last executing test programs:

2.833515295s ago: executing program 4 (id=570):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmmsg$inet_sctp(r0, &(0x7f0000004ac0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000bc0)=[@sndrcv={0x30, 0x84, 0x1, {0x1, 0x2, 0x0, 0xffff8001, 0xa, 0x10, 0x7ff, 0x9}}, @prinfo={0x18, 0x84, 0x5, {0x10, 0x6}}], 0x48, 0x8000}], 0x1, 0x0) (fail_nth: 2)

2.750482916s ago: executing program 4 (id=571):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000020000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{r0}, &(0x7f00000008c0), &(0x7f0000000900)}, 0x20)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001840)=@newtaction={0x898, 0x30, 0x12f, 0x0, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x2, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfffffffd, 0xfffffffd, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4, 0xfffeffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0xa4fb, 0x40000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x5, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}], [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xffffffffffffffca}, @TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x6, 0x2, 0x7f, 0x401, 0x2, 0x0, 0x2, 0x80000000, 0x4, 0x5, 0x8, 0x0, 0x7fff, 0x75ba, 0x7fffffff, 0x5, 0xffffffff, 0x7ff, 0x2, 0x9, 0x2, 0x0, 0x1000, 0x1, 0x3, 0x6, 0x0, 0xfa, 0x4, 0x0, 0xf, 0x80000001, 0x7, 0xfffffffb, 0x1, 0x20, 0x5, 0x8, 0x1, 0x2f2, 0x7fff, 0x0, 0x81, 0x6, 0x1ff, 0x7, 0x3, 0x5, 0x3, 0x9, 0x1000, 0x401, 0x1, 0x6, 0x7, 0x2, 0x4, 0x7f, 0x5, 0xfffffffb, 0x1, 0x4, 0x5, 0x8, 0x9, 0x9, 0x10, 0x9, 0x7, 0xffffff00, 0x95, 0x0, 0x4, 0x8, 0x8, 0x1, 0x958, 0x200, 0x4, 0x6, 0x7, 0x80, 0x5, 0xe53, 0x0, 0xfffffffe, 0x4, 0x8, 0x9, 0x7fff, 0x30, 0x8, 0xfffffff7, 0x4, 0x9, 0x1, 0x4, 0x7, 0x9, 0x5, 0x7, 0x6, 0x0, 0x6, 0x2, 0x7, 0x3, 0xcdd, 0x2, 0xd67, 0x7, 0x7, 0x25, 0x10, 0x80007, 0xfffffff7, 0x2, 0x400, 0x8, 0x0, 0x7, 0x5, 0x9, 0xa, 0xa, 0x9, 0x5, 0xdb5, 0x101, 0x4, 0x74e4, 0x7ffc, 0x7, 0x7ff, 0x1, 0xd70, 0x1, 0x8, 0xa, 0x7, 0x1, 0x82, 0x531, 0x1, 0x1, 0x5, 0x26, 0x1, 0x1b2a, 0x81, 0x0, 0x14, 0x767, 0x7, 0x9, 0x10, 0xc2a, 0xff, 0x0, 0x6, 0x7, 0x3, 0xfffffff4, 0x8, 0x3, 0xfff, 0x8, 0x5, 0x5, 0x7, 0x3, 0xd7c5, 0x2, 0x10000, 0x7fff, 0x5, 0x5, 0x0, 0xd, 0x7, 0x2, 0x0, 0x6ee1847d, 0x100, 0x7ff, 0x1, 0xf0, 0x7, 0x2, 0x7, 0x4, 0x6, 0x4, 0x7, 0x2, 0x0, 0x1, 0x4, 0x3, 0xfff, 0x80000001, 0x7, 0x676, 0x3, 0x9, 0x2, 0x4, 0x7fff, 0x4a5, 0x23, 0x4, 0x9, 0x8, 0x0, 0x80, 0xa, 0x9, 0xca000000, 0x2, 0xfffffffa, 0x3, 0x7, 0x8, 0x7, 0x65fe, 0x5, 0x6, 0x4, 0x80000000, 0x5, 0x7ff, 0xb848, 0x6, 0x6, 0x800, 0x7, 0x1, 0xb, 0x80, 0x2, 0x3, 0x6, 0x4, 0x4, 0x4, 0xc, 0x80000001, 0x5, 0x2, 0x10000000, 0xb, 0x7, 0x5, 0x2, 0x79e]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x898}}, 0x0)

2.643478628s ago: executing program 4 (id=573):
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r0}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
r1 = socket(0x200000000000011, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000780)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000001500), &(0x7f0000001500), 0x5, r4, 0x4}, 0x38)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000240)='kfree\x00', r6}, 0x18)
r7 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r7, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r7, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x4e20, @local}, 0x10, 0x0, 0x0, &(0x7f0000000600)=[@rdma_map={0x30, 0x114, 0x3, {{0x0}, 0x0, 0x31}}], 0x30}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r8}, 0x10)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x441, 0x0)
write$binfmt_aout(r9, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCXONC(r9, 0x540a, 0x2)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f0000000100))
sendmsg$MPTCP_PM_CMD_REMOVE(0xffffffffffffffff, 0x0, 0x40)
quotactl$Q_SETQUOTA(0xffffffff80000900, &(0x7f0000000c80)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
syz_read_part_table(0x1057, &(0x7f0000000000)="$eJzsz8GJwlAUBdD7J5NhwiymhEkTU4pYgzsbkGApboON2YG4iUQ/pgIR4ZzF59/L48ELL9WV5G9Tw/m49Le3yXfb5SO7R//VD11+Dttlw/7UJtNvqbEfk891kv/LHGs9zd/hPl9qWdKsxudeBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADv4RoAAP//uvwMeg==")
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)={0x20, r3, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5}]}]}, 0x20}, 0x1, 0x0, 0x0, 0xaa34a4cfdb933291}, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000280)={'syz_tun\x00', <r10=>0x0})
bind$packet(r1, &(0x7f0000000080)={0x11, 0x800, r10, 0x1, 0x0, 0x6, @random="518440db9de1"}, 0x14)
socket(0x200000000000011, 0x2, 0x0)

2.145003694s ago: executing program 4 (id=582):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x1, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="6c000000020601020000000600000000000000000e0003006269746d61703a697000000005000400000000000900020073797a3000000000240007800c00028008000140e00000020c0001800800014080ffffff050014000200000005000500020000000500010006"], 0x6c}}, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[], 0x90}, 0x1, 0x0, 0x0, 0x4044810}, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r2}, &(0x7f0000000000), &(0x7f00000005c0)=r3}, 0x20)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000300)=@newqdisc={0x45c, 0x24, 0xd0f, 0x0, 0xfffffffd, {0x60, 0x0, 0x0, r4, {0x0, 0x2}, {0xffff, 0xffff}, {0xfff3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x9, 0x45, 0x3ff, 0x10000, 0x3, 0x8, 0x4, 0xa0002, 0x5, 0x36, 0x59bc9fd6, 0x2, 0x2, 0x8000, 0x8, 0x4, 0x8, 0x6, 0x114b6000, 0xfffffffb, 0x2a70, 0xffff73cc, 0x81, 0x5, 0x0, 0xa, 0x45, 0x0, 0x8, 0x5, 0xba44, 0x3, 0x60b, 0x80000000, 0x8, 0x4, 0x5, 0x3, 0xffff, 0x3, 0xfffffff8, 0x5, 0x8, 0x1a0055ee, 0x1, 0x1, 0xffff4226, 0x7, 0x0, 0x5, 0x101, 0x4, 0x1, 0x2, 0x800, 0xf9, 0x9, 0x9, 0x2, 0x8, 0x2f, 0xfffffff8, 0x0, 0x101, 0x9, 0x7, 0x5, 0x5, 0x5, 0x0, 0x46, 0x2, 0x5, 0x3, 0x2, 0x9b58, 0x4, 0xb, 0x4be, 0xe, 0xef, 0xa, 0xcaa, 0x9fa7, 0xfffeffff, 0x38, 0x4, 0x0, 0x9, 0x44d, 0x7, 0x200, 0x8, 0x401, 0x7, 0x45, 0x3, 0x9, 0x0, 0x7, 0x6, 0x9, 0x3, 0x7, 0x4, 0x6, 0x7, 0x8002, 0x7, 0x7, 0x7, 0xc3c, 0x3, 0x28000000, 0x8, 0x30c7, 0xfad, 0x7, 0x8, 0x0, 0x5, 0x10, 0x400, 0xa97, 0x4, 0x422dd3f4, 0x4, 0x8, 0x2, 0x8, 0x10000, 0x8c1, 0x0, 0x45b6, 0x9, 0x864b, 0x0, 0x7, 0x9, 0x1, 0x7, 0x81, 0x3, 0x800, 0x6, 0xffffff80, 0x41, 0xc22, 0x1, 0x6, 0x9, 0x9, 0x7fffffff, 0x4, 0xfff, 0x6, 0xfffffffd, 0x7c1, 0x136, 0x6, 0x5, 0x4, 0x3ff, 0x4, 0xb, 0x2, 0x10001, 0x0, 0x5, 0x3, 0x400, 0x101, 0xffffffff, 0x1b, 0xd589, 0xffffff81, 0xffff0001, 0x4, 0x0, 0x300, 0x8, 0x60000000, 0xd39, 0x0, 0xfffffffe, 0x0, 0x81, 0x2, 0x55, 0x4000004, 0xbc6, 0x2, 0x8, 0x28a6a52, 0x1ff, 0xb, 0x7fff, 0x9, 0x2e4c20b9, 0xb, 0x2, 0x9, 0x7, 0x4, 0x8, 0x3, 0x2, 0x8, 0x3, 0x7, 0x4, 0x9, 0x8, 0xfffffffa, 0x76e8e800, 0x800, 0x400, 0x6, 0x0, 0xcc6, 0xfffffffb, 0x8000, 0xffffff00, 0x894, 0x7, 0xe, 0x6, 0x6, 0x2, 0x6, 0x10001, 0x9, 0x4, 0x8, 0x5d, 0x1000000, 0x7, 0x1, 0x8, 0x7ffffffd, 0x384, 0x9, 0x58a, 0x80000000, 0xe08, 0x0, 0x1, 0x2c821159, 0x0, 0x9, 0x7f, 0x0, 0x6, 0x0, 0x7f]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x6, 0x0, 0x2, 0x8, 0x0, 0xc}, {0xff, 0x1, 0x6, 0x5, 0x5e1d, 0x8}, 0x3ff, 0xa0, 0x99}}]}}]}, 0x45c}, 0x1, 0x0, 0x0, 0x4000050}, 0x20008840)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461000000100002800c00014000"], 0x118}}, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000009c0)={&(0x7f0000000940)=""/82, 0x80000, 0x0, 0x1f7fd3f, 0x1}, 0x20)
syz_emit_ethernet(0x3e, &(0x7f0000000840)=ANY=[@ANYBLOB="0380450000300000000000019078ac1e00019c1e0001030590781200183f9b250000000000000002010a047f0000017f00000195894f0ea2e84c6bdf3ddd2010e093ea767996573b68789565a7fa0dc8313e7aa531fc125523a192e8c49d2fbed41ac7fc285212abf7564c9bc1adf8140d5f1162701b608dbe1a3857ed27cbd91abeed4d711b8381a38571956a86abf5aed376621ec8b693419312e4c1b3bcba3f3ae620cfd6397fc9a2670280d5dcf4c2386aefdbfd1b420f1fe49dee222aadb1d10b536bac599093"], 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
setsockopt$inet_mreqn(r1, 0x0, 0x24, &(0x7f0000000800)={@initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, r4}, 0xc)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0600000004000000fd0f000002"], 0x48)
request_key(&(0x7f0000000280)='trusted\x00', &(0x7f00000003c0)={'syz', 0x0}, &(0x7f0000000540)='\x00', 0xffffffffffffffff)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000004c0)={0x0, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x4e20, @local}, {0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x116, 0x0, 0x0, 0x0, 0x20, 0x0, 0x2, 0x8, 0x795})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f9ffffffb703000000080000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
rt_sigsuspend(0x0, 0x0)

1.260633075s ago: executing program 2 (id=598):
socketpair$unix(0x1, 0x5, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$packet(0x11, 0xa, 0x300)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2686dd4c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.181006455s ago: executing program 2 (id=600):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000020000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000018110000", @ANYRES32=r0], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000940)={{r0}, &(0x7f00000008c0), &(0x7f0000000900)}, 0x20)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001840)=@newtaction={0x898, 0x30, 0x12f, 0x0, 0x0, {}, [{0x884, 0x1, [@m_police={0x880, 0x1, 0x0, 0x0, {{0xb}, {0x854, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x2, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xfffffffd, 0xfffffffd, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4, 0xfffeffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0xa4fb, 0x40000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x5, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}], [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0xffffffffffffffca}, @TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x6, 0x2, 0x7f, 0x401, 0x2, 0x0, 0x2, 0x80000000, 0x4, 0x5, 0x8, 0x0, 0x7fff, 0x75ba, 0x7fffffff, 0x5, 0xffffffff, 0x7ff, 0x2, 0x9, 0x2, 0x0, 0x1000, 0x1, 0x3, 0x6, 0x0, 0xfa, 0x4, 0x0, 0xf, 0x80000001, 0x7, 0xfffffffb, 0x1, 0x20, 0x5, 0x8, 0x1, 0x2f2, 0x7fff, 0x0, 0x81, 0x6, 0x1ff, 0x7, 0x3, 0x5, 0x3, 0x9, 0x1000, 0x401, 0x1, 0x6, 0x7, 0x2, 0x4, 0x7f, 0x5, 0xfffffffb, 0x1, 0x4, 0x5, 0x8, 0x9, 0x9, 0x10, 0x9, 0x7, 0xffffff00, 0x95, 0x0, 0x4, 0x8, 0x8, 0x1, 0x958, 0x200, 0x4, 0x6, 0x7, 0x80, 0x5, 0xe53, 0x0, 0xfffffffe, 0x4, 0x8, 0x9, 0x7fff, 0x30, 0x8, 0xfffffff7, 0x4, 0x9, 0x1, 0x4, 0x7, 0x9, 0x5, 0x7, 0x6, 0x0, 0x6, 0x2, 0x7, 0x3, 0xcdd, 0x2, 0xd67, 0x7, 0x7, 0x25, 0x10, 0x80007, 0xfffffff7, 0x2, 0x400, 0x8, 0x0, 0x7, 0x5, 0x9, 0xa, 0xa, 0x9, 0x5, 0xdb5, 0x101, 0x4, 0x74e4, 0x7ffc, 0x7, 0x7ff, 0x1, 0xd70, 0x1, 0x8, 0xa, 0x7, 0x1, 0x82, 0x531, 0x1, 0x1, 0x5, 0x26, 0x1, 0x1b2a, 0x81, 0x0, 0x14, 0x767, 0x7, 0x9, 0x10, 0xc2a, 0xff, 0x0, 0x6, 0x7, 0x3, 0xfffffff4, 0x8, 0x3, 0xfff, 0x8, 0x5, 0x5, 0x7, 0x3, 0xd7c5, 0x2, 0x10000, 0x7fff, 0x5, 0x5, 0x0, 0xd, 0x7, 0x2, 0x0, 0x6ee1847d, 0x100, 0x7ff, 0x1, 0xf0, 0x7, 0x2, 0x7, 0x4, 0x6, 0x4, 0x7, 0x2, 0x0, 0x1, 0x4, 0x3, 0xfff, 0x80000001, 0x7, 0x676, 0x3, 0x9, 0x2, 0x4, 0x7fff, 0x4a5, 0x23, 0x4, 0x9, 0x8, 0x0, 0x80, 0xa, 0x9, 0xca000000, 0x2, 0xfffffffa, 0x3, 0x7, 0x8, 0x7, 0x65fe, 0x5, 0x6, 0x4, 0x80000000, 0x5, 0x7ff, 0xb848, 0x6, 0x6, 0x800, 0x7, 0x1, 0xb, 0x80, 0x2, 0x3, 0x6, 0x4, 0x4, 0x4, 0xc, 0x80000001, 0x5, 0x2, 0x10000000, 0xb, 0x7, 0x5, 0x2, 0x79e]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x898}}, 0x0)

1.154441976s ago: executing program 4 (id=602):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x2000, 0x1}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0})
io_uring_enter(r1, 0x4913, 0x770e, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1e000000000000000100000007"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r5}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @broadcast})

1.153205426s ago: executing program 2 (id=603):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x54, 0x10, 0x403, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x74, 0x0, 0x800, 0x55007}, [@IFLA_LINKINFO={0xffffffffffffff62, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x24, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x2}, @IFLA_BR_MCAST_STARTUP_QUERY_INTVL={0xc, 0x23, 0x8}, @IFLA_BR_MCAST_QUERY_RESPONSE_INTVL={0xc, 0x22, 0x6}]}}}]}, 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={0x1, 0x58, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r1=>0x0}}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000240)={'gretap0\x00', &(0x7f0000000300)={'erspan0\x00', <r2=>0x0, 0x1, 0x700, 0x7fffffff, 0x100, {{0x28, 0x4, 0x2, 0x5, 0xa0, 0x66, 0x0, 0x80, 0x4, 0x0, @multicast2, @multicast2, {[@cipso={0x86, 0x5f, 0x2, [{0x5, 0x7, "a96e3ef63b"}, {0x2, 0xc, "0854b71ac7ab1eac7212"}, {0x5, 0xa, "cb4e9e3811c693f3"}, {0x7, 0xe, "8c9d3ce63845b3499e47fac7"}, {0x6, 0xa, "b9d1c88327908e13"}, {0x5, 0x8, "ce51033f5582"}, {0x6, 0x10, "bbc3316c78e4f3cb8287d9806a9b"}, {0x2, 0xc, "47864eeec31cfe92f1a4"}]}, @timestamp_prespec={0x44, 0x2c, 0x13, 0x3, 0x8, [{@empty, 0x5}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x6}, {@remote, 0x6}, {@private=0xa010101, 0x2}, {@loopback, 0x7}]}]}}}}})
getpeername$packet(0xffffffffffffffff, &(0x7f0000000280)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000003c0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000400)={'team0\x00', <r4=>0x0})
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000440)=<r5=>0x0, &(0x7f0000000480)=0x4)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000004c0)={<r6=>0x0, @local, @private}, &(0x7f0000000500)=0xc)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'bond0\x00', <r7=>0x0})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000cc0)=ANY=[@ANYBLOB="44010000100001000000000019002000fe800000000000000000000000000000ac1e00010000000000000000000000000000000100020000000000004e000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032000000fc010000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003e00000000000000000000000000000000000000000000000135000002000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c00edcbf0b640f90fccb6e6900ed79aa01dd316cd2cc789594f4137205e6dae13d2f1433c1a99a75d067dd717b414898c7ebcc4159926662ec978da01f7d04e83bac03f07c200", @ANYRES32=r7], 0x144}, 0x1, 0x0, 0x0, 0x4048894}, 0x84084)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000540)={'wg2\x00', <r8=>0x0})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000006c0)={'ip6gre0\x00', &(0x7f0000000580)={'ip6tnl0\x00', <r9=>0x0, 0x4, 0x1, 0x8e, 0x5, 0x10, @rand_addr=' \x01\x00', @empty, 0x7, 0x7800, 0x4, 0x81}})
r10 = socket(0x10, 0x803, 0x0)
r11 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r12, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r10, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001380)=@newtfilter={0xac, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r12, {0xc, 0x4}, {}, {0x3, 0xf}}, [@filter_kind_options=@f_u32={{0x8}, {0x80, 0x2, [@TCA_U32_SEL={0x74, 0x5, {0xb, 0xf, 0x6, 0x2, 0x7ae, 0x9, 0xb11, 0x65, [{0x80000000, 0x401, 0x5, 0x9}, {0x0, 0xe1, 0x7}, {0x8000, 0x80000000, 0x76800, 0xd}, {0x9, 0x100, 0x7, 0x5}, {0x8, 0x3, 0x0, 0x2}, {0xb, 0x7, 0x1, 0x1}]}}, @TCA_U32_CLASSID={0x8, 0x1, {0xb, 0x3}}]}}]}, 0xac}}, 0x20040054)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000700)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000740)=0x14)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000780)={<r14=>0x0, @multicast2, @multicast2}, &(0x7f0000000880)=0xc)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000980)={'syztnl0\x00', &(0x7f00000008c0)={'syztnl1\x00', <r15=>0x0, 0x40, 0x7, 0x1, 0xff, {{0x1f, 0x4, 0x0, 0x9, 0x7c, 0x67, 0x0, 0x6, 0x29, 0x0, @multicast2, @empty, {[@ra={0x94, 0x4, 0x1}, @ra={0x94, 0x4}, @ra={0x94, 0x4, 0x1}, @noop, @ssrr={0x89, 0x23, 0x5b, [@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote, @broadcast, @broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback, @rand_addr=0x64010101]}, @timestamp={0x44, 0x8, 0x5, 0x0, 0x1, [0x7]}, @ssrr={0x89, 0x17, 0xae, [@multicast1, @dev={0xac, 0x14, 0x14, 0x1c}, @multicast2, @rand_addr=0x64010101, @loopback]}, @generic={0x86, 0x3, "a3"}, @timestamp_addr={0x44, 0x14, 0x17, 0x1, 0x4, [{@remote, 0x7f2}, {@local, 0x2350}]}]}}}}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000a40)={'syztnl0\x00', &(0x7f00000009c0)={'ip6tnl0\x00', <r16=>0x0, 0x2f, 0x7, 0x2, 0x5, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @private1={0xfc, 0x1, '\x00', 0x1}, 0x700, 0x10, 0x2, 0x1ff}})
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000001280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001240)={&(0x7f0000001440)=ANY=[@ANYBLOB="cfefd765779e13d876497abaec02eb9f7085aad5006fde4ebdcc84a453f96430834676808eaa7188ca069cac2949259ea6f85163d9741458ba9caaba3878f8e87cbb3599adac76dcc25d12fad50e2198b8561232b0f62603aa38aab4d908e3e5251f", @ANYRES16=0x0, @ANYBLOB="000226bd7000fbdbdf250100000008000100", @ANYRES32=0x0, @ANYBLOB="500002804c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000008000100", @ANYRES32=0x0, @ANYBLOB="3c00028038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004000400000008000100", @ANYRES32=r1, @ANYBLOB="7c00028040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000400000008000600", @ANYRES32=r2, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000700000008000100", @ANYRES32=r3, @ANYBLOB="740002803800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f636f756e740000000000000000000000000000050003000300000008000400ff0f000008000100", @ANYRES32=r4, @ANYBLOB="b400028038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400e40d000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r5, @ANYBLOB="080007000000000038000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000800000008000100", @ANYRES32=0x0, @ANYBLOB="9c010280400001002400010071756575655f6964000000000000000000000000000000000000000000000000050003000300000008000400ff7f000008000600", @ANYRES32=r6, @ANYBLOB="400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000080000008000600", @ANYRES32=r7, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400050000005c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000002c0004000100fe6affff0000fffffdd70100000004000c0981000000780c075f0600000006000701000000004c000100240001006c625f74785f6d6574686f640000000000000000000000000000000000000000050003000500000019000400686173685f746f5f706f72745f6d617070696e670000000038000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004000700000008000100", @ANYRES32=0x0, @ANYBLOB="bc00028040000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e000000080004000000002008000600", @ANYRES32=r8, @ANYBLOB="40000100240001006d6f6465000000000000000000000000000000000000000000000000000000000500030005000000100004006c6f616462616c616e6365003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=r9, @ANYBLOB="08000100", @ANYRES32=r12, @ANYBLOB="700202803c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=r13, @ANYBLOB="6c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000003c0004007f00070305000000ff0308af0001000004000280020000000600060807000000deeb1a000400000001000200dd365f5ee03f07020200000038000100240001006d636173745f72656a6f696e5f696e74657276616c0000000000000000000000050003000300000008000400080000003c00010024000100757365725f6c696e6b75705f656e61626c65640000000000000000000000000005000300060000000400040008000600", @ANYRES32=r14, @ANYBLOB="4c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000001c0004000100080108000000040002050b6800000080ce0c00e0110084000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b000000540004003360020de10000000900070500040000050006050700000008000200008000000200bffe030000000200a1010100010001040207000000000f0009050010000000000404080000000200b69f0100000040000100240001006d6f64650000000000000000000000000000000000000000000000000000000005000300050000000f000400726f756e64726f62696e000040000100240001006c625f74785f686173685f746f5f706f72745f6d617070696e67000000000000050003000300000008000400", @ANYRES32=r15, @ANYBLOB="080007000000000008000100", @ANYRES32=r16, @ANYBLOB="400002803c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB], 0x794}, 0x1, 0x0, 0x0, 0x40000}, 0x1)
connect$netlink(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000000)={{}, 0x0, 0x0}, 0x20)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd63178e6203c229"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r17 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r17, 0x5, 0xb68, 0xf5ffffff, &(0x7f0000000000)='%', 0x0, 0xd01, 0xbe02, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.064011037s ago: executing program 3 (id=606):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100000, 0x0, 0x0, 0x6, 0x3, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x48, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x1}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}]}, 0x48}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000001c0007801800018014000240"], 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000880)=@newtaction={0x6c, 0x30, 0xb, 0x0, 0x0, {}, [{0x58, 0x1, [@m_skbmod={0x54, 0x1, 0x0, 0x0, {{0xb}, {0x28, 0x2, 0x0, 0x1, [@TCA_SKBMOD_PARMS={0x24, 0x2, {{0x0, 0x2, 0x0, 0x0, 0x3}, 0xc}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)

972.422588ms ago: executing program 2 (id=608):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=@newlink={0x44, 0x10, 0x403, 0xfffffffc, 0x3f, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4803}}}, @IFLA_LINK={0x8}, @IFLA_MASTER={0x8}]}, 0x44}, 0x1, 0x300000000000000, 0x0, 0x4004}, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000001380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r4 = mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x1f0, 0x0)
mq_timedsend(r4, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r4, 0x0, 0x0, 0x6, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(r4)
writev(r0, &(0x7f0000000080)=[{&(0x7f0000000380)="ac", 0x1}], 0x1)

947.583799ms ago: executing program 2 (id=609):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000240)=@setlink={0x20, 0x10, 0x401}, 0x20}}, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
pipe(0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$tipc(r4, &(0x7f0000004440)={&(0x7f0000000ec0)=@id={0x1e, 0x3, 0x0, {0x4e22, 0x1}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000800}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
pipe(&(0x7f00000002c0)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
write$binfmt_script(0xffffffffffffffff, 0x0, 0xb)
splice(r5, 0x0, r6, 0x0, 0xf3a, 0x0)
write$binfmt_misc(r6, &(0x7f0000000980), 0xfdef)
splice(0xffffffffffffffff, 0x0, r6, 0x0, 0x80, 0x7)
mknodat(r6, &(0x7f0000000000)='./file0\x00', 0x2, 0x2)
timer_settime(r2, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

937.331018ms ago: executing program 3 (id=611):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
r1 = io_uring_setup(0x4d3f, &(0x7f0000000240)={0x0, 0xca6a, 0x40, 0x1, 0x6})
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(r1, 0xb, &(0x7f0000000480)=[@ioring_restriction_sqe_op={0x1, 0x1c}], 0x1)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x96, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x520, 0x340, 0x25, 0x148, 0x0, 0x60, 0x488, 0x2a8, 0x2a8, 0x488, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x0, 0x0, 0x9, 0x0, 0x80ffffff, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0xe8, 0x148, 0x0, {}, [@common=@set={{0x40}}, @common=@unspec=@statistic={{0x38}}]}, @common=@SET={0x60}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x580)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @remote}, 0x10)

910.395059ms ago: executing program 0 (id=612):
r0 = socket$inet6(0xa, 0x2, 0x0)
accept4$llc(0xffffffffffffffff, &(0x7f0000000100)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000000280)=0x10, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="3c0000001000370400000000ffffffff00000000", @ANYRES32, @ANYBLOB="0b120500000000001c0012800b00010069703667726500000c00028008000100", @ANYRES32], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @multicast1}}}], 0x20}}], 0x1, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000200), 0x8)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r1, &(0x7f0000001d80)='.\x00', 0x0, &(0x7f0000001dc0)={0xb}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f00000007c0), 0x1, 0x73e, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvbJOmb9vXpODBimCgBwulu3ZbSwWRih6kWCnqzUO73d2Gkt1uyW5KEypaUQRPIsWzP07e/AdEEfTmUfDsSQpFSr0IQmS2s3Hb7KabNJtV9/OBCc8zM5tnvjszz/Mkz8NMAGNrNv2Ri9gfER8lEdPZ+iQiJtupiYiTd/e7c/taOV2SWFl5/bekvU+aj67PpPZkmcci4rv3Iw7l1pbbXFqeL9Vq1YUsX2jVLxeaS8uHL9ZLc9W56qXi8WePFk8UnzlR3LJY/3jv1fOnvnrpixvv/vjLa2+dejKJk7E329Ydx1aZjdnsO5lMv8J7vLjVhY1YMuoDYFPSW3PH3bs89sd07GinAID/srcjYgUAGDOJ9h8Axkzn/wCdsb1hjIP9k916ISJ29Yp/Ihuz29UeB919J7lnZCSJiJktKH82Iq6++cHX6RJDGocE6OWd6xFxbmZ2bf2XrJmzsFFPD7DP7H159R9sn2/T/s+JXv2f3Gr/J3r0f6Z63Lub8eD7P3dzC4rpK+3/Pdez/7s6aW1mR5b7f7vPN5lcuFirpnXbIxFxMCan0vyRdco49vHzP/Tb1t3/S5e0/E5fMDuOmxNT936mUmqVHibmbreuRzw+0Sv+ZPX8J336v2cGLKP1/ROf99v24PiHa+WziKd6nv+/Z7Ql689PLLSvh0Lnqlgr/+H0vn7ljzr+9PzvXj/+maR7vmZz42X89MmfL/fbttnrf2fyRju9M1t3tdRqLRyJ2Jm8snZ91xTSTr6zfxr/wQPr13+9rv/0b8JzA8Y//+mX5zcf/3Cl8Vc2dP43njjw8zd94xns/B9rpw5mawap/wY9wIf57gAAAAAAAAAAAAAAAAAAAAAAAABgULmI2BtJLr+azuXy+bvv8H40dudqjWbr0IXG4qVKtN+VPROTuc6TLqe7nod6JHsefidfvC9/NCL2RcSNqf+18/lyo1YZdfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAkNnT5/3/qV+nRn10AMDQ7Br1AQAA2077DwDjR/sPAONH+w8A40f7DwDjR/sPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAkJ05fTpdVn6/fa2c5itXlhbnG1cOV6rN+Xx9sZwvNxYu5+cajblaNV9u1B/0+2qNxuXi8Vi8WmhVm61Cc2n5bL2xeKl19mK9NFc9W53clqgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGOaS8vzpVqtuiAhISGxmhh1zQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw7/BXAAAA///R4B8B")
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f00000000c0), r2)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000001bc0)={0x1c, r3, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8040}, 0x44010)
eventfd2(0x8000, 0x80801)
sendto$llc(r1, &(0x7f0000000180)="bee0b5dcad5d1d163b23cc2d28dd9a60fad9c3fdc44a5392766c96a5ce7a50e9d226ed9031a3da33b98ecabf9bd0bfbb183bd7cc8b7a27b1", 0x38, 0x5, &(0x7f00000001c0)={0x1a, 0x310, 0x1, 0x1, 0x8, 0x0, @broadcast}, 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r4 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
bind$inet6(r4, &(0x7f0000000080)={0xa, 0x4e23, 0x4, @empty}, 0x1c)
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1200, 0x30, 0x3)

855.50269ms ago: executing program 3 (id=613):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0xc, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b703000000000d008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='fib6_table_lookup\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='fib6_table_lookup\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'ip6tnl0\x00', 0x210})
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
perf_event_open(&(0x7f00000001c0)={0x0, 0x80, 0x0, 0x0, 0x0, 0xf7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x89f1, &(0x7f0000000080))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r1}, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)

809.363371ms ago: executing program 3 (id=615):
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
quotactl$Q_SETQUOTA(0xffffffff80000801, 0x0, 0x0, 0x0)
r0 = socket$inet(0x2, 0x6, 0x8)
ioctl$sock_SIOCSIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r0, 0x8983, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r3, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}, 0x1, 0x3000000}, 0x4000054)

804.11342ms ago: executing program 0 (id=616):
r0 = perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0xe65, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x0, 0x8, 0x3, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1) (async, rerun: 64)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) (rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) (async, rerun: 32)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async, rerun: 32)
arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x3) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x66, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10) (async)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x513, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=") (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
r5 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000080)={0x0, "69dcaf20127e9a854528f45826cb35be51ca73845d177dd8dba7221daeccfda56b75cfe286fdd14cb5b11b1cab614fec2236da7d88ea0f0700"}, 0x48, 0xfffffffffffffffe)
keyctl$search(0xa, r5, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x0}, 0x0) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
r6 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r6, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x5f, 0xffffffffffffffff, {0x29}}, './file0\x00'})

798.07497ms ago: executing program 4 (id=617):
perf_event_open(&(0x7f0000000200)={0x7, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x72000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x100000, 0x0, 0x0, 0x6, 0x3, 0x0, 0xa}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e0000000200130002000000da16c167d803f1f805000600200000000a00060000000000ff0000000000000000001ffeff0001000003f1dc7f7c6e7c0200010000000000004000020000000005000500000000000a"], 0x80}}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x6)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
syncfs(r1)
sendmmsg(r0, &(0x7f0000000180), 0x400008a, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffdfc, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r5=>0x0})
r6 = syz_clone(0x8000000, &(0x7f0000000280)="9c1d32ea877cb1996f3e691abb6817c3d848", 0x12, &(0x7f00000002c0), &(0x7f0000000340), &(0x7f00000004c0)="98cff201b2d14ae4834e97cf603ee8b7d535f1766b2f33e7fbb3540f9a9bb5d04c2b173ac99973979ff6d5c5423aa8bb57a659725799e83054b5d762c5129a4a9f235a4d189a4876b0922368f2bab4ac507d4d0e0ec8ae8bde779c2ad972b326b4fd525359feaeaf372c7e82022640b28db6a92a46a8daea4a05f2c3822bc5e624c97d1f5490c38b1fbe24cf2c72b8f247e14418d46b660c2d4eed5ac8d364b568f85826837fbedf0db88da4834228792a709f531e625e38cbbdf8468a6e447c8d6049a2c5bce6c163f5b979")
fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, <r7=>0x0})
kcmp(r6, r7, 0x1, r1, r4)
r8 = socket$nl_route(0x10, 0x3, 0x0)
wait4(r7, &(0x7f00000003c0), 0x80000000, &(0x7f00000005c0))
sendmsg$nl_route(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)

699.741652ms ago: executing program 0 (id=620):
openat$binfmt_register(0xffffff9c, 0x0, 0x1, 0x0)
syz_io_uring_setup(0xdec, &(0x7f00000003c0)={0x0, 0x875, 0x80, 0x1, 0x21e}, &(0x7f0000000440), 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1e000000000000000100000007"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
r2 = syz_open_dev$loop(&(0x7f00000005c0), 0xffff, 0x12d600)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000002c0)={r3, 0x1000, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c559265406c09306003d8002000", [0x0, 0x2]}})
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f00000000c0)={0x0, {}, 0x0, {}, 0x5e9, 0x3, 0x12, 0x4, "90925d88d506b59c0afa541662d4719b2ba84e0d6fe21680b5de0b6816a610833b374a4564e2409dbd4b531885b3a4080d81ad6a1dbb50b66837173eb57df80d", "1b59fd763499e1fb8374bd0a0884123d70cc5954ec64fc1916e4475dd86382d8", [0x8, 0x6]})

655.304802ms ago: executing program 0 (id=622):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r1 = fsopen(&(0x7f0000000280)='configfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
lseek(r3, 0x3, 0x0)
getdents64(r3, 0x0, 0x22)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f0000000000)={'ip6_vti0\x00', &(0x7f0000000180)={'syztnl2\x00', <r4=>0x0, 0x4, 0x5, 0x8, 0x10, 0x12, @private1={0xfc, 0x1, '\x00', 0x1}, @local, 0x1, 0x1, 0x5}})
setsockopt$inet_mreqn(r3, 0x0, 0x31, &(0x7f0000000300)={@initdev={0xac, 0x1e, 0x1, 0x0}, @broadcast, r4}, 0xc)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xf7ffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000bc0)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r7, {0x0, 0x6}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_FLAGS={0x8, 0x3, 0x2}]}}]}, 0x40}}, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x9, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000100000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008400000b704000000000000850000000100000095"], 0x0, 0x2af, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000540)='fib6_table_lookup\x00', r9}, 0x10)
r10 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r10, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYRESHEX=r4, @ANYRES8=r2, @ANYRES8=r2], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r7, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r11, 0x0, 0xffffffffffffffff}, 0x18)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000140)=ANY=[@ANYBLOB='-o '], 0xd)
creat(&(0x7f00000002c0)='./file0\x00', 0x88)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d214000000000000000000140000001100"], 0x68}, 0x1, 0x0, 0x0, 0x4006000}, 0x0)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r12, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)

637.030242ms ago: executing program 1 (id=623):
r0 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x20, 0x2000, @fd=r0, 0x823, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0xd8c9f17f0223bfbb})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000000000100000009000034000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000140000000e0a0102000000000000000001000000140000001000010000000000000000000000000a94d99f4a88af8f7c"], 0x90}}, 0x0)
io_uring_enter(r0, 0x27e2, 0x0, 0x3d, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
openat$vcs(0xffffffffffffff9c, 0x0, 0x200000, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYRESHEX=r1, @ANYRES64=r1], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000080), 0x80a, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rf', @ANYRESHEX])

506.910204ms ago: executing program 0 (id=624):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000000810"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18040000000000000000000000400000850000000800000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
fgetxattr(r3, &(0x7f0000000000)=ANY=[], 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
connect$inet(0xffffffffffffffff, &(0x7f0000000280)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="3800000003010104000000000000000002000000240001801400018008000100e00000010800020de00000010c00"], 0x38}}, 0x0)
sendto$inet6(r5, &(0x7f0000000500)="a4", 0x1, 0x2000c851, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, 0xffffffff}, 0x1c)

506.577454ms ago: executing program 1 (id=625):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffa}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='kmem_cache_free\x00', r1}, 0x18)
truncate(&(0x7f0000000900)='./file1\x00', 0xb73d)

452.889105ms ago: executing program 0 (id=626):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000027b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_clone(0x80100200, &(0x7f0000000000)="a55db407b16e1417c4f572bdda6cea641e5a1fa044a6f9057bf56a5e8b03d156ba7c7a753f3a318a0f9d9e6a02f87b20a77b9187bd15e373ca94a923", 0x3c, &(0x7f0000000040), &(0x7f00000003c0), &(0x7f0000000e40)="b39c9e18480de83ee16e688412f88ad6e3a41a9b7022e1ca8682daac86cdd6ff3244082b11cdaa245623db7961f38edf7b1660474db77f27368ba36997e074d31b1a4073eb2e05379acba598c5d835c13fc71f79657c15ae5cd06e8e1025fb8233cc1d5478f0688ea26ad3365d275f92d925003586dab1db2626c070b40d496d2680d486f4472f7e283bf11f047da3a65f3716a3f09ae1e56c293c66e236a9436e5c3b48e8ac702bbf49a6b942c22cd9823ce8c55fdddbaf1d74ca96790c6d42f4ade929ea41fb00771d90e7a166a1bf8b3fc1484969a387270de758c5d0b397ee44feb45c4cb3e62210b08a18b0f127ede1ce1407003637570fcee8a89a0549dbc1faf1623f5745ccabe3a22475383de33a5ab89ee850e624f747604ba8c842f39f44f308335742c144b00fbd4eb3c680476eab00653fda0c3cba9cea2d0548dafd492f3bd746eec23e67a992042c115b3415ed74bac319d42a7c427b460cf1f1c6b3296ae7fd67ada3d2b5ac8a24e4a84015883d8cefbe97e1367b5d26fdb3f2ef5c8093acde93152e14f69dd196aff5d1998629b316bd2e0adad53f4655a1ebdc950f85d022657cae55dc2bca88b55ed9857c46e2c0933cae2a36bf63144acf28917cf5ae128251fdfdf5316a412af808cd83942a43b7f3158c3d022c5f26423d1e986f92dce0a26ecec3f83d3c3fa8f7c9fc03c2e9ad54652bd50159e5613baf1bde8f145736749cac67506cd9874ac03e6f06ce2f3495896a25062ed6d37989970fbf505764fee8ecba1d2514b2a612f963944cd950483d391b6d4851851d3bc4e82140a071641bda5907ec2680688178dbb7f9ed2a618cd311ccfa9fdfadfa4d5efa5cf9a5883cae8e3b061cf0960b61244c4cb284e9884f5983838a5729b16c2755e7b146e2725b976fec0679ca5337aa3812d3141fb898abd711a4b1ca364584b52eebb088d4a3a0ad740794680a55fb8c9b7e7f36eb3c6602274dbc817b2dfd6cae7162fe0fe5885d1ef5ed6fd05e1856a68a38a8126db1037bd867abcd8fc1cac3a86cf2e53591bba6d3bf5d59e10e325178490aded4b0f9a181aa9be33fb2a873eda9f6fa1f6d982d32689d24757bbb6bc375ab3e332574bdaecd3434e928b001cfa65125710b8ba7ed61133bd2e07862d87f71e541b18ad0bc02f6a5c655af4733fc60f9c752cb5f6f3f66eb4fcbe95778f781330382f30c3501426273db1b0e3eb9d5442ff7860537831a08b2eb464b421d9ccf9cfa360348108fdafe6957a38e73c89a980da7374a0a9f975d6d8c95c2bd839d0f45c57435e076148373827e01965387622bb00423ffe6e023b93f7847bfdb04161fe6ba66f85a1c34c0e28a022c2208a0e9f1270bf6fc96036a895c6d0844358b43ae5bd2e8ddcb50f2c5353a9f66bd090b829a2ace394454b875e181d777cdba74d71147be9bf36966df55b6f4f85fbb007b8256df842060869468072a572030ded1ac7702902fa06a29cded1572a9346490b5e8a7d602b77d52f4b9c2bcde637338ebcd2f9f31d3427255437aed3fa839efc60f65fabfa2ca1799f487618bcec9abb1c1abee82cadfdf418eec932d9a54efcc9380c180d279a94a43d343406935255cd9b10cb117723c9db041068889ba1f4bb5ef22893e93b531f4d6b002b50555f9bc674563807ead2c0627d95df61731ebf59d61eff03a6c6fa9622226982f2550e4d1f9333e1e15381dcffb8992522503aafc04bb41810c940fecb57261246d7b7e34a769bd59523aa3507b9fcdfa30b5d49d3b1576880599495a58ff68e11c274cf5047ec909e6619109ab1a6d67e8dfa5b0c8f1eef6025dd4ecdf34c6bd27c83ed85bb21dcc3506cb063a3da98efdc69ae6d2ef48f711b4069628e05b37e0691d937465c48241fb60aba8f26f1f1a0caa2b8980400693ea9f4e59c2f0a1db7071ab4939724a3e0542eb8180f966f6dd195ecf64fd854aa3b63a2bc6530f119d99c8b4aba9827b79f194f9b44cf5dd12beececdf9290d5151c2126473a148bdb4eac94e8dfeddbe92d54d078548165c5382253942f6ad62523875adde0ea2367ed3700d5ca0b49aa287fa7511d1e345dd3fed9ac1f84695856ba9f9883c9556d133ad7032598249b08d7874d80095bb7851ecc04d649ee15f826ee8ae4926f65954ab1be88f807062f9ce1ba2a19e5402732d5283808822e206d0ec23953224fd800ccfcb2d080058af6f5801eb7e433be3b6f5e1da729a30e0f3cc58057e9cfaf77b223e10d2c4c536c5331ebded10a3757d8c81e3963c2d3d8786266473061ca461ef2e61f5b49df97ae15c26b243250f6cba9bf06b34530990cb25fca136ee0aa8e70cf275338b929e35f2be4c5fa456fca6c28fc77343cad735c2885e0ab425d1ebf2104e5188f0961cf8129db9b41486c36b2f786cf708fdf9e410033267027a41d730fac6512b6b5f531cfb6b7e7afb8d24e74568c7e6cbf1087427b0e0ee0aff01e5c2219995c422952a3150b5c35c31596dbca1971b9da3d53d502171fca824d838375f43cd184e5a2167d6402f739a2f9f467b06851c279ea5069c911216513464e419ffd1cf7a0155f56cc4cdcbb0d7dbe658ff13f6956a58c32636866a42cb76fe2ccf389af09c0b10cbd6ceb8c29ace6a675a7ac6cbc1207051d003cd5a2d1059bf5cb7ff3e5ca4f27d51193370ce8e97d2f36bfcc74d3ea34620aaba8e976f50c7e4c6ad7b5415c91ad55b39ad667e0db59cee1093e970b4de28eb9d58eee69f7d8e0e49fe27b42918ad6cbdd5ec6b4ef8567e9cc52705d9a4c468a82de81f0fdc9bbf20fd90438de4d85408ba2a3beb3639f3d7d0805426d507f9c5a6155c9ed472178200b0664543afafbbf4181f3713f3bc0a47d3ddd7f63b7f11ea20371c4f76d41312ebfb89b3b3a735fb2b75aa9997c97ae64cfc57d6b9c03cc04ad429f902f0fa3e0981ead3cc7ebcd8598b0a7975a9db47a6a6acc690623dfe1a6a2596e67798de9600143b782346b7a76a685daf3e114939b2f16a2081eaa1521b3ecd612886796d5f8482c50d5640eaa5333bb62d9412d39ec9effd5de90e9dd69ee08262b40eb2bb81df39d790ac5909f981b8d8830580c2b2c402408d67be4942d2fc62213f41c691684396681f4c8512bcbb05846062aaca45cd1f5bdc47e21fecf1c15ff8ebe948fea42113441e534362d62c7a56fa318a6bef813b05acaf6f76c8c839ca9edca3cb2c04908825dccfe29f594d54991e60f979719bbe046660c01499d8f25a71878c0ac2427d0998a4135864de0732ef2de0b62df91d3c163c0bb50318cdf33867c651a54d51a7804ce1efcef202a22132cbc1d76dcebe1bbca41f49dc6071e7f75299fc93976bc70bccb2741b6e0bf621963820482effeec9ac1ac77c6b6aa1993199942c0a30989645527d50251e63fc1594eb5e9ab5cecf331d8597a568c8fb9eadc91eb0ea843f8e0479082e6775d1c855a41a6c235736c8ba43c92f00919e9992cb13183628b0ad5db32de26fc228716c10f0853f96347f74aa33e11565181b5f00802a6aefb50348fe989d278f2f79996ebfaaa36f2b383983a7ce7cb34c5fc7192ea173ba550c64e95c234b43aacca6b96d8f7ec55a4de0d9577508b2271e5627578819436ec73ea15ef00834165be4b2e03a9c19653fc289626e5ab0d40634cee82349175c660f8ce3a9122a0d6fc0274b62be4664cef961dfa268e774d27b7dcb85ddf52fa0601991a04e49de32d1abd6c3ce78168290d596f75985a9e53d7e1b63949a88617585adc967c2885301c65476ee6a91a9465cbb59a6f947c88451b3a825c04844dce8dd4e5c159f9bf0ebc7392b101b16059d57ae2e7bb159ebac5bc1d68ba4d5f6db9d02d1f1fbcf2b7d7c652364e611c5e42c9b41e444fd7ec251eb3a72d1fa9d18cd078fdf550579380f2df0f9d037660d0d4b48a95e69413a0b08b4ace0d400cc8928912f775ea04480dceab69d516e8628ade9dcbbfe631ed8aa04817205536549ca1fd2f7f42db203af6a292050888eaa3ad95122ca8d07f70e8ddf8c3b5c3ce05c9fd52cb3877fc484c2b88e253e39577275b5e5297450bf714f7e28f42846c668c0d9d0fe54172bcfec4eb5344a491bfc11d5d5e8f52428e05c628b6ef76edcd9e677766003368b4789d0a63d649e53a0f1cf98e9f84f280bf73b4c8178385f5d8ae9c5099ff21071c3d264578ea9594f2643782988947322f026dcdd9a10fb53945001f97a33cb4ba09037bf9d734707b47b3395634787ad0dc9ba489f26093b0f3df9e9d8dd6d17aa09a5ef7024be35d08b6e02de97f8f9a23087d4b06e3b64c12a61b40d6b962e5feb65ab27d9eb89ba3fc91a29b35cb7059b53eb048c788870125e280f53a4084048f0e6af97565f2f27ee56f4bddc7e9f2f2c795f211bc1ca08cacc293cb29a6da907b5bf040b5d1fec24e3cca611484f27b4f30e9a5c92c620829be2d1e02e3699cc09dd8fbbdf2ae7f83725bb9f35135b05f3e5994914203831ca9bd55eb4f9b1925df869cd378aca8dab3eeb59c46ee646a5ca484775cb0f3f590143a1d6525bfa45f357eac8350fcc40775b87ee66e382d4712049a799047659d55f5831ab06b96da3211854d94e354f6795a76fe628f1ad454b3caeca3cce356bc7be7607af72f0954a8fb03446f68e3b8c8582d7f24e82d85d730a4b60176eee95c11409cd568d72081c59d072745d50592d7ca9f4c16c86c4eccd8bb5fee4879628802bfbbd29cf2127ba7cb50fccfa513ede7b12339dff7caee63e843d678f03ebcd686f6692765c7c647b28721c06243567375e8d1872482c9c8c973ac5384d82fc0edc7913792738467f721ee5babb8bf4bfb8af2f7f1749dba212ec25e9296b095e43bb9e728fd4126542f2bec292d3dc9475fcfe9ad8c66d0cb77e052af3701c7cfd0b84ef21bacd3bb038a3b9b0c4e1548b50228cb9b0ab92160e1057932b743d2c27cd1d8d1c6b7d6efd6b7dfe4fb4a43675b0dc8ffb0edc5fbe4875e2ed21308c66663ba8ec3e7e6316c68483d3b5a15420eb28f4980a99f94096804bfe49654c49dd3c319c995db389a00361c8c14ad6aae09e7d6ba0b9e26bfe811ba4de0cd1b46edfcdcc9138bf4b623c0f332649d6344c4fd86c26f8769ed8aa5768e8d82101b3b2bda27f619c871c0f77fd9e0df0442700b1c13d8edcdc7f87ac529552ad09a4f25dc1d6dc45a1548884f4889762c78dafe1bfa868cdaa1e495eb3dc3db0af5eb6d57679039069d0d3c5a7fa288abd0abf9e51ae2b301f2bfb853d4185ac3babf29625d64931ab4aab3c3bcf4431e00a1f4bb470edbe4c1b8599eefb8b20952da24888db939a5d23dbe6d84ecf33100d6656913c93af399940ccb3396636847e1aa9c785c95a0aed33cfb74c17872230ae731ea74dadbc280a366a2611ab9a143303bcdd1a6649c7f2083a653cf810bafd85d935add41d5f0f6ba363c804445e11b6c244feef21d384287b8b070e8f09aa1c7c96de06f4b729ea854ad5bcd6d996cf88906dfef4da553fea40db26a3ea0125c7eddf790b65a1c09bf75b547db63f1d0ba1a0032a3cd8b518fc8a14098069ef1b5d8ccb2a38eaa1052074448c96bec7ac2c6d689a947f782d2efe714eaecb55bba4fd40f7f8d4bf9310598f2d33672bf2ccc69d4c155030fc64a002b4ade41f32b27d8406d3982e384a9bbd455931579233f30ca406d7118e9eb43a501444fc142afe7fb0465d36f036827ac1829d3a79067f966dfc2c14a947bf53351f46e106c44d375f25e0a3e")
r3 = syz_clone(0x20000000, &(0x7f0000000400)="f5ef31886915b1d7c678154b53e4809e156949b4f8b5d4f10479a4db520ee1cb59e94bd37a7c67159bc077d64baa2865aeaf9e4dd793afda026aef", 0x3b, &(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)="fce2eda2299be85852653795f8d24f3d02badcf25a169190ec77a81d6de06351c339acdc5841bf1bb587d8315ce4e72e95e3670541cd82d56382dd75ef6b890dc6f1afea4930c3134fbe86105400035016c6dd52d31745cf770c24d91009db63de5286981a9a31cd3b1a2c64f11a9b7b70bb5f60ef81ee88f689cb6dfad533")
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000000540)={{0x1, 0x1, 0x18, <r4=>r0, {0x0, 0xee01}}, './file0\x00'})
kcmp(r2, r3, 0x1, r4, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000e00)='kfree\x00', r1, 0x0, 0x4ab}, 0x18)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a0b040000000000000000020000000900010073797a30000000000900020073797a320000000014000000110001"], 0x54}}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
open(&(0x7f0000000080)='./file1\x00', 0x20042, 0x45)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0x8000, 0x108)
fcntl$setlease(r8, 0x400, 0x1)
sendmsg$NFT_BATCH(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000002580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000080a01010000000000000000020000000900010073797a300000000038000000060a17d50000000000000000020000000900020073797a32000000000900010073797a30000000000c0003400000000000000002"], 0xcdc}}, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x5000003, 0x28011, r9, 0x2f957000)

435.924255ms ago: executing program 1 (id=627):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x5000003, 0x28011, r0, 0x2f957000)

355.220356ms ago: executing program 1 (id=628):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x1000, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x5000003, 0x28011, r0, 0x2f957000) (fail_nth: 2)

59.74121ms ago: executing program 1 (id=629):
setsockopt$netlink_NETLINK_NO_ENOBUFS(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB], 0x38}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000002a00), r0)
sendmsg$NLBL_MGMT_C_LISTALL(r0, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000002a80)={&(0x7f0000000040)={0x14, r1, 0xb01, 0x70bd26, 0x25dfdbfb}, 0x14}}, 0x80)

59.15082ms ago: executing program 2 (id=630):
r0 = open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0)
fallocate(r0, 0x0, 0x0, 0x1000f8)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(r0, 0xc0189374, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff, {0x9}}, './file0\x00'})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a000020095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x10000000013, &(0x7f0000000100)=0x1, 0x47f)
connect$inet(r3, &(0x7f00000000c0)={0x2, 0x4e21}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0xdc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x99, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x8, 0x8000, 0x0, 0xffff, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0xe, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000b703000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
sendmsg$nl_generic(r6, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000000c0)={&(0x7f0000000600)={0x54c, 0x31, 0x800, 0x70bd2c, 0x25dfdbfe, {0x8}, [@nested={0xfb, 0x14c, 0x0, 0x1, [@nested={0x4, 0x120}, @nested={0x4, 0x143}, @nested={0x4, 0xcf}, @generic="eb695b397d431d7d836fbd5384179696ec4b916dd9a4d384773979e71fe5e9eb443567b7b30fea015f4ad5fda0fbe3d9101ee4db8af07016dada3e4773b7f7b4bc7245a573333170ed7b006ce1aef4be97f8325abc774fbca44f540d21393778f5a5c7cd5eae54fd4f65c1d50fc443f84551f990aaa67daa4d8c2fe35ef8cc1d465a3f41ca8f7cb315edb8089b298d8223ec9381002b3f0499baef7f5bc54dd6aa657893d42dbfbd61b188358c4483e11f87b328a3101584301283d0b2cff5cbfe4bd11eb1fbf805ce933b3721bdb344560b7cd36455d7142adb89d6fe00d182efccc75cf6e558105fc4c7"]}, @generic="b358971ab2", @generic="d8434803b5bd5aab915c1f65e236fff4113ea14aa9c727b452fa7126e519e4668359afe27951421de0dcfe938052e1b310a33f2b80bf35b8cab8ad8df264c468346348c80ea6ec48c525287e7363bf91f99d8bf11f1cc523b7fdaa63621dba10aad345b55919442bad95d385090eea162854ed30aca98bcf49f63a2367342d56948a6147b7c09a2450e71baa271e30e1a3bbc59003b4dd28074b2d4cfaee99dfc2d9552e1165730718d6f3fd2aed4609127c7f335a5a4ad245e33257544888ad45f4e231393174d0189fdc36c76c9c5706b601be53f8c360486e0f8fdad89a281c8d6a1b3f6e328d571c76cf3a07da1b55ea83c9d609272c5c", @nested={0x64, 0xab, 0x0, 0x1, [@generic="2712d87f9e67d00dd2f255a23e6ca522283beb073b4b05484460f929b55ac3169ba25ad4deac69709e523a5f4f50957db5fea25b68f0b7105c9ab443ee0d80adb7b35cd1fc644ed41890a2b93c6690ea6df72985de30dcc05dc82dd97b5423f0"]}, @nested={0x10e, 0xfb, 0x0, 0x1, [@generic="575c4bf0058fbd1a6e77598e8624901073d21a98edc03601a9490d6893782b922b5d2b90d0b9082b710b1b3df80b1fea2e7d88b770506dadbf617d6bdc14df2eba0323d0fc6b3a73936a4ce791965d1f9eb96bd34fef9a1242e1ab5198ed6e1a03a7743176c6c9a84a82b471ba2987e914f98a713e1d9f89399f0b8dee87e0242894a9c2911e20d81ca20f3ea0950ad5464816adb38ca4f0a96fd3f00da6f00eefdae409316032c60be023572268250f1e7417f33a37d859fc00404a2e8c65ed7b81cae0f86551b211bf48b37d16e8254e964e37ed6e22c5e79c686df9780bd883526a03b91029937f0119de8a7afc846945a8c7a3bae2fd96bff65cbd3e", @typed={0x8, 0x1c, 0x0, 0x0, @pid}, @nested={0x4, 0x8b}]}, @nested={0x19b, 0x13a, 0x0, 0x1, [@typed={0x4, 0xb4}, @nested={0x4, 0x120}, @generic="f385850bb80fed2391bf5f47ab8d4c3d33320d81a0cd362b4204d8316edaa50b9e4bf982625eb4f33f16edc59c39787ad9fbd9cdb0b5f6abaf76d40e6491806fcbddab48547931026c93b592ed860801ae85", @nested={0x4, 0x92}, @generic="6027e0a69010f884d6bd86ca67ae88986a92cc2b24ed2f1358daa6ffd1c89bdb9cad3cfadd7b0ad8ebfcb2", @typed={0x8, 0xd4, 0x0, 0x0, @pid}, @generic="9ff5917230a97f9e43375a14a2414cfa2ba31e96be2f68139d38f86220066d375c89143b9df05d1c86ef16e94c318102b02414b1f1d43cc9912ac62c6cb4b17c2e23c40a04be8fd9ab0993eafc59fc994bf7932a7812801244ab2f638a1e775adf5c6208f12b4b108f7083cfbe01e35f7c2c61a0b2791a2145602514f5d0eb4cbb566b3645fbfe", @typed={0x6, 0x40, 0x0, 0x0, @str='*\x00'}, @generic="7784b9c28e59dcc1f462e42bf1caa84c9ec382e361edf4210b9d66b1bac9f5dd03003a309330a43777d04e47046e5c04eb9b022ed4b4229433f21fdfe457b5fc0b3b52403405bfe5cb4fdbd4b76a6254bba539c8bd1fc8f2c90777522cc384c4bbc6121c193458bab0ba96898021c861ad25efd74029a5"]}, @nested={0x4, 0x14c}, @generic="b3a6c28d151372a84752934ee315e0eccb6f5f1b9162a660ee7729b0e6f1a44c921103eaac188e86"]}, 0x54c}}, 0xc0)
socket$inet6_icmp(0xa, 0x2, 0x3a)
accept$inet6(r1, &(0x7f0000000500)={0xa, 0x0, 0x0, @mcast2}, &(0x7f00000004c0)=0x17)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x460, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x390, 0xffffffff, 0xffffffff, 0x390, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @private2={0xfc, 0x2, '\x00', 0x1}, [0x0, 0x0, 0x0, 0xff], [0x0, 0xff, 0xff000000], 'veth0_macvtap\x00', 'macvtap0\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @loopback}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x3b, 0x0, 0x3}, 0x0, 0x258, 0x2c0, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x400, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'pim6reg\x00', {0x5, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3, 0x8}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x14, 0x400, 0x3, 0x0, 'syz1\x00', 'syz1\x00', {0x10001}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x4c0)
r7 = syz_io_uring_setup(0xd9, &(0x7f0000000b80)={0x0, 0x0, 0x40, 0x0, 0x34f}, &(0x7f0000000540)=<r8=>0x0, &(0x7f0000000080)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x4, 0x8, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r8, r9, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x3b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000})
io_uring_enter(r7, 0x47bc, 0x0, 0x0, 0x0, 0x0)
r10 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
accept(r6, &(0x7f0000000380)=@nfc_llcp, &(0x7f0000000340)=0x80)

58.511769ms ago: executing program 1 (id=631):
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x520, 0x340, 0x25, 0x148, 0x0, 0x60, 0x488, 0x2a8, 0x2a8, 0x488, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x0, 0x0, 0x9, 0x0, 0x80ffffff, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0xe8, 0x148, 0x0, {}, [@common=@set={{0x40}}, @common=@unspec=@statistic={{0x38}}]}, @common=@SET={0x60}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x580) (async)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x8, 0x3, 0x520, 0x340, 0x25, 0x148, 0x0, 0x60, 0x488, 0x2a8, 0x2a8, 0x488, 0x2a8, 0x3, 0x0, {[{{@uncond, 0x0, 0x2f8, 0x340, 0x0, {0x200003ae, 0x7f00}, [@common=@inet=@hashlimit1={{0x58}, {'geneve0\x00', {0x0, 0x0, 0x9, 0x0, 0x80ffffff, 0xffffffff, 0x7}}}, @common=@unspec=@bpf1={{0x230, 'bpf\x00', 0x0}, @pinned={0x1, 0x0, 0x6, './file0\x00'}}]}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x6, 'syz0\x00'}}}, {{@ip={@empty, @empty, 0x0, 0x0, 'syzkaller0\x00', 'veth0_to_team\x00'}, 0x0, 0xe8, 0x148, 0x0, {}, [@common=@set={{0x40}}, @common=@unspec=@statistic={{0x38}}]}, @common=@SET={0x60}}], {{'\x00', 0xc8, 0x70, 0x98}, {0x28}}}}, 0x580)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x48) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = inotify_init1(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) (async)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200001400a685b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70200001400a685b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./file0\x00', 0xc80, &(0x7f0000000180)=ANY=[@ANYBLOB="00631dda01aef2456795dd9b26209f1c0f624854ea3dd5a00bd6df44035f5c3ae796fec6d633a0ffad0569794acfef7da01767fd4175f2cd82df769aa2ee7bfe3640554507d2e660c9f9e222a72e1e3e71145c480657d2864e5e276f028d64701ae31cde0ceaf408fdb05c0f4142da00e900000100000149e6d308cbe315789f4baffe39bbced9b1d421d2e290e9fc563b62225f002ee310e1fa7321000000000000d6231001a4b2d467825f3abb0c167e129cf1fa0e7854103f4bf2d3a0194983bc86cbd3d75ccef3c8ac4516dac102"], 0x1, 0x266, &(0x7f0000000340)="$eJzs281OE1EYxvGHDwVBmCqKgjG+0Y1uJlCvoCGQGJtokBo/EpNBptp0aEmnwdQYYefW6yAu3ZkYb4CNV+DCHRuXLIxjmKnQlhrDQiba/29zXnJ4mnP6njZn0dl58Ha1XAzdoldXf59pUNrUrpRRvwaU6GuO/XF9Uq02dWMi/+XyvYePbufy+flFs4Xc0s2smY1f+fji1burn+qj99+PfxjSdubJzrfs1+3J7amdH0vPS6GVQqtU6+bZcrVa95YD31ZKYdk1uxv4XuhbqRL6tbb5YlBdW2uYV1kZG1mr+WFoXqVhZb9h9arVaw3znnmlirmua2Mjwp8UthYXvVzaq8DfVavlvDlJ04dmClupLAgAAKSK+38v4/7fC/bu/4+bn9923P8BAAAAAAAAAAAAAAAAAAAAAPgX7EaRE0WR82s8IcVP+ETNv09JGpE0Kum0pDFJ45IcSRlJZySdlTQh6Zyk85ImJV2QdFHSVMtrpb1XHEb/exv97230v7e1PLg7LK2+WS+sF5Ixmc8VVVIgXzNy9D3uZVNSL9zKz89YLKNLqxvN/MZ6YaA9Pytn78B0y88meWvPD8Xnbj+flbN3wLrls13zw7p+rSXvytHnp6oq0Ep8Jg/yr2fN5u7kO/LT8f/971zb17V/rvu7+SR/hPPR8f4Oanow3b1DChsvy14Q+DUKCgqK/SLtbyYch4Omp70SAAAAAAAAAAAAAAAAAMBRHMfPCdPeIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnX4GAAD//5KSYE0=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x18)
inotify_add_watch(r2, &(0x7f0000000280)='./control\x00', 0x40000402) (async)
inotify_add_watch(r2, &(0x7f0000000280)='./control\x00', 0x40000402)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0) (async)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x20c006, &(0x7f0000000480)={[{@grpjquota}, {@mblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@discard}, {@grpquota}], [{@seclabel}]}, 0x1, 0x446, &(0x7f0000000d40)="$eJzs28tvG8UfAPDv2kn6/P1qqvLoAwgURMQjadJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSd8QRib+AE1wQcELiCndUqUK5tMDFaOPdxHbttA5ONtSfj7TJzO44M1/vjj07kw2gbw2nP5KIvRHxa0Tsq2ebCwzXf91cXpz6c3lxKola7Y0/kpVyN5YXp/Ki+ev25JmBiNInSRxuU+/8pcvnJqvVmYtZfmzh/Ltj85cuPzN7fvLszNmZCxOnTp04Pv7cyYlnexJnGteNQx/MHTn4yltXX5s6ffXtH79O8vhb4uiR4fUOPl6r9bi6Yv2vIZ0MFNgQulKud9MYXOn/+6IcaydvX7z8caGNAzZVrVar3df58FINuIslUXQLgGLkX/Tp/W++bdHQY1u4/kL9BiiN+2a21Y8MRCkrM9hyf9tLwxFxeumvL9ItNmceAgCgybfp+OfpbPzXtPBTisZ5of9nayiViLgnIvZHxMmIOBAR90aslL0/Ih7osv7WRZJbxz+la13+ya6k47/ns7Wt5vFfPvqLSjni73y4XInB5MxsdeZY9p6MxOCOND++Th3fvfTLZ52ONY7/0i2tPx8LZu24NrCj+TXTkwuT/ybmRtc/ijg00C7+ZHUlIL0sDkbEoQ3WMfvkV0c6Hbt9/M2GGjM9WGeqfRnxRP38L0VL/Llk/fXJsZ1RnTk2ll8Vt/rp5yuvd6q/2/h7LT3/u9te/6vxV5LG9dr57uu48tunHe9pNnr9DyVvNu17f3Jh4eJ4xFDyar3RjfsnWspNrJVP4x852r7/74+1d+JwRKQX8YMR8VBEPJy1/ZGIeDQijq4T/w8vPvZO856ki/g3Vxr/dFfnfy0xFK172ifK577/pqnSSnQRf3r+T6ykRrI9d/L5dyft2tjVDAAAAP89pYjYG0lpdDVdKo2O1v+H/0DsLlXn5heeOjP33oXp+jMClRgs5TNd9fng+nzoeHZbn+cnWvLHs3njz8u7VvKjU3PV6aKDhz63p0P/T/1eLrp1wKbzvBb0L/0f+pf+D/1L/4f+1ab/7yqiHcDWa/f9/2EB7QC2Xkv/t+wHfcT9P/Qv/R/6l/4PfWl+V9z+Ifntmti5PZrRn4koFVd7PkNV+JtwFycK/mACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADokX8CAAD//2Ts5lU=")
lsetxattr$security_selinux(&(0x7f0000000300)='./control\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x22, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00') (async)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
mount(0x0, 0x0, &(0x7f0000000080)='debugfs\x00', 0x4002, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
io_uring_setup(0x1de0, 0x0) (async)
io_uring_setup(0x1de0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r5}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
mq_timedsend(r6, 0x0, 0x0, 0x9, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r7, &(0x7f0000001280)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=ANY=[@ANYBLOB="2c0000002d000100fcffffff0000000008000000", @ANYRES32], 0x2c}], 0x1, 0x0, 0x0, 0x4}, 0x0) (async)
sendmsg$netlink(r7, &(0x7f0000001280)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000002c0)=ANY=[@ANYBLOB="2c0000002d000100fcffffff0000000008000000", @ANYRES32], 0x2c}], 0x1, 0x0, 0x0, 0x4}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0, r1}, 0x18)

530.36µs ago: executing program 3 (id=632):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000001380)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = mq_open(&(0x7f0000001140)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\xe0\x9d\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xdf\x15\f]\x15\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb', 0x42, 0x1f0, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x6, 0x0)
mq_unlink(&(0x7f0000000000)='eth0\x00')
close(r3)
writev(0xffffffffffffffff, &(0x7f0000000080)=[{&(0x7f0000000380)="ac", 0x1}], 0x1)

0s ago: executing program 3 (id=633):
openat$binfmt_register(0xffffff9c, 0x0, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1e000000000000000100000007"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x18)
r2 = syz_open_dev$loop(&(0x7f00000005c0), 0xffff, 0x12d600)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000002c0)={r3, 0x1000, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c559265406c09306003d8002000", [0x0, 0x2]}})
ioctl$LOOP_SET_STATUS(r2, 0x4c02, &(0x7f00000000c0)={0x0, {}, 0x0, {}, 0x5e9, 0x3, 0x12, 0x4, "90925d88d506b59c0afa541662d4719b2ba84e0d6fe21680b5de0b6816a610833b374a4564e2409dbd4b531885b3a4080d81ad6a1dbb50b66837173eb57df80d", "1b59fd763499e1fb8374bd0a0884123d70cc5954ec64fc1916e4475dd86382d8", [0x8, 0x6]})

kernel console output (not intermixed with test programs):

dit: type=1400 audit(1742541498.691:111): avc:  denied  { mount } for  pid=3300 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   30.797052][ T3308] veth1_vlan: entered promiscuous mode
[   30.808719][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.819271][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.824918][   T30] audit: type=1400 audit(1742541498.691:112): avc:  denied  { mounton } for  pid=3300 comm="syz-executor" path="/root/syzkaller.nVShR4/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   30.829119][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.854283][   T30] audit: type=1400 audit(1742541498.691:113): avc:  denied  { mount } for  pid=3300 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   30.864717][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.865286][ T3299] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   30.886670][   T30] audit: type=1400 audit(1742541498.691:114): avc:  denied  { mounton } for  pid=3300 comm="syz-executor" path="/root/syzkaller.nVShR4/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   30.900513][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.910938][   T30] audit: type=1400 audit(1742541498.691:115): avc:  denied  { mounton } for  pid=3300 comm="syz-executor" path="/root/syzkaller.nVShR4/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3893 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[   30.972227][   T30] audit: type=1400 audit(1742541498.701:116): avc:  denied  { unmount } for  pid=3300 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   30.976795][ T3304] veth0_macvtap: entered promiscuous mode
[   30.991849][   T30] audit: type=1400 audit(1742541498.751:117): avc:  denied  { mounton } for  pid=3300 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=502 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   31.008149][ T3308] veth0_macvtap: entered promiscuous mode
[   31.020293][   T30] audit: type=1400 audit(1742541498.751:118): avc:  denied  { mount } for  pid=3300 comm="syz-executor" name="/" dev="gadgetfs" ino=3898 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[   31.052911][ T3308] veth1_macvtap: entered promiscuous mode
[   31.067020][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.077592][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.087864][ T3305] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.098643][ T3305] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.110223][ T3438] xt_hashlimit: max too large, truncated to 1048576
[   31.111749][   T30] audit: type=1400 audit(1742541499.021:119): avc:  denied  { read write } for  pid=3300 comm="syz-executor" name="loop3" dev="devtmpfs" ino=103 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   31.141746][ T3305] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.152409][ T3308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.162879][ T3308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.172807][ T3308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.183322][ T3308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.193173][ T3308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.203635][ T3308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.215305][ T3308] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.225642][ T3305] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.234365][ T3305] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.243131][ T3305] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.251919][ T3305] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.262949][ T3308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.273409][ T3308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.283304][ T3308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.293799][ T3308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.303844][ T3308] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.314587][ T3308] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.326842][ T3308] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.334480][ T3304] veth1_macvtap: entered promiscuous mode
[   31.361721][ T3308] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.370603][ T3308] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.379354][ T3308] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.379462][ T3308] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.391854][ T3304] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.414003][ T3304] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.423997][ T3304] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.434449][ T3304] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.444324][ T3304] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.454814][ T3304] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.464639][ T3304] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   31.475203][ T3304] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.487676][ T3304] batman_adv: batadv0: Interface activated: batadv_slave_0
[   31.520130][ T3304] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.530643][ T3304] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.540523][ T3304] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.551079][ T3304] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.556040][ T3452] Zero length message leads to an empty skb
[   31.560944][ T3304] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.577412][ T3304] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.587349][ T3304] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   31.597948][ T3304] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   31.610730][ T3304] batman_adv: batadv0: Interface activated: batadv_slave_1
[   31.619063][ T3304] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   31.627816][ T3304] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   31.636557][ T3304] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   31.645272][ T3304] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   31.688976][ T3457] pim6reg: entered allmulticast mode
[   31.728843][ T3465] netlink: 4 bytes leftover after parsing attributes in process `syz.0.10'.
[   31.740160][ T3465] bridge0: port 2(bridge_slave_1) entered disabled state
[   31.752914][ T3465] bridge_slave_1 (unregistering): left allmulticast mode
[   31.760044][ T3465] bridge_slave_1 (unregistering): left promiscuous mode
[   31.767099][ T3465] bridge0: port 2(bridge_slave_1) entered disabled state
[   31.794713][ T3468] loop0: detected capacity change from 0 to 512
[   31.798035][ T3457] pim6reg: left allmulticast mode
[   31.829362][ T3468] =======================================================
[   31.829362][ T3468] WARNING: The mand mount option has been deprecated and
[   31.829362][ T3468]          and is ignored by this kernel. Remove the mand
[   31.829362][ T3468]          option from the mount to silence this warning.
[   31.829362][ T3468] =======================================================
[   31.866938][ T3468] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   31.926790][ T3468] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   31.942707][ T3479] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3'.
[   31.955279][ T3468] ext4 filesystem being mounted at /4/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   32.011159][ T3485] loop1: detected capacity change from 0 to 512
[   32.033898][ T3485] EXT4-fs (loop1): orphan cleanup on readonly fs
[   32.042704][ T3485] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.14: bg 0: block 248: padding at end of block bitmap is not set
[   32.075998][ T3485] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.14: Failed to acquire dquot type 1
[   32.093268][ T3485] EXT4-fs (loop1): 1 truncate cleaned up
[   32.101817][ T3495] loop4: detected capacity change from 0 to 512
[   32.109175][ T3485] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   32.122106][ T3495] ext4: Unknown parameter 'obj_role'
[   32.167397][ T3485] syz.1.14 (3485) used greatest stack depth: 9504 bytes left
[   32.178877][ T3501] loop2: detected capacity change from 0 to 2048
[   32.187097][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.225950][ T3501]  loop2: p1 < > p4
[   32.235374][ T3501] loop2: p4 size 8388608 extends beyond EOD, truncated
[   32.279248][ T3507] capability: warning: `syz.1.20' uses deprecated v2 capabilities in a way that may be insecure
[   32.314759][ T3511] loop4: detected capacity change from 0 to 1024
[   32.320452][ T3510] netlink: 4 bytes leftover after parsing attributes in process `syz.2.21'.
[   32.347971][ T3511] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c02c, mo2=0003]
[   32.356391][ T3511] System zones: 0-1, 3-36
[   32.362531][ T3511] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   32.399368][ T3519] netlink: 4 bytes leftover after parsing attributes in process `syz.1.24'.
[   32.411769][ T3519] ipvlan2: entered promiscuous mode
[   32.418476][ T3519] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   32.426918][ T3519] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   32.441687][ T3525] loop2: detected capacity change from 0 to 2048
[   32.478237][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.488958][ T3525] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.728640][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.757746][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   32.807368][ T3545] loop3: detected capacity change from 0 to 2048
[   32.870481][ T3545] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.893170][ T3554] loop2: detected capacity change from 0 to 1024
[   32.927624][ T3554] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   32.947778][ T3554] ext4 filesystem being mounted at /5/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   33.081462][ T3570] loop1: detected capacity change from 0 to 512
[   33.121082][ T3570] journal_path: Non-blockdev passed as './bus'
[   33.127359][ T3570] EXT4-fs: error: could not find journal device path
[   33.138551][ T3571] loop0: detected capacity change from 0 to 2048
[   33.157159][ T3571] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   33.275740][ T3575] veth0_vlan: entered allmulticast mode
[   33.345213][ T3576] veth0_vlan: left promiscuous mode
[   33.350502][ T3576] veth0_vlan: entered promiscuous mode
[   33.509307][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.556113][ T3580] loop1: detected capacity change from 0 to 512
[   33.573115][ T3580] ext4: Unknown parameter 'obj_role'
[   33.683451][ T3582] netlink: 'syz.3.38': attribute type 4 has an invalid length.
[   33.753818][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   33.792450][ T3589] vhci_hcd: default hub control req: 800c v0000 i0000 l0
[   33.824676][ T3586] netlink: 32 bytes leftover after parsing attributes in process `syz.1.41'.
[   33.922654][ T3600] xt_hashlimit: max too large, truncated to 1048576
[   33.945663][ T3600] xt_physdev: --physdev-out and --physdev-is-out only supported in the FORWARD and POSTROUTING chains with bridged traffic
[   33.994119][ T3608] pim6reg: entered allmulticast mode
[   34.091361][ T3614] 9pnet_fd: Insufficient options for proto=fd
[   34.271498][ T3639] loop0: detected capacity change from 0 to 8192
[   34.283228][ T3643] loop2: detected capacity change from 0 to 512
[   34.297494][ T3643] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   34.310766][ T3643] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   34.350443][ T3639] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[   34.359105][ T3639] FAT-fs (loop0): Filesystem has been set read-only
[   34.367259][ T3643] EXT4-fs (loop2): 1 truncate cleaned up
[   34.384682][ T3643] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   34.407014][ T3649] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[   34.418384][ T3646] loop1: detected capacity change from 0 to 2048
[   34.425269][ T3646] ext3: Unknown parameter 'permit_directio'
[   34.821897][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   34.859335][    C0] hrtimer: interrupt took 56263 ns
[   34.921297][ T3672] loop4: detected capacity change from 0 to 2048
[   34.961100][ T3674] loop2: detected capacity change from 0 to 512
[   34.968285][ T3674] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   34.977395][ T3674] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[   34.989329][ T3674] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[   35.012805][ T3674] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[   35.049066][ T3674] System zones: 0-2, 18-18, 34-35
[   35.081486][ T3674] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   35.144493][ T3671] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm GPL: bg 0: block 353: padding at end of block bitmap is not set
[   35.198316][ T3689] syz.3.71: attempt to access beyond end of device
[   35.198316][ T3689] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[   35.237906][ T3692] loop0: detected capacity change from 0 to 512
[   35.260570][ T3692] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   35.285958][ T3645] syz.1.59 (3645) used greatest stack depth: 7360 bytes left
[   35.335085][ T3692] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.70: invalid indirect mapped block 83886080 (level 1)
[   35.363747][ T3692] EXT4-fs (loop0): Remounting filesystem read-only
[   35.374015][ T3692] EXT4-fs (loop0): 1 orphan inode deleted
[   35.379828][ T3692] EXT4-fs (loop0): 1 truncate cleaned up
[   35.395462][ T3692] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   35.422418][ T3692] SELinux: (dev loop0, type ext4) getxattr errno 5
[   35.481005][ T3692] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.528972][ T3687] loop0: detected capacity change from 0 to 512
[   35.547281][ T3687] netlink: 72 bytes leftover after parsing attributes in process `syz.0.70'.
[   35.606942][ T3725] netlink: 12 bytes leftover after parsing attributes in process `syz.1.81'.
[   35.618103][ T3725] syz.1.81 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   35.683890][ T3736] netlink: 12 bytes leftover after parsing attributes in process `syz.1.84'.
[   35.754449][ T3739] pim6reg1: entered promiscuous mode
[   35.759860][ T3739] pim6reg1: entered allmulticast mode
[   35.838687][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   35.882589][   T30] kauditd_printk_skb: 483 callbacks suppressed
[   35.882606][   T30] audit: type=1326 audit(1742541503.841:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3746 comm="syz.0.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c43abd169 code=0x7ffc0000
[   35.884599][ T3749] loop2: detected capacity change from 0 to 512
[   35.888841][   T30] audit: type=1326 audit(1742541503.841:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3746 comm="syz.0.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c43abd169 code=0x7ffc0000
[   35.947331][ T3747] netlink: 20 bytes leftover after parsing attributes in process `syz.0.91'.
[   35.956282][ T3747] netlink: 'syz.0.91': attribute type 1 has an invalid length.
[   35.963838][ T3747] netlink: 'syz.0.91': attribute type 1 has an invalid length.
[   35.971495][ T3747] netlink: 'syz.0.91': attribute type 2 has an invalid length.
[   35.979706][ T3747] netlink: 68 bytes leftover after parsing attributes in process `syz.0.91'.
[   36.091025][   T30] audit: type=1326 audit(1742541503.911:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3746 comm="syz.0.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f6c43abd169 code=0x7ffc0000
[   36.114252][   T30] audit: type=1326 audit(1742541503.911:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3746 comm="syz.0.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c43abd169 code=0x7ffc0000
[   36.137818][   T30] audit: type=1326 audit(1742541503.911:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3746 comm="syz.0.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c43abd169 code=0x7ffc0000
[   36.161427][   T30] audit: type=1326 audit(1742541503.911:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3746 comm="syz.0.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c43abd169 code=0x7ffc0000
[   36.173576][ T3749] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   36.184739][   T30] audit: type=1326 audit(1742541503.911:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3746 comm="syz.0.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c43abd169 code=0x7ffc0000
[   36.218156][   T30] audit: type=1326 audit(1742541503.911:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3746 comm="syz.0.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c43abd169 code=0x7ffc0000
[   36.241972][   T30] audit: type=1326 audit(1742541503.911:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3746 comm="syz.0.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c43abd169 code=0x7ffc0000
[   36.265214][   T30] audit: type=1326 audit(1742541503.911:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3746 comm="syz.0.91" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c43abd169 code=0x7ffc0000
[   36.298264][ T3749] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   36.316774][ T3756] hub 9-0:1.0: USB hub found
[   36.333209][ T3749] EXT4-fs (loop2): 1 truncate cleaned up
[   36.344269][ T3756] hub 9-0:1.0: 8 ports detected
[   36.353125][ T3749] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   36.436254][ T3761] veth0_vlan: entered allmulticast mode
[   36.586187][ T3768] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 32
[   36.735622][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   36.797627][ T3781] loop1: detected capacity change from 0 to 128
[   36.804219][ T3781] vfat: Unknown parameter 'l2tp'
[   36.812853][ T3781] __nla_validate_parse: 1 callbacks suppressed
[   36.812870][ T3781] netlink: 8 bytes leftover after parsing attributes in process `syz.1.103'.
[   36.887578][ T3763] netlink: 28 bytes leftover after parsing attributes in process `syz.0.97'.
[   36.902617][ T3763] loop0: detected capacity change from 0 to 1024
[   36.970432][ T3763] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   36.984706][ T3799] netlink: 'syz.2.106': attribute type 1 has an invalid length.
[   37.291575][ T3807] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   37.321843][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   37.404037][ T3807] netlink: 'syz.3.111': attribute type 1 has an invalid length.
[   37.411783][ T3807] netlink: 8 bytes leftover after parsing attributes in process `syz.3.111'.
[   37.849482][ T3819] loop4: detected capacity change from 0 to 512
[   37.870268][ T3819] EXT4-fs error (device loop4): ext4_orphan_get:1389: inode #15: comm syz.4.116: casefold flag without casefold feature
[   37.933752][ T3819] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.116: couldn't read orphan inode 15 (err -117)
[   37.995715][ T3819] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   38.016421][ T3826] 9pnet_fd: Insufficient options for proto=fd
[   38.058008][ T3830] netlink: 4 bytes leftover after parsing attributes in process `syz.0.121'.
[   38.068338][ T3830] pim6reg: entered promiscuous mode
[   38.083682][ T3830] loop0: detected capacity change from 0 to 2048
[   38.108296][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.118824][ T3830] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   38.152107][ T3831] netlink: 76 bytes leftover after parsing attributes in process `syz.1.119'.
[   38.211792][ T3831] netlink: 8 bytes leftover after parsing attributes in process `syz.1.119'.
[   38.225284][ T3831] netlink: 4 bytes leftover after parsing attributes in process `syz.1.119'.
[   38.340843][ T3843] IPv6: Can't replace route, no match found
[   38.476857][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   38.618649][ T3854] FAULT_INJECTION: forcing a failure.
[   38.618649][ T3854] name failslab, interval 1, probability 0, space 0, times 1
[   38.631421][ T3854] CPU: 0 UID: 0 PID: 3854 Comm: syz.2.130 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   38.631509][ T3854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   38.631524][ T3854] Call Trace:
[   38.631532][ T3854]  <TASK>
[   38.631542][ T3854]  dump_stack_lvl+0xf2/0x150
[   38.631589][ T3854]  dump_stack+0x15/0x1a
[   38.631609][ T3854]  should_fail_ex+0x24a/0x260
[   38.631641][ T3854]  ? inherit_task_group+0x143/0x6a0
[   38.631681][ T3854]  should_failslab+0x8f/0xb0
[   38.631782][ T3854]  __kmalloc_cache_noprof+0x4e/0x320
[   38.631809][ T3854]  ? __rcu_read_unlock+0x4e/0x70
[   38.631844][ T3854]  inherit_task_group+0x143/0x6a0
[   38.631959][ T3854]  ? _raw_spin_unlock_irqrestore+0x2b/0x60
[   38.631990][ T3854]  perf_event_init_task+0x1fd/0x390
[   38.632020][ T3854]  copy_process+0xb6a/0x1f50
[   38.632062][ T3854]  kernel_clone+0x167/0x5e0
[   38.632094][ T3854]  ? vfs_write+0x644/0x920
[   38.632172][ T3854]  __x64_sys_clone+0xe7/0x120
[   38.632216][ T3854]  x64_sys_call+0x2d7e/0x2dc0
[   38.632249][ T3854]  do_syscall_64+0xc9/0x1c0
[   38.632286][ T3854]  ? clear_bhb_loop+0x55/0xb0
[   38.632326][ T3854]  ? clear_bhb_loop+0x55/0xb0
[   38.632358][ T3854]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   38.632391][ T3854] RIP: 0033:0x7fabd87dd169
[   38.632409][ T3854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   38.632476][ T3854] RSP: 002b:00007fabd6e40fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   38.632499][ T3854] RAX: ffffffffffffffda RBX: 00007fabd89f5fa0 RCX: 00007fabd87dd169
[   38.632511][ T3854] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
[   38.632522][ T3854] RBP: 00007fabd6e41090 R08: 0000000000000000 R09: 0000000000000000
[   38.632534][ T3854] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[   38.632545][ T3854] R13: 0000000000000000 R14: 00007fabd89f5fa0 R15: 00007fff8bee4dc8
[   38.632567][ T3854]  </TASK>
[   38.834248][ T3852] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   38.856222][ T3852] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   38.867846][ T3861] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   38.891492][ T3861] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   38.954201][ T3868] loop1: detected capacity change from 0 to 512
[   38.998919][ T3868] ext4: Unknown parameter 'obj_role'
[   39.083969][ T3880] loop4: detected capacity change from 0 to 512
[   39.107085][ T3880] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.137: bg 0: block 248: padding at end of block bitmap is not set
[   39.122538][ T3880] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.137: Failed to acquire dquot type 1
[   39.173181][ T3885] loop1: detected capacity change from 0 to 1024
[   39.184182][ T3880] EXT4-fs (loop4): 1 truncate cleaned up
[   39.190602][ T3880] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   39.224324][ T3880] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   39.246909][ T3885] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.260853][ T3880] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   39.305019][ T3885] SELinux: failed to load policy
[   39.312751][ T3885] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   39.327925][ T3885] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 51 with max blocks 1 with error 28
[   39.340332][ T3885] EXT4-fs (loop1): This should not happen!! Data will be lost
[   39.340332][ T3885] 
[   39.350014][ T3885] EXT4-fs (loop1): Total free blocks count 0
[   39.356127][ T3885] EXT4-fs (loop1): Free/Dirty block details
[   39.362169][ T3885] EXT4-fs (loop1): free_blocks=68451041280
[   39.368038][ T3885] EXT4-fs (loop1): dirty_blocks=16
[   39.373161][ T3885] EXT4-fs (loop1): Block reservation details
[   39.379174][ T3885] EXT4-fs (loop1): i_reserved_data_blocks=1
[   39.388786][ T3889] loop2: detected capacity change from 0 to 164
[   39.396095][ T3890] EXT4-fs (loop1): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 36 with error 28
[   39.418420][ T3889] Unable to read rock-ridge attributes
[   39.506103][ T3896] loop3: detected capacity change from 0 to 512
[   39.512617][ T3896] EXT4-fs: Ignoring removed nomblk_io_submit option
[   39.525187][ T3896] EXT4-fs: dax option not supported
[   39.696680][ T3920] pim6reg1: entered promiscuous mode
[   39.702119][ T3920] pim6reg1: entered allmulticast mode
[   39.705994][ T3922] loop4: detected capacity change from 0 to 512
[   39.744929][ T3924] loop3: detected capacity change from 0 to 512
[   39.751847][ T3922] ext4: Unknown parameter 'obj_role'
[   39.765337][ T3924] ext4: Unknown parameter 'obj_role'
[   39.850287][ T3933] loop3: detected capacity change from 0 to 512
[   39.857964][ T3933] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   39.889926][ T3933] EXT4-fs (loop3): 1 truncate cleaned up
[   39.901937][ T3936] loop4: detected capacity change from 0 to 2048
[   39.917059][ T3933] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   39.970373][ T3936] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   40.136113][ T3925] loop2: detected capacity change from 0 to 512
[   40.137735][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.194221][ T3925] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   40.210763][ T3960] loop0: detected capacity change from 0 to 512
[   40.235331][ T3925] ext4 filesystem being mounted at /22/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   40.246094][ T3960] ext4: Unknown parameter 'obj_role'
[   40.353043][ T3966] netlink: 4 bytes leftover after parsing attributes in process `syz.4.168'.
[   40.362242][ T3964] pim6reg1: entered promiscuous mode
[   40.367584][ T3964] pim6reg1: entered allmulticast mode
[   40.397840][ T3966] ipvlan2: entered promiscuous mode
[   40.414763][ T3966] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   40.437933][ T3966] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   40.478004][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.545160][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   40.585532][ T3977] smc: net device syz_tun applied user defined pnetid SYZ1
[   40.640979][ T3975] netlink: 8 bytes leftover after parsing attributes in process `syz.0.172'.
[   40.733914][ T3992] netlink: 28 bytes leftover after parsing attributes in process `syz.0.179'.
[   40.770576][ T3994] loop4: detected capacity change from 0 to 512
[   40.854765][ T4003] ipvlan2: entered promiscuous mode
[   40.874734][ T4003] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   40.883560][ T4003] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   40.897350][ T4010] loop1: detected capacity change from 0 to 128
[   40.904051][ T4010] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   40.927489][ T4010] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   40.947755][ T4012] loop4: detected capacity change from 0 to 512
[   41.012381][   T30] kauditd_printk_skb: 162 callbacks suppressed
[   41.012398][   T30] audit: type=1400 audit(1742541508.971:771): avc:  denied  { ioctl } for  pid=4023 comm="syz.0.187" path="socket:[5078]" dev="sockfs" ino=5078 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   41.043111][   T30] audit: type=1400 audit(1742541508.971:772): avc:  denied  { write } for  pid=4023 comm="syz.0.187" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   41.062513][ T4011] loop3: detected capacity change from 0 to 512
[   41.087649][ T4012] EXT4-fs (loop4): 1 orphan inode deleted
[   41.096220][   T30] audit: type=1400 audit(1742541509.061:773): avc:  denied  { mounton } for  pid=4009 comm="syz.1.185" path="/47/file1/file0" dev="loop1" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1
[   41.105411][ T4012] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.129070][   T57] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[   41.141128][   T57] EXT4-fs error (device loop4): ext4_release_dquot:6950: comm kworker/u8:4: Failed to release dquot type 1
[   41.189009][ T4011] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   41.190546][ T4012] ext4 filesystem being mounted at /44/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.239794][ T4011] ext4 filesystem being mounted at /29/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   41.458823][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.478775][   T30] audit: type=1326 audit(1742541509.441:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3988 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14a544d169 code=0x7ffc0000
[   41.502805][ T4060] x_tables: duplicate underflow at hook 1
[   41.522903][ T4062] loop0: detected capacity change from 0 to 512
[   41.556454][ T4062] ext4: Unknown parameter 'obj_role'
[   41.581224][   T30] audit: type=1400 audit(1742541509.471:775): avc:  denied  { map } for  pid=4051 comm="syz.2.194" path="pipe:[6089]" dev="pipefs" ino=6089 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=fifo_file permissive=1
[   41.603775][   T30] audit: type=1326 audit(1742541509.481:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3988 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f14a544d169 code=0x7ffc0000
[   41.627237][   T30] audit: type=1326 audit(1742541509.481:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3988 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14a544d169 code=0x7ffc0000
[   41.650539][   T30] audit: type=1326 audit(1742541509.481:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3988 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f14a544d169 code=0x7ffc0000
[   41.673803][   T30] audit: type=1326 audit(1742541509.481:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3988 comm="syz.4.178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14a544d169 code=0x7ffc0000
[   41.761945][ T4068] loop3: detected capacity change from 0 to 2048
[   41.793839][ T4068] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   41.841684][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   41.863450][ T4079] __nla_validate_parse: 5 callbacks suppressed
[   41.863485][ T4079] netlink: 4 bytes leftover after parsing attributes in process `syz.1.203'.
[   41.916067][ T4081] usb usb4: usbfs: process 4081 (syz.0.204) did not claim interface 0 before use
[   41.953838][ T4081] netlink: 12 bytes leftover after parsing attributes in process `syz.0.204'.
[   41.966276][ T4081] bridge0: port 2(gretap0) entered blocking state
[   41.972749][ T4081] bridge0: port 2(gretap0) entered disabled state
[   41.979433][ T4081] gretap0: entered allmulticast mode
[   41.979901][ T4084] loop3: detected capacity change from 0 to 512
[   41.985349][ T4081] gretap0: entered promiscuous mode
[   41.996588][ T4081] bridge0: port 2(gretap0) entered blocking state
[   42.003134][ T4081] bridge0: port 2(gretap0) entered forwarding state
[   42.010229][ T4079] netlink: 8 bytes leftover after parsing attributes in process `syz.1.203'.
[   42.060171][ T4084] EXT4-fs error (device loop3): ext4_orphan_get:1389: inode #17: comm syz.3.202: iget: bogus i_mode (0)
[   42.085262][ T4084] EXT4-fs error (device loop3): ext4_orphan_get:1394: comm syz.3.202: couldn't read orphan inode 17 (err -117)
[   42.108404][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.161878][ T4084] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   42.218966][ T4084] FAULT_INJECTION: forcing a failure.
[   42.218966][ T4084] name failslab, interval 1, probability 0, space 0, times 0
[   42.231773][ T4084] CPU: 1 UID: 0 PID: 4084 Comm: syz.3.202 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   42.231802][ T4084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   42.231816][ T4084] Call Trace:
[   42.231825][ T4084]  <TASK>
[   42.231897][ T4084]  dump_stack_lvl+0xf2/0x150
[   42.231926][ T4084]  dump_stack+0x15/0x1a
[   42.231952][ T4084]  should_fail_ex+0x24a/0x260
[   42.232024][ T4084]  should_failslab+0x8f/0xb0
[   42.232132][ T4084]  kmem_cache_alloc_noprof+0x52/0x320
[   42.232153][ T4084]  ? __es_insert_extent+0x563/0xed0
[   42.232184][ T4084]  __es_insert_extent+0x563/0xed0
[   42.232226][ T4084]  ext4_es_insert_extent+0x45a/0x1c60
[   42.232279][ T4084]  ext4_map_query_blocks+0x107/0x180
[   42.232394][ T4084]  ext4_map_blocks+0x23c/0xd20
[   42.232429][ T4084]  ? xas_load+0x3ae/0x3d0
[   42.232507][ T4084]  ext4_getblk+0x11f/0x530
[   42.232577][ T4084]  ext4_bread_batch+0x5b/0x360
[   42.232636][ T4084]  __ext4_find_entry+0x822/0xef0
[   42.232728][ T4084]  ? __d_lookup_rcu+0x25b/0x2a0
[   42.232765][ T4084]  ? d_alloc_parallel+0xbe4/0xc80
[   42.232800][ T4084]  ext4_lookup+0xba/0x390
[   42.232847][ T4084]  __lookup_slow+0x18a/0x250
[   42.232878][ T4084]  lookup_slow+0x3c/0x60
[   42.232960][ T4084]  walk_component+0x1f5/0x230
[   42.232983][ T4084]  ? path_lookupat+0xfd/0x2b0
[   42.233010][ T4084]  path_lookupat+0x10a/0x2b0
[   42.233037][ T4084]  filename_lookup+0x150/0x340
[   42.233075][ T4084]  filename_setxattr+0x57/0x2a0
[   42.233194][ T4084]  path_setxattrat+0x284/0x310
[   42.233234][ T4084]  __x64_sys_lsetxattr+0x71/0x90
[   42.233330][ T4084]  x64_sys_call+0x29c8/0x2dc0
[   42.233362][ T4084]  do_syscall_64+0xc9/0x1c0
[   42.233396][ T4084]  ? clear_bhb_loop+0x55/0xb0
[   42.233429][ T4084]  ? clear_bhb_loop+0x55/0xb0
[   42.233482][ T4084]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.233513][ T4084] RIP: 0033:0x7fcdd5b6d169
[   42.233530][ T4084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   42.233571][ T4084] RSP: 002b:00007fcdd41d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd
[   42.233594][ T4084] RAX: ffffffffffffffda RBX: 00007fcdd5d85fa0 RCX: 00007fcdd5b6d169
[   42.233608][ T4084] RDX: 0000200000001400 RSI: 0000200000000440 RDI: 0000200000000000
[   42.233622][ T4084] RBP: 00007fcdd41d7090 R08: 0000000000000000 R09: 0000000000000000
[   42.233637][ T4084] R10: 0000000000000024 R11: 0000000000000246 R12: 0000000000000001
[   42.233708][ T4084] R13: 0000000000000000 R14: 00007fcdd5d85fa0 R15: 00007ffd63aaf388
[   42.233745][ T4084]  </TASK>
[   42.552390][ T4106] loop0: detected capacity change from 0 to 8192
[   42.559799][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   42.606782][ T4119] pim6reg1: entered promiscuous mode
[   42.609059][ T4106] vfat: Unknown parameter '@
[   42.609059][ T4106] '
[   42.612103][ T4119] pim6reg1: entered allmulticast mode
[   42.677538][ T4114] syzkaller0: entered allmulticast mode
[   42.684391][ T4123] sch_tbf: peakrate 16777408 is lower than or equals to rate 3221225473 !
[   42.709516][ T4121] pim6reg1: entered promiscuous mode
[   42.715012][ T4121] pim6reg1: entered allmulticast mode
[   42.751491][ T4134] loop0: detected capacity change from 0 to 2048
[   42.795616][ T4134]  loop0: p3 p4 < >
[   42.817207][ T4134] tmpfs: Bad value for 'mpol'
[   42.832870][ T4150] loop3: detected capacity change from 0 to 512
[   42.839802][ T4150] ext4: Unknown parameter 'obj_role'
[   42.941088][ T3512] udevd[3512]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[   43.030546][ T4162] loop3: detected capacity change from 0 to 1024
[   43.040499][ T4166] loop4: detected capacity change from 0 to 1024
[   43.079471][ T4166] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.188029][ T4166] SELinux: failed to load policy
[   43.189724][ T4162] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   43.201635][ T4185] FAULT_INJECTION: forcing a failure.
[   43.201635][ T4185] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   43.218109][ T4185] CPU: 0 UID: 0 PID: 4185 Comm: syz.0.224 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   43.218160][ T4185] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   43.218174][ T4185] Call Trace:
[   43.218180][ T4185]  <TASK>
[   43.218188][ T4185]  dump_stack_lvl+0xf2/0x150
[   43.218215][ T4185]  dump_stack+0x15/0x1a
[   43.218238][ T4185]  should_fail_ex+0x24a/0x260
[   43.218390][ T4185]  should_fail+0xb/0x10
[   43.218420][ T4185]  should_fail_usercopy+0x1a/0x20
[   43.218457][ T4185]  _copy_from_user+0x1c/0xa0
[   43.218477][ T4185]  move_addr_to_kernel+0x82/0x120
[   43.218559][ T4185]  __sys_sendto+0x12e/0x230
[   43.218647][ T4185]  __x64_sys_sendto+0x78/0x90
[   43.218674][ T4185]  x64_sys_call+0x29fa/0x2dc0
[   43.218760][ T4185]  do_syscall_64+0xc9/0x1c0
[   43.218797][ T4185]  ? clear_bhb_loop+0x55/0xb0
[   43.218828][ T4185]  ? clear_bhb_loop+0x55/0xb0
[   43.218859][ T4185]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   43.218902][ T4185] RIP: 0033:0x7f6c43abd169
[   43.218918][ T4185] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   43.218937][ T4185] RSP: 002b:00007f6c42127038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   43.218953][ T4185] RAX: ffffffffffffffda RBX: 00007f6c43cd5fa0 RCX: 00007f6c43abd169
[   43.218965][ T4185] RDX: 000000000000000e RSI: 0000200000000100 RDI: 0000000000000003
[   43.218977][ T4185] RBP: 00007f6c42127090 R08: 0000200000000240 R09: 0000000000000014
[   43.218994][ T4185] R10: 0000000024008850 R11: 0000000000000246 R12: 0000000000000001
[   43.219032][ T4185] R13: 0000000000000000 R14: 00007f6c43cd5fa0 R15: 00007ffccba44fe8
[   43.219054][ T4185]  </TASK>
[   43.220133][ T4162] SELinux:  policydb magic number 0x7665642f does not match expected magic number 0xf97cff8c
[   43.402191][ T4162] SELinux: failed to load policy
[   43.442005][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.466697][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.566937][ T4226] netlink: 60 bytes leftover after parsing attributes in process `syz.3.225'.
[   43.658167][ T4237] loop3: detected capacity change from 0 to 1024
[   43.666644][ T4237] EXT4-fs: Ignoring removed nobh option
[   43.672234][ T4237] EXT4-fs: Ignoring removed bh option
[   43.691746][ T4237] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.783015][ T4238] loop0: detected capacity change from 0 to 512
[   43.806824][ T4238] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   43.835425][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   43.858989][ T4238] ext4 filesystem being mounted at /53/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   43.879921][ T4249] hub 9-0:1.0: USB hub found
[   43.890932][ T4249] hub 9-0:1.0: 8 ports detected
[   43.993773][ T4255] pim6reg1: entered promiscuous mode
[   43.999232][ T4255] pim6reg1: entered allmulticast mode
[   44.134788][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.189973][ T4265] loop0: detected capacity change from 0 to 1024
[   44.202030][ T4265] EXT4-fs: Ignoring removed nobh option
[   44.207697][ T4265] EXT4-fs: Ignoring removed bh option
[   44.255367][ T4265] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.324545][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.394699][ T4277] loop3: detected capacity change from 0 to 512
[   44.408459][ T4277] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   44.473285][ T4277] EXT4-fs (loop3): 1 truncate cleaned up
[   44.500998][ T4277] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   44.531028][ T4288] Cannot find set identified by id 3 to match
[   44.560735][ T4277] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.583298][ T4288] loop2: detected capacity change from 0 to 2048
[   44.592463][ T4283] bond1: entered promiscuous mode
[   44.597833][ T4283] bond1: entered allmulticast mode
[   44.604384][ T4283] 8021q: adding VLAN 0 to HW filter on device bond1
[   44.630878][ T4283] bond1 (unregistering): Released all slaves
[   44.640956][ T4288] GPT:first_usable_lbas don't match.
[   44.646291][ T4288] GPT:34 != 290
[   44.649888][ T4288] GPT: Use GNU Parted to correct GPT errors.
[   44.656037][ T4288]  loop2: p1 p2 p3
[   44.745994][ T4294] loop4: detected capacity change from 0 to 512
[   44.757320][ T4294] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.779426][ T4294] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   44.844372][ T4301] netlink: 12 bytes leftover after parsing attributes in process `syz.3.253'.
[   44.942734][ T4318] loop1: detected capacity change from 0 to 512
[   44.949688][ T4318] ext4: Unknown parameter 'obj_role'
[   45.019930][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.057186][ T4330] netlink: 16 bytes leftover after parsing attributes in process `syz.3.264'.
[   45.073661][ T4331] loop2: detected capacity change from 0 to 1024
[   45.079691][ T4325] infiniband syz!: set active
[   45.082236][ T4331] ext2: Unknown parameter 'obj_type'
[   45.085006][ T4325] infiniband syz!: added team_slave_0
[   45.123059][ T4325] RDS/IB: syz!: added
[   45.127330][ T4325] smc: adding ib device syz! with port count 1
[   45.133846][ T4325] smc:    ib device syz! port 1 has pnetid 
[   45.169070][ T4337] loop4: detected capacity change from 0 to 2048
[   45.179271][ T4337] EXT4-fs: Project quota feature not enabled. Cannot enable project quota enforcement.
[   45.181499][ T4339] loop3: detected capacity change from 0 to 512
[   45.213977][ T4339] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842e01c, mo2=0002]
[   45.222259][ T4339] EXT4-fs (loop3): orphan cleanup on readonly fs
[   45.231731][ T4339] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.267: bg 0: block 328: padding at end of block bitmap is not set
[   45.247248][ T4339] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[   45.256469][ T4339] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.267: invalid indirect mapped block 65280 (level 0)
[   45.271501][ T4339] EXT4-fs error (device loop3): ext4_clear_blocks:876: inode #13: comm syz.3.267: attempt to clear invalid blocks 33619980 len 1
[   45.286338][ T4339] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.267: invalid indirect mapped block 1819239214 (level 0)
[   45.300764][ T4339] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.267: invalid indirect mapped block 1819239214 (level 1)
[   45.316154][ T4339] EXT4-fs (loop3): 1 orphan inode deleted
[   45.322682][ T4339] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   45.399677][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.498155][ T4342] netlink: 132 bytes leftover after parsing attributes in process `syz.4.268'.
[   45.507274][ T4342] netlink: 48 bytes leftover after parsing attributes in process `syz.4.268'.
[   45.610272][ T4360] pim6reg1: entered promiscuous mode
[   45.615786][ T4360] pim6reg1: entered allmulticast mode
[   45.689705][ T4363] pim6reg1: entered promiscuous mode
[   45.695183][ T4363] pim6reg1: entered allmulticast mode
[   45.802923][ T4356] loop0: detected capacity change from 0 to 512
[   45.838422][ T4356] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   45.867182][ T4356] ext4 filesystem being mounted at /60/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   46.019413][   T30] kauditd_printk_skb: 175 callbacks suppressed
[   46.019431][   T30] audit: type=1326 audit(1742541513.981:953): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4375 comm="syz.4.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14a544d169 code=0x7ffc0000
[   46.112288][   T30] audit: type=1326 audit(1742541513.981:954): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4375 comm="syz.4.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14a544d169 code=0x7ffc0000
[   46.135833][   T30] audit: type=1326 audit(1742541513.991:955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4375 comm="syz.4.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=305 compat=0 ip=0x7f14a544d169 code=0x7ffc0000
[   46.159114][   T30] audit: type=1326 audit(1742541770.007:956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4375 comm="syz.4.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14a544d169 code=0x7ffc0000
[   46.182495][   T30] audit: type=1326 audit(1742541770.007:957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4375 comm="syz.4.281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14a544d169 code=0x7ffc0000
[   46.205788][   T30] audit: type=1400 audit(1742541770.017:958): avc:  denied  { read } for  pid=4379 comm="syz.3.283" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   46.228618][   T30] audit: type=1400 audit(1742541770.017:959): avc:  denied  { open } for  pid=4379 comm="syz.3.283" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[   46.252002][   T30] audit: type=1326 audit(1742541770.027:960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4379 comm="syz.3.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdd5b6d169 code=0x7ffc0000
[   46.275334][   T30] audit: type=1326 audit(1742541770.027:961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4379 comm="syz.3.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcdd5b6d169 code=0x7ffc0000
[   46.298579][   T30] audit: type=1326 audit(1742541770.027:962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4379 comm="syz.3.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fcdd5b6d169 code=0x7ffc0000
[   46.327093][ T4395] loop2: detected capacity change from 0 to 512
[   46.333688][ T4395] ext4: Unknown parameter 'obj_role'
[   46.352153][ T3299] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.418741][ T4408] netlink: 132 bytes leftover after parsing attributes in process `syz.1.294'.
[   46.474657][ T4414] netem: change failed
[   46.479499][ T4414] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4414 comm=syz.1.298
[   46.616739][ T4425] loop2: detected capacity change from 0 to 1024
[   46.648045][ T4429] loop3: detected capacity change from 0 to 1024
[   46.655145][ T4425] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.709584][ T4429] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.745265][ T4429] SELinux:  policydb magic number 0x7665642f does not match expected magic number 0xf97cff8c
[   46.755646][ T4429] SELinux: failed to load policy
[   46.760681][ T4425] SELinux: failed to load policy
[   46.774168][ T4429] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   46.810931][ T4425] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   46.835074][ T4417] pim6reg9: entered allmulticast mode
[   46.845425][ T4429] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 51 with max blocks 1 with error 28
[   46.857861][ T4429] EXT4-fs (loop3): This should not happen!! Data will be lost
[   46.857861][ T4429] 
[   46.864384][ T4425] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 51 with max blocks 1 with error 28
[   46.867587][ T4429] EXT4-fs (loop3): Total free blocks count 0
[   46.867604][ T4429] EXT4-fs (loop3): Free/Dirty block details
[   46.879840][ T4425] EXT4-fs (loop2): This should not happen!! Data will be lost
[   46.879840][ T4425] 
[   46.879858][ T4425] EXT4-fs (loop2): Total free blocks count 0
[   46.885849][ T4429] EXT4-fs (loop3): free_blocks=68451041280
[   46.891703][ T4425] EXT4-fs (loop2): Free/Dirty block details
[   46.901333][ T4429] EXT4-fs (loop3): dirty_blocks=16
[   46.901348][ T4429] EXT4-fs (loop3): Block reservation details
[   46.907360][ T4425] EXT4-fs (loop2): free_blocks=68451041280
[   46.913118][ T4429] EXT4-fs (loop3): i_reserved_data_blocks=1
[   46.919012][ T4425] EXT4-fs (loop2): dirty_blocks=16
[   46.947496][ T4425] EXT4-fs (loop2): Block reservation details
[   46.953478][ T4425] EXT4-fs (loop2): i_reserved_data_blocks=1
[   46.970215][ T4437] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 36 with error 28
[   46.989493][ T4443] loop4: detected capacity change from 0 to 512
[   46.996442][ T4443] ext4: Unknown parameter 'obj_role'
[   47.021520][ T4438] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 36 with error 28
[   47.256250][ T4455] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   47.369635][ T4468] loop3: detected capacity change from 0 to 512
[   47.385571][ T4468] ext4: Unknown parameter 'obj_role'
[   47.575678][ T4474] loop2: detected capacity change from 0 to 512
[   47.589548][ T4474] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   47.603385][ T4474] ext4 filesystem being mounted at /49/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   47.777766][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   47.869238][ T4505] netlink: 24 bytes leftover after parsing attributes in process `syz.2.334'.
[   48.101650][ T4524] loop1: detected capacity change from 0 to 764
[   48.304197][ T4541] loop4: detected capacity change from 0 to 1024
[   48.320827][ T4543] FAULT_INJECTION: forcing a failure.
[   48.320827][ T4543] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   48.334129][ T4543] CPU: 0 UID: 0 PID: 4543 Comm: syz.0.350 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   48.334151][ T4543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   48.334208][ T4543] Call Trace:
[   48.334216][ T4543]  <TASK>
[   48.334223][ T4543]  dump_stack_lvl+0xf2/0x150
[   48.334252][ T4543]  dump_stack+0x15/0x1a
[   48.334271][ T4543]  should_fail_ex+0x24a/0x260
[   48.334302][ T4543]  should_fail+0xb/0x10
[   48.334339][ T4543]  should_fail_usercopy+0x1a/0x20
[   48.334370][ T4543]  _copy_from_user+0x1c/0xa0
[   48.334387][ T4543]  move_addr_to_kernel+0x82/0x120
[   48.334433][ T4543]  __sys_bind+0x9e/0x190
[   48.334461][ T4543]  __x64_sys_bind+0x41/0x50
[   48.334482][ T4543]  x64_sys_call+0x20ab/0x2dc0
[   48.334508][ T4543]  do_syscall_64+0xc9/0x1c0
[   48.334655][ T4543]  ? clear_bhb_loop+0x55/0xb0
[   48.334685][ T4543]  ? clear_bhb_loop+0x55/0xb0
[   48.334779][ T4543]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.334803][ T4543] RIP: 0033:0x7f6c43abd169
[   48.334817][ T4543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.334832][ T4543] RSP: 002b:00007f6c42127038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[   48.334851][ T4543] RAX: ffffffffffffffda RBX: 00007f6c43cd5fa0 RCX: 00007f6c43abd169
[   48.334865][ T4543] RDX: 000000000000006e RSI: 00002000000001c0 RDI: 0000000000000004
[   48.334862][ T4541] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040c018, mo2=0002]
[   48.334885][ T4543] RBP: 00007f6c42127090 R08: 0000000000000000 R09: 0000000000000000
[   48.334898][ T4543] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.334950][ T4543] R13: 0000000000000000 R14: 00007f6c43cd5fa0 R15: 00007ffccba44fe8
[   48.334970][ T4543]  </TASK>
[   48.336277][ T4541] System zones: 
[   48.379109][ T4547] FAULT_INJECTION: forcing a failure.
[   48.379109][ T4547] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   48.379750][ T4541] 0-1
[   48.384774][ T4547] CPU: 0 UID: 0 PID: 4547 Comm: syz.0.351 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   48.384807][ T4547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   48.384822][ T4547] Call Trace:
[   48.384830][ T4547]  <TASK>
[   48.384839][ T4547]  dump_stack_lvl+0xf2/0x150
[   48.384878][ T4547]  dump_stack+0x15/0x1a
[   48.385000][ T4547]  should_fail_ex+0x24a/0x260
[   48.385048][ T4547]  should_fail+0xb/0x10
[   48.385129][ T4547]  should_fail_usercopy+0x1a/0x20
[   48.385170][ T4547]  _copy_from_user+0x1c/0xa0
[   48.385224][ T4547]  copy_msghdr_from_user+0x54/0x2a0
[   48.385266][ T4547]  ? __fget_files+0x17c/0x1c0
[   48.385312][ T4547]  __sys_sendmsg+0x13e/0x230
[   48.385386][ T4547]  __x64_sys_sendmsg+0x46/0x50
[   48.385470][ T4547]  x64_sys_call+0x2734/0x2dc0
[   48.385552][ T4547]  do_syscall_64+0xc9/0x1c0
[   48.385592][ T4547]  ? clear_bhb_loop+0x55/0xb0
[   48.385626][ T4547]  ? clear_bhb_loop+0x55/0xb0
[   48.385675][ T4547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.385708][ T4547] RIP: 0033:0x7f6c43abd169
[   48.385830][ T4547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.385852][ T4547] RSP: 002b:00007f6c42127038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   48.385875][ T4547] RAX: ffffffffffffffda RBX: 00007f6c43cd5fa0 RCX: 00007f6c43abd169
[   48.385900][ T4547] RDX: 0000000024000880 RSI: 00002000000000c0 RDI: 0000000000000004
[   48.385915][ T4547] RBP: 00007f6c42127090 R08: 0000000000000000 R09: 0000000000000000
[   48.385930][ T4547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   48.385945][ T4547] R13: 0000000000000000 R14: 00007f6c43cd5fa0 R15: 00007ffccba44fe8
[   48.385969][ T4547]  </TASK>
[   48.704244][ T4541] , 3-12
[   48.710594][ T4541] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   48.747883][ T3308] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.791763][ T4556] netlink: 8 bytes leftover after parsing attributes in process `syz.4.353'.
[   48.800700][ T4556] netlink: 24 bytes leftover after parsing attributes in process `syz.4.353'.
[   48.882689][ T4566] FAULT_INJECTION: forcing a failure.
[   48.882689][ T4566] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   48.895897][ T4566] CPU: 1 UID: 0 PID: 4566 Comm: syz.2.358 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   48.895994][ T4566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   48.896006][ T4566] Call Trace:
[   48.896013][ T4566]  <TASK>
[   48.896021][ T4566]  dump_stack_lvl+0xf2/0x150
[   48.896052][ T4566]  dump_stack+0x15/0x1a
[   48.896072][ T4566]  should_fail_ex+0x24a/0x260
[   48.896169][ T4566]  should_fail+0xb/0x10
[   48.896246][ T4566]  should_fail_usercopy+0x1a/0x20
[   48.896283][ T4566]  _copy_from_user+0x1c/0xa0
[   48.896334][ T4566]  copy_msghdr_from_user+0x54/0x2a0
[   48.896389][ T4566]  __sys_sendmmsg+0x1e8/0x4b0
[   48.896444][ T4566]  __x64_sys_sendmmsg+0x57/0x70
[   48.896468][ T4566]  x64_sys_call+0x29aa/0x2dc0
[   48.896538][ T4566]  do_syscall_64+0xc9/0x1c0
[   48.896577][ T4566]  ? clear_bhb_loop+0x55/0xb0
[   48.896609][ T4566]  ? clear_bhb_loop+0x55/0xb0
[   48.896793][ T4566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   48.896822][ T4566] RIP: 0033:0x7fabd87dd169
[   48.896836][ T4566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   48.896853][ T4566] RSP: 002b:00007fabd6e41038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   48.896874][ T4566] RAX: ffffffffffffffda RBX: 00007fabd89f5fa0 RCX: 00007fabd87dd169
[   48.896888][ T4566] RDX: 0000000000000002 RSI: 00002000000015c0 RDI: 0000000000000003
[   48.896901][ T4566] RBP: 00007fabd6e41090 R08: 0000000000000000 R09: 0000000000000000
[   48.896915][ T4566] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   48.896978][ T4566] R13: 0000000000000000 R14: 00007fabd89f5fa0 R15: 00007fff8bee4dc8
[   48.897047][ T4566]  </TASK>
[   49.304970][ T4582] netlink: 44 bytes leftover after parsing attributes in process `syz.3.365'.
[   49.354488][ T4582] netlink: 12 bytes leftover after parsing attributes in process `syz.3.365'.
[   49.635450][ T4596] netem: change failed
[   49.643382][ T4596] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4596 comm=syz.3.371
[   49.697352][ T4599] loop4: detected capacity change from 0 to 1024
[   49.714189][ T4599] EXT4-fs: dax option not supported
[   49.781056][ T4605] netlink: 5 bytes leftover after parsing attributes in process `syz.2.372'.
[   49.813727][ T4605] 0ªX¹¦D: renamed from gretap0 (while UP)
[   49.822513][ T4605] 0ªX¹¦D: entered allmulticast mode
[   49.831756][ T4605] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   49.883501][ T4607] netlink: 5 bytes leftover after parsing attributes in process `syz.4.376'.
[   49.893640][ T4607] 0ªX¹¦D: renamed from gretap0 (while UP)
[   49.901102][ T4607] 0ªX¹¦D: entered allmulticast mode
[   49.907813][ T4607] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[   49.981281][ T4619] loop2: detected capacity change from 0 to 512
[   49.989548][ T4619] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   49.991933][ T4621] netlink: 4 bytes leftover after parsing attributes in process `syz.3.382'.
[   50.010632][ T4619] EXT4-fs error (device loop2): ext4_orphan_get:1389: inode #17: comm syz.2.379: iget: bad i_size value: -6917529027641081756
[   50.015550][ T4621] ipvlan2: entered promiscuous mode
[   50.035165][ T4619] EXT4-fs error (device loop2): ext4_orphan_get:1394: comm syz.2.379: couldn't read orphan inode 17 (err -117)
[   50.049319][ T4621] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   50.057954][ T4621] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   50.074195][ T4619] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.075789][ T4627] netlink: 32 bytes leftover after parsing attributes in process `syz.4.383'.
[   50.101515][ T4619] 9pnet_fd: Insufficient options for proto=fd
[   50.111222][ T4619] IPv6: sit1: Disabled Multicast RS
[   50.117485][ T4619] sit1: entered allmulticast mode
[   50.189878][ T4634] netlink: 4 bytes leftover after parsing attributes in process `syz.3.386'.
[   50.199137][ T4634] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   50.206755][ T4634] batman_adv: batadv0: Removing interface: batadv_slave_0
[   50.218624][ T4634] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   50.226157][ T4634] batman_adv: batadv0: Removing interface: batadv_slave_1
[   50.390092][ T4654] netem: change failed
[   50.394671][ T4654] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4654 comm=syz.3.393
[   50.438778][ T4659] ipvlan2: entered promiscuous mode
[   50.465356][ T4659] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[   50.473586][ T4659] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[   50.553416][ T4672] netlink: 'syz.4.400': attribute type 10 has an invalid length.
[   50.562326][ T4672] bridge0: port 2(bridge_slave_1) entered disabled state
[   50.569597][ T4672] bridge0: port 1(bridge_slave_0) entered disabled state
[   50.614952][ T4672] bridge0: port 2(bridge_slave_1) entered blocking state
[   50.622209][ T4672] bridge0: port 2(bridge_slave_1) entered forwarding state
[   50.629515][ T4672] bridge0: port 1(bridge_slave_0) entered blocking state
[   50.636687][ T4672] bridge0: port 1(bridge_slave_0) entered forwarding state
[   50.656989][ T4672] bond0: (slave bridge0): Enslaving as an active interface with an up link
[   50.692273][ T4679] FAULT_INJECTION: forcing a failure.
[   50.692273][ T4679] name failslab, interval 1, probability 0, space 0, times 0
[   50.705025][ T4679] CPU: 0 UID: 0 PID: 4679 Comm: syz.1.402 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   50.705050][ T4679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   50.705063][ T4679] Call Trace:
[   50.705069][ T4679]  <TASK>
[   50.705077][ T4679]  dump_stack_lvl+0xf2/0x150
[   50.705107][ T4679]  dump_stack+0x15/0x1a
[   50.705163][ T4679]  should_fail_ex+0x24a/0x260
[   50.705194][ T4679]  should_failslab+0x8f/0xb0
[   50.705234][ T4679]  kmem_cache_alloc_noprof+0x52/0x320
[   50.705288][ T4679]  ? sk_prot_alloc+0x41/0x190
[   50.705336][ T4679]  sk_prot_alloc+0x41/0x190
[   50.705364][ T4679]  sk_alloc+0x33/0x360
[   50.705392][ T4679]  unix_create1+0xa6/0x400
[   50.705479][ T4679]  unix_stream_connect+0x16c/0x9a0
[   50.705534][ T4679]  ? selinux_socket_connect+0x57/0x70
[   50.705564][ T4679]  ? __pfx_unix_stream_connect+0x10/0x10
[   50.705587][ T4679]  __sys_connect+0x18f/0x1b0
[   50.705618][ T4679]  __x64_sys_connect+0x41/0x50
[   50.705650][ T4679]  x64_sys_call+0x22a7/0x2dc0
[   50.705675][ T4679]  do_syscall_64+0xc9/0x1c0
[   50.705736][ T4679]  ? clear_bhb_loop+0x55/0xb0
[   50.705763][ T4679]  ? clear_bhb_loop+0x55/0xb0
[   50.705857][ T4679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.705884][ T4679] RIP: 0033:0x7f3b3ebad169
[   50.705899][ T4679] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.705917][ T4679] RSP: 002b:00007f3b3d217038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[   50.705936][ T4679] RAX: ffffffffffffffda RBX: 00007f3b3edc5fa0 RCX: 00007f3b3ebad169
[   50.705949][ T4679] RDX: 000000000000006e RSI: 0000200000000080 RDI: 000000000000000b
[   50.705961][ T4679] RBP: 00007f3b3d217090 R08: 0000000000000000 R09: 0000000000000000
[   50.706030][ T4679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   50.706041][ T4679] R13: 0000000000000000 R14: 00007f3b3edc5fa0 R15: 00007ffd7236d428
[   50.706060][ T4679]  </TASK>
[   50.923627][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.030404][   T30] kauditd_printk_skb: 216 callbacks suppressed
[   51.030420][   T30] audit: type=1400 audit(1742541774.987:1179): avc:  denied  { create } for  pid=4692 comm="syz.0.404" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[   51.081074][   T30] audit: type=1326 audit(1742541775.027:1180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4692 comm="syz.0.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c43abd169 code=0x7ffc0000
[   51.104470][   T30] audit: type=1326 audit(1742541775.027:1181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4692 comm="syz.0.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c43abd169 code=0x7ffc0000
[   51.127924][   T30] audit: type=1326 audit(1742541775.027:1182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4692 comm="syz.0.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6c43abd169 code=0x7ffc0000
[   51.151246][   T30] audit: type=1326 audit(1742541775.027:1183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4692 comm="syz.0.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c43abd169 code=0x7ffc0000
[   51.174724][   T30] audit: type=1326 audit(1742541775.027:1184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4692 comm="syz.0.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c43abd169 code=0x7ffc0000
[   51.198073][   T30] audit: type=1326 audit(1742541775.027:1185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4692 comm="syz.0.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6c43abd169 code=0x7ffc0000
[   51.221513][   T30] audit: type=1326 audit(1742541775.027:1186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4692 comm="syz.0.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c43abd169 code=0x7ffc0000
[   51.244933][   T30] audit: type=1326 audit(1742541775.027:1187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4692 comm="syz.0.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f6c43abd169 code=0x7ffc0000
[   51.268232][   T30] audit: type=1326 audit(1742541775.027:1188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4692 comm="syz.0.404" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c43abd169 code=0x7ffc0000
[   51.321874][ T4710] loop1: detected capacity change from 0 to 128
[   51.329502][ T4710] msdos: Unknown parameter 'ÿÿ01777777777777777777777'
[   51.339101][ T4710] dccp_invalid_packet: P.Data Offset(100) too large
[   51.360270][ T4712] pim6reg1: entered promiscuous mode
[   51.365710][ T4712] pim6reg1: entered allmulticast mode
[   51.400987][ T4718] FAULT_INJECTION: forcing a failure.
[   51.400987][ T4718] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   51.414106][ T4718] CPU: 1 UID: 0 PID: 4718 Comm: syz.2.415 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   51.414147][ T4718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   51.414159][ T4718] Call Trace:
[   51.414164][ T4718]  <TASK>
[   51.414170][ T4718]  dump_stack_lvl+0xf2/0x150
[   51.414201][ T4718]  dump_stack+0x15/0x1a
[   51.414269][ T4718]  should_fail_ex+0x24a/0x260
[   51.414305][ T4718]  should_fail+0xb/0x10
[   51.414337][ T4718]  should_fail_usercopy+0x1a/0x20
[   51.414498][ T4718]  _copy_from_user+0x1c/0xa0
[   51.414514][ T4718]  copy_msghdr_from_user+0x54/0x2a0
[   51.414541][ T4718]  ? __fget_files+0x17c/0x1c0
[   51.414569][ T4718]  __sys_sendmsg+0x13e/0x230
[   51.414639][ T4718]  __x64_sys_sendmsg+0x46/0x50
[   51.414659][ T4718]  x64_sys_call+0x2734/0x2dc0
[   51.414680][ T4718]  do_syscall_64+0xc9/0x1c0
[   51.414706][ T4718]  ? clear_bhb_loop+0x55/0xb0
[   51.414748][ T4718]  ? clear_bhb_loop+0x55/0xb0
[   51.414768][ T4718]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.414855][ T4718] RIP: 0033:0x7fabd87dd169
[   51.414866][ T4718] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.414890][ T4718] RSP: 002b:00007fabd6e41038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   51.414910][ T4718] RAX: ffffffffffffffda RBX: 00007fabd89f5fa0 RCX: 00007fabd87dd169
[   51.414923][ T4718] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000003
[   51.414933][ T4718] RBP: 00007fabd6e41090 R08: 0000000000000000 R09: 0000000000000000
[   51.414945][ T4718] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   51.414958][ T4718] R13: 0000000000000000 R14: 00007fabd89f5fa0 R15: 00007fff8bee4dc8
[   51.414977][ T4718]  </TASK>
[   51.594580][ T4719] loop1: detected capacity change from 0 to 1024
[   51.674066][ T4723] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[   51.711212][ T4732] loop1: detected capacity change from 0 to 1024
[   51.719807][ T4732] EXT4-fs: Ignoring removed bh option
[   51.746313][ T4732] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   51.763609][ T4740] loop2: detected capacity change from 0 to 128
[   51.770410][ T4740] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[   51.785377][ T4732] EXT4-fs error (device loop1): ext4_xattr_inode_iget:440: comm syz.1.420: inode #105578016: comm syz.1.420: iget: illegal inode #
[   51.801461][ T4740] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   51.813903][ T4732] EXT4-fs (loop1): Remounting filesystem read-only
[   51.820839][ T4740] ext2 filesystem being mounted at /65/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   51.853299][ T4732] EXT4-fs warning (device loop1): ext4_xattr_block_set:2198: inode #19: comm syz.1.420: dec ref error=-5
[   51.883169][ T3304] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   51.905280][ T4793] xt_hashlimit: size too large, truncated to 1048576
[   51.937799][ T3305] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   51.955894][ T4795] FAULT_INJECTION: forcing a failure.
[   51.955894][ T4795] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   51.969102][ T4795] CPU: 1 UID: 0 PID: 4795 Comm: syz.2.425 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   51.969222][ T4795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   51.969237][ T4795] Call Trace:
[   51.969268][ T4795]  <TASK>
[   51.969295][ T4795]  dump_stack_lvl+0xf2/0x150
[   51.969362][ T4795]  dump_stack+0x15/0x1a
[   51.969415][ T4795]  should_fail_ex+0x24a/0x260
[   51.969450][ T4795]  should_fail+0xb/0x10
[   51.969483][ T4795]  should_fail_usercopy+0x1a/0x20
[   51.969566][ T4795]  copy_to_user_nofault+0x7d/0x110
[   51.969592][ T4795]  bpf_probe_write_user+0x80/0xc0
[   51.969686][ T4795]  bpf_prog_19072b5a3fcf5d64+0x41/0x45
[   51.969713][ T4795]  bpf_trace_run3+0x10c/0x1d0
[   51.969743][ T4795]  ? audit_log_untrustedstring+0xd6/0x130
[   51.969872][ T4795]  ? audit_log_end+0x1d0/0x1e0
[   51.969895][ T4795]  ? audit_log_end+0x1d0/0x1e0
[   51.969917][ T4795]  kmem_cache_free+0x237/0x2d0
[   51.969945][ T4795]  audit_log_end+0x1d0/0x1e0
[   51.969963][ T4795]  audit_seccomp+0x107/0x130
[   51.969991][ T4795]  __seccomp_filter+0x6fa/0x1180
[   51.970056][ T4795]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   51.970089][ T4795]  ? vfs_write+0x644/0x920
[   51.970119][ T4795]  ? putname+0xcf/0xf0
[   51.970143][ T4795]  __secure_computing+0x9f/0x1c0
[   51.970234][ T4795]  syscall_trace_enter+0xd1/0x1f0
[   51.970258][ T4795]  ? fpregs_assert_state_consistent+0x83/0xa0
[   51.970280][ T4795]  do_syscall_64+0xaa/0x1c0
[   51.970311][ T4795]  ? clear_bhb_loop+0x55/0xb0
[   51.970387][ T4795]  ? clear_bhb_loop+0x55/0xb0
[   51.970414][ T4795]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   51.970440][ T4795] RIP: 0033:0x7fabd87dd169
[   51.970469][ T4795] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   51.970491][ T4795] RSP: 002b:00007fabd6e41038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[   51.970512][ T4795] RAX: ffffffffffffffda RBX: 00007fabd89f5fa0 RCX: 00007fabd87dd169
[   51.970523][ T4795] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[   51.970595][ T4795] RBP: 00007fabd6e41090 R08: 0000000000000030 R09: 0000000000000003
[   51.970609][ T4795] R10: 0000000000001200 R11: 0000000000000246 R12: 0000000000000001
[   51.970622][ T4795] R13: 0000000000000000 R14: 00007fabd89f5fa0 R15: 00007fff8bee4dc8
[   51.970642][ T4795]  </TASK>
[   52.259850][ T4802] netlink: 'syz.2.430': attribute type 1 has an invalid length.
[   52.300735][ T4802] 8021q: adding VLAN 0 to HW filter on device bond1
[   52.313878][ T4799] loop3: detected capacity change from 0 to 512
[   52.331671][ T4799] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -13
[   52.346189][ T4799] EXT4-fs warning (device loop3): ext4_block_to_path:107: block 3279945729 > max in inode 13
[   52.356783][ T4799] EXT4-fs warning (device loop3): ext4_block_to_path:107: block 3279945730 > max in inode 13
[   52.367288][ T4799] EXT4-fs (loop3): 1 truncate cleaned up
[   52.373602][ T4799] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   52.403868][ T4802] 8021q: adding VLAN 0 to HW filter on device bond1
[   52.415518][ T4802] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address
[   52.476173][ T4802] bond1: (slave wireguard0): Error -95 calling set_mac_address
[   52.487068][ T3300] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   52.517653][ T4820] loop2: detected capacity change from 0 to 164
[   52.535514][ T4820] ISOFS: unable to read i-node block
[   52.540839][ T4820] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[   52.551095][ T4820] isofs_fill_super: get root inode failed
[   52.805599][ T4851] loop3: detected capacity change from 0 to 2048
[   52.843557][ T4851] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   52.875937][ T4851] __nla_validate_parse: 6 callbacks suppressed
[   52.875954][ T4851] netlink: 60 bytes leftover after parsing attributes in process `syz.3.448'.
[   52.910824][ T4857] netlink: 'syz.2.449': attribute type 4 has an invalid length.
[   52.926035][ T4851] netlink: 'syz.3.448': attribute type 4 has an invalid length.
[   52.968447][ T4749] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[   52.998319][ T4749] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   53.010680][ T4749] EXT4-fs (loop3): This should not happen!! Data will be lost
[   53.010680][ T4749] 
[   53.011081][ T4859] pim6reg1: entered promiscuous mode
[   53.020537][ T4749] EXT4-fs (loop3): Total free blocks count 0
[   53.025764][ T4859] pim6reg1: entered allmulticast mode
[   53.031712][ T4749] EXT4-fs (loop3): Free/Dirty block details
[   53.031729][ T4749] EXT4-fs (loop3): free_blocks=2415919104
[   53.031743][ T4749] EXT4-fs (loop3): dirty_blocks=16
[   53.031755][ T4749] EXT4-fs (loop3): Block reservation details
[   53.031766][ T4749] EXT4-fs (loop3): i_reserved_data_blocks=1
[   53.066871][ T4749] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 1 with error 28
[   53.103897][ T4870] loop2: detected capacity change from 0 to 1024
[   53.148807][ T4870] EXT4-fs: Ignoring removed orlov option
[   53.166254][ T4870] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   53.188736][ T4874] loop3: detected capacity change from 0 to 8192
[   53.208792][ T4876] FAULT_INJECTION: forcing a failure.
[   53.208792][ T4876] name failslab, interval 1, probability 0, space 0, times 0
[   53.221456][ T4876] CPU: 0 UID: 0 PID: 4876 Comm: syz.1.456 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   53.221481][ T4876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   53.221510][ T4876] Call Trace:
[   53.221517][ T4876]  <TASK>
[   53.221525][ T4876]  dump_stack_lvl+0xf2/0x150
[   53.221558][ T4876]  dump_stack+0x15/0x1a
[   53.221592][ T4876]  should_fail_ex+0x24a/0x260
[   53.221628][ T4876]  should_failslab+0x8f/0xb0
[   53.221665][ T4876]  kmem_cache_alloc_node_noprof+0x59/0x320
[   53.221689][ T4876]  ? __alloc_skb+0x10b/0x310
[   53.221717][ T4876]  __alloc_skb+0x10b/0x310
[   53.221742][ T4876]  ? audit_log_start+0x34c/0x6b0
[   53.221784][ T4876]  audit_log_start+0x368/0x6b0
[   53.221948][ T4876]  ? sort_r+0x7e/0x1580
[   53.221966][ T4876]  ? mod_objcg_state+0x2ea/0x4f0
[   53.221990][ T4876]  audit_seccomp+0x4b/0x130
[   53.222066][ T4876]  __seccomp_filter+0x6fa/0x1180
[   53.222147][ T4876]  ? __kmalloc_noprof+0x284/0x3f0
[   53.222167][ T4876]  ? security_prepare_creds+0x53/0x120
[   53.222202][ T4876]  ? selinux_cred_prepare+0x60/0x70
[   53.222238][ T4876]  ? commit_creds+0x73b/0x7b0
[   53.222320][ T4876]  __secure_computing+0x9f/0x1c0
[   53.222349][ T4876]  syscall_trace_enter+0xd1/0x1f0
[   53.222375][ T4876]  ? fpregs_assert_state_consistent+0x83/0xa0
[   53.222408][ T4876]  do_syscall_64+0xaa/0x1c0
[   53.222444][ T4876]  ? clear_bhb_loop+0x55/0xb0
[   53.222494][ T4876]  ? clear_bhb_loop+0x55/0xb0
[   53.222525][ T4876]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.222558][ T4876] RIP: 0033:0x7f3b3ebabb7c
[   53.222582][ T4876] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   53.222616][ T4876] RSP: 002b:00007f3b3d217030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   53.222638][ T4876] RAX: ffffffffffffffda RBX: 00007f3b3edc5fa0 RCX: 00007f3b3ebabb7c
[   53.222653][ T4876] RDX: 000000000000000f RSI: 00007f3b3d2170a0 RDI: 0000000000000007
[   53.222717][ T4876] RBP: 00007f3b3d217090 R08: 0000000000000000 R09: 0000000000000000
[   53.222732][ T4876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   53.222746][ T4876] R13: 0000000000000000 R14: 00007f3b3edc5fa0 R15: 00007ffd7236d428
[   53.222767][ T4876]  </TASK>
[   53.225520][ T4870] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   53.457981][ T4885] netem: change failed
[   53.486601][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.498169][ T4885] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4885 comm=syz.1.460
[   53.558977][ T4891] FAULT_INJECTION: forcing a failure.
[   53.558977][ T4891] name failslab, interval 1, probability 0, space 0, times 0
[   53.571664][ T4891] CPU: 0 UID: 0 PID: 4891 Comm: syz.2.461 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   53.571692][ T4891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   53.571707][ T4891] Call Trace:
[   53.571715][ T4891]  <TASK>
[   53.571751][ T4891]  dump_stack_lvl+0xf2/0x150
[   53.571782][ T4891]  dump_stack+0x15/0x1a
[   53.571806][ T4891]  should_fail_ex+0x24a/0x260
[   53.571867][ T4891]  should_failslab+0x8f/0xb0
[   53.571902][ T4891]  __kmalloc_node_track_caller_noprof+0xa8/0x410
[   53.572004][ T4891]  ? v9fs_session_init+0x79/0xda0
[   53.572041][ T4891]  kstrdup+0x3d/0xd0
[   53.572070][ T4891]  v9fs_session_init+0x79/0xda0
[   53.572107][ T4891]  ? should_fail_ex+0xd7/0x260
[   53.572146][ T4891]  ? v9fs_mount+0x53/0x570
[   53.572184][ T4891]  ? should_failslab+0x8f/0xb0
[   53.572237][ T4891]  ? __kmalloc_cache_noprof+0x186/0x320
[   53.572267][ T4891]  v9fs_mount+0x69/0x570
[   53.572360][ T4891]  ? __pfx_v9fs_mount+0x10/0x10
[   53.572387][ T4891]  legacy_get_tree+0x77/0xd0
[   53.572428][ T4891]  vfs_get_tree+0x56/0x1e0
[   53.572464][ T4891]  do_new_mount+0x227/0x690
[   53.572506][ T4891]  path_mount+0x49b/0xb30
[   53.572643][ T4891]  __se_sys_mount+0x27f/0x2d0
[   53.572681][ T4891]  ? fput+0x1c4/0x200
[   53.572708][ T4891]  __x64_sys_mount+0x67/0x80
[   53.572807][ T4891]  x64_sys_call+0x2c84/0x2dc0
[   53.572841][ T4891]  do_syscall_64+0xc9/0x1c0
[   53.572881][ T4891]  ? clear_bhb_loop+0x55/0xb0
[   53.572989][ T4891]  ? clear_bhb_loop+0x55/0xb0
[   53.573023][ T4891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   53.573056][ T4891] RIP: 0033:0x7fabd87dd169
[   53.573074][ T4891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   53.573095][ T4891] RSP: 002b:00007fabd6e41038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   53.573164][ T4891] RAX: ffffffffffffffda RBX: 00007fabd89f5fa0 RCX: 00007fabd87dd169
[   53.573179][ T4891] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 0000000000000000
[   53.573193][ T4891] RBP: 00007fabd6e41090 R08: 00002000000002c0 R09: 0000000000000000
[   53.573207][ T4891] R10: 000000000000080a R11: 0000000000000246 R12: 0000000000000002
[   53.573222][ T4891] R13: 0000000000000000 R14: 00007fabd89f5fa0 R15: 00007fff8bee4dc8
[   53.573243][ T4891]  </TASK>
[   53.833953][ T4896] netlink: 24 bytes leftover after parsing attributes in process `syz.3.463'.
[   53.961423][ T4908] process 'syz.1.466' launched './file1' with NULL argv: empty string added
[   54.081991][ T4912] pim6reg1: entered promiscuous mode
[   54.087350][ T4912] pim6reg1: entered allmulticast mode
[   54.163589][ T4916] SELinux:  Context system_u:object_r:net_conf_t:s0 is not valid (left unmapped).
[   54.200969][ T4907] loop2: detected capacity change from 0 to 512
[   54.212835][ T4919] FAULT_INJECTION: forcing a failure.
[   54.212835][ T4919] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   54.225979][ T4919] CPU: 0 UID: 0 PID: 4919 Comm: syz.4.471 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   54.226007][ T4919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   54.226019][ T4919] Call Trace:
[   54.226027][ T4919]  <TASK>
[   54.226035][ T4919]  dump_stack_lvl+0xf2/0x150
[   54.226093][ T4919]  dump_stack+0x15/0x1a
[   54.226118][ T4919]  should_fail_ex+0x24a/0x260
[   54.226149][ T4919]  should_fail+0xb/0x10
[   54.226204][ T4919]  should_fail_usercopy+0x1a/0x20
[   54.226279][ T4919]  _copy_from_user+0x1c/0xa0
[   54.226301][ T4919]  copy_msghdr_from_user+0x54/0x2a0
[   54.226390][ T4919]  ? __fget_files+0x17c/0x1c0
[   54.226432][ T4919]  __sys_sendmsg+0x13e/0x230
[   54.226494][ T4919]  __x64_sys_sendmsg+0x46/0x50
[   54.226587][ T4919]  x64_sys_call+0x2734/0x2dc0
[   54.226655][ T4919]  do_syscall_64+0xc9/0x1c0
[   54.226694][ T4919]  ? clear_bhb_loop+0x55/0xb0
[   54.226800][ T4919]  ? clear_bhb_loop+0x55/0xb0
[   54.226826][ T4919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.226851][ T4919] RIP: 0033:0x7f14a544d169
[   54.226865][ T4919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.226949][ T4919] RSP: 002b:00007f14a3ab1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   54.226971][ T4919] RAX: ffffffffffffffda RBX: 00007f14a5665fa0 RCX: 00007f14a544d169
[   54.226986][ T4919] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000005
[   54.227007][ T4919] RBP: 00007f14a3ab1090 R08: 0000000000000000 R09: 0000000000000000
[   54.227021][ T4919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.227032][ T4919] R13: 0000000000000000 R14: 00007f14a5665fa0 R15: 00007ffe83a9f6b8
[   54.227053][ T4919]  </TASK>
[   54.419592][ T4907] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   54.432458][ T4907] ext4 filesystem being mounted at /76/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   54.473953][ T4926] netem: change failed
[   54.478389][ T4926] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4926 comm=syz.0.473
[   54.496407][ T4928] loop1: detected capacity change from 0 to 512
[   54.503176][ T4928] ext4: Unknown parameter 'obj_role'
[   54.514421][ T4930] pim6reg: entered allmulticast mode
[   54.532151][ T4932] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   54.547278][ T4930] pim6reg: left allmulticast mode
[   54.568335][ T4935] netlink: 'syz.1.477': attribute type 29 has an invalid length.
[   54.576223][ T4935] netlink: 'syz.1.477': attribute type 29 has an invalid length.
[   54.583975][ T4935] netlink: 'syz.1.477': attribute type 29 has an invalid length.
[   54.591735][ T4935] netlink: 'syz.1.477': attribute type 29 has an invalid length.
[   54.599546][ T4935] netlink: 'syz.1.477': attribute type 29 has an invalid length.
[   54.607279][ T4935] netlink: 'syz.1.477': attribute type 29 has an invalid length.
[   54.666498][ T4941] FAULT_INJECTION: forcing a failure.
[   54.666498][ T4941] name failslab, interval 1, probability 0, space 0, times 0
[   54.679160][ T4941] CPU: 0 UID: 0 PID: 4941 Comm: syz.1.479 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   54.679191][ T4941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   54.679214][ T4941] Call Trace:
[   54.679220][ T4941]  <TASK>
[   54.679228][ T4941]  dump_stack_lvl+0xf2/0x150
[   54.679408][ T4941]  dump_stack+0x15/0x1a
[   54.679435][ T4941]  should_fail_ex+0x24a/0x260
[   54.679473][ T4941]  should_failslab+0x8f/0xb0
[   54.679540][ T4941]  kmem_cache_alloc_noprof+0x52/0x320
[   54.679566][ T4941]  ? dst_alloc+0xc0/0x100
[   54.679663][ T4941]  ? __pfx_ip6_dst_gc+0x10/0x10
[   54.679688][ T4941]  dst_alloc+0xc0/0x100
[   54.679712][ T4941]  ip6_pol_route+0x6ff/0xb90
[   54.679771][ T4941]  ? ip6_pol_route+0x385/0xb90
[   54.679804][ T4941]  ip6_pol_route_output+0x3f/0x50
[   54.679832][ T4941]  ? __pfx_ip6_pol_route_output+0x10/0x10
[   54.679890][ T4941]  fib6_rule_lookup+0x225/0x4e0
[   54.679918][ T4941]  ? __pfx_ip6_pol_route_output+0x10/0x10
[   54.680008][ T4941]  ? memcg_list_lru_alloc+0xce/0x4e0
[   54.680032][ T4941]  ? mod_objcg_state+0x2ea/0x4f0
[   54.680057][ T4941]  ? mod_objcg_state+0x2ea/0x4f0
[   54.680078][ T4941]  ? dev_get_by_index_rcu+0x9a/0xb0
[   54.680114][ T4941]  ip6_route_output_flags+0x1f1/0x2e0
[   54.680205][ T4941]  ip6_dst_lookup_tail+0xae/0xa60
[   54.680233][ T4941]  ? avc_has_perm+0xd4/0x160
[   54.680262][ T4941]  ip6_dst_lookup_flow+0x48/0xc0
[   54.680289][ T4941]  tcp_v6_connect+0x68f/0xc60
[   54.680324][ T4941]  __inet_stream_connect+0x162/0x790
[   54.680443][ T4941]  ? _raw_spin_unlock_bh+0x36/0x40
[   54.680471][ T4941]  ? lock_sock_nested+0x10f/0x140
[   54.680529][ T4941]  inet_stream_connect+0x48/0x70
[   54.680592][ T4941]  kernel_connect+0x9a/0xf0
[   54.680635][ T4941]  smc_connect+0x551/0x730
[   54.680676][ T4941]  ? __pfx_smc_connect+0x10/0x10
[   54.680755][ T4941]  __sys_connect+0x18f/0x1b0
[   54.680788][ T4941]  __x64_sys_connect+0x41/0x50
[   54.680815][ T4941]  x64_sys_call+0x22a7/0x2dc0
[   54.680845][ T4941]  do_syscall_64+0xc9/0x1c0
[   54.680917][ T4941]  ? clear_bhb_loop+0x55/0xb0
[   54.680950][ T4941]  ? clear_bhb_loop+0x55/0xb0
[   54.681037][ T4941]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.681071][ T4941] RIP: 0033:0x7f3b3ebad169
[   54.681086][ T4941] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.681103][ T4941] RSP: 002b:00007f3b3d217038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[   54.681174][ T4941] RAX: ffffffffffffffda RBX: 00007f3b3edc5fa0 RCX: 00007f3b3ebad169
[   54.681188][ T4941] RDX: 000000000000001c RSI: 0000200000000080 RDI: 0000000000000009
[   54.681209][ T4941] RBP: 00007f3b3d217090 R08: 0000000000000000 R09: 0000000000000000
[   54.681223][ T4941] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.681237][ T4941] R13: 0000000000000000 R14: 00007f3b3edc5fa0 R15: 00007ffd7236d428
[   54.681308][ T4941]  </TASK>
[   55.005410][ T3304] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.031051][ T4945] pim6reg1: entered promiscuous mode
[   55.036432][ T4945] pim6reg1: entered allmulticast mode
[   55.046922][ T4950] loop4: detected capacity change from 0 to 164
[   55.054330][ T4950] rock: directory entry would overflow storage
[   55.060610][ T4950] rock: sig=0x66, size=4, remaining=3
[   55.070250][ T4950] rock: directory entry would overflow storage
[   55.076491][ T4950] rock: sig=0x66, size=4, remaining=3
[   55.085018][ T4950] iso9660: Corrupted directory entry in block 4 of inode 1792
[   55.095653][ T4951] 9pnet_fd: Insufficient options for proto=fd
[   55.154374][ T4961] loop3: detected capacity change from 0 to 512
[   55.161070][ T4961] ext4: Unknown parameter 'obj_role'
[   55.189033][ T4965] loop3: detected capacity change from 0 to 128
[   55.199183][ T4965] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   55.211349][ T4965] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   55.213347][ T4967] pim6reg1: entered promiscuous mode
[   55.225930][ T4967] pim6reg1: entered allmulticast mode
[   55.248457][ T4969] loop2: detected capacity change from 0 to 764
[   55.290819][ T4974] loop4: detected capacity change from 0 to 2048
[   55.300859][ T4974] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[   55.311713][ T4976] netlink: 20 bytes leftover after parsing attributes in process `syz.3.494'.
[   55.358769][ T4979] netlink: 20 bytes leftover after parsing attributes in process `syz.3.495'.
[   55.466843][ T4987] mmap: syz.4.493 (4987) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   55.484050][ T4986] pim6reg1: entered promiscuous mode
[   55.489501][ T4986] pim6reg1: entered allmulticast mode
[   55.508327][ T4989] FAULT_INJECTION: forcing a failure.
[   55.508327][ T4989] name failslab, interval 1, probability 0, space 0, times 0
[   55.521004][ T4989] CPU: 1 UID: 0 PID: 4989 Comm: syz.3.499 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   55.521064][ T4989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   55.521075][ T4989] Call Trace:
[   55.521081][ T4989]  <TASK>
[   55.521088][ T4989]  dump_stack_lvl+0xf2/0x150
[   55.521118][ T4989]  dump_stack+0x15/0x1a
[   55.521204][ T4989]  should_fail_ex+0x24a/0x260
[   55.521236][ T4989]  should_failslab+0x8f/0xb0
[   55.521333][ T4989]  kmem_cache_alloc_noprof+0x52/0x320
[   55.521398][ T4989]  ? getname_flags+0x81/0x3b0
[   55.521429][ T4989]  ? __rcu_read_unlock+0x4e/0x70
[   55.521453][ T4989]  getname_flags+0x81/0x3b0
[   55.521484][ T4989]  getname_uflags+0x24/0x30
[   55.521524][ T4989]  io_statx_prep+0x10c/0x180
[   55.521548][ T4989]  io_submit_sqes+0x608/0x1070
[   55.521687][ T4989]  __se_sys_io_uring_enter+0x1c0/0x1b00
[   55.521711][ T4989]  ? 0xffffffff81000000
[   55.521726][ T4989]  ? __rcu_read_unlock+0x4e/0x70
[   55.521747][ T4989]  ? get_pid_task+0x8e/0xc0
[   55.521841][ T4989]  ? proc_fail_nth_write+0x12a/0x150
[   55.521925][ T4989]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   55.522019][ T4989]  ? vfs_write+0x644/0x920
[   55.522046][ T4989]  ? putname+0xcf/0xf0
[   55.522066][ T4989]  ? __fget_files+0x17c/0x1c0
[   55.522106][ T4989]  ? fput+0x1c4/0x200
[   55.522125][ T4989]  ? ksys_write+0x176/0x1b0
[   55.522199][ T4989]  __x64_sys_io_uring_enter+0x78/0x90
[   55.522218][ T4989]  x64_sys_call+0xb5e/0x2dc0
[   55.522243][ T4989]  do_syscall_64+0xc9/0x1c0
[   55.522333][ T4989]  ? clear_bhb_loop+0x55/0xb0
[   55.522359][ T4989]  ? clear_bhb_loop+0x55/0xb0
[   55.522397][ T4989]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   55.522437][ T4989] RIP: 0033:0x7fcdd5b6d169
[   55.522470][ T4989] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   55.522491][ T4989] RSP: 002b:00007fcdd41d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   55.522514][ T4989] RAX: ffffffffffffffda RBX: 00007fcdd5d85fa0 RCX: 00007fcdd5b6d169
[   55.522528][ T4989] RDX: 000000000000e176 RSI: 0000000000001c3a RDI: 0000000000000003
[   55.522540][ T4989] RBP: 00007fcdd41d7090 R08: 0000000000000000 R09: 0000000000000000
[   55.522557][ T4989] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000001
[   55.522569][ T4989] R13: 0000000000000000 R14: 00007fcdd5d85fa0 R15: 00007ffd63aaf388
[   55.522591][ T4989]  </TASK>
[   55.863284][ T5001] validate_nla: 1 callbacks suppressed
[   55.863302][ T5001] netlink: 'syz.1.501': attribute type 10 has an invalid length.
[   55.876576][ T5001] netlink: 40 bytes leftover after parsing attributes in process `syz.1.501'.
[   55.889000][ T4999] SELinux: ebitmap: truncated map
[   55.899177][ T5000] loop3: detected capacity change from 0 to 512
[   55.911191][ T4999] SELinux: failed to load policy
[   55.920706][ T5001] team0: Port device geneve1 added
[   55.959999][ T5004] netlink: 20 bytes leftover after parsing attributes in process `syz.4.505'.
[   56.013728][ T5000] ext4 filesystem being mounted at /105/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.055553][   T30] kauditd_printk_skb: 242 callbacks suppressed
[   56.055567][   T30] audit: type=1400 audit(1742541780.017:1429): avc:  denied  { write } for  pid=5005 comm="syz.0.506" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[   56.097450][   T30] audit: type=1326 audit(1742541780.057:1430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5013 comm="syz.1.507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b3ebad169 code=0x7ffc0000
[   56.120887][   T30] audit: type=1326 audit(1742541780.057:1431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5013 comm="syz.1.507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b3ebad169 code=0x7ffc0000
[   56.174947][   T30] audit: type=1326 audit(1742541780.057:1432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5013 comm="syz.1.507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b3ebad169 code=0x7ffc0000
[   56.198309][   T30] audit: type=1326 audit(1742541780.057:1433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5013 comm="syz.1.507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b3ebad169 code=0x7ffc0000
[   56.221791][   T30] audit: type=1326 audit(1742541780.057:1434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5013 comm="syz.1.507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b3ebad169 code=0x7ffc0000
[   56.245135][   T30] audit: type=1326 audit(1742541780.057:1435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5013 comm="syz.1.507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f3b3ebad169 code=0x7ffc0000
[   56.268419][   T30] audit: type=1326 audit(1742541780.057:1436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5013 comm="syz.1.507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b3ebad169 code=0x7ffc0000
[   56.296828][   T30] audit: type=1400 audit(1742541780.237:1437): avc:  denied  { setopt } for  pid=5016 comm="syz.4.509" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   56.336008][ T5017] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   56.426297][   T30] audit: type=1400 audit(1742541780.387:1438): avc:  denied  { create } for  pid=5020 comm="syz.2.510" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[   56.469100][ T5024] netlink: 'syz.4.509': attribute type 10 has an invalid length.
[   56.477053][ T5024] netlink: 40 bytes leftover after parsing attributes in process `syz.4.509'.
[   56.519650][ T5024] team0: Failed to send port change of device geneve1 via netlink (err -105)
[   56.565460][ T5024] team0: Failed to send options change via netlink (err -105)
[   56.573011][ T5024] team0: Port device geneve1 added
[   56.582027][ T5029] loop1: detected capacity change from 0 to 2048
[   56.631066][ T5017] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   56.651495][ T5030] loop2: detected capacity change from 0 to 512
[   56.652929][ T5029] SELinux:  Context system_u:object_r:fsadm_exec_t:s0 is not valid (left unmapped).
[   56.682520][ T5027] IPv6: sit1: Disabled Multicast RS
[   56.690791][ T5027] sit1: entered allmulticast mode
[   56.704433][ T5029] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.512: bg 0: block 2: invalid block bitmap
[   56.719169][ T5029] EXT4-fs (loop1): Remounting filesystem read-only
[   56.725853][ T5030] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.511: bg 0: block 248: padding at end of block bitmap is not set
[   56.747132][ T5029] EXT4-fs warning (device loop1): ext4_xattr_inode_lookup_create:1605: inode #18: comm syz.1.512: cleanup dec ref error -117
[   56.748140][ T5017] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   56.782444][ T5030] EXT4-fs error (device loop2): ext4_acquire_dquot:6927: comm syz.2.511: Failed to acquire dquot type 1
[   56.796908][ T5040] pim6reg1: entered promiscuous mode
[   56.802249][ T5040] pim6reg1: entered allmulticast mode
[   56.805242][ T5030] EXT4-fs (loop2): 1 truncate cleaned up
[   56.814493][ T5030] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   56.829430][ T5039] netem: change failed
[   56.834005][ T5039] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5039 comm=syz.3.514
[   56.836945][ T5027] $Hÿ: renamed from bond0 (while UP)
[   56.854637][ T5027] $Hÿ: entered promiscuous mode
[   56.859799][ T5027] bond_slave_0: entered promiscuous mode
[   56.865671][ T5027] bond_slave_1: entered promiscuous mode
[   56.905858][ T5017] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   56.963126][ T5058] loop2: detected capacity change from 0 to 512
[   56.981352][ T5058] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842e01c, mo2=0002]
[   56.995922][ T5058] System zones: 1-12
[   56.999995][ T5058] EXT4-fs (loop2): orphan cleanup on readonly fs
[   57.015638][ T5017] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.024204][ T5058] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.520: bg 0: block 328: padding at end of block bitmap is not set
[   57.029375][ T5056] hub 4-0:1.0: USB hub found
[   57.043154][ T5056] hub 4-0:1.0: 8 ports detected
[   57.055073][ T5017] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.073362][ T5058] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6550: Corrupt filesystem
[   57.082207][ T5065] netlink: 20 bytes leftover after parsing attributes in process `syz.0.523'.
[   57.091278][ T5069] netlink: 20 bytes leftover after parsing attributes in process `syz.1.524'.
[   57.100471][ T5058] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.520: invalid indirect mapped block 65280 (level 0)
[   57.114524][ T5058] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.520: attempt to clear invalid blocks 33619980 len 1
[   57.128591][ T5058] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.520: invalid indirect mapped block 1819239214 (level 0)
[   57.146060][ T5017] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.155470][ T5058] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.520: invalid indirect mapped block 1819239214 (level 1)
[   57.171735][ T5017] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.176636][ T5058] EXT4-fs (loop2): 1 orphan inode deleted
[   57.187843][ T5074] netem: change failed
[   57.192596][ T5074] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=5074 comm=syz.3.527
[   57.236159][ T5078] loop3: detected capacity change from 0 to 512
[   57.242814][ T5058] netlink: 4 bytes leftover after parsing attributes in process `syz.2.520'.
[   57.256650][ T5078] EXT4-fs: Ignoring removed nobh option
[   57.272651][ T5058] EXT4-fs error (device loop2): ext4_map_blocks:671: inode #2: block 2: comm syz.2.520: lblock 0 mapped to illegal pblock 2 (length 1)
[   57.306195][ T5058] EXT4-fs warning (device loop2): dx_probe:823: inode #2: lblock 0: comm syz.2.520: error -117 reading directory block
[   57.323990][ T5078] ext4 filesystem being mounted at /112/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   57.401573][ T5095] pim6reg1: entered promiscuous mode
[   57.406991][ T5095] pim6reg1: entered allmulticast mode
[   57.422387][ T5098] loop3: detected capacity change from 0 to 1024
[   57.440287][ T5102] FAULT_INJECTION: forcing a failure.
[   57.440287][ T5102] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   57.453427][ T5102] CPU: 1 UID: 0 PID: 5102 Comm: syz.4.537 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   57.453451][ T5102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   57.453463][ T5102] Call Trace:
[   57.453522][ T5102]  <TASK>
[   57.453530][ T5102]  dump_stack_lvl+0xf2/0x150
[   57.453565][ T5102]  dump_stack+0x15/0x1a
[   57.453590][ T5102]  should_fail_ex+0x24a/0x260
[   57.453643][ T5102]  should_fail+0xb/0x10
[   57.453670][ T5102]  should_fail_usercopy+0x1a/0x20
[   57.453700][ T5102]  strncpy_from_user+0x25/0x210
[   57.453724][ T5102]  ? kmem_cache_alloc_noprof+0x18e/0x320
[   57.453817][ T5102]  ? getname_flags+0x81/0x3b0
[   57.453856][ T5102]  getname_flags+0xb0/0x3b0
[   57.453893][ T5102]  getname+0x17/0x20
[   57.453907][ T5102]  __se_sys_sysfs+0x8d/0x2f0
[   57.453926][ T5102]  __x64_sys_sysfs+0x43/0x50
[   57.453976][ T5102]  x64_sys_call+0x2a8/0x2dc0
[   57.454006][ T5102]  do_syscall_64+0xc9/0x1c0
[   57.454048][ T5102]  ? clear_bhb_loop+0x55/0xb0
[   57.454075][ T5102]  ? clear_bhb_loop+0x55/0xb0
[   57.454105][ T5102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.454131][ T5102] RIP: 0033:0x7f14a544d169
[   57.454144][ T5102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.454246][ T5102] RSP: 002b:00007f14a3ab1038 EFLAGS: 00000246 ORIG_RAX: 000000000000008b
[   57.454321][ T5102] RAX: ffffffffffffffda RBX: 00007f14a5665fa0 RCX: 00007f14a544d169
[   57.454385][ T5102] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[   57.454396][ T5102] RBP: 00007f14a3ab1090 R08: 0000000000000000 R09: 0000000000000000
[   57.454406][ T5102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.454417][ T5102] R13: 0000000000000000 R14: 00007f14a5665fa0 R15: 00007ffe83a9f6b8
[   57.454448][ T5102]  </TASK>
[   57.680252][ T5098] SELinux: ebitmap: truncated map
[   57.687394][ T5098] SELinux: failed to load policy
[   57.697928][ T5098] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   57.713475][ T5098] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 51 with max blocks 1 with error 28
[   57.725819][ T5098] EXT4-fs (loop3): This should not happen!! Data will be lost
[   57.725819][ T5098] 
[   57.735572][ T5098] EXT4-fs (loop3): Total free blocks count 0
[   57.738009][ T5109] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[   57.741595][ T5098] EXT4-fs (loop3): Free/Dirty block details
[   57.741614][ T5098] EXT4-fs (loop3): free_blocks=68451041280
[   57.760605][ T5098] EXT4-fs (loop3): dirty_blocks=16
[   57.765750][ T5098] EXT4-fs (loop3): Block reservation details
[   57.771741][ T5098] EXT4-fs (loop3): i_reserved_data_blocks=1
[   57.778934][ T5111] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 36 with error 28
[   57.791431][ T5111] EXT4-fs (loop3): This should not happen!! Data will be lost
[   57.791431][ T5111] 
[   57.849894][ T5119] FAULT_INJECTION: forcing a failure.
[   57.849894][ T5119] name failslab, interval 1, probability 0, space 0, times 0
[   57.862598][ T5119] CPU: 0 UID: 0 PID: 5119 Comm: syz.3.541 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   57.862629][ T5119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   57.862643][ T5119] Call Trace:
[   57.862649][ T5119]  <TASK>
[   57.862656][ T5119]  dump_stack_lvl+0xf2/0x150
[   57.862683][ T5119]  dump_stack+0x15/0x1a
[   57.862704][ T5119]  should_fail_ex+0x24a/0x260
[   57.862753][ T5119]  should_failslab+0x8f/0xb0
[   57.862791][ T5119]  kmem_cache_alloc_node_noprof+0x59/0x320
[   57.862817][ T5119]  ? __alloc_skb+0x10b/0x310
[   57.862840][ T5119]  __alloc_skb+0x10b/0x310
[   57.862866][ T5119]  netlink_alloc_large_skb+0xad/0xe0
[   57.862924][ T5119]  netlink_sendmsg+0x3b4/0x6e0
[   57.862948][ T5119]  ? __pfx_netlink_sendmsg+0x10/0x10
[   57.862966][ T5119]  __sock_sendmsg+0x140/0x180
[   57.862999][ T5119]  ____sys_sendmsg+0x326/0x4b0
[   57.863048][ T5119]  __sys_sendmsg+0x19d/0x230
[   57.863114][ T5119]  __x64_sys_sendmsg+0x46/0x50
[   57.863146][ T5119]  x64_sys_call+0x2734/0x2dc0
[   57.863182][ T5119]  do_syscall_64+0xc9/0x1c0
[   57.863289][ T5119]  ? clear_bhb_loop+0x55/0xb0
[   57.863316][ T5119]  ? clear_bhb_loop+0x55/0xb0
[   57.863347][ T5119]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   57.863380][ T5119] RIP: 0033:0x7fcdd5b6d169
[   57.863397][ T5119] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   57.863433][ T5119] RSP: 002b:00007fcdd41d7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   57.863490][ T5119] RAX: ffffffffffffffda RBX: 00007fcdd5d85fa0 RCX: 00007fcdd5b6d169
[   57.863502][ T5119] RDX: 0000000020008840 RSI: 0000200000000040 RDI: 0000000000000005
[   57.863513][ T5119] RBP: 00007fcdd41d7090 R08: 0000000000000000 R09: 0000000000000000
[   57.863524][ T5119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.863535][ T5119] R13: 0000000000000000 R14: 00007fcdd5d85fa0 R15: 00007ffd63aaf388
[   57.863599][ T5119]  </TASK>
[   58.089376][ T5128] FAULT_INJECTION: forcing a failure.
[   58.089376][ T5128] name failslab, interval 1, probability 0, space 0, times 0
[   58.091211][ T5126] __nla_validate_parse: 3 callbacks suppressed
[   58.091290][ T5126] netlink: 28 bytes leftover after parsing attributes in process `syz.0.542'.
[   58.102056][ T5128] CPU: 0 UID: 0 PID: 5128 Comm: syz.2.544 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   58.102086][ T5128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   58.102100][ T5128] Call Trace:
[   58.102107][ T5128]  <TASK>
[   58.102114][ T5128]  dump_stack_lvl+0xf2/0x150
[   58.102147][ T5128]  dump_stack+0x15/0x1a
[   58.102170][ T5128]  should_fail_ex+0x24a/0x260
[   58.102212][ T5128]  should_failslab+0x8f/0xb0
[   58.102247][ T5128]  kmem_cache_alloc_noprof+0x52/0x320
[   58.102273][ T5128]  ? vm_area_dup+0x2c/0x130
[   58.102303][ T5128]  vm_area_dup+0x2c/0x130
[   58.102327][ T5128]  __split_vma+0xf7/0x6a0
[   58.102357][ T5128]  vma_modify+0x105/0x200
[   58.102378][ T5128]  vma_modify_policy+0xeb/0x120
[   58.102406][ T5128]  mbind_range+0x1d8/0x490
[   58.102458][ T5128]  __se_sys_mbind+0x95c/0x11c0
[   58.102493][ T5128]  __x64_sys_mbind+0x78/0x90
[   58.102518][ T5128]  x64_sys_call+0x2662/0x2dc0
[   58.102550][ T5128]  do_syscall_64+0xc9/0x1c0
[   58.102588][ T5128]  ? clear_bhb_loop+0x55/0xb0
[   58.102621][ T5128]  ? clear_bhb_loop+0x55/0xb0
[   58.102653][ T5128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   58.102686][ T5128] RIP: 0033:0x7fabd87dd169
[   58.102703][ T5128] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   58.102725][ T5128] RSP: 002b:00007fabd6e41038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[   58.102745][ T5128] RAX: ffffffffffffffda RBX: 00007fabd89f5fa0 RCX: 00007fabd87dd169
[   58.102759][ T5128] RDX: 0000000000000004 RSI: 0000000000800000 RDI: 0000200000001000
[   58.102774][ T5128] RBP: 00007fabd6e41090 R08: 0000000000000000 R09: 0000000000000000
[   58.102788][ T5128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.102801][ T5128] R13: 0000000000000000 R14: 00007fabd89f5fa0 R15: 00007fff8bee4dc8
[   58.102824][ T5128]  </TASK>
[   58.121505][ T5124] loop3: detected capacity change from 0 to 1024
[   58.167623][ T5126] hub 9-0:1.0: USB hub found
[   58.329548][ T5126] hub 9-0:1.0: 8 ports detected
[   58.436644][ T5144] loop2: detected capacity change from 0 to 1024
[   58.438540][ T5145] loop3: detected capacity change from 0 to 512
[   58.514751][ T5144] SELinux:  policydb magic number 0x6c65732f does not match expected magic number 0xf97cff8c
[   58.583762][ T5144] SELinux: failed to load policy
[   58.590018][ T5144] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   58.609255][ T5161] syzkaller0: entered promiscuous mode
[   58.614752][ T5161] syzkaller0: entered allmulticast mode
[   58.622046][ T5144] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 51 with max blocks 1 with error 28
[   58.634548][ T5144] EXT4-fs (loop2): This should not happen!! Data will be lost
[   58.634548][ T5144] 
[   58.644237][ T5144] EXT4-fs (loop2): Total free blocks count 0
[   58.650274][ T5144] EXT4-fs (loop2): Free/Dirty block details
[   58.656292][ T5144] EXT4-fs (loop2): free_blocks=68451041280
[   58.662105][ T5144] EXT4-fs (loop2): dirty_blocks=16
[   58.667260][ T5144] EXT4-fs (loop2): Block reservation details
[   58.673288][ T5144] EXT4-fs (loop2): i_reserved_data_blocks=1
[   58.686628][ T5166] loop1: detected capacity change from 0 to 256
[   58.699361][ T5165] EXT4-fs (loop2): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 36 with error 28
[   58.711922][ T5165] EXT4-fs (loop2): This should not happen!! Data will be lost
[   58.711922][ T5165] 
[   58.756218][ T5170] veth0_vlan: entered allmulticast mode
[   58.809657][   T36] hid-generic 0003:FFFFFFFB:0001.0001: ignoring exceeding usage max
[   58.822046][   T36] hid-generic 0003:FFFFFFFB:0001.0001: unknown main item tag 0x4
[   58.829990][   T36] hid-generic 0003:FFFFFFFB:0001.0001: item fetching failed at offset 11/27
[   58.914971][   T36] hid-generic 0003:FFFFFFFB:0001.0001: probe with driver hid-generic failed with error -22
[   58.933399][ T5176] loop4: detected capacity change from 0 to 2048
[   58.979496][ T5182] loop2: detected capacity change from 0 to 512
[   58.995253][ T5182] EXT4-fs: Ignoring removed i_version option
[   59.001295][ T5182] EXT4-fs: Ignoring removed mblk_io_submit option
[   59.043812][ T5182] EXT4-fs (loop2): can't mount with both data=journal and delalloc
[   59.523100][ T5200] netlink: 24 bytes leftover after parsing attributes in process `syz.1.569'.
[   59.586302][ T5202] FAULT_INJECTION: forcing a failure.
[   59.586302][ T5202] name failslab, interval 1, probability 0, space 0, times 0
[   59.598991][ T5202] CPU: 1 UID: 0 PID: 5202 Comm: syz.4.570 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   59.599014][ T5202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   59.599028][ T5202] Call Trace:
[   59.599033][ T5202]  <TASK>
[   59.599041][ T5202]  dump_stack_lvl+0xf2/0x150
[   59.599119][ T5202]  dump_stack+0x15/0x1a
[   59.599141][ T5202]  should_fail_ex+0x24a/0x260
[   59.599204][ T5202]  should_failslab+0x8f/0xb0
[   59.599313][ T5202]  __kmalloc_noprof+0xab/0x3f0
[   59.599336][ T5202]  ? sock_kmalloc+0x83/0xc0
[   59.599369][ T5202]  sock_kmalloc+0x83/0xc0
[   59.599407][ T5202]  ____sys_sendmsg+0x127/0x4b0
[   59.599441][ T5202]  __sys_sendmmsg+0x227/0x4b0
[   59.599488][ T5202]  __x64_sys_sendmmsg+0x57/0x70
[   59.599516][ T5202]  x64_sys_call+0x29aa/0x2dc0
[   59.599612][ T5202]  do_syscall_64+0xc9/0x1c0
[   59.599666][ T5202]  ? clear_bhb_loop+0x55/0xb0
[   59.599698][ T5202]  ? clear_bhb_loop+0x55/0xb0
[   59.599860][ T5202]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.599889][ T5202] RIP: 0033:0x7f14a544d169
[   59.599906][ T5202] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.599969][ T5202] RSP: 002b:00007f14a3ab1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   59.599990][ T5202] RAX: ffffffffffffffda RBX: 00007f14a5665fa0 RCX: 00007f14a544d169
[   59.600003][ T5202] RDX: 0000000000000001 RSI: 0000200000004ac0 RDI: 0000000000000003
[   59.600027][ T5202] RBP: 00007f14a3ab1090 R08: 0000000000000000 R09: 0000000000000000
[   59.600040][ T5202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.600053][ T5202] R13: 0000000000000000 R14: 00007f14a5665fa0 R15: 00007ffe83a9f6b8
[   59.600074][ T5202]  </TASK>
[   59.601252][ T5200] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=5200 comm=syz.1.569
[   59.949869][ T5222] netlink: 4 bytes leftover after parsing attributes in process `syz.0.574'.
[   59.976820][ T5222] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   59.984236][ T5222] batman_adv: batadv0: Removing interface: batadv_slave_0
[   60.005393][ T5213] loop4: detected capacity change from 0 to 8192
[   60.012557][ T5222] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   60.020062][ T5222] batman_adv: batadv0: Removing interface: batadv_slave_1
[   60.131637][ T5213]  loop4: p2 p3 p4
[   60.142471][ T5213] loop4: p2 size 64053 extends beyond EOD, truncated
[   60.159778][ T5213] loop4: p3 start 65280 is beyond EOD, truncated
[   60.166268][ T5213] loop4: p4 size 50331904 extends beyond EOD, truncated
[   60.217452][ T5238] netlink: 20 bytes leftover after parsing attributes in process `syz.0.581'.
[   60.356872][ T5245] netlink: 4 bytes leftover after parsing attributes in process `syz.1.585'.
[   60.431047][ T5249] pimreg: entered allmulticast mode
[   60.451064][ T5249] pimreg: left allmulticast mode
[   60.527579][ T5257] sch_tbf: peakrate 8 is lower than or equals to rate 12 !
[   60.567476][ T5247] loop2: detected capacity change from 0 to 512
[   60.590275][ T5247] ext4 filesystem being mounted at /93/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   60.854199][ T5270] vlan2: entered allmulticast mode
[   60.974200][ T5274] netlink: 124 bytes leftover after parsing attributes in process `syz.2.593'.
[   61.163882][ T5282] netlink: 4 bytes leftover after parsing attributes in process `syz.2.597'.
[   61.236088][ T5236] syz.3.580 (5236) used greatest stack depth: 7088 bytes left
[   61.288326][ T5288] pim6reg1: entered promiscuous mode
[   61.293670][ T5288] pim6reg1: entered allmulticast mode
[   61.307273][ T5292] netlink: 52 bytes leftover after parsing attributes in process `syz.2.603'.
[   61.396147][   T30] kauditd_printk_skb: 82 callbacks suppressed
[   61.396227][   T30] audit: type=1400 audit(1742541785.357:1519): avc:  denied  { name_connect } for  pid=5300 comm="syz.1.605" dest=20003 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[   61.484018][ T5307] netlink: 4 bytes leftover after parsing attributes in process `syz.2.608'.
[   61.524373][ T5311] loop1: detected capacity change from 0 to 512
[   61.531419][ T5311] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   61.546012][ T5311] EXT4-fs (loop1): 1 truncate cleaned up
[   61.630769][ T5321] netlink: 96 bytes leftover after parsing attributes in process `syz.1.614'.
[   61.832023][ T5351] 9pnet_fd: Insufficient options for proto=fd
[   61.877428][   T30] audit: type=1326 audit(1742541785.837:1520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5354 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b3ebad169 code=0x7ffc0000
[   61.900870][   T30] audit: type=1326 audit(1742541785.837:1521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5354 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b3ebad169 code=0x7ffc0000
[   61.924371][   T30] audit: type=1326 audit(1742541785.837:1522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5354 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b3ebad169 code=0x7ffc0000
[   61.948025][   T30] audit: type=1326 audit(1742541785.837:1523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5354 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b3ebad169 code=0x7ffc0000
[   61.971891][   T30] audit: type=1326 audit(1742541785.837:1524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5354 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b3ebad169 code=0x7ffc0000
[   61.995351][   T30] audit: type=1326 audit(1742541785.837:1525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5354 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3b3ebad169 code=0x7ffc0000
[   62.019111][   T30] audit: type=1326 audit(1742541785.837:1526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5354 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b3ebad169 code=0x7ffc0000
[   62.042469][   T30] audit: type=1326 audit(1742541785.837:1527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5354 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=76 compat=0 ip=0x7f3b3ebad169 code=0x7ffc0000
[   62.042803][ T5324] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[   62.065891][   T30] audit: type=1326 audit(1742541785.837:1528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5354 comm="syz.1.625" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b3ebad169 code=0x7ffc0000
[   62.113072][ T5364] FAULT_INJECTION: forcing a failure.
[   62.113072][ T5364] name failslab, interval 1, probability 0, space 0, times 0
[   62.125802][ T5364] CPU: 0 UID: 0 PID: 5364 Comm: syz.1.628 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   62.125831][ T5364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   62.125849][ T5364] Call Trace:
[   62.125856][ T5364]  <TASK>
[   62.125864][ T5364]  dump_stack_lvl+0xf2/0x150
[   62.125896][ T5364]  dump_stack+0x15/0x1a
[   62.125916][ T5364]  should_fail_ex+0x24a/0x260
[   62.125948][ T5364]  should_failslab+0x8f/0xb0
[   62.125984][ T5364]  kmem_cache_alloc_noprof+0x52/0x320
[   62.126009][ T5364]  ? vm_area_dup+0x98/0x130
[   62.126037][ T5364]  vm_area_dup+0x98/0x130
[   62.126064][ T5364]  __split_vma+0xf7/0x6a0
[   62.126093][ T5364]  vms_gather_munmap_vmas+0x171/0x7a0
[   62.126133][ T5364]  ? mas_walk+0x204/0x320
[   62.126171][ T5364]  mmap_region+0x464/0x1620
[   62.126193][ T5364]  ? __rcu_read_unlock+0x4e/0x70
[   62.126219][ T5364]  ? kernelmode_fixup_or_oops+0x58/0xb0
[   62.126256][ T5364]  ? exc_page_fault+0x4fc/0x650
[   62.126305][ T5364]  do_mmap+0x98a/0xc30
[   62.126341][ T5364]  vm_mmap_pgoff+0x16d/0x2d0
[   62.126377][ T5364]  ksys_mmap_pgoff+0x286/0x330
[   62.126411][ T5364]  x64_sys_call+0x1940/0x2dc0
[   62.126441][ T5364]  do_syscall_64+0xc9/0x1c0
[   62.126477][ T5364]  ? clear_bhb_loop+0x55/0xb0
[   62.126508][ T5364]  ? clear_bhb_loop+0x55/0xb0
[   62.126538][ T5364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.126568][ T5364] RIP: 0033:0x7f3b3ebad169
[   62.126593][ T5364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.126624][ T5364] RSP: 002b:00007f3b3d217038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   62.126643][ T5364] RAX: ffffffffffffffda RBX: 00007f3b3edc5fa0 RCX: 00007f3b3ebad169
[   62.126655][ T5364] RDX: 0000000005000003 RSI: 0000000000003000 RDI: 0000200000ffb000
[   62.126668][ T5364] RBP: 00007f3b3d217090 R08: 0000000000000003 R09: 000000002f957000
[   62.126680][ T5364] R10: 0000000000028011 R11: 0000000000000246 R12: 0000000000000001
[   62.126692][ T5364] R13: 0000000000000000 R14: 00007f3b3edc5fa0 R15: 00007ffd7236d428
[   62.126711][ T5364]  </TASK>
[   62.399712][ T5370] xt_hashlimit: max too large, truncated to 1048576
[   62.409030][ T5371] xt_hashlimit: max too large, truncated to 1048576
[   62.490266][ T5370] loop1: detected capacity change from 0 to 128
[   62.519285][ T3308] ==================================================================
[   62.527413][ T3308] BUG: KCSAN: data-race in generic_fillattr / inode_add_bytes
[   62.534918][ T3308] 
[   62.537255][ T3308] read-write to 0xffff8881194069b8 of 8 bytes by task 5334 on cpu 1:
[   62.545327][ T3308]  inode_add_bytes+0x45/0xd0
[   62.549941][ T3308]  __dquot_alloc_space+0x181/0x8a0
[   62.555069][ T3308]  shmem_inode_acct_blocks+0x124/0x230
[   62.560549][ T3308]  shmem_get_folio_gfp+0x5be/0xd90
[   62.565674][ T3308]  shmem_write_begin+0xa2/0x180
[   62.570533][ T3308]  generic_perform_write+0x187/0x4a0
[   62.575823][ T3308]  shmem_file_write_iter+0xc2/0xe0
[   62.580938][ T3308]  __kernel_write_iter+0x247/0x4c0
[   62.586068][ T3308]  dump_user_range+0x3c0/0x560
[   62.590841][ T3308]  elf_core_dump+0x1d17/0x1ea0
[   62.595617][ T3308]  do_coredump+0x17fe/0x1f40
[   62.600211][ T3308]  get_signal+0xd4f/0x1000
[   62.604625][ T3308]  arch_do_signal_or_restart+0x95/0x4b0
[   62.610173][ T3308]  irqentry_exit_to_user_mode+0xa7/0x120
[   62.615869][ T3308]  irqentry_exit+0x12/0x50
[   62.620305][ T3308]  asm_exc_page_fault+0x26/0x30
[   62.625200][ T3308] 
[   62.627525][ T3308] read to 0xffff8881194069b8 of 8 bytes by task 3308 on cpu 0:
[   62.635067][ T3308]  generic_fillattr+0x274/0x330
[   62.639944][ T3308]  shmem_getattr+0x17b/0x200
[   62.644541][ T3308]  vfs_getattr+0x172/0x1b0
[   62.648959][ T3308]  vfs_statx+0x12d/0x320
[   62.653204][ T3308]  vfs_fstatat+0xe4/0x130
[   62.657557][ T3308]  __se_sys_newfstatat+0x58/0x260
[   62.662584][ T3308]  __x64_sys_newfstatat+0x55/0x70
[   62.667614][ T3308]  x64_sys_call+0x236d/0x2dc0
[   62.672304][ T3308]  do_syscall_64+0xc9/0x1c0
[   62.676826][ T3308]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.682730][ T3308] 
[   62.685055][ T3308] value changed: 0x0000000000012c80 -> 0x0000000000012ca8
[   62.692160][ T3308] 
[   62.694511][ T3308] Reported by Kernel Concurrency Sanitizer on:
[   62.700659][ T3308] CPU: 0 UID: 0 PID: 3308 Comm: syz-executor Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   62.711511][ T3308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   62.721568][ T3308] ==================================================================
[   62.869608][ T5381] FAULT_INJECTION: forcing a failure.
[   62.869608][ T5381] name failslab, interval 1, probability 0, space 0, times 0
[   62.882334][ T5381] CPU: 0 UID: 0 PID: 5381 Comm: syz.4.635 Not tainted 6.14.0-rc7-syzkaller-00137-g5fc319360819 #0
[   62.882361][ T5381] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   62.882375][ T5381] Call Trace:
[   62.882383][ T5381]  <TASK>
[   62.882392][ T5381]  dump_stack_lvl+0xf2/0x150
[   62.882424][ T5381]  dump_stack+0x15/0x1a
[   62.882468][ T5381]  should_fail_ex+0x24a/0x260
[   62.882560][ T5381]  should_failslab+0x8f/0xb0
[   62.882598][ T5381]  kmem_cache_alloc_noprof+0x52/0x320
[   62.882624][ T5381]  ? prepare_creds+0x37/0x480
[   62.882815][ T5381]  prepare_creds+0x37/0x480
[   62.882884][ T5381]  copy_creds+0x90/0x3f0
[   62.882950][ T5381]  copy_process+0x64b/0x1f50
[   62.882987][ T5381]  ? 0xffffffff81000000
[   62.883003][ T5381]  ? selinux_file_permission+0x22a/0x360
[   62.883045][ T5381]  kernel_clone+0x167/0x5e0
[   62.883075][ T5381]  ? vfs_write+0x644/0x920
[   62.883150][ T5381]  __x64_sys_clone+0xe7/0x120
[   62.883219][ T5381]  x64_sys_call+0x2d7e/0x2dc0
[   62.883252][ T5381]  do_syscall_64+0xc9/0x1c0
[   62.883306][ T5381]  ? clear_bhb_loop+0x55/0xb0
[   62.883336][ T5381]  ? clear_bhb_loop+0x55/0xb0
[   62.883369][ T5381]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   62.883423][ T5381] RIP: 0033:0x7f14a544d169
[   62.883440][ T5381] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   62.883461][ T5381] RSP: 002b:00007f14a3ab0fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   62.883483][ T5381] RAX: ffffffffffffffda RBX: 00007f14a5665fa0 RCX: 00007f14a544d169
[   62.883495][ T5381] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000200
[   62.883506][ T5381] RBP: 00007f14a3ab1090 R08: 0000000000000000 R09: 0000000000000000
[   62.883520][ T5381] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[   62.883534][ T5381] R13: 0000000000000000 R14: 00007f14a5665fa0 R15: 00007ffe83a9f6b8
[   62.883574][ T5381]  </TASK>
[   70.109241][   T30] kauditd_printk_skb: 1 callbacks suppressed
[   70.109255][   T30] audit: type=1400 audit(1742541794.067:1530): avc:  denied  { read } for  pid=2984 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[   70.137390][   T30] audit: type=1400 audit(1742541794.067:1531): avc:  denied  { search } for  pid=2984 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   70.159057][   T30] audit: type=1400 audit(1742541794.067:1532): avc:  denied  { append } for  pid=2984 comm="syslogd" name="messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   70.181449][   T30] audit: type=1400 audit(1742541794.067:1533): avc:  denied  { open } for  pid=2984 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   70.204060][   T30] audit: type=1400 audit(1742541794.067:1534): avc:  denied  { getattr } for  pid=2984 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=6 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1