25/0x80
[   66.212539][ T5398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.212566][ T5398] RIP: 0033:0x7fc0b54fd169
[   66.212586][ T5398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.212609][ T5398] RSP: 002b:00007fc0b3b67038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   66.212634][ T5398] RAX: ffffffffffffffda RBX: 00007fc0b5715fa0 RCX: 00007fc0b54fd169
[   66.212688][ T5398] RDX: 0000000000000000 RSI: 00000000000047f6 RDI: 0000000000000006
[   66.212703][ T5398] RBP: 00007fc0b3b67090 R08: 0000000000000000 R09: 0000000000000000
[   66.212717][ T5398] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.212732][ T5398] R13: 0000000000000000 R14: 00007fc0b5715fa0 R15: 00007ffdee7dd648
[   66.212757][ T5398]  </TASK>
[   66.273711][ T5403] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   66.442328][ T5403] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   66.497519][ T5409] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   66.546743][ T5420] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   66.673034][ T5432] loop0: detected capacity change from 0 to 512
[   66.679656][ T5432] EXT4-fs: Ignoring removed nomblk_io_submit option
[   66.686537][ T5416] loop3: detected capacity change from 0 to 2048
[   66.695556][ T5432] EXT4-fs (loop0): can't mount with data_err=abort, fs mounted w/o journal
[   66.706341][ T5416] ext4 filesystem being mounted at /151/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.793456][ T5446] loop0: detected capacity change from 0 to 512
[   66.800748][ T5446] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   66.813612][ T5446] ext4 filesystem being mounted at /153/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.876315][ T5433] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.688: bg 0: block 345: padding at end of block bitmap is not set
[   66.893333][ T5433] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 16 with max blocks 16 with error 117
[   66.906022][ T5433] EXT4-fs (loop3): This should not happen!! Data will be lost
[   66.906022][ T5433] 
[   66.965491][ T5452] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   67.039941][ T5464] 9pnet_fd: p9_fd_create_tcp (5464): problem connecting socket to 127.0.0.1
[   67.049718][ T5464] xt_hashlimit: size too large, truncated to 1048576
[   67.120470][ T5469] __nla_validate_parse: 11 callbacks suppressed
[   67.120488][ T5469] netlink: 12 bytes leftover after parsing attributes in process `syz.5.708'.
[   67.197652][   T51] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 2048 with error 117
[   67.210542][   T51] EXT4-fs (loop3): This should not happen!! Data will be lost
[   67.210542][   T51] 
[   67.244160][   T51] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 2081 with max blocks 2024 with error 28
[   67.256928][   T51] EXT4-fs (loop3): This should not happen!! Data will be lost
[   67.256928][   T51] 
[   67.266632][   T51] EXT4-fs (loop3): Total free blocks count 0
[   67.272674][   T51] EXT4-fs (loop3): Free/Dirty block details
[   67.278619][   T51] EXT4-fs (loop3): free_blocks=0
[   67.283625][   T51] EXT4-fs (loop3): dirty_blocks=2032
[   67.292816][ T5475] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   67.356182][ T5483] netlink: 'syz.1.712': attribute type 10 has an invalid length.
[   67.364131][ T5483] netlink: 40 bytes leftover after parsing attributes in process `syz.1.712'.
[   67.378633][ T5481] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   67.387355][ T5481] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   67.479262][ T5487] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   67.498619][ T5488] netlink: 4 bytes leftover after parsing attributes in process `syz.5.713'.
[   67.623909][ T5500] netlink: 12 bytes leftover after parsing attributes in process `syz.2.720'.
[   67.704847][ T5514] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   67.778769][ T5528] netlink: 12 bytes leftover after parsing attributes in process `syz.2.733'.
[   67.792604][   T29] kauditd_printk_skb: 113 callbacks suppressed
[   67.792618][   T29] audit: type=1326 audit(1743306198.575:1223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5520 comm="syz.3.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbec794d169 code=0x7ffc0000
[   67.812542][ T5530] loop0: detected capacity change from 0 to 512
[   67.822143][   T29] audit: type=1326 audit(1743306198.575:1224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5520 comm="syz.3.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbec794d169 code=0x7ffc0000
[   67.822182][   T29] audit: type=1326 audit(1743306198.575:1225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5520 comm="syz.3.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbec794d169 code=0x7ffc0000
[   67.854658][ T5530] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   67.875338][   T29] audit: type=1326 audit(1743306198.575:1226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5520 comm="syz.3.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbec794d169 code=0x7ffc0000
[   67.907298][   T29] audit: type=1326 audit(1743306198.575:1227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5520 comm="syz.3.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbec794d169 code=0x7ffc0000
[   67.931002][   T29] audit: type=1326 audit(1743306198.575:1228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5520 comm="syz.3.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbec794d169 code=0x7ffc0000
[   67.954673][   T29] audit: type=1326 audit(1743306198.575:1229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5520 comm="syz.3.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=262 compat=0 ip=0x7fbec794d169 code=0x7ffc0000
[   67.978204][   T29] audit: type=1326 audit(1743306198.575:1230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5520 comm="syz.3.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbec794d169 code=0x7ffc0000
[   67.979614][ T5521] netlink: 4 bytes leftover after parsing attributes in process `syz.5.729'.
[   68.001844][   T29] audit: type=1326 audit(1743306198.575:1231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5520 comm="syz.3.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7fbec794d169 code=0x7ffc0000
[   68.033788][   T29] audit: type=1326 audit(1743306198.575:1232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5520 comm="syz.3.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbec794d169 code=0x7ffc0000
[   68.070170][ T5530] EXT4-fs mount: 24 callbacks suppressed
[   68.070188][ T5530] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.095849][ T5530] ext4 filesystem being mounted at /156/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.186795][ T5555] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   68.212142][ T5560] netlink: 4 bytes leftover after parsing attributes in process `syz.1.745'.
[   68.227340][ T5561] loop5: detected capacity change from 0 to 512
[   68.235890][ T5561] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   68.252531][ T5561] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.260430][ T5557] netlink: 'syz.3.744': attribute type 10 has an invalid length.
[   68.265403][ T5561] ext4 filesystem being mounted at /112/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.272851][ T5557] netlink: 40 bytes leftover after parsing attributes in process `syz.3.744'.
[   68.277573][ T5557] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   68.295653][ T5568] loop2: detected capacity change from 0 to 512
[   68.308032][ T5557] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   68.308191][ T5568] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   68.342653][ T5568] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   68.355414][ T5568] ext4 filesystem being mounted at /157/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   68.680799][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   68.882143][ T5588] loop0: detected capacity change from 0 to 512
[   68.889352][ T5588] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   68.899208][ T5588] EXT4-fs (loop0): orphan cleanup on readonly fs
[   68.906621][ T5588] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.755: bg 0: block 248: padding at end of block bitmap is not set
[   68.921730][ T5588] EXT4-fs error (device loop0): ext4_acquire_dquot:6935: comm syz.0.755: Failed to acquire dquot type 1
[   68.933597][ T5588] EXT4-fs (loop0): 1 truncate cleaned up
[   68.939967][ T5588] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   68.965481][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.037976][ T5594] loop0: detected capacity change from 0 to 512
[   69.045353][ T5594] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   69.071434][ T5596] 9pnet_fd: p9_fd_create_tcp (5596): problem connecting socket to 127.0.0.1
[   69.083334][ T5596] xt_hashlimit: size too large, truncated to 1048576
[   69.092860][ T5594] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.105917][ T3816] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.121442][ T5594] ext4 filesystem being mounted at /165/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.207354][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.353210][ T5623] netlink: 4 bytes leftover after parsing attributes in process `syz.3.768'.
[   69.367252][ T5625] netlink: 12 bytes leftover after parsing attributes in process `syz.1.769'.
[   69.380730][ T5626] netlink: 'syz.5.764': attribute type 10 has an invalid length.
[   69.410000][ T5618] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   69.419012][ T5618] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   69.466525][ T5632] xt_hashlimit: size too large, truncated to 1048576
[   69.573601][ T5637] loop1: detected capacity change from 0 to 512
[   69.583183][ T5637] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   69.604304][ T5637] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   69.617264][ T5637] ext4 filesystem being mounted at /135/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   69.915782][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.173669][ T5681] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   70.419960][ T5728] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   70.430285][ T5738] xt_hashlimit: size too large, truncated to 1048576
[   70.439688][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.731312][ T5783] loop0: detected capacity change from 0 to 512
[   70.738321][ T5783] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   70.753454][ T5783] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.774134][ T5783] ext4 filesystem being mounted at /185/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   70.778689][ T5791] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   70.983038][ T5820] netlink: 'syz.1.847': attribute type 10 has an invalid length.
[   71.002292][ T5816] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   71.010886][ T5816] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   71.188453][ T5828] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   71.331868][ T5836] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   71.438701][ T5849] xt_hashlimit: size too large, truncated to 1048576
[   71.456890][ T5850] loop2: detected capacity change from 0 to 512
[   71.464847][ T5850] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   71.561605][ T5850] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   71.580156][ T5850] ext4 filesystem being mounted at /190/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.672007][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.896165][ T5875] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   71.944385][ T5891] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   71.948677][ T5892] netlink: 'syz.3.872': attribute type 10 has an invalid length.
[   71.972258][ T5884] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   71.986094][ T5884] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   72.003931][ T5894] xt_hashlimit: size too large, truncated to 1048576
[   72.221442][ T5916] __nla_validate_parse: 22 callbacks suppressed
[   72.221461][ T5916] netlink: 52 bytes leftover after parsing attributes in process `syz.0.885'.
[   72.259109][ T5918] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   72.295726][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.333476][ T5922] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   72.409994][ T5941] netlink: 28 bytes leftover after parsing attributes in process `syz.5.896'.
[   72.463362][ T5949] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   72.582158][ T5959] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   72.600386][ T5970] netlink: 28 bytes leftover after parsing attributes in process `syz.0.909'.
[   72.647647][ T5977] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   72.705056][ T5984] netlink: 4 bytes leftover after parsing attributes in process `syz.5.908'.
[   72.718184][ T5980] xt_hashlimit: max too large, truncated to 1048576
[   72.786526][ T5992] netlink: 'syz.2.915': attribute type 10 has an invalid length.
[   72.794509][ T5992] netlink: 40 bytes leftover after parsing attributes in process `syz.2.915'.
[   72.806134][ T5992] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   72.814810][   T29] kauditd_printk_skb: 264 callbacks suppressed
[   72.814825][   T29] audit: type=1326 audit(1743306203.595:1495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5990 comm="syz.0.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a978d169 code=0x7ffc0000
[   72.844590][   T29] audit: type=1326 audit(1743306203.595:1496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5990 comm="syz.0.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68a978d169 code=0x7ffc0000
[   72.868074][   T29] audit: type=1326 audit(1743306203.595:1497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5990 comm="syz.0.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a978d169 code=0x7ffc0000
[   72.891560][   T29] audit: type=1326 audit(1743306203.595:1498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5990 comm="syz.0.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7f68a978d169 code=0x7ffc0000
[   72.914976][   T29] audit: type=1326 audit(1743306203.595:1499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5990 comm="syz.0.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a978d169 code=0x7ffc0000
[   72.915066][ T5992] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   72.938685][   T29] audit: type=1326 audit(1743306203.595:1500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5990 comm="syz.0.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f68a978d169 code=0x7ffc0000
[   72.969531][   T29] audit: type=1326 audit(1743306203.595:1501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5990 comm="syz.0.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a978d169 code=0x7ffc0000
[   72.992917][   T29] audit: type=1326 audit(1743306203.595:1502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5990 comm="syz.0.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f68a978d169 code=0x7ffc0000
[   73.016200][   T29] audit: type=1326 audit(1743306203.595:1503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5990 comm="syz.0.918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a978d169 code=0x7ffc0000
[   73.068364][ T6005] netlink: 28 bytes leftover after parsing attributes in process `syz.3.923'.
[   73.112735][ T6011] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   73.154942][   T29] audit: type=1400 audit(1743306203.925:1504): avc:  denied  { read } for  pid=6015 comm="syz.5.928" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   73.195642][ T6007] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   73.224689][ T6016] loop5: detected capacity change from 0 to 1764
[   73.233677][ T6016] ISOFS: unable to read i-node block
[   73.239127][ T6016] isofs_fill_super: get root inode failed
[   73.259512][ T6025] xt_hashlimit: size too large, truncated to 1048576
[   73.283188][    C1] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:1b
[   73.317941][ T6029] capability: warning: `syz.5.933' uses deprecated v2 capabilities in a way that may be insecure
[   73.329322][ T6029] capability: warning: `syz.5.933' uses 32-bit capabilities (legacy support in use)
[   73.485448][ T6045] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   73.524689][ T6055] netlink: 12 bytes leftover after parsing attributes in process `syz.0.944'.
[   73.551641][ T6059] loop1: detected capacity change from 0 to 512
[   73.576017][ T6059] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   73.593440][ T6051] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   73.609337][ T6059] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.622742][ T6059] ext4 filesystem being mounted at /153/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   73.669022][ T6067] loop5: detected capacity change from 0 to 1764
[   73.676092][ T6067] iso9660: Bad value for 'uid'
[   73.680925][ T6067] iso9660: Bad value for 'uid'
[   73.754570][ T6089] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   73.817312][ T6101] FAULT_INJECTION: forcing a failure.
[   73.817312][ T6101] name failslab, interval 1, probability 0, space 0, times 0
[   73.830226][ T6101] CPU: 0 UID: 0 PID: 6101 Comm: syz.5.959 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(voluntary) 
[   73.830313][ T6101] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   73.830325][ T6101] Call Trace:
[   73.830330][ T6101]  <TASK>
[   73.830336][ T6101]  dump_stack_lvl+0xf6/0x150
[   73.830438][ T6101]  dump_stack+0x15/0x1a
[   73.830459][ T6101]  should_fail_ex+0x261/0x270
[   73.830496][ T6101]  should_failslab+0x8f/0xb0
[   73.830522][ T6101]  kmem_cache_alloc_node_noprof+0x5c/0x340
[   73.830603][ T6101]  ? __alloc_skb+0x10d/0x320
[   73.830633][ T6101]  __alloc_skb+0x10d/0x320
[   73.830670][ T6101]  netlink_alloc_large_skb+0xad/0xe0
[   73.830698][ T6101]  netlink_sendmsg+0x3da/0x720
[   73.830775][ T6101]  ? __pfx_netlink_sendmsg+0x10/0x10
[   73.830819][ T6101]  __sock_sendmsg+0x140/0x180
[   73.830841][ T6101]  ____sys_sendmsg+0x350/0x4e0
[   73.830880][ T6101]  __sys_sendmsg+0x1a0/0x240
[   73.830954][ T6101]  __x64_sys_sendmsg+0x46/0x50
[   73.830980][ T6101]  x64_sys_call+0x26f3/0x2e10
[   73.831061][ T6101]  do_syscall_64+0xc9/0x1c0
[   73.831129][ T6101]  ? clear_bhb_loop+0x25/0x80
[   73.831156][ T6101]  ? clear_bhb_loop+0x25/0x80
[   73.831183][ T6101]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.831263][ T6101] RIP: 0033:0x7f87843ed169
[   73.831280][ T6101] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   73.831301][ T6101] RSP: 002b:00007f8782a4f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   73.831322][ T6101] RAX: ffffffffffffffda RBX: 00007f8784605fa0 RCX: 00007f87843ed169
[   73.831336][ T6101] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000005
[   73.831349][ T6101] RBP: 00007f8782a4f090 R08: 0000000000000000 R09: 0000000000000000
[   73.831361][ T6101] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.831375][ T6101] R13: 0000000000000000 R14: 00007f8784605fa0 R15: 00007ffd21a09d78
[   73.831398][ T6101]  </TASK>
[   74.074720][ T6109] netlink: 40 bytes leftover after parsing attributes in process `syz.5.963'.
[   74.096494][ T6111] netlink: 68 bytes leftover after parsing attributes in process `syz.2.964'.
[   74.115474][ T6102] loop3: detected capacity change from 0 to 1024
[   74.122640][ T6102] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   74.131717][ T6102] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[   74.141888][ T6102] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   74.153838][ T6102] EXT4-fs (loop3): revision level too high, forcing read-only mode
[   74.166276][ T6102] EXT4-fs (loop3): orphan cleanup on readonly fs
[   74.173358][ T6102] EXT4-fs error (device loop3): ext4_read_inode_bitmap:167: comm syz.3.957: Inode bitmap for bg 0 marked uninitialized
[   74.175731][ T6118] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   74.186055][ T6102] EXT4-fs (loop3): Remounting filesystem read-only
[   74.203157][ T6102] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   74.366826][ T6134] xt_hashlimit: max too large, truncated to 1048576
[   74.374128][ T6134] FAULT_INJECTION: forcing a failure.
[   74.374128][ T6134] name failslab, interval 1, probability 0, space 0, times 0
[   74.386966][ T6134] CPU: 0 UID: 0 PID: 6134 Comm: syz.5.974 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(voluntary) 
[   74.387016][ T6134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   74.387028][ T6134] Call Trace:
[   74.387033][ T6134]  <TASK>
[   74.387086][ T6134]  dump_stack_lvl+0xf6/0x150
[   74.387114][ T6134]  dump_stack+0x15/0x1a
[   74.387135][ T6134]  should_fail_ex+0x261/0x270
[   74.387167][ T6134]  should_failslab+0x8f/0xb0
[   74.387190][ T6134]  __kmalloc_node_track_caller_noprof+0xaa/0x410
[   74.387258][ T6134]  ? htable_create+0x21d/0x440
[   74.387282][ T6134]  kstrdup+0x3d/0xd0
[   74.387298][ T6134]  htable_create+0x21d/0x440
[   74.387321][ T6134]  hashlimit_mt_check_common+0x5dc/0x6c0
[   74.387473][ T6134]  hashlimit_mt_check_v1+0x128/0x150
[   74.387500][ T6134]  xt_check_match+0x265/0x4d0
[   74.387519][ T6134]  ? strcmp+0x21/0x50
[   74.387647][ T6134]  ? xt_find_match+0x1d2/0x210
[   74.387725][ T6134]  translate_table+0xadb/0xfe0
[   74.387751][ T6134]  ? _copy_from_user+0x89/0xa0
[   74.387773][ T6134]  do_ipt_set_ctl+0x7ac/0x8a0
[   74.387796][ T6134]  nf_setsockopt+0x195/0x1b0
[   74.387821][ T6134]  ip_setsockopt+0xea/0x100
[   74.387914][ T6134]  udp_setsockopt+0x95/0xb0
[   74.387943][ T6134]  sock_common_setsockopt+0x64/0x80
[   74.387964][ T6134]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   74.387990][ T6134]  __sys_setsockopt+0x187/0x200
[   74.388044][ T6134]  __x64_sys_setsockopt+0x66/0x80
[   74.388076][ T6134]  x64_sys_call+0x2a09/0x2e10
[   74.388096][ T6134]  do_syscall_64+0xc9/0x1c0
[   74.388173][ T6134]  ? clear_bhb_loop+0x25/0x80
[   74.388321][ T6134]  ? clear_bhb_loop+0x25/0x80
[   74.388340][ T6134]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.388359][ T6134] RIP: 0033:0x7f87843ed169
[   74.388376][ T6134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.388455][ T6134] RSP: 002b:00007f8782a4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   74.388474][ T6134] RAX: ffffffffffffffda RBX: 00007f8784605fa0 RCX: 00007f87843ed169
[   74.388489][ T6134] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000008
[   74.388503][ T6134] RBP: 00007f8782a4f090 R08: 0000000000000538 R09: 0000000000000000
[   74.388517][ T6134] R10: 0000200000000540 R11: 0000000000000246 R12: 0000000000000001
[   74.388531][ T6134] R13: 0000000000000000 R14: 00007f8784605fa0 R15: 00007ffd21a09d78
[   74.388550][ T6134]  </TASK>
[   74.652680][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.663336][ T6138] netlink: 4 bytes leftover after parsing attributes in process `syz.2.971'.
[   74.691951][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.765361][ T6142] loop0: detected capacity change from 0 to 512
[   74.807212][ T6142] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.826887][ T6142] ext4 filesystem being mounted at /214/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   74.853397][ T6142] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.978: bg 0: block 424: padding at end of block bitmap is not set
[   74.930748][ T6174] netlink: 'syz.1.985': attribute type 10 has an invalid length.
[   74.954934][ T6176] 9pnet_virtio: no channels available for device 127.0.0.1
[   74.963192][ T6176] xt_hashlimit: size too large, truncated to 1048576
[   74.975278][ T6170] lo speed is unknown, defaulting to 1000
[   74.987537][ T6162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   75.031254][ T6179] process 'syz.5.988' launched './file1' with NULL argv: empty string added
[   75.050597][ T6162] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   75.162287][ T1039] IPVS: starting estimator thread 0...
[   75.260406][ T6188] IPVS: using max 1968 ests per chain, 98400 per kthread
[   75.376353][ T6211] 9pnet_fd: p9_fd_create_tcp (6211): problem connecting socket to 127.0.0.1
[   75.386828][ T6211] xt_hashlimit: size too large, truncated to 1048576
[   75.457653][ T6218] loop2: detected capacity change from 0 to 128
[   75.465098][ T6218] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   75.479168][ T6218] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   75.556635][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.662079][ T6241] macvtap2: entered promiscuous mode
[   75.667628][ T6241] macvtap2: entered allmulticast mode
[   75.705208][ T6243] 9pnet_fd: p9_fd_create_tcp (6243): problem connecting socket to 127.0.0.1
[   75.727249][ T6243] xt_hashlimit: size too large, truncated to 1048576
[   75.745544][ T6246] 9pnet_fd: p9_fd_create_tcp (6246): problem connecting socket to 127.0.0.1
[   75.761818][ T6246] xt_hashlimit: size too large, truncated to 1048576
[   76.018755][ T6267] loop2: detected capacity change from 0 to 512
[   76.026020][ T6267] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   76.042278][ T6267] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.055236][ T6267] ext4 filesystem being mounted at /229/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.111403][ T6258] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   76.140291][ T6278] lo: entered promiscuous mode
[   76.165837][ T6278] netlink: 'syz.0.1029': attribute type 3 has an invalid length.
[   76.266486][ T6295] netlink: 'syz.0.1037': attribute type 4 has an invalid length.
[   76.273198][ T6297] netlink: 'syz.3.1038': attribute type 4 has an invalid length.
[   76.308888][ T6301] 9pnet_fd: p9_fd_create_tcp (6301): problem connecting socket to 127.0.0.1
[   76.317830][ T6293] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   76.321343][ T6301] xt_hashlimit: size too large, truncated to 1048576
[   76.508896][ T6309] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   76.564774][ T6325] netlink: 'syz.5.1049': attribute type 4 has an invalid length.
[   76.606647][ T6331] netlink: 'syz.3.1051': attribute type 4 has an invalid length.
[   76.638203][ T6336] 9pnet_fd: p9_fd_create_tcp (6336): problem connecting socket to 127.0.0.1
[   76.649034][ T6336] xt_hashlimit: size too large, truncated to 1048576
[   76.659869][ T6338] loop5: detected capacity change from 0 to 512
[   76.668374][ T6338] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   76.696380][ T6338] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.740754][ T6338] ext4 filesystem being mounted at /200/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   76.849060][ T6350] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   76.881336][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.904122][ T6357] netlink: 'syz.3.1062': attribute type 4 has an invalid length.
[   76.935980][ T6365] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   77.062483][ T6383] netlink: 'syz.3.1073': attribute type 10 has an invalid length.
[   77.073618][ T6383] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   77.082838][ T6383] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   77.094451][ T6384] loop1: detected capacity change from 0 to 512
[   77.102069][ T6384] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   77.114415][ T6388] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   77.125419][ T6384] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.138229][ T6384] ext4 filesystem being mounted at /164/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   77.174539][ T6394] netlink: 'syz.0.1077': attribute type 4 has an invalid length.
[   77.221414][ T6398] 9pnet_fd: p9_fd_create_tcp (6398): problem connecting socket to 127.0.0.1
[   77.231992][ T6398] xt_hashlimit: size too large, truncated to 1048576
[   77.510180][ T3816] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.577191][ T6416] __nla_validate_parse: 16 callbacks suppressed
[   77.577211][ T6416] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1085'.
[   77.592660][ T6416] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1085'.
[   77.603806][ T1039] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   77.611372][ T1039] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   77.618832][ T1039] hid-generic 0000:0004:0000.0002: unknown main item tag 0x0
[   77.630631][ T1039] hid-generic 0000:0004:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   77.669630][ T6423] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1089'.
[   77.679382][ T6423] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1089'.
[   77.691010][ T6423] netlink: 'syz.2.1089': attribute type 4 has an invalid length.
[   77.699775][ T3379] lo speed is unknown, defaulting to 1000
[   77.719250][ T6425] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1086'.
[   77.739416][ T6425] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   77.754387][ T6428] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   77.764282][ T6420] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   77.772954][ T6425] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   77.942900][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.992978][   T29] kauditd_printk_skb: 75 callbacks suppressed
[   77.992992][   T29] audit: type=1400 audit(1743306208.775:1580): avc:  denied  { create } for  pid=6446 comm="syz.2.1098" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=x25_socket permissive=1
[   78.028100][ T6449] netlink: 72 bytes leftover after parsing attributes in process `syz.2.1099'.
[   78.037273][ T6449] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1099'.
[   78.047863][ T1039] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[   78.055445][ T1039] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[   78.062956][ T1039] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[   78.075908][ T1039] hid-generic 0000:0004:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   78.087889][ T6453] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   78.143858][ T6451] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   78.234526][   T29] audit: type=1400 audit(1743306209.015:1581): avc:  denied  { execmem } for  pid=6475 comm="syz.1.1110" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   78.263045][ T6477] loop3: detected capacity change from 0 to 512
[   78.270866][ T6477] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   78.295898][ T6477] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.311123][ T6477] ext4 filesystem being mounted at /224/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.333609][ T6485] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1113'.
[   78.333815][ T6487] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   78.344648][ T6485] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1113'.
[   78.362778][ T1039] hid-generic 0000:0004:0000.0004: unknown main item tag 0x0
[   78.370234][ T1039] hid-generic 0000:0004:0000.0004: unknown main item tag 0x0
[   78.377736][ T1039] hid-generic 0000:0004:0000.0004: unknown main item tag 0x0
[   78.391700][ T1039] hid-generic 0000:0004:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   78.487675][ T6505] 9pnet_fd: p9_fd_create_tcp (6505): problem connecting socket to 127.0.0.1
[   78.506029][ T6505] xt_hashlimit: size too large, truncated to 1048576
[   78.531492][ T6496] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   78.714088][ T1039] hid-generic 0000:0004:0000.0005: unknown main item tag 0x0
[   78.721557][ T1039] hid-generic 0000:0004:0000.0005: unknown main item tag 0x0
[   78.729013][ T1039] hid-generic 0000:0004:0000.0005: unknown main item tag 0x0
[   78.737201][ T1039] hid-generic 0000:0004:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   78.769397][   T29] audit: type=1400 audit(1743306209.545:1582): avc:  denied  { create } for  pid=6521 comm="syz.0.1129" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   78.791485][   T29] audit: type=1400 audit(1743306209.545:1583): avc:  denied  { write } for  pid=6521 comm="syz.0.1129" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   78.811712][   T29] audit: type=1400 audit(1743306209.565:1584): avc:  denied  { checkpoint_restore } for  pid=6521 comm="syz.0.1129" capability=40  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   78.839040][   T29] audit: type=1400 audit(1743306209.595:1585): avc:  denied  { map } for  pid=6521 comm="syz.0.1129" path="socket:[15097]" dev="sockfs" ino=15097 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   78.863193][   T29] audit: type=1400 audit(1743306209.595:1586): avc:  denied  { read accept } for  pid=6521 comm="syz.0.1129" path="socket:[15097]" dev="sockfs" ino=15097 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[   78.943316][ T6536] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   79.028893][ T6546] loop2: detected capacity change from 0 to 512
[   79.036816][ T6546] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   79.040265][   T29] audit: type=1326 audit(1743306209.825:1587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6544 comm="syz.1.1139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec4936d169 code=0x7ffc0000
[   79.069102][   T29] audit: type=1326 audit(1743306209.835:1588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6544 comm="syz.1.1139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fec4936d169 code=0x7ffc0000
[   79.070978][ T6546] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.092595][   T29] audit: type=1326 audit(1743306209.835:1589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6544 comm="syz.1.1139" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fec4936d169 code=0x7ffc0000
[   79.108541][ T6546] ext4 filesystem being mounted at /258/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.150084][   T10] hid-generic 0000:0004:0000.0006: unknown main item tag 0x0
[   79.157862][   T10] hid-generic 0000:0004:0000.0006: unknown main item tag 0x0
[   79.165428][   T10] hid-generic 0000:0004:0000.0006: unknown main item tag 0x0
[   79.173652][   T10] hid-generic 0000:0004:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   79.202366][ T3304] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.270124][ T6560] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1145'.
[   79.319697][ T6565] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   79.411169][ T6580] loop0: detected capacity change from 0 to 512
[   79.419197][ T6580] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   79.421268][ T6566] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   79.437248][ T6580] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   79.453231][ T6580] ext4 filesystem being mounted at /249/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   79.464210][   T10] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0
[   79.471766][   T10] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0
[   79.479232][   T10] hid-generic 0000:0004:0000.0007: unknown main item tag 0x0
[   79.487450][   T10] hid-generic 0000:0004:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   79.672301][ T6591] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   79.681294][ T6591] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   79.690826][ T6602] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   79.744999][   T10] hid-generic 0000:0004:0000.0008: unknown main item tag 0x0
[   79.752531][   T10] hid-generic 0000:0004:0000.0008: unknown main item tag 0x0
[   79.759937][   T10] hid-generic 0000:0004:0000.0008: unknown main item tag 0x0
[   79.768511][   T10] hid-generic 0000:0004:0000.0008: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   79.830104][ T6614] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   79.872724][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.008227][ T6629] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   80.075280][ T6641] validate_nla: 3 callbacks suppressed
[   80.075299][ T6641] netlink: 'syz.3.1178': attribute type 4 has an invalid length.
[   80.125615][ T6648] loop2: detected capacity change from 0 to 512
[   80.139484][ T6650] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[   80.157425][ T6648] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   80.183289][ T6648] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   80.196959][ T6648] ext4 filesystem being mounted at /262/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.295507][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.331570][ T6667] netlink: 'syz.5.1192': attribute type 4 has an invalid length.
[   80.389859][ T6679] 9pnet_fd: p9_fd_create_tcp (6679): problem connecting socket to 127.0.0.1
[   80.626908][   T10] hid-generic 0000:0004:0000.0009: unknown main item tag 0x0
[   80.634426][   T10] hid-generic 0000:0004:0000.0009: unknown main item tag 0x0
[   80.642021][   T10] hid-generic 0000:0004:0000.0009: unknown main item tag 0x0
[   80.654957][   T10] hid-generic 0000:0004:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   80.715193][ T6719] netlink: 'syz.5.1214': attribute type 4 has an invalid length.
[   80.833228][   T10] hid-generic 0000:0004:0000.000A: unknown main item tag 0x0
[   80.840814][   T10] hid-generic 0000:0004:0000.000A: unknown main item tag 0x0
[   80.848363][   T10] hid-generic 0000:0004:0000.000A: unknown main item tag 0x0
[   80.856914][   T10] hid-generic 0000:0004:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   80.964830][ T6748] 9pnet_fd: p9_fd_create_tcp (6748): problem connecting socket to 127.0.0.1
[   80.979543][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.020222][ T6752] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   81.030101][ T6752] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   81.064482][ T6752] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=6752 comm=syz.3.1229
[   81.099030][ T6764] FAULT_INJECTION: forcing a failure.
[   81.099030][ T6764] name failslab, interval 1, probability 0, space 0, times 0
[   81.111759][ T6764] CPU: 0 UID: 0 PID: 6764 Comm: syz.2.1234 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(voluntary) 
[   81.111785][ T6764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   81.111797][ T6764] Call Trace:
[   81.111802][ T6764]  <TASK>
[   81.111832][ T6764]  dump_stack_lvl+0xf6/0x150
[   81.111861][ T6764]  dump_stack+0x15/0x1a
[   81.111881][ T6764]  should_fail_ex+0x261/0x270
[   81.111988][ T6764]  should_failslab+0x8f/0xb0
[   81.112020][ T6764]  __kmalloc_node_track_caller_noprof+0xaa/0x410
[   81.112051][ T6764]  ? sidtab_sid2str_get+0xb8/0x140
[   81.112076][ T6764]  ? vsnprintf+0x84d/0x8a0
[   81.112094][ T6764]  kmemdup_noprof+0x2b/0x70
[   81.112182][ T6764]  sidtab_sid2str_get+0xb8/0x140
[   81.112216][ T6764]  security_sid_to_context_core+0x1eb/0x2f0
[   81.112286][ T6764]  security_sid_to_context+0x27/0x30
[   81.112318][ T6764]  selinux_lsmprop_to_secctx+0x6c/0xf0
[   81.112354][ T6764]  security_lsmprop_to_secctx+0x40/0x80
[   81.112452][ T6764]  audit_log_task_context+0x7a/0x180
[   81.112475][ T6764]  audit_log_task+0xfb/0x250
[   81.112518][ T6764]  audit_seccomp+0x68/0x130
[   81.112557][ T6764]  __seccomp_filter+0x694/0x10e0
[   81.112659][ T6764]  ? vfs_write+0x669/0x950
[   81.112728][ T6764]  __secure_computing+0x7e/0x160
[   81.112761][ T6764]  syscall_trace_enter+0xcf/0x1f0
[   81.112798][ T6764]  do_syscall_64+0xaa/0x1c0
[   81.112833][ T6764]  ? clear_bhb_loop+0x25/0x80
[   81.112901][ T6764]  ? clear_bhb_loop+0x25/0x80
[   81.112922][ T6764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   81.112948][ T6764] RIP: 0033:0x7fc0b54fd169
[   81.112965][ T6764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   81.112987][ T6764] RSP: 002b:00007fc0b3b67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000041
[   81.113085][ T6764] RAX: ffffffffffffffda RBX: 00007fc0b5715fa0 RCX: 00007fc0b54fd169
[   81.113100][ T6764] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   81.113115][ T6764] RBP: 00007fc0b3b67090 R08: 0000000000000000 R09: 0000000000000000
[   81.113129][ T6764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   81.113156][ T6764] R13: 0000000000000000 R14: 00007fc0b5715fa0 R15: 00007ffdee7dd648
[   81.113179][ T6764]  </TASK>
[   81.120234][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[   81.352702][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[   81.360170][   T10] hid-generic 0000:0004:0000.000B: unknown main item tag 0x0
[   81.382874][ T6779] 9pnet_fd: p9_fd_create_tcp (6779): problem connecting socket to 127.0.0.1
[   81.402186][ T6770] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   81.412946][   T10] hid-generic 0000:0004:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   81.499526][ T6790] syz_tun: entered promiscuous mode
[   81.510409][ T6790] macsec1: entered allmulticast mode
[   81.515738][ T6790] syz_tun: entered allmulticast mode
[   81.554361][ T6790] syz_tun: left allmulticast mode
[   81.559506][ T6790] syz_tun: left promiscuous mode
[   81.664310][ T6809] loop0: detected capacity change from 0 to 512
[   81.673466][ T6809] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   81.694122][ T6809] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.723305][ T6809] ext4 filesystem being mounted at /253/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.745829][ T6816] 9pnet_fd: p9_fd_create_tcp (6816): problem connecting socket to 127.0.0.1
[   81.836583][   T10] hid-generic 0000:0004:0000.000C: unknown main item tag 0x0
[   81.844070][   T10] hid-generic 0000:0004:0000.000C: unknown main item tag 0x0
[   81.851645][   T10] hid-generic 0000:0004:0000.000C: unknown main item tag 0x0
[   81.861643][   T10] hid-generic 0000:0004:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   82.126116][ T6839] FAULT_INJECTION: forcing a failure.
[   82.126116][ T6839] name failslab, interval 1, probability 0, space 0, times 0
[   82.147987][ T6839] CPU: 0 UID: 0 PID: 6839 Comm: syz.2.1263 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(voluntary) 
[   82.148020][ T6839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   82.148036][ T6839] Call Trace:
[   82.148042][ T6839]  <TASK>
[   82.148050][ T6839]  dump_stack_lvl+0xf6/0x150
[   82.148128][ T6839]  dump_stack+0x15/0x1a
[   82.148171][ T6839]  should_fail_ex+0x261/0x270
[   82.148255][ T6839]  should_failslab+0x8f/0xb0
[   82.148333][ T6839]  __kmalloc_cache_noprof+0x55/0x320
[   82.148368][ T6839]  ? alloc_fs_context+0x44/0x4e0
[   82.148415][ T6839]  alloc_fs_context+0x44/0x4e0
[   82.148442][ T6839]  fs_context_for_mount+0x21/0x30
[   82.148467][ T6839]  mq_init_ns+0xab/0x300
[   82.148502][ T6839]  copy_ipcs+0x218/0x3b0
[   82.148571][ T6839]  create_new_namespaces+0x135/0x430
[   82.148594][ T6839]  ? security_capable+0x81/0x90
[   82.148682][ T6839]  unshare_nsproxy_namespaces+0xe6/0x120
[   82.148751][ T6839]  ksys_unshare+0x3d3/0x700
[   82.148782][ T6839]  __x64_sys_unshare+0x1f/0x30
[   82.148826][ T6839]  x64_sys_call+0x2c93/0x2e10
[   82.148851][ T6839]  do_syscall_64+0xc9/0x1c0
[   82.148937][ T6839]  ? clear_bhb_loop+0x25/0x80
[   82.148958][ T6839]  ? clear_bhb_loop+0x25/0x80
[   82.148984][ T6839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.149037][ T6839] RIP: 0033:0x7fc0b54fd169
[   82.149051][ T6839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.149067][ T6839] RSP: 002b:00007fc0b3b67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[   82.149084][ T6839] RAX: ffffffffffffffda RBX: 00007fc0b5715fa0 RCX: 00007fc0b54fd169
[   82.149095][ T6839] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000008000000
[   82.149129][ T6839] RBP: 00007fc0b3b67090 R08: 0000000000000000 R09: 0000000000000000
[   82.149143][ T6839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.149157][ T6839] R13: 0000000000000000 R14: 00007fc0b5715fa0 R15: 00007ffdee7dd648
[   82.149182][ T6839]  </TASK>
[   82.352093][ T6843] loop1: detected capacity change from 0 to 256
[   82.359024][ T6843] FAT-fs (loop1): bogus sectors per cluster 30
[   82.365240][ T6843] FAT-fs (loop1): Can't find a valid FAT filesystem
[   82.377165][ T6841] pim6reg: entered allmulticast mode
[   82.383636][ T6841] pim6reg: left allmulticast mode
[   82.563084][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.576699][   T10] hid-generic 0000:0004:0000.000D: unknown main item tag 0x0
[   82.584240][   T10] hid-generic 0000:0004:0000.000D: unknown main item tag 0x0
[   82.591837][   T10] hid-generic 0000:0004:0000.000D: unknown main item tag 0x0
[   82.649471][   T10] hid-generic 0000:0004:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   82.797478][ T6874] loop1: detected capacity change from 0 to 512
[   82.805355][ T6874] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   82.805683][ T6866] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   82.823103][ T6875] loop2: detected capacity change from 0 to 512
[   82.830572][ T6875] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   82.842328][ T6874] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.855148][ T6874] ext4 filesystem being mounted at /208/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.868218][ T6875] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.880976][ T6875] ext4 filesystem being mounted at /281/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.913543][ T6881] loop0: detected capacity change from 0 to 1764
[   82.921258][ T6881] ISOFS: unable to read i-node block
[   82.926643][ T6881] isofs_fill_super: get root inode failed
[   83.006143][ T6885] loop0: detected capacity change from 0 to 512
[   83.013108][ T6885] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   83.032319][ T6885] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.045217][ T6885] ext4 filesystem being mounted at /257/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.581768][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.627761][ T6900] loop1: detected capacity change from 0 to 512
[   83.631211][ T6896] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   83.641903][ T6900] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   83.652682][ T6900] EXT4-fs (loop1): orphan cleanup on readonly fs
[   83.659815][ T6900] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1284: bg 0: block 248: padding at end of block bitmap is not set
[   83.674613][ T6900] __quota_error: 48 callbacks suppressed
[   83.674630][ T6900] Quota error (device loop1): write_blk: dquota write failed
[   83.687862][ T6900] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   83.697902][ T6900] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.1284: Failed to acquire dquot type 1
[   83.709840][ T6900] EXT4-fs (loop1): 1 truncate cleaned up
[   83.711531][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.726252][ T6900] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   83.747565][   T29] audit: type=1400 audit(1743306214.525:1637): avc:  denied  { write } for  pid=6899 comm="syz.1.1284" lport=17 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   83.768050][   T29] audit: type=1400 audit(1743306214.545:1638): avc:  denied  { read } for  pid=6899 comm="syz.1.1284" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   83.812895][   T10] hid-generic 0000:0004:0000.000E: unknown main item tag 0x0
[   83.820494][   T10] hid-generic 0000:0004:0000.000E: unknown main item tag 0x0
[   83.827932][   T10] hid-generic 0000:0004:0000.000E: unknown main item tag 0x0
[   83.845925][   T10] hid-generic 0000:0004:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   83.872174][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.899892][ T6916] netlink: 'syz.2.1288': attribute type 10 has an invalid length.
[   83.900081][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.907802][ T6916] __nla_validate_parse: 17 callbacks suppressed
[   83.907816][ T6916] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1288'.
[   83.918082][ T6911] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   83.940976][ T6911] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   84.020220][ T6926] netlink: 'syz.0.1290': attribute type 10 has an invalid length.
[   84.028142][ T6926] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1290'.
[   84.041424][ T6926] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   84.050289][ T6926] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   84.062345][ T6927] loop1: detected capacity change from 0 to 512
[   84.069357][ T6927] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   84.093181][ T6927] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.106195][ T6927] ext4 filesystem being mounted at /212/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.342147][ T6937] 9pnet_fd: p9_fd_create_tcp (6937): problem connecting socket to 127.0.0.1
[   84.353034][ T6937] xt_hashlimit: size too large, truncated to 1048576
[   84.501637][   T10] hid-generic 0000:0004:0000.000F: unknown main item tag 0x0
[   84.509185][   T10] hid-generic 0000:0004:0000.000F: unknown main item tag 0x0
[   84.516995][   T10] hid-generic 0000:0004:0000.000F: unknown main item tag 0x0
[   84.525597][   T10] hid-generic 0000:0004:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   84.558356][ T6948] loop2: detected capacity change from 0 to 512
[   84.565436][ T6948] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   84.595594][ T6948] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   84.616464][ T6948] ext4 filesystem being mounted at /286/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   84.665190][   T29] audit: type=1326 audit(1743306215.445:1639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6955 comm="syz.3.1304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbec794d169 code=0x7ffc0000
[   84.688914][   T29] audit: type=1326 audit(1743306215.445:1640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6955 comm="syz.3.1304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbec794d169 code=0x7ffc0000
[   84.712540][   T29] audit: type=1326 audit(1743306215.445:1641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6955 comm="syz.3.1304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7fbec794d169 code=0x7ffc0000
[   84.736169][   T29] audit: type=1326 audit(1743306215.445:1642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6955 comm="syz.3.1304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbec794d169 code=0x7ffc0000
[   84.759876][   T29] audit: type=1326 audit(1743306215.445:1643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6955 comm="syz.3.1304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbec794d169 code=0x7ffc0000
[   84.783282][   T29] audit: type=1326 audit(1743306215.445:1644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6955 comm="syz.3.1304" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbec794d169 code=0x7ffc0000
[   84.807481][    C1] net_ratelimit: 3 callbacks suppressed
[   84.807499][    C1] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:1b
[   84.862538][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.867337][ T6969] 9pnet_fd: p9_fd_create_tcp (6969): problem connecting socket to 127.0.0.1
[   84.882955][ T6969] xt_hashlimit: size too large, truncated to 1048576
[   84.907532][ T6966] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   84.920236][   T10] hid-generic 0000:0004:0000.0010: unknown main item tag 0x0
[   84.927746][   T10] hid-generic 0000:0004:0000.0010: unknown main item tag 0x0
[   84.935178][   T10] hid-generic 0000:0004:0000.0010: unknown main item tag 0x0
[   84.945220][   T10] hid-generic 0000:0004:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   85.100210][ T6988] netlink: 'syz.1.1313': attribute type 10 has an invalid length.
[   85.108541][ T6988] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1313'.
[   85.115650][ T6983] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   85.129979][ T6990] netlink: 72 bytes leftover after parsing attributes in process `syz.5.1317'.
[   85.140178][ T6990] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1317'.
[   85.150534][ T6978] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   85.151429][ T6990] netlink: 'syz.5.1317': attribute type 4 has an invalid length.
[   85.170061][ T6978] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   85.334000][ T6998] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   85.424423][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   85.440549][    C0] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:0c
[   85.504999][ T7012] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1323'.
[   85.535976][ T7004] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   85.615333][ T7020] 9pnet_fd: p9_fd_create_tcp (7020): problem connecting socket to 127.0.0.1
[   85.625948][ T7020] xt_hashlimit: size too large, truncated to 1048576
[   85.674823][ T7027] loop2: detected capacity change from 0 to 512
[   85.713906][ T7027] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842e01c, mo2=0002]
[   85.722442][ T7027] EXT4-fs (loop2): orphan cleanup on readonly fs
[   85.722900][ T7032] FAULT_INJECTION: forcing a failure.
[   85.722900][ T7032] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   85.741853][ T7032] CPU: 0 UID: 0 PID: 7032 Comm: syz.1.1333 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(voluntary) 
[   85.741914][ T7032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   85.741934][ T7032] Call Trace:
[   85.741943][ T7032]  <TASK>
[   85.741961][ T7032]  dump_stack_lvl+0xf6/0x150
[   85.741995][ T7032]  dump_stack+0x15/0x1a
[   85.742016][ T7032]  should_fail_ex+0x261/0x270
[   85.742125][ T7032]  should_fail+0xb/0x10
[   85.742159][ T7032]  should_fail_usercopy+0x1a/0x20
[   85.742199][ T7032]  _copy_to_user+0x20/0xa0
[   85.742227][ T7032]  simple_read_from_buffer+0xb2/0x130
[   85.742329][ T7032]  proc_fail_nth_read+0x103/0x140
[   85.742379][ T7032]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   85.742410][ T7032]  vfs_read+0x1b2/0x710
[   85.742486][ T7032]  ? __rcu_read_unlock+0x4e/0x70
[   85.742521][ T7032]  ? __fget_files+0x186/0x1c0
[   85.742600][ T7032]  ksys_read+0xeb/0x1b0
[   85.742624][ T7032]  __x64_sys_read+0x42/0x50
[   85.742646][ T7032]  x64_sys_call+0x2a3b/0x2e10
[   85.742674][ T7032]  do_syscall_64+0xc9/0x1c0
[   85.742794][ T7032]  ? clear_bhb_loop+0x25/0x80
[   85.742821][ T7032]  ? clear_bhb_loop+0x25/0x80
[   85.742849][ T7032]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.742894][ T7032] RIP: 0033:0x7fec4936bb7c
[   85.742914][ T7032] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   85.742945][ T7032] RSP: 002b:00007fec479d7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   85.742974][ T7032] RAX: ffffffffffffffda RBX: 00007fec49585fa0 RCX: 00007fec4936bb7c
[   85.742989][ T7032] RDX: 000000000000000f RSI: 00007fec479d70a0 RDI: 0000000000000003
[   85.743003][ T7032] RBP: 00007fec479d7090 R08: 0000000000000000 R09: 0000000000000000
[   85.743018][ T7032] R10: 000000000594906f R11: 0000000000000246 R12: 0000000000000001
[   85.743033][ T7032] R13: 0000000000000000 R14: 00007fec49585fa0 R15: 00007ffe3ae92d68
[   85.743059][ T7032]  </TASK>
[   85.876130][ T7037] loop1: detected capacity change from 0 to 512
[   85.886996][ T7027] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.1332: bg 0: block 328: padding at end of block bitmap is not set
[   85.896545][ T7037] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   85.927717][ T7027] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[   85.958727][ T7039] loop0: detected capacity change from 0 to 2048
[   85.986969][ T7027] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.1332: invalid indirect mapped block 65280 (level 0)
[   86.002002][ T7027] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.1332: attempt to clear invalid blocks 33619980 len 1
[   86.003999][ T7037] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.015695][ T7027] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.1332: invalid indirect mapped block 1819239214 (level 0)
[   86.042165][ T7037] ext4 filesystem being mounted at /217/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   86.063567][ T7027] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.1332: invalid indirect mapped block 1819239214 (level 1)
[   86.080215][ T7027] EXT4-fs (loop2): 1 orphan inode deleted
[   86.107949][ T7027] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   86.111205][ T7051] FAULT_INJECTION: forcing a failure.
[   86.111205][ T7051] name failslab, interval 1, probability 0, space 0, times 0
[   86.128976][ T7027] EXT4-fs warning (device loop2): dx_probe:803: inode #2: comm syz.2.1332: Unrecognised inode hash code 15
[   86.132753][ T7051] CPU: 1 UID: 0 PID: 7051 Comm: syz.3.1339 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(voluntary) 
[   86.132841][ T7051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   86.132920][ T7051] Call Trace:
[   86.132926][ T7051]  <TASK>
[   86.132932][ T7051]  dump_stack_lvl+0xf6/0x150
[   86.132963][ T7051]  dump_stack+0x15/0x1a
[   86.132984][ T7051]  should_fail_ex+0x261/0x270
[   86.133086][ T7051]  should_failslab+0x8f/0xb0
[   86.133113][ T7051]  kmem_cache_alloc_noprof+0x59/0x340
[   86.133148][ T7051]  ? skb_clone+0x154/0x1f0
[   86.133187][ T7051]  skb_clone+0x154/0x1f0
[   86.133250][ T7051]  nfnetlink_rcv+0x30b/0x1610
[   86.133329][ T7051]  ? __kfree_skb+0x102/0x150
[   86.133361][ T7051]  ? nlmon_xmit+0x51/0x60
[   86.133386][ T7051]  ? __kfree_skb+0x102/0x150
[   86.133473][ T7051]  ? consume_skb+0x49/0x160
[   86.133558][ T7051]  ? nlmon_xmit+0x51/0x60
[   86.133582][ T7051]  ? dev_hard_start_xmit+0x3d1/0x400
[   86.133621][ T7051]  ? __dev_queue_xmit+0xb76/0x20b0
[   86.133727][ T7051]  ? should_fail_ex+0xd7/0x270
[   86.133763][ T7051]  ? ref_tracker_free+0x3b8/0x420
[   86.133816][ T7051]  netlink_unicast+0x605/0x6c0
[   86.133849][ T7051]  netlink_sendmsg+0x609/0x720
[   86.133886][ T7051]  ? __pfx_netlink_sendmsg+0x10/0x10
[   86.133918][ T7051]  __sock_sendmsg+0x140/0x180
[   86.134052][ T7051]  ____sys_sendmsg+0x350/0x4e0
[   86.134093][ T7051]  __sys_sendmsg+0x1a0/0x240
[   86.134206][ T7051]  __x64_sys_sendmsg+0x46/0x50
[   86.134243][ T7051]  x64_sys_call+0x26f3/0x2e10
[   86.134312][ T7051]  do_syscall_64+0xc9/0x1c0
[   86.134346][ T7051]  ? clear_bhb_loop+0x25/0x80
[   86.134443][ T7051]  ? clear_bhb_loop+0x25/0x80
[   86.134471][ T7051]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.134501][ T7051] RIP: 0033:0x7fbec794d169
[   86.134521][ T7051] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.134543][ T7051] RSP: 002b:00007fbec5faf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   86.134566][ T7051] RAX: ffffffffffffffda RBX: 00007fbec7b65fa0 RCX: 00007fbec794d169
[   86.134632][ T7051] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005
[   86.134647][ T7051] RBP: 00007fbec5faf090 R08: 0000000000000000 R09: 0000000000000000
[   86.134662][ T7051] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   86.134683][ T7051] R13: 0000000000000000 R14: 00007fbec7b65fa0 R15: 00007ffef48c7288
[   86.134707][ T7051]  </TASK>
[   86.232728][ T7060] EXT4-fs warning (device loop2): dx_probe:803: inode #2: comm syz.2.1332: Unrecognised inode hash code 15
[   86.233407][ T7027] EXT4-fs warning (device loop2): dx_probe:936: inode #2: comm syz.2.1332: Corrupt directory, running e2fsck is recommended
[   86.238384][ T7060] EXT4-fs warning (device loop2): dx_probe:936: inode #2: comm syz.2.1332: Corrupt directory, running e2fsck is recommended
[   86.382154][ T7066] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1343'.
[   86.385722][ T7027] EXT4-fs warning (device loop2): dx_probe:803: inode #2: comm syz.2.1332: Unrecognised inode hash code 15
[   86.445842][ T7027] EXT4-fs warning (device loop2): dx_probe:936: inode #2: comm syz.2.1332: Corrupt directory, running e2fsck is recommended
[   86.552062][   T10] hid-generic 0000:0004:0000.0011: unknown main item tag 0x0
[   86.559622][   T10] hid-generic 0000:0004:0000.0011: unknown main item tag 0x0
[   86.567117][   T10] hid-generic 0000:0004:0000.0011: unknown main item tag 0x0
[   86.576320][   T10] hid-generic 0000:0004:0000.0011: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   86.610105][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.687191][   T36] hid-generic 0000:0004:0000.0012: unknown main item tag 0x0
[   86.694728][   T36] hid-generic 0000:0004:0000.0012: unknown main item tag 0x0
[   86.702161][   T36] hid-generic 0000:0004:0000.0012: unknown main item tag 0x0
[   86.710888][ T7096] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[   86.713025][   T36] hid-generic 0000:0004:0000.0012: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   86.728483][    C1] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:1b
[   86.749491][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.789283][ T7101] loop2: detected capacity change from 0 to 2048
[   86.803904][ T7101] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.810901][ T7108] loop1: detected capacity change from 0 to 512
[   86.825111][ T7108] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   86.836148][ T7101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.857331][ T7108] EXT4-fs error (device loop1): ext4_acquire_dquot:6935: comm syz.1.1362: Failed to acquire dquot type 0
[   86.857997][ T7113] FAULT_INJECTION: forcing a failure.
[   86.857997][ T7113] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   86.872017][ T7108] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   86.881853][ T7113] CPU: 0 UID: 0 PID: 7113 Comm: syz.2.1363 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(voluntary) 
[   86.881892][ T7113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   86.881925][ T7113] Call Trace:
[   86.881933][ T7113]  <TASK>
[   86.881944][ T7113]  dump_stack_lvl+0xf6/0x150
[   86.881974][ T7113]  dump_stack+0x15/0x1a
[   86.881994][ T7113]  should_fail_ex+0x261/0x270
[   86.882035][ T7113]  should_fail+0xb/0x10
[   86.882109][ T7113]  should_fail_usercopy+0x1a/0x20
[   86.882141][ T7113]  _copy_to_user+0x20/0xa0
[   86.882168][ T7113]  simple_read_from_buffer+0xb2/0x130
[   86.882208][ T7113]  proc_fail_nth_read+0x103/0x140
[   86.882242][ T7113]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   86.882269][ T7113]  vfs_read+0x1b2/0x710
[   86.882327][ T7113]  ? __rcu_read_unlock+0x4e/0x70
[   86.882362][ T7113]  ? __fget_files+0x186/0x1c0
[   86.882397][ T7113]  ksys_read+0xeb/0x1b0
[   86.882462][ T7113]  __x64_sys_read+0x42/0x50
[   86.882491][ T7113]  x64_sys_call+0x2a3b/0x2e10
[   86.882518][ T7113]  do_syscall_64+0xc9/0x1c0
[   86.882553][ T7113]  ? clear_bhb_loop+0x25/0x80
[   86.882648][ T7113]  ? clear_bhb_loop+0x25/0x80
[   86.882676][ T7113]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.882702][ T7113] RIP: 0033:0x7fc0b54fbb7c
[   86.882722][ T7113] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   86.882744][ T7113] RSP: 002b:00007fc0b3b67030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   86.882802][ T7113] RAX: ffffffffffffffda RBX: 00007fc0b5715fa0 RCX: 00007fc0b54fbb7c
[   86.882817][ T7113] RDX: 000000000000000f RSI: 00007fc0b3b670a0 RDI: 0000000000000006
[   86.882832][ T7113] RBP: 00007fc0b3b67090 R08: 0000000000000000 R09: 0000000000000000
[   86.882854][ T7113] R10: 0000000034d4e82f R11: 0000000000000246 R12: 0000000000000001
[   86.882869][ T7113] R13: 0000000000000000 R14: 00007fc0b5715fa0 R15: 00007ffdee7dd648
[   86.882894][ T7113]  </TASK>
[   87.091909][ T7108] EXT4-fs (loop1): 1 truncate cleaned up
[   87.098075][ T7108] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.116220][ T7108] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[   87.146646][ T7131] loop0: detected capacity change from 0 to 512
[   87.154806][ T7131] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   87.168217][   T10] hid-generic 0000:0004:0000.0013: unknown main item tag 0x0
[   87.175924][   T10] hid-generic 0000:0004:0000.0013: unknown main item tag 0x0
[   87.180473][ T7131] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.183421][   T10] hid-generic 0000:0004:0000.0013: unknown main item tag 0x0
[   87.197693][ T7131] ext4 filesystem being mounted at /277/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.206309][   T10] hid-generic 0000:0004:0000.0013: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   87.223906][ T3301] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.246669][ T7137] 9pnet_fd: p9_fd_create_tcp (7137): problem connecting socket to 127.0.0.1
[   87.254099][ T7139] netlink: 100 bytes leftover after parsing attributes in process `syz.1.1372'.
[   87.257460][ T7137] xt_hashlimit: size too large, truncated to 1048576
[   87.273967][ T7139] sg_write: process 552 (syz.1.1372) changed security contexts after opening file descriptor, this is not allowed.
[   87.313673][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.360739][    C0] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:1c
[   87.387985][ T7147] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1374'.
[   87.404492][ T7147] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1374'.
[   87.416603][ T7147] netlink: 'syz.0.1374': attribute type 4 has an invalid length.
[   87.508453][ T7158] netlink: 'syz.1.1376': attribute type 10 has an invalid length.
[   87.515982][ T7162] loop0: detected capacity change from 0 to 512
[   87.522516][ T7150] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   87.532238][ T7162] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   87.533345][ T7150] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   87.558284][ T7162] EXT4-fs (loop0): 1 truncate cleaned up
[   87.566114][   T10] hid-generic 0000:0004:0000.0014: unknown main item tag 0x0
[   87.573618][   T10] hid-generic 0000:0004:0000.0014: unknown main item tag 0x0
[   87.574121][ T7162] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.581044][   T10] hid-generic 0000:0004:0000.0014: unknown main item tag 0x0
[   87.584121][   T10] hid-generic 0000:0004:0000.0014: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   87.621881][ T7169] loop2: detected capacity change from 0 to 512
[   87.628810][ T7169] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   87.649662][ T7169] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   87.672293][ T7169] ext4 filesystem being mounted at /305/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   87.696890][ T7179] netlink: 'syz.3.1388': attribute type 4 has an invalid length.
[   87.722321][ T3303] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.733416][ T7180] xt_addrtype: ipv6 PROHIBIT (THROW, NAT ..) matching not supported
[   87.746164][ T7180] loop5: detected capacity change from 0 to 512
[   87.759059][ T7180] SELinux: security_context_str_to_sid (system_u) failed with errno=-22
[   87.805509][ T3311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.860357][ T7202] loop3: detected capacity change from 0 to 128
[   87.869211][ T7202] ext4 filesystem being mounted at /291/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   87.965427][ T7206] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   88.027868][ T7215] netlink: 'syz.0.1401': attribute type 4 has an invalid length.
[   88.064311][ T7219] loop0: detected capacity change from 0 to 512
[   88.083817][ T7219] EXT4-fs (loop0): failed to initialize system zone (-117)
[   88.087322][ T7223] loop2: detected capacity change from 0 to 512
[   88.096114][ T7219] EXT4-fs (loop0): mount failed
[   88.099871][ T7223] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   88.115368][ T7223] ext4 filesystem being mounted at /308/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.225399][ T7219] x_tables: duplicate underflow at hook 1
[   88.350998][ T7246] netlink: 'syz.1.1413': attribute type 4 has an invalid length.
[   88.458352][ T7260] netlink: 'syz.3.1416': attribute type 10 has an invalid length.
[   88.469063][ T7260] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   88.478252][ T7260] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   88.492043][ T7262] loop2: detected capacity change from 0 to 512
[   88.499042][ T7262] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   88.513807][ T7262] ext4 filesystem being mounted at /313/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.528503][   T36] hid-generic 0000:0004:0000.0015: unknown main item tag 0x0
[   88.536071][   T36] hid-generic 0000:0004:0000.0015: unknown main item tag 0x0
[   88.543585][   T36] hid-generic 0000:0004:0000.0015: unknown main item tag 0x0
[   88.551629][   T36] hid-generic 0000:0004:0000.0015: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   88.660909][ T7279] netlink: 'syz.5.1426': attribute type 4 has an invalid length.
[   88.698409][   T36] hid-generic 0000:0004:0000.0016: unknown main item tag 0x0
[   88.705981][   T36] hid-generic 0000:0004:0000.0016: unknown main item tag 0x0
[   88.713900][   T36] hid-generic 0000:0004:0000.0016: unknown main item tag 0x0
[   88.721890][   T36] hid-generic 0000:0004:0000.0016: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   88.802912][ T7277] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   88.822088][   T36] hid-generic 0000:0004:0000.0017: unknown main item tag 0x0
[   88.829632][   T36] hid-generic 0000:0004:0000.0017: unknown main item tag 0x0
[   88.837056][   T36] hid-generic 0000:0004:0000.0017: unknown main item tag 0x0
[   88.845131][   T36] hid-generic 0000:0004:0000.0017: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   88.896792][ T7292] block device autoloading is deprecated and will be removed.
[   88.907383][ T7292] bio_check_eod: 18 callbacks suppressed
[   88.907419][ T7292] syz.1.1431: attempt to access beyond end of device
[   88.907419][ T7292] md30: rw=2048, sector=0, nr_sectors = 8 limit=0
[   88.934351][ T7302] loop2: detected capacity change from 0 to 512
[   88.943418][ T7302] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   88.947964][ T7305] __nla_validate_parse: 13 callbacks suppressed
[   88.947983][ T7305] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1437'.
[   88.963262][ T7302] ext4 filesystem being mounted at /317/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.970990][ T7305] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1437'.
[   89.000895][   T29] kauditd_printk_skb: 184 callbacks suppressed
[   89.000915][   T29] audit: type=1400 audit(1743306219.775:1825): avc:  denied  { mount } for  pid=7291 comm="syz.1.1431" name="/" dev="hugetlbfs" ino=18306 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[   89.011083][ T7305] netlink: 'syz.0.1437': attribute type 4 has an invalid length.
[   89.075658][ T7315] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[   89.095841][ T7317] loop3: detected capacity change from 0 to 512
[   89.108462][ T7317] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   89.113470][ T7321] 9pnet_fd: p9_fd_create_tcp (7321): problem connecting socket to 127.0.0.1
[   89.127609][ T7321] xt_hashlimit: size too large, truncated to 1048576
[   89.134835][ T7317] ext4 filesystem being mounted at /298/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.196186][ T7324] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   89.280442][    C1] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:0c
[   89.291860][ T7332] loop0: detected capacity change from 0 to 512
[   89.295359][    C1] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:1c
[   89.316540][ T7332] ext4: Unknown parameter 'fsuuid'
[   89.326491][   T29] audit: type=1400 audit(1743306220.105:1826): avc:  denied  { bind } for  pid=7331 comm="syz.0.1445" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   89.338793][   T10] hid-generic 0000:0004:0000.0018: unknown main item tag 0x0
[   89.353898][   T10] hid-generic 0000:0004:0000.0018: unknown main item tag 0x0
[   89.361350][   T10] hid-generic 0000:0004:0000.0018: unknown main item tag 0x0
[   89.370211][   T10] hid-generic 0000:0004:0000.0018: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   89.432492][   T29] audit: type=1326 audit(1743306220.215:1827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7337 comm="syz.0.1447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a978d169 code=0x7ffc0000
[   89.457219][   T29] audit: type=1326 audit(1743306220.215:1828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7337 comm="syz.0.1447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a978d169 code=0x7ffc0000
[   89.480844][   T29] audit: type=1326 audit(1743306220.215:1829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7337 comm="syz.0.1447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f68a978d169 code=0x7ffc0000
[   89.497518][ T7342] loop2: detected capacity change from 0 to 512
[   89.504608][   T29] audit: type=1326 audit(1743306220.215:1830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7337 comm="syz.0.1447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a978d169 code=0x7ffc0000
[   89.514567][ T7342] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   89.534180][   T29] audit: type=1326 audit(1743306220.215:1831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7337 comm="syz.0.1447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7f68a978d169 code=0x7ffc0000
[   89.566112][   T29] audit: type=1326 audit(1743306220.215:1832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7337 comm="syz.0.1447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a978d169 code=0x7ffc0000
[   89.589638][   T29] audit: type=1326 audit(1743306220.215:1833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7337 comm="syz.0.1447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f68a978d169 code=0x7ffc0000
[   89.613153][   T29] audit: type=1326 audit(1743306220.215:1834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7337 comm="syz.0.1447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f68a978d169 code=0x7ffc0000
[   89.655684][ T7342] ext4 filesystem being mounted at /323/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.683883][ T7344] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1449'.
[   89.717607][ T7349] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1451'.
[   89.726714][ T7349] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1451'.
[   89.781093][ T7353] FAULT_INJECTION: forcing a failure.
[   89.781093][ T7353] name failslab, interval 1, probability 0, space 0, times 0
[   89.793820][ T7353] CPU: 0 UID: 0 PID: 7353 Comm: syz.1.1453 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(voluntary) 
[   89.793852][ T7353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   89.793867][ T7353] Call Trace:
[   89.793890][ T7353]  <TASK>
[   89.793897][ T7353]  dump_stack_lvl+0xf6/0x150
[   89.793919][ T7353]  dump_stack+0x15/0x1a
[   89.793935][ T7353]  should_fail_ex+0x261/0x270
[   89.793968][ T7353]  should_failslab+0x8f/0xb0
[   89.793993][ T7353]  __kmalloc_cache_noprof+0x55/0x320
[   89.794050][ T7353]  ? proc_thread_self_get_link+0xac/0x120
[   89.794082][ T7353]  proc_thread_self_get_link+0xac/0x120
[   89.794113][ T7353]  pick_link+0x4b9/0x820
[   89.794141][ T7353]  ? __pfx_proc_thread_self_get_link+0x10/0x10
[   89.794204][ T7353]  step_into+0x772/0x860
[   89.794236][ T7353]  link_path_walk+0x500/0x840
[   89.794269][ T7353]  path_openat+0x1b4/0x2000
[   89.794305][ T7353]  ? _parse_integer_limit+0x167/0x180
[   89.794441][ T7353]  do_filp_open+0x115/0x240
[   89.794569][ T7353]  do_sys_openat2+0xaa/0x110
[   89.794601][ T7353]  __x64_sys_openat+0xf8/0x120
[   89.794685][ T7353]  x64_sys_call+0x1ac/0x2e10
[   89.794710][ T7353]  do_syscall_64+0xc9/0x1c0
[   89.794744][ T7353]  ? clear_bhb_loop+0x25/0x80
[   89.794769][ T7353]  ? clear_bhb_loop+0x25/0x80
[   89.794794][ T7353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   89.794874][ T7353] RIP: 0033:0x7fec4936bad0
[   89.794902][ T7353] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[   89.794923][ T7353] RSP: 002b:00007fec479d6f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[   89.794994][ T7353] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fec4936bad0
[   89.795008][ T7353] RDX: 0000000000000002 RSI: 00007fec479d6fa0 RDI: 00000000ffffff9c
[   89.795077][ T7353] RBP: 00007fec479d6fa0 R08: 0000000000000000 R09: 0000000000000000
[   89.795153][ T7353] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[   89.795167][ T7353] R13: 0000000000000001 R14: 00007fec49585fa0 R15: 00007ffe3ae92d68
[   89.795188][ T7353]  </TASK>
[   89.839074][ T7359] loop5: detected capacity change from 0 to 128
[   89.936135][    C1] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:1b
[   90.041011][ T7366] 9pnet_fd: p9_fd_create_tcp (7366): problem connecting socket to 127.0.0.1
[   90.052478][ T7366] xt_hashlimit: size too large, truncated to 1048576
[   90.087805][ T7369] FAULT_INJECTION: forcing a failure.
[   90.087805][ T7369] name failslab, interval 1, probability 0, space 0, times 0
[   90.100689][ T7369] CPU: 1 UID: 0 PID: 7369 Comm: syz.5.1458 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(voluntary) 
[   90.100726][ T7369] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   90.100741][ T7369] Call Trace:
[   90.100748][ T7369]  <TASK>
[   90.100755][ T7369]  dump_stack_lvl+0xf6/0x150
[   90.100778][ T7369]  dump_stack+0x15/0x1a
[   90.100793][ T7369]  should_fail_ex+0x261/0x270
[   90.100887][ T7369]  should_failslab+0x8f/0xb0
[   90.100907][ T7369]  __kmalloc_cache_noprof+0x55/0x320
[   90.100936][ T7369]  ? tcp_md5_do_add+0xd6/0x1c0
[   90.100972][ T7369]  tcp_md5_do_add+0xd6/0x1c0
[   90.101061][ T7369]  tcp_v6_parse_md5_keys+0x3ec/0x440
[   90.101113][ T7369]  do_tcp_setsockopt+0xf6c/0x1710
[   90.101149][ T7369]  ? selinux_socket_setsockopt+0x1d9/0x210
[   90.101172][ T7369]  tcp_setsockopt+0x50/0xb0
[   90.101196][ T7369]  sock_common_setsockopt+0x64/0x80
[   90.101216][ T7369]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   90.101361][ T7369]  __sys_setsockopt+0x187/0x200
[   90.101386][ T7369]  __x64_sys_setsockopt+0x66/0x80
[   90.101497][ T7369]  x64_sys_call+0x2a09/0x2e10
[   90.101517][ T7369]  do_syscall_64+0xc9/0x1c0
[   90.101597][ T7369]  ? clear_bhb_loop+0x25/0x80
[   90.101620][ T7369]  ? clear_bhb_loop+0x25/0x80
[   90.101646][ T7369]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.101670][ T7369] RIP: 0033:0x7f87843ed169
[   90.101684][ T7369] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.101701][ T7369] RSP: 002b:00007f8782a2e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   90.101746][ T7369] RAX: ffffffffffffffda RBX: 00007f8784606080 RCX: 00007f87843ed169
[   90.101757][ T7369] RDX: 2000000000000020 RSI: 0000000000000006 RDI: 000000000000000a
[   90.101771][ T7369] RBP: 00007f8782a2e090 R08: 000000001959cc36 R09: 0000000000000000
[   90.101785][ T7369] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[   90.101799][ T7369] R13: 0000000000000000 R14: 00007f8784606080 R15: 00007ffd21a09d78
[   90.101819][ T7369]  </TASK>
[   90.405214][ T7377] validate_nla: 2 callbacks suppressed
[   90.405230][ T7377] netlink: 'syz.1.1463': attribute type 4 has an invalid length.
[   90.451432][ T7386] loop0: detected capacity change from 0 to 512
[   90.458372][ T7386] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   90.473795][ T7386] ext4 filesystem being mounted at /298/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   90.554005][ T7390] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1467'.
[   90.654632][ T7406] loop2: detected capacity change from 0 to 128
[   90.665002][ T7406] netlink: 'syz.2.1471': attribute type 1 has an invalid length.
[   90.685446][ T7404] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   90.820545][ T7416] 9pnet_fd: p9_fd_create_tcp (7416): problem connecting socket to 127.0.0.1
[   90.830908][ T7416] xt_hashlimit: size too large, truncated to 1048576
[   90.961837][ T7418] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   91.002259][ T7428] loop3: detected capacity change from 0 to 512
[   91.009435][ T7428] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   91.022924][ T7428] ext4 filesystem being mounted at /302/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.162379][ T7434] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1482'.
[   91.190964][ T7440] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   91.355396][   T36] hid-generic 0000:0004:0000.0019: unknown main item tag 0x0
[   91.362908][   T36] hid-generic 0000:0004:0000.0019: unknown main item tag 0x0
[   91.370441][   T36] hid-generic 0000:0004:0000.0019: unknown main item tag 0x0
[   91.385336][   T36] hid-generic 0000:0004:0000.0019: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   91.472924][ T7464] netlink: 'syz.0.1493': attribute type 4 has an invalid length.
[   91.572902][ T7460] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   91.582911][ T7477] loop3: detected capacity change from 0 to 1024
[   91.644596][ T7479] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   91.659055][ T7477] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1498'.
[   91.672613][ T7487] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1497'.
[   91.685269][   T36] hid-generic 0000:0004:0000.001A: unknown main item tag 0x0
[   91.692766][   T36] hid-generic 0000:0004:0000.001A: unknown main item tag 0x0
[   91.700186][   T36] hid-generic 0000:0004:0000.001A: unknown main item tag 0x0
[   91.763137][   T36] hid-generic 0000:0004:0000.001A: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   91.919074][ T7502] IPv6: Can't replace route, no match found
[   92.000806][ T7502] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1508'.
[   92.044955][ T7510] loop2: detected capacity change from 0 to 512
[   92.056563][   T36] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[   92.064191][   T36] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[   92.071781][   T36] hid-generic 0000:0004:0000.001B: unknown main item tag 0x0
[   92.075482][ T7510] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   92.098552][   T36] hid-generic 0000:0004:0000.001B: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   92.130240][ T7510] ext4 filesystem being mounted at /334/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.151740][ T7523] loop5: detected capacity change from 0 to 128
[   92.183533][ T7514] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   92.277036][ T7526] loop0: detected capacity change from 0 to 2048
[   92.448401][   T36] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[   92.456002][   T36] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[   92.463602][   T36] hid-generic 0000:0004:0000.001C: unknown main item tag 0x0
[   92.473288][   T36] hid-generic 0000:0004:0000.001C: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   92.525557][ T7547] FAULT_INJECTION: forcing a failure.
[   92.525557][ T7547] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   92.538897][ T7547] CPU: 0 UID: 0 PID: 7547 Comm: syz.0.1526 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(voluntary) 
[   92.538930][ T7547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   92.538945][ T7547] Call Trace:
[   92.538992][ T7547]  <TASK>
[   92.538999][ T7547]  dump_stack_lvl+0xf6/0x150
[   92.539085][ T7547]  dump_stack+0x15/0x1a
[   92.539106][ T7547]  should_fail_ex+0x261/0x270
[   92.539143][ T7547]  should_fail+0xb/0x10
[   92.539177][ T7547]  should_fail_usercopy+0x1a/0x20
[   92.539266][ T7547]  _copy_from_user+0x1c/0xa0
[   92.539292][ T7547]  __copy_siginfo_from_user+0x44/0x2c0
[   92.539348][ T7547]  __x64_sys_rt_tgsigqueueinfo+0x7f/0x170
[   92.539437][ T7547]  x64_sys_call+0x739/0x2e10
[   92.539464][ T7547]  do_syscall_64+0xc9/0x1c0
[   92.539552][ T7547]  ? clear_bhb_loop+0x25/0x80
[   92.539579][ T7547]  ? clear_bhb_loop+0x25/0x80
[   92.539684][ T7547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.539710][ T7547] RIP: 0033:0x7f68a978d169
[   92.539728][ T7547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   92.539750][ T7547] RSP: 002b:00007f68a7df7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000129
[   92.539799][ T7547] RAX: ffffffffffffffda RBX: 00007f68a99a5fa0 RCX: 00007f68a978d169
[   92.539814][ T7547] RDX: 000000000000000b RSI: 00000000000002fa RDI: 00000000000002f9
[   92.539869][ T7547] RBP: 00007f68a7df7090 R08: 0000000000000000 R09: 0000000000000000
[   92.539884][ T7547] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[   92.539898][ T7547] R13: 0000000000000000 R14: 00007f68a99a5fa0 R15: 00007ffc595ec588
[   92.539921][ T7547]  </TASK>
[   92.728996][ T7550] 9pnet_fd: p9_fd_create_tcp (7550): problem connecting socket to 127.0.0.1
[   92.741509][ T7550] xt_hashlimit: size too large, truncated to 1048576
[   92.778509][ T7553] loop0: detected capacity change from 0 to 512
[   92.792070][ T7553] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   92.814224][ T7553] ext4 filesystem being mounted at /322/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.899681][ T7551] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   92.995772][ T7569] loop1: detected capacity change from 0 to 2048
[   93.056089][   T36] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[   93.063675][   T36] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[   93.071145][   T36] hid-generic 0000:0004:0000.001D: unknown main item tag 0x0
[   93.085035][   T36] hid-generic 0000:0004:0000.001D: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   93.103034][ T7586] netlink: 'syz.1.1538': attribute type 7 has an invalid length.
[   93.138862][ T7589] loop5: detected capacity change from 0 to 512
[   93.145903][ T7589] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   93.157723][ T7590] netlink: 'syz.3.1539': attribute type 4 has an invalid length.
[   93.171639][ T7590] : renamed from bond0 (while UP)
[   93.193073][ T7589] ext4 filesystem being mounted at /287/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.337308][ T7593] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   93.353838][ T7613] netlink: 'syz.3.1548': attribute type 4 has an invalid length.
[   93.455111][ T7623] loop1: detected capacity change from 0 to 512
[   93.470746][ T7620] loop0: detected capacity change from 0 to 2048
[   93.476172][ T7623] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   93.514032][ T7623] ext4 filesystem being mounted at /253/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.549675][ T7629] loop2: detected capacity change from 0 to 164
[   93.683797][ T7652] loop5: detected capacity change from 0 to 512
[   93.690947][ T7652] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   93.712208][ T7652] ext4 filesystem being mounted at /290/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.752089][ T7661] uprobe: syz.3.1562:7661 failed to unregister, leaking uprobe
[   93.801970][ T7656] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   93.811273][ T7658] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   93.979120][   T10] hid-generic 0000:0004:0000.001E: unknown main item tag 0x0
[   93.986705][   T10] hid-generic 0000:0004:0000.001E: unknown main item tag 0x0
[   93.994182][   T10] hid-generic 0000:0004:0000.001E: unknown main item tag 0x0
[   94.004678][ T7688] netlink: 'syz.2.1575': attribute type 4 has an invalid length.
[   94.020691][   T10] hid-generic 0000:0004:0000.001E: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   94.034594][ T7690] __nla_validate_parse: 6 callbacks suppressed
[   94.034612][ T7690] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1576'.
[   94.077180][ T7692] loop3: detected capacity change from 0 to 2048
[   94.099174][ T7698] loop2: detected capacity change from 0 to 1024
[   94.113706][ T7698] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1580'.
[   94.119034][ T7692] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   94.137625][   T29] kauditd_printk_skb: 118 callbacks suppressed
[   94.137641][   T29] audit: type=1400 audit(1743306224.895:1953): avc:  denied  { append } for  pid=7691 comm="syz.3.1577" path="/316/file2/blkio.bfq.io_service_bytes_recursive" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   94.138307][ T7692] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28
[   94.182073][ T7692] EXT4-fs (loop3): This should not happen!! Data will be lost
[   94.182073][ T7692] 
[   94.183308][   T29] audit: type=1400 audit(1743306224.955:1954): avc:  denied  { map } for  pid=7691 comm="syz.3.1577" path="/316/file2/blkio.bfq.io_service_bytes_recursive" dev="loop3" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   94.191731][ T7692] EXT4-fs (loop3): Total free blocks count 0
[   94.191749][ T7692] EXT4-fs (loop3): Free/Dirty block details
[   94.191763][ T7692] EXT4-fs (loop3): free_blocks=2415919104
[   94.234855][ T7692] EXT4-fs (loop3): dirty_blocks=32
[   94.240128][ T7692] EXT4-fs (loop3): Block reservation details
[   94.246165][ T7692] EXT4-fs (loop3): i_reserved_data_blocks=2
[   94.255617][ T7698] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1580'.
[   94.277598][ T7712] FAULT_INJECTION: forcing a failure.
[   94.277598][ T7712] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   94.290978][ T7712] CPU: 0 UID: 0 PID: 7712 Comm: syz.0.1583 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(voluntary) 
[   94.291087][ T7712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   94.291102][ T7712] Call Trace:
[   94.291109][ T7712]  <TASK>
[   94.291118][ T7712]  dump_stack_lvl+0xf6/0x150
[   94.291146][ T7712]  dump_stack+0x15/0x1a
[   94.291166][ T7712]  should_fail_ex+0x261/0x270
[   94.291269][ T7712]  should_fail+0xb/0x10
[   94.291301][ T7712]  should_fail_usercopy+0x1a/0x20
[   94.291372][ T7712]  _copy_from_user+0x1c/0xa0
[   94.291393][ T7712]  memdup_sockptr_noprof+0x8b/0x120
[   94.291436][ T7712]  ipv6_set_opt_hdr+0x125/0x540
[   94.291471][ T7712]  do_ipv6_setsockopt+0x128d/0x2240
[   94.291548][ T7712]  ? calipso_sock_getattr+0x26c/0x380
[   94.291586][ T7712]  ? __rcu_read_unlock+0x4e/0x70
[   94.291610][ T7712]  ? __pfx_ip6_datagram_release_cb+0x10/0x10
[   94.291767][ T7712]  ? ip6_datagram_release_cb+0x103/0x170
[   94.291795][ T7712]  ? _raw_spin_unlock_bh+0x36/0x40
[   94.291817][ T7712]  ? release_sock+0x117/0x150
[   94.291844][ T7712]  ? selinux_netlbl_socket_setsockopt+0x258/0x2d0
[   94.291881][ T7712]  ipv6_setsockopt+0x57/0x130
[   94.291941][ T7712]  udpv6_setsockopt+0x95/0xb0
[   94.291963][ T7712]  sock_common_setsockopt+0x64/0x80
[   94.291982][ T7712]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   94.292005][ T7712]  __sys_setsockopt+0x187/0x200
[   94.292035][ T7712]  __x64_sys_setsockopt+0x66/0x80
[   94.292153][ T7712]  x64_sys_call+0x2a09/0x2e10
[   94.292179][ T7712]  do_syscall_64+0xc9/0x1c0
[   94.292227][ T7712]  ? clear_bhb_loop+0x25/0x80
[   94.292248][ T7712]  ? clear_bhb_loop+0x25/0x80
[   94.292303][ T7712]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.292327][ T7712] RIP: 0033:0x7f68a978d169
[   94.292345][ T7712] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.292366][ T7712] RSP: 002b:00007f68a7df7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   94.292386][ T7712] RAX: ffffffffffffffda RBX: 00007f68a99a5fa0 RCX: 00007f68a978d169
[   94.292397][ T7712] RDX: 0000000000000036 RSI: 0000000000000029 RDI: 0000000000000007
[   94.292450][ T7712] RBP: 00007f68a7df7090 R08: 00000000000001b0 R09: 0000000000000000
[   94.292464][ T7712] R10: 0000200000000300 R11: 0000000000000246 R12: 0000000000000001
[   94.292474][ T7712] R13: 0000000000000000 R14: 00007f68a99a5fa0 R15: 00007ffc595ec588
[   94.292512][ T7712]  </TASK>
[   94.562946][   T10] hid-generic 0000:0004:0000.001F: unknown main item tag 0x0
[   94.570550][   T10] hid-generic 0000:0004:0000.001F: unknown main item tag 0x0
[   94.577995][   T10] hid-generic 0000:0004:0000.001F: unknown main item tag 0x0
[   94.588095][ T7719] netlink: 'syz.0.1587': attribute type 4 has an invalid length.
[   94.613846][   T10] hid-generic 0000:0004:0000.001F: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[   94.673983][ T7728] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1591'.
[   94.690804][ T7729] netlink: 'syz.3.1586': attribute type 10 has an invalid length.
[   94.698746][ T7729] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1586'.
[   94.727517][ T7732] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1589'.
[   94.735356][ T7723] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   94.769212][ T7723] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   94.831332][ T7736] hsr0: entered promiscuous mode
[   94.879361][   T29] audit: type=1400 audit(1743306225.645:1955): avc:  denied  { write } for  pid=7735 comm="+}[@" name="rt_acct" dev="proc" ino=4026532571 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[   94.928023][ T7707] ==================================================================
[   94.936348][ T7707] BUG: KCSAN: data-race in generic_buffers_fsync_noflush / inode_cgwb_move_to_attached
[   94.946049][ T7707] 
[   94.948390][ T7707] write to 0xffff888115e87288 of 4 bytes by task 7698 on cpu 0:
[   94.956062][ T7707]  inode_cgwb_move_to_attached+0x9a/0x300
[   94.961821][ T7707]  writeback_single_inode+0x2b5/0x3f0
[   94.967315][ T7707]  sync_inode_metadata+0x60/0x90
[   94.972349][ T7707]  generic_buffers_fsync_noflush+0xd8/0x120
[   94.978275][ T7707]  ext4_sync_file+0x1c3/0x6c0
[   94.983001][ T7707]  vfs_fsync_range+0x116/0x130
[   94.987858][ T7707]  ext4_buffered_write_iter+0x358/0x3c0
[   94.993478][ T7707]  ext4_file_write_iter+0x3b2/0xf80
[   94.998891][ T7707]  iter_file_splice_write+0x5f2/0x980
[   95.004308][ T7707]  direct_splice_actor+0x160/0x2c0
[   95.009450][ T7707]  splice_direct_to_actor+0x305/0x680
[   95.014850][ T7707]  do_splice_direct+0xd9/0x150
[   95.019623][ T7707]  do_sendfile+0x40a/0x690
[   95.024056][ T7707]  __x64_sys_sendfile64+0x113/0x160
[   95.029270][ T7707]  x64_sys_call+0xfc3/0x2e10
[   95.033870][ T7707]  do_syscall_64+0xc9/0x1c0
[   95.038388][ T7707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.044294][ T7707] 
[   95.046624][ T7707] read to 0xffff888115e87288 of 4 bytes by task 7707 on cpu 1:
[   95.054171][ T7707]  generic_buffers_fsync_noflush+0x83/0x120
[   95.060125][ T7707]  ext4_sync_file+0x1c3/0x6c0
[   95.064908][ T7707]  vfs_fsync_range+0x116/0x130
[   95.069680][ T7707]  ext4_buffered_write_iter+0x358/0x3c0
[   95.075258][ T7707]  ext4_file_write_iter+0x3b2/0xf80
[   95.080482][ T7707]  iter_file_splice_write+0x5f2/0x980
[   95.085881][ T7707]  direct_splice_actor+0x160/0x2c0
[   95.091001][ T7707]  splice_direct_to_actor+0x305/0x680
[   95.096378][ T7707]  do_splice_direct+0xd9/0x150
[   95.101147][ T7707]  do_sendfile+0x40a/0x690
[   95.105578][ T7707]  __x64_sys_sendfile64+0x113/0x160
[   95.110789][ T7707]  x64_sys_call+0xfc3/0x2e10
[   95.115386][ T7707]  do_syscall_64+0xc9/0x1c0
[   95.119908][ T7707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.125817][ T7707] 
[   95.128151][ T7707] value changed: 0x00000002 -> 0x00000020
[   95.133879][ T7707] 
[   95.136206][ T7707] Reported by Kernel Concurrency Sanitizer on:
[   95.142357][ T7707] CPU: 1 UID: 0 PID: 7707 Comm: syz.2.1580 Not tainted 6.14.0-syzkaller-09584-g7d06015d936c #0 PREEMPT(voluntary) 
[   95.154433][ T7707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   95.164495][ T7707] ==================================================================
[   95.206891][ T7743] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   98.880803][    C0] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:1c
[   99.520697][    C0] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:1c
[  100.800522][    C0] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:0c
[  102.720473][    C0] batman_adv: batadv0: Local translation table size (80) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:0c