last executing test programs:

2m22.644300677s ago: executing program 32 (id=999):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
unlinkat(r1, &(0x7f00000000c0)='./mnt\x00', 0x200)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f00000003c0), 0xffffffffffffffff)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, 0x0, 0x0)
socket(0x80000000000000a, 0x2, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, 0x0, 0x10)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000010008100000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="0a043cbf", @ANYRES32, @ANYBLOB="0a001b"], 0x2c}], 0x1}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001380)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000002c0)='mlxsw_sp_acl_tcam_vregion_rehash\x00', 0xffffffffffffffff, 0x0, 0x8000008}, 0x18)
r4 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
ioctl$USBDEVFS_ALLOC_STREAMS(r4, 0x8008551c, &(0x7f0000000140)=ANY=[@ANYBLOB="64a1000001"])
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x10000000, {0x0, 0x0, 0x0, 0x0, {0x1}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000000000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004801400030076657468315f6d6163767461700000000800014000000005"], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000010900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000259400"], 0x118}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0x3, 0x2)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=@ipv6_delrule={0x30, 0x21, 0x1, 0x0, 0x25dfdbfd, {0xa, 0x20, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, 0x10}, [@FRA_DST={0x14, 0x1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}, 0x30}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0x66, &(0x7f0000001a40)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "1200b0", 0x30, 0x3a, 0x0, @empty, @mcast2, {[], @dest_unreach={0xa0, 0x0, 0x0, 0x0, '\x00', {0x0, 0x6, "277382", 0x0, 0x0, 0x0, @private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}}}}}, 0x0)
socket$rds(0x15, 0x5, 0x0)

2m20.844108724s ago: executing program 33 (id=1000):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000000000000000808000400", @ANYRES32=r0, @ANYBLOB="06001500070000000c001680080001"], 0x38}}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
perf_event_open(&(0x7f0000000380)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000003c0)={0x0, 0x0, 0x6, {0x0, 0x1}, {0x45, 0x2}, @period={0x59, 0x200, 0x4, 0x7, 0x0, {0xffff, 0xf, 0x4, 0x5}, 0x0, 0x0}})
write$char_usb(r2, &(0x7f0000000040)="e2", 0x2250)
ioctl$EVIOCGKEY(r2, 0x80404518, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000eb0f000000000000", @ANYRES32=0x1, @ANYBLOB="bb00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0480000005000000030000decc17738e30bf623a8d60779d51000a00"/42], 0x50)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000100)={'team0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x18)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, 0x0, 0x10)
syz_usb_disconnect(r6)
syz_usb_connect(0x4, 0x24, &(0x7f00000000c0)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r6, 0x40095505, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtaction={0x68, 0x30, 0xb, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0xff, 0xffffffffffffffff, 0x6, 0x6}, 0x3, r4}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x2000a804)
r8 = signalfd(0xffffffffffffffff, &(0x7f0000002140), 0x8)
unshare(0x22020600)
statx(r8, 0x0, 0x1000, 0x200, &(0x7f0000000500))
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r4], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x4884)
r9 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r9, 0x0, 0x0)
name_to_handle_at(r9, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=@FILEID_BTRFS_WITH_PARENT={0x28, 0x4e, {0x100000001, 0x1, 0x2, 0x6, 0xcb, 0x7}}, &(0x7f0000000180), 0x1200)
getsockopt$XDP_MMAP_OFFSETS(r9, 0x11b, 0x1, &(0x7f0000000000), &(0x7f00000000c0)=0x80)

2m18.632870467s ago: executing program 34 (id=1001):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
clock_nanosleep(0x2, 0xfffffdfc, &(0x7f0000000080)={0x0, 0x989680}, 0x0)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x1000, 0x0)
ioctl$SNAPSHOT_FREE(r2, 0x3305)
syz_clone(0x40200080, 0x0, 0x0, 0x0, 0x0, 0x0)

2m16.767341084s ago: executing program 35 (id=1003):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
inotify_add_watch(0xffffffffffffffff, 0x0, 0x64000ba6)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000680), 0x40000, 0x19)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)

2m16.272338521s ago: executing program 36 (id=1002):
perf_event_open(&(0x7f0000000680)={0x2, 0x80, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0x1, 0x0, 0x0, 0x0, 0x80000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_clone(0xe50c1700, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a300000000058000000060a010400000000000000000100000008000b4000000000300004802c0001800b000100736f636b657400001c000280080001400000000b080002400000000b08000300000000230900010073797a30"], 0xcc}}, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000001240)='./file2\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x121e, &(0x7f0000003680)="$eJzs3E9rHGUcB/Bf0tq0qclGrdUWxAe96GVocvCilyApSBeUthFaQZiaiS4Zd0NmCayItSevvgHfgAgieBPEm15y8R0IXiQXjxXEkd2t6UZTMVI6bfl8LvuDZ76zv3n2DzzLPrP7yqfvb6xX2Xrej+mpqZjejEg3U6SYjr98HC++/P0Pz1y6cvXCcru9cjGl88uXF19KKc0/++1bH37x3Hf9k29+Pf/NTOwsvL3769LPO6d3zuz+cfm9TpU6Ver2+ilP13q9fn6tLNJap9rIUnqjLPKqSJ1uVWztG18ve5ubg5R31+ZmN7eKqkp5d5A2ikHq91J/a5Dyd/NON2VZluZmg8M7uletfn6zruuIun4kjkVd1/WJmI2T8WjMxXy0YiEei8frVpyKJ+N0PBVPx1c/fTkYJgAAAAAAAAAAAAAAAAAAAIC75z/s/48nJvb/nxkd1XTXAAAAAAAAAAAAAAAAAAAA8HC5dOXqheV2e+ViSscjyk+2V7dXx4/j8eX16EQZRZyLVvweo93/Y+P6/GvtlXNpZCFulNdv5a9vrx7Zn18c3U7gwPziOJ/ixolbXQ3zMzE7mV+KVpw6OL+0l598/uPxwvMT+Sxa8eM70Ysy1mKYvZ3/aDGlV19v/y1/dnQcAAAAPAyytOfA9XuW3Wl8nD/E7wP71tfD7NmjjV46EVENPtjIy7LYegCKI/dHG40Vx5pt47e6rpufhH8tPvtl/K6++2e+8ydlJiL+95mnIuL+mLp/FE1/M3Ev3H7Rm+4EAAAAAAAAAACAw7gXfyds+hoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA/2YFjAQAAAABh/tZpdGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBVAAAA///ovs87")
r1 = open(&(0x7f0000000640)='./file2\x00', 0x4000, 0x2)
preadv2(r1, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x1, 0x407650, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x40200, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x3)
ioctl$TIOCGSOFTCAR(r2, 0x5419, &(0x7f0000000000))
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r3, 0x89f0, &(0x7f00000000c0)={'syztnl1\x00', &(0x7f0000000040)={'ip6gre0\x00', 0x0, 0x29, 0xaa, 0x2, 0x8, 0x20, @loopback, @remote, 0x0, 0x87, 0xe, 0xb5}})
syz_io_uring_submit(0x0, 0x0, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffff56})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0))
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r4)
sendmsg$NFC_CMD_DEP_LINK_UP(r4, &(0x7f0000000600)={0x0, 0xffffffffffffff24, &(0x7f00000005c0)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01002abd7000fbdbdf250400000005000a0000000000080001"], 0x3c}, 0x1, 0x0, 0x0, 0x26040041}, 0x40)

27.367295964s ago: executing program 7 (id=1938):
recvmsg(0xffffffffffffffff, 0x0, 0x1c0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={0xffffffffffffffff, &(0x7f0000000280)="ca", &(0x7f0000000000)=""/3, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={0xffffffffffffffff, &(0x7f0000000600), &(0x7f0000000700)=""/127}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={0xffffffffffffffff, &(0x7f0000000100), 0x0, 0x2}, 0x20)
socket$nl_rdma(0x10, 0x3, 0x14)
r1 = socket(0x2, 0x3, 0xff)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x850) (fail_nth: 5)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r5, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @loopback}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000000000000701027f00000100000000001c000000000000000000000008"], 0x40}, 0x24000000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x18)

26.96380543s ago: executing program 7 (id=1947):
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
futex_waitv(&(0x7f0000000cc0)=[{0x2, 0x0, 0xd11575e333facf60}], 0x1, 0x0, 0x0, 0x0)
openat$selinux_attr(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="190000000400000004000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x28800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x2, @perf_bp={&(0x7f00000003c0), 0x2}, 0x0, 0x59, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x7ffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000004cc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x9, 0x400, 0x6, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0xaf1d, 0x1, @perf_bp={0x0, 0x1}, 0x100410, 0x200, 0x2, 0x1, 0x9, 0x9, 0xfffd, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x6, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x210016, &(0x7f0000000240)={[], [{@mask={'mask', 0x3d, '^MAY_WRITE'}}]}, 0x1, 0x43d, &(0x7f0000000900)="$eJzs281vG0UbAPBn7SR9+/FSU5WPpgUCBRHxkTRpKT1wAYHEASQkOJRjSNIq1G1QEyRaRRAQKkdUiTviiMRfwAkuCDghcYU7qlShXFrgYrTZ3cR27LQOTlzw7ydtMrM7zszj3bFnZ7IB9K2R9EcSsS8ifomI/Vm2scBI9uvmytL0HytL00nUaq//nqyWu7GyNF0ULV63t8gMRJQ+TuJwi3oXLl0+N1Wtzl7M8+OL598ZX7h0+em581NnZ8/OXpg8derE8YlnT04+05U407huDL8/f+TQy29efXX69NW3fvgqKeJviqNLRjY7+Fit1uXqeuv/delkoIcNoSPlrJvG4Gr/3x/lWD95++Olj3raOGBb1Wq12r3tDy/XgP+wJHrdAqA3ii/69P632HZo6HFHuP58dgOUxn0z37IjA1HKyww23d9200hEnF7+8/N0i+2ZhwAAaPBNOv55Kh//NSz8lKJ+XuiufA2lEhF3R8SBiDgZEQcj4p6I1bL3RcT9HdbfvEiycfxTutbhn+xIOv57Ll/bahz/FaO/qJQj/iqGy5UYTM7MVWeP5e/JaAzuSvMTm9Tx7Ys/f9ruWP34L93S+ouxYN6OawO7Gl8zM7U49U9irnf9w4jhgVbxJ2srAellcSgihrdYx9wTXx5pd+zW8Tcaqs90YZ2p9kXE49n5X46m+AvJ5uuT4/+L6uyx8eKq2OjHn6681q7+TuPvtvT872l5/a/FX0nq12sXOq/jyq+ftL2n2er1P5S80bDvvanFxYsTEUPJK1mj6/dPNpWbXC+fxj96tHX/PxDr78ThiEgv4gci4sGIeChv+8MR8UhEHN0k/u9fePTtxj1JB/FvrzT+mY7O/3piKJr3tE6Uz333dUOllegg/vT8n1hNjeZ7bufz73batbWrGQAAAP59ShGxL5LS2Fq6VBoby/6H/2DsKVXnFxafPDP/7oWZ7BmBSgyWipmubD44mw+dyG/ri/xkU/54Pm/8WXn3an5ser460+vgoc/tbdP/U7+Ve906YNt5Xgv6l/4P/Uv/h/6l/0P/atH/d/eiHcDOa/X9/0EP2gHsvKb+b9kP+oj7f+hf+j/0L/0f+tLC7rj1Q/ISEhsSUbojmiGxTYlefzIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0x98BAAD///1B6is=")
lchown(&(0x7f00000006c0)='./file0\x00', 0x0, 0xee01)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0542, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x20, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x18)
r3 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000280)=ANY=[@ANYBLOB="540000002000010000000000000000000200200003000000000000001400110076657468305f6d61637674617000000008000200ac1e0001080018"], 0x54}}, 0x20000080)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000bd84a4740018110000", @ANYRES16=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000100)={'team0\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtaction={0x88, 0x30, 0xb, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x6a00}, [{0x74, 0x1, [@m_mirred={0x70, 0x1, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0xffffffff, 0x6, 0x10000000, 0x0, 0xffe0000}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0xff, 0x4, 0x6, 0x6}, 0x4, r6}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x88}}, 0x2000a804)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r6], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kfree\x00', r8}, 0x10)

26.811271613s ago: executing program 7 (id=1950):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000002000000"], 0x0, 0x26}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000007000000000000009500000a000000009ba8049504d1ef22f4102116876d029f4275de4ae88320687303e0c3439830682829"], &(0x7f0000000280)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xfffffffe}, 0x10}, 0x94)

26.771070133s ago: executing program 7 (id=1954):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@grpjquota}, {@debug}, {@noload}, {@jqfmt_vfsv1}, {@noblock_validity}, {@grpquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}, {@usrjquota}]}, 0xfe, 0x487, &(0x7f0000001240)="$eJzs3M9vFFUcAPDv7G5bftqK+AMEqaKR+KOl5YccvGA04aDGRA8YT7UtpFKooTURglo94NGQeDf+F8aTXoxy0cSr3g0JMcQE/HFYMzszsCy7bZeWLmU/n2TY92Yenfedmbfz5r3dDaBrDab/JBGbIuK3iOjPsjcXGMxerl05N/73lXPjSVSrb/6Z1MpdvXJuvCha/L+NWaZazfN9TfZ7/p2IsenpydN5fnju5PvDfWfOPj91cuz45PHJU6OHDu3ft7P34OiBZcX3UW/2msZ1dfvHMzu2HXn7wmvjRy+8+1NSiizuaIijldcPX1y0TL3B7Og29VQ7f2gN2FyXTir1W3b9fCPd7Eqgk8oRkZ6unlr7749yrL++rT9e+ayjlQPuqGq1Wl3gXXm+CtzDkuh0DYDOKG706fNvsaxS1+OucPlw9gCUxn0tX7ItlShliV09Dc+3K2kwIo7O//NVusQSxyEAAJbju7T/81yz/l8pHsoStRmU+/I5lIGIuD8itkTEAxGxNSIejKiVfTgiHmlz/40zJLf2f0qXbju4JUj7fy/mc1s39/9KRZGBcp7bXIu/Jzk2NT25t3ZMyrEnevqOTSWTIwvs4/uXf/2i1bb6/l+6pPsv+oJ5PS5VGgboJsbmxpYTc73Ln0ZsrzSLP4liGieJiG0Rsf029zH1TP2E0Kabti0e/wIqt1mhOtWvI57Ozv98NMSf2fJXFPOTs43zkyMvHBw9MLwupif3DhdXxa0u/nL+jVb7X1b8KyA9/xuaXv/XZ4EHknURs2fOnqjN1862v4/zv3/e8pmmzev/yOb8+u9N3qqtyKd348OxubnTIxG9yau3rh+98deKfFE+jX/P7ubtf0vcOBKPRsSOiNgZEY+lD4V53R+PiCciYvcC8f/40pPvtR//6syVpvFPLHb+o/78t58on/jh28XjXxcRrc7//lpqT75mKe9/S63gco4dAAAArBXZZ+CT0tD1dKk0NJR9hn9rbChNz8zOPXts5oNTE9nI3UD0lIqRrv668dCRfGy4yI825Pfl48ZfltfX8kPjM9MTnQ4eutzGFu0/9Ue507UD7rgVmEcD1ijtH7pX5b9O1wDohMT9H7qa9g/dq1n7/6Rl6aFv7mhlgFXl/g/dawntfz57ad0rANYm93/oXto/dKWW340vLesr/6ue+Df/PcO7pT73fiJKd0U17v1EZck/ZtFGotqftf90TV/TMp1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFgZ/wcAAP//Lp/pnA==")
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r0, 0x10001, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000140)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x10000}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f00000003c0))
ptrace$getregset(0x4205, r1, 0x1, &(0x7f0000000180)={&(0x7f00000002c0)=""/48, 0x30})
process_vm_readv(r1, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/231, 0xe7}, {&(0x7f0000000280)=""/253, 0xfd}, {&(0x7f0000000380)=""/228, 0xe4}, {&(0x7f0000000000)=""/54, 0x36}], 0x4, &(0x7f0000000740)=[{&(0x7f0000000480)=""/121, 0x79}, {&(0x7f0000000500)=""/26, 0x1a}, {&(0x7f0000000540)=""/65, 0x41}, {&(0x7f00000005c0)=""/51, 0x33}, {&(0x7f0000000600)}, {&(0x7f0000000640)=""/131, 0x83}, {&(0x7f0000000700)=""/45, 0x2d}], 0x7, 0x0)

26.584880406s ago: executing program 7 (id=1958):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")

26.074916643s ago: executing program 6 (id=1962):
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{}], 0x1, 0x7c00, 0x0, 0x3)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x143a82, 0x8)
r2 = dup(r1)
r3 = open(&(0x7f0000000100)='./bus\x00', 0x40542, 0x0)
sendfile(r2, r3, 0x0, 0x8000fffffffe)

26.054592884s ago: executing program 6 (id=1963):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x2, 0xbf22, 0x1, 0xffffffffffffffff, 0xfffffffe}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r0, 0x0, 0xa002a0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={&(0x7f0000000080), &(0x7f0000000140)=""/184, &(0x7f0000000200), &(0x7f0000001540), 0x1, r0}, 0x38)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000000)='./file1\x00', 0x3000056, &(0x7f00000004c0), 0x80, 0x55c, &(0x7f0000000d80)="$eJzs3d9rW1UcAPDvTdv9dutgDBWRwh6czKVr648JPsxH0eFA32do78pouowmHWsdbHtwL77IEEQciO/67uPwH/CvGOhgyCj64EvlpjddtiZN1mZLZz4fuOWc3Juc+82939Nzc25IAANrLPtTiHglIr5JIg5FRJKvG4585djadisPr01nSxKrq5/9ldS3y+qN12o8b39eeTkifvsq4kRhY7vVpeW5UrmcLuT18dr85fHq0vLJi/Ol2XQ2vTQ5NXX6nanJ9997t2exvnnun+8/vfvR6a+PrXz3y/3Dt5M4Ewfydc1xbMON5spYjOXvyUiceWLDiR40tpMk/d4BtmQoz/ORyPqAQzGUZz3w/3c9IlaBAZXIfxhQjXFA49q+R9fBL4wHH65dAG2Mf3jts5HYU7822reSPHZllF3vjvag/ayNX/+8cztbonefQwB0dONmRJwaHt7Y/yV5/7d1p7rY5sk29H/w/NzNxj9vtRr/FNbHP9Fi/LO/Re5uRef8L9zvQTNtZeO/D1qOf9cnrUaH8tpL9THfSHLhYjnN+raDEXE8RnZn9c3mc06v3Fttt655/JctWfuNsWC+H/eHdz/+nJlSrbSdmJs9uBnxasvxb7J+/JMWxz97P8512cbR9M7r7dZ1jv/ZWv0p4o2Wx//RjFay+fzkeP18GG+cFRv9fevo7+3a73f82fHft3n8o0nzfG316dv4cc+/abt1j8Uf3Z//u5LP6+Vd+WNXS7XawkTEruSTjY9PPnpuo97YPov/+LHN+79W5//eiPiiy/hvHfn5ta7i79Pxn3mq4//0hXsff/lDu/a76//erpeO54900/91u4Pbee8AAAAAAABgpylExIFICsX1cqFQLK7d33Ek9hXKlWrtxIXK4qWZqH9XdjRGCo2Z7kNN90NM5PfDNuqTT9SnIuJwRHw7tLdeL05XyjP9Dh4AAAAAAAAAAAAAAAAAAAB2iP1tvv+f+WOo33sHPHN+8hsGV8f878UvPQE7kv//MLjkPwwu+Q+DS/7D4JL/MLjkPwwu+Q+DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAT507ezZbVlceXpvO6jNXlhbnKldOzqTVueL84nRxurJwuThbqcyW0+J0Zb7T65UrlcsTk7F4dbyWVmvj1aXl8/OVxUu18xfnS7Pp+XTkuUQFAAAAAAAAAAAAAAAAAAAAL5bq0vJcqVxOF/pWuN7X1hW2WxjutM3Bfu+hwlYK/e6ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCR/wIAAP//K903aw==")
r3 = socket$inet(0x2, 0x3, 0x6)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000140)='xfrm0\x00', 0x10)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x4, 0x0, r1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x1}, 0x50)
socket$inet(0x2, 0x3, 0x6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
r4 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x30046, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4b98, &(0x7f0000000180)={0x0, 0xca92, 0x2000, 0x0, 0x2}, &(0x7f0000000200), &(0x7f0000000280))
close(r4)

25.941357056s ago: executing program 7 (id=1965):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000002000000"], 0x0, 0x26}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000007000000000000009500000a000000009ba8049504d1ef22f4102116876d029f4275de4ae88320687303e0c3439830682829"], &(0x7f0000000280)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xfffffffe}, 0x10}, 0x94)

25.940748036s ago: executing program 37 (id=1965):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000002000000"], 0x0, 0x26}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000007000000000000009500000a000000009ba8049504d1ef22f4102116876d029f4275de4ae88320687303e0c3439830682829"], &(0x7f0000000280)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xfffffffe}, 0x10}, 0x94)

25.940088425s ago: executing program 6 (id=1968):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x28)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000400)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r2, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x604, 0x0)

25.874407986s ago: executing program 6 (id=1970):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@grpjquota}, {@debug}, {@noload}, {@jqfmt_vfsv1}, {@noblock_validity}, {@grpquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}, {@usrjquota}]}, 0xfe, 0x487, &(0x7f0000001240)="$eJzs3M9vFFUcAPDv7G5bftqK+AMEqaKR+KOl5YccvGA04aDGRA8YT7UtpFKooTURglo94NGQeDf+F8aTXoxy0cSr3g0JMcQE/HFYMzszsCy7bZeWLmU/n2TY92Yenfedmbfz5r3dDaBrDab/JBGbIuK3iOjPsjcXGMxerl05N/73lXPjSVSrb/6Z1MpdvXJuvCha/L+NWaZazfN9TfZ7/p2IsenpydN5fnju5PvDfWfOPj91cuz45PHJU6OHDu3ft7P34OiBZcX3UW/2msZ1dfvHMzu2HXn7wmvjRy+8+1NSiizuaIijldcPX1y0TL3B7Og29VQ7f2gN2FyXTir1W3b9fCPd7Eqgk8oRkZ6unlr7749yrL++rT9e+ayjlQPuqGq1Wl3gXXm+CtzDkuh0DYDOKG706fNvsaxS1+OucPlw9gCUxn0tX7ItlShliV09Dc+3K2kwIo7O//NVusQSxyEAAJbju7T/81yz/l8pHsoStRmU+/I5lIGIuD8itkTEAxGxNSIejKiVfTgiHmlz/40zJLf2f0qXbju4JUj7fy/mc1s39/9KRZGBcp7bXIu/Jzk2NT25t3ZMyrEnevqOTSWTIwvs4/uXf/2i1bb6/l+6pPsv+oJ5PS5VGgboJsbmxpYTc73Ln0ZsrzSLP4liGieJiG0Rsf029zH1TP2E0Kabti0e/wIqt1mhOtWvI57Ozv98NMSf2fJXFPOTs43zkyMvHBw9MLwupif3DhdXxa0u/nL+jVb7X1b8KyA9/xuaXv/XZ4EHknURs2fOnqjN1862v4/zv3/e8pmmzev/yOb8+u9N3qqtyKd348OxubnTIxG9yau3rh+98deKfFE+jX/P7ubtf0vcOBKPRsSOiNgZEY+lD4V53R+PiCciYvcC8f/40pPvtR//6syVpvFPLHb+o/78t58on/jh28XjXxcRrc7//lpqT75mKe9/S63gco4dAAAArBXZZ+CT0tD1dKk0NJR9hn9rbChNz8zOPXts5oNTE9nI3UD0lIqRrv668dCRfGy4yI825Pfl48ZfltfX8kPjM9MTnQ4eutzGFu0/9Ue507UD7rgVmEcD1ijtH7pX5b9O1wDohMT9H7qa9g/dq1n7/6Rl6aFv7mhlgFXl/g/dawntfz57ad0rANYm93/oXto/dKWW340vLesr/6ue+Df/PcO7pT73fiJKd0U17v1EZck/ZtFGotqftf90TV/TMp1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFgZ/wcAAP//Lp/pnA==")
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r0, 0x10001, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000140)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x10000}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f00000003c0))
ptrace$getregset(0x4205, r1, 0x1, &(0x7f0000000180)={&(0x7f00000002c0)=""/48, 0x30})
process_vm_readv(r1, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/231, 0xe7}, {&(0x7f0000000280)=""/253, 0xfd}, {&(0x7f0000000380)=""/228, 0xe4}, {&(0x7f0000000000)=""/54, 0x36}], 0x4, &(0x7f0000000740)=[{&(0x7f0000000480)=""/121, 0x79}, {&(0x7f0000000500)=""/26, 0x1a}, {&(0x7f0000000540)=""/65, 0x41}, {&(0x7f00000005c0)=""/51, 0x33}, {&(0x7f0000000600)}, {&(0x7f0000000640)=""/131, 0x83}, {&(0x7f0000000700)=""/45, 0x2d}], 0x7, 0x0)

25.508983752s ago: executing program 6 (id=1976):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000000000000000808000400", @ANYRES32=r0, @ANYBLOB="06001500070000000c001680080001"], 0x38}}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
perf_event_open(&(0x7f0000000380)={0x6, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x8)
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000003c0)={0x0, 0x0, 0x6, {0x0, 0x1}, {0x45, 0x2}, @period={0x59, 0x200, 0x4, 0x7, 0x0, {0xffff, 0xf, 0x4, 0x5}, 0x0, 0x0}})
write$char_usb(r2, &(0x7f0000000040)="e2", 0x2250)
ioctl$EVIOCGKEY(r2, 0x80404518, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000eb0f000000000000", @ANYRES32=0x1, @ANYBLOB="bb00"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0480000005000000030000decc17738e30bf623a8d60779d51000a00"/42], 0x50)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000100)={'team0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r7, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x18)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, 0x0, 0x10)
syz_usb_disconnect(r6)
syz_usb_connect(0x4, 0x24, &(0x7f00000000c0)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r6, 0x40095505, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtaction={0x68, 0x30, 0xb, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0xff, 0xffffffffffffffff, 0x6, 0x6}, 0x3, r4}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x68}}, 0x2000a804)
r9 = signalfd(0xffffffffffffffff, &(0x7f0000002140), 0x8)
unshare(0x22020600)
statx(r9, 0x0, 0x1000, 0x200, &(0x7f0000000500))
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000001100010100"/20, @ANYRES32=r4], 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x4884)
r10 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r10, 0x0, 0x0)
getsockopt$XDP_MMAP_OFFSETS(r10, 0x11b, 0x1, &(0x7f0000000000), &(0x7f00000000c0)=0x80)

24.830210152s ago: executing program 6 (id=1980):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001180)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0x1a400000}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0)
mount(0x0, 0x0, &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb\x9a\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')

24.829786312s ago: executing program 5 (id=1981):
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000008c0)=ANY=[@ANYBLOB="54000000000801010000ffffe00000000a000000050003002f0000000600024000000000240004800800024000000000080001400000fcff07000140800000010800014080000001090001"], 0x54}, 0x1, 0x0, 0x0, 0x4004}, 0x28040000)

24.785586443s ago: executing program 38 (id=1980):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001180)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0x1a400000}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0)
mount(0x0, 0x0, &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb\x9a\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')

24.782790363s ago: executing program 5 (id=1983):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401) (async)
r1 = socket(0x400000000010, 0x3, 0x0) (async)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0) (async)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}}}, 0x24}}, 0x0) (async)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x800810, &(0x7f0000000180)={[{@nobh}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=") (async)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x441, 0x20) (async)
truncate(&(0x7f0000000080)='./file1\x00', 0xf000)
r3 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r3, r3, 0x0, 0x800000009) (async)
r4 = open(&(0x7f00000000c0)='./file1\x00', 0x66842, 0x19)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r4, 0x0) (async)
pwritev2(r4, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0xffffffe4}], 0x1, 0x1400, 0x0, 0x0) (async)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40900, 0x0) (async)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) (async)
time(0x0) (async)
r6 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x79af, 0x1000, 0x8000, 0x40024e}, &(0x7f0000000680)=<r7=>0x0, &(0x7f0000000300)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4) (async)
syz_io_uring_submit(r7, r8, &(0x7f0000000140)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x2007, @fd=r5, 0x6, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1}) (async)
io_uring_enter(r6, 0x74d1, 0x4c3, 0x43, 0x0, 0xfffffffffffffd1d) (async)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000004c0)=@newtfilter={0x50, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xf}, {}, {0x7, 0x4}}, [@filter_kind_options=@f_flower={{0xb}, {0x20, 0x2, [@TCA_FLOWER_KEY_ENC_KEY_ID={0x8, 0x1a, 0x1}, @TCA_FLOWER_KEY_ENC_IPV6_SRC={0x14, 0x1f, @empty}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r9=>0x0})
bind$can_raw(r1, &(0x7f00000000c0)={0x1d, r9}, 0x10)
r10 = fcntl$dupfd(r0, 0x0, r0)
ioctl$USBDEVFS_SUBMITURB(r10, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0xb, 0x0, 0x0, 0x7995}, 0x8, 0x0, 0x0, 0x48000000, 0x0, 0x8, 0x0})

24.700898864s ago: executing program 5 (id=1984):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")

24.591723335s ago: executing program 5 (id=1986):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@grpjquota}, {@debug}, {@noload}, {@jqfmt_vfsv1}, {@noblock_validity}, {@grpquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}, {@usrjquota}]}, 0xfe, 0x487, &(0x7f0000001240)="$eJzs3M9vFFUcAPDv7G5bftqK+AMEqaKR+KOl5YccvGA04aDGRA8YT7UtpFKooTURglo94NGQeDf+F8aTXoxy0cSr3g0JMcQE/HFYMzszsCy7bZeWLmU/n2TY92Yenfedmbfz5r3dDaBrDab/JBGbIuK3iOjPsjcXGMxerl05N/73lXPjSVSrb/6Z1MpdvXJuvCha/L+NWaZazfN9TfZ7/p2IsenpydN5fnju5PvDfWfOPj91cuz45PHJU6OHDu3ft7P34OiBZcX3UW/2msZ1dfvHMzu2HXn7wmvjRy+8+1NSiizuaIijldcPX1y0TL3B7Og29VQ7f2gN2FyXTir1W3b9fCPd7Eqgk8oRkZ6unlr7749yrL++rT9e+ayjlQPuqGq1Wl3gXXm+CtzDkuh0DYDOKG706fNvsaxS1+OucPlw9gCUxn0tX7ItlShliV09Dc+3K2kwIo7O//NVusQSxyEAAJbju7T/81yz/l8pHsoStRmU+/I5lIGIuD8itkTEAxGxNSIejKiVfTgiHmlz/40zJLf2f0qXbju4JUj7fy/mc1s39/9KRZGBcp7bXIu/Jzk2NT25t3ZMyrEnevqOTSWTIwvs4/uXf/2i1bb6/l+6pPsv+oJ5PS5VGgboJsbmxpYTc73Ln0ZsrzSLP4liGieJiG0Rsf029zH1TP2E0Kabti0e/wIqt1mhOtWvI57Ozv98NMSf2fJXFPOTs43zkyMvHBw9MLwupif3DhdXxa0u/nL+jVb7X1b8KyA9/xuaXv/XZ4EHknURs2fOnqjN1862v4/zv3/e8pmmzev/yOb8+u9N3qqtyKd348OxubnTIxG9yau3rh+98deKfFE+jX/P7ubtf0vcOBKPRsSOiNgZEY+lD4V53R+PiCciYvcC8f/40pPvtR//6syVpvFPLHb+o/78t58on/jh28XjXxcRrc7//lpqT75mKe9/S63gco4dAAAArBXZZ+CT0tD1dKk0NJR9hn9rbChNz8zOPXts5oNTE9nI3UD0lIqRrv668dCRfGy4yI825Pfl48ZfltfX8kPjM9MTnQ4eutzGFu0/9Ue507UD7rgVmEcD1ijtH7pX5b9O1wDohMT9H7qa9g/dq1n7/6Rl6aFv7mhlgFXl/g/dawntfz57ad0rANYm93/oXto/dKWW340vLesr/6ue+Df/PcO7pT73fiJKd0U17v1EZck/ZtFGotqftf90TV/TMp1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFgZ/wcAAP//Lp/pnA==")
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r0, 0x10001, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000140)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x10000}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f00000003c0))
ptrace$getregset(0x4205, r1, 0x1, &(0x7f0000000180)={&(0x7f00000002c0)=""/48, 0x30})
process_vm_readv(r1, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/231, 0xe7}, {&(0x7f0000000280)=""/253, 0xfd}, {&(0x7f0000000380)=""/228, 0xe4}, {&(0x7f0000000000)=""/54, 0x36}], 0x4, &(0x7f0000000740)=[{&(0x7f0000000480)=""/121, 0x79}, {&(0x7f0000000500)=""/26, 0x1a}, {&(0x7f0000000540)=""/65, 0x41}, {&(0x7f00000005c0)=""/51, 0x33}, {&(0x7f0000000600)}, {&(0x7f0000000640)=""/131, 0x83}, {&(0x7f0000000700)=""/45, 0x2d}], 0x7, 0x0)

24.162285592s ago: executing program 5 (id=1992):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")

23.488858801s ago: executing program 5 (id=1995):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")

23.488619792s ago: executing program 39 (id=1995):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")

22.9153955s ago: executing program 9 (id=1998):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x41}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x83, 0x0, &(0x7f00000004c0))

22.828946572s ago: executing program 9 (id=1999):
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x76200}], 0x1, 0x7c00, 0x0, 0x3)
r1 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x143a82, 0x8)
r2 = dup(r1)
r3 = open(&(0x7f0000000100)='./bus\x00', 0x40542, 0x0)
sendfile(r2, r3, 0x0, 0x8000fffffffe)

22.827838892s ago: executing program 9 (id=2000):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001180)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0x1a400000}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}I\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb\x9a\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')

22.726478193s ago: executing program 9 (id=2001):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@grpjquota}, {@debug}, {@noload}, {@jqfmt_vfsv1}, {@noblock_validity}, {@grpquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}, {@usrjquota}]}, 0xfe, 0x487, &(0x7f0000001240)="$eJzs3M9vFFUcAPDv7G5bftqK+AMEqaKR+KOl5YccvGA04aDGRA8YT7UtpFKooTURglo94NGQeDf+F8aTXoxy0cSr3g0JMcQE/HFYMzszsCy7bZeWLmU/n2TY92Yenfedmbfz5r3dDaBrDab/JBGbIuK3iOjPsjcXGMxerl05N/73lXPjSVSrb/6Z1MpdvXJuvCha/L+NWaZazfN9TfZ7/p2IsenpydN5fnju5PvDfWfOPj91cuz45PHJU6OHDu3ft7P34OiBZcX3UW/2msZ1dfvHMzu2HXn7wmvjRy+8+1NSiizuaIijldcPX1y0TL3B7Og29VQ7f2gN2FyXTir1W3b9fCPd7Eqgk8oRkZ6unlr7749yrL++rT9e+ayjlQPuqGq1Wl3gXXm+CtzDkuh0DYDOKG706fNvsaxS1+OucPlw9gCUxn0tX7ItlShliV09Dc+3K2kwIo7O//NVusQSxyEAAJbju7T/81yz/l8pHsoStRmU+/I5lIGIuD8itkTEAxGxNSIejKiVfTgiHmlz/40zJLf2f0qXbju4JUj7fy/mc1s39/9KRZGBcp7bXIu/Jzk2NT25t3ZMyrEnevqOTSWTIwvs4/uXf/2i1bb6/l+6pPsv+oJ5PS5VGgboJsbmxpYTc73Ln0ZsrzSLP4liGieJiG0Rsf029zH1TP2E0Kabti0e/wIqt1mhOtWvI57Ozv98NMSf2fJXFPOTs43zkyMvHBw9MLwupif3DhdXxa0u/nL+jVb7X1b8KyA9/xuaXv/XZ4EHknURs2fOnqjN1862v4/zv3/e8pmmzev/yOb8+u9N3qqtyKd348OxubnTIxG9yau3rh+98deKfFE+jX/P7ubtf0vcOBKPRsSOiNgZEY+lD4V53R+PiCciYvcC8f/40pPvtR//6syVpvFPLHb+o/78t58on/jh28XjXxcRrc7//lpqT75mKe9/S63gco4dAAAArBXZZ+CT0tD1dKk0NJR9hn9rbChNz8zOPXts5oNTE9nI3UD0lIqRrv668dCRfGy4yI825Pfl48ZfltfX8kPjM9MTnQ4eutzGFu0/9Ue507UD7rgVmEcD1ijtH7pX5b9O1wDohMT9H7qa9g/dq1n7/6Rl6aFv7mhlgFXl/g/dawntfz57ad0rANYm93/oXto/dKWW340vLesr/6ue+Df/PcO7pT73fiJKd0U17v1EZck/ZtFGotqftf90TV/TMp1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFgZ/wcAAP//Lp/pnA==")
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
lseek(r0, 0x10001, 0x0)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000140)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x10000}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x24000000}, 0x0)
ptrace$setregs(0xd, r1, 0x0, &(0x7f00000003c0))
ptrace$getregset(0x4205, r1, 0x1, &(0x7f0000000180)={&(0x7f00000002c0)=""/48, 0x30})
process_vm_readv(r1, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/231, 0xe7}, {&(0x7f0000000280)=""/253, 0xfd}, {&(0x7f0000000380)=""/228, 0xe4}, {&(0x7f0000000000)=""/54, 0x36}], 0x4, &(0x7f0000000740)=[{&(0x7f0000000480)=""/121, 0x79}, {&(0x7f0000000500)=""/26, 0x1a}, {&(0x7f0000000540)=""/65, 0x41}, {&(0x7f00000005c0)=""/51, 0x33}, {&(0x7f0000000600)}, {&(0x7f0000000640)=""/131, 0x83}, {&(0x7f0000000700)=""/45, 0x2d}], 0x7, 0x0)

22.539130546s ago: executing program 9 (id=2002):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x20702, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pim6reg1\x00', 0x20})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
r3 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r3, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r4, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
setsockopt$inet_mreqsrc(r3, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
writev(r1, &(0x7f00000006c0)=[{&(0x7f0000000080)="2e9b3d0007e03dd65193dfb6c575963f8864116712e9001c", 0x18}, {&(0x7f0000000280)="051a", 0x2}], 0x2)
writev(r0, &(0x7f0000000500)=[{&(0x7f0000000240)="56a8f0af319fef58465f6681e1c63d12", 0x10}, {0x0}], 0x2)

21.56864566s ago: executing program 9 (id=2006):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, &(0x7f0000000000))
r1 = add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x101}, 0x18)
keyctl$restrict_keyring(0xa, r1, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000400)='ex\x0f\xac\xd1\xeb\xf4\xd8&w\xef\x9f`T3%\xfa\xbf\xef\xeb\x8e1w\xfd')
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0xfe, 0x7ffc0002}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x24090, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xe}, 0x0, 0x200000000010000, 0x2, 0x1, 0x8, 0x5, 0x2b}, 0x0, 0xfffffffffffffeff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xa}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000380)=ANY=[@ANYRESDEC=r0, @ANYRES64=r3], 0x0, 0xfffffffd}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000f40)={'filter\x00', 0x10, 0x4, 0x3f0, 0x110, 0x0, 0x0, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@random="e5fce0c960bc", @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x1e}, 0xf, 0xffffffff}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x2}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@remote, @broadcast, @loopback, 0x1, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000400)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0), 0x106, 0x9}}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r8)
sendmsg$NL80211_CMD_GET_SCAN(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r9, @ANYBLOB="01070000000000000000200000"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)

21.56820977s ago: executing program 40 (id=2006):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, &(0x7f0000000000))
r1 = add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x101}, 0x18)
keyctl$restrict_keyring(0xa, r1, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000400)='ex\x0f\xac\xd1\xeb\xf4\xd8&w\xef\x9f`T3%\xfa\xbf\xef\xeb\x8e1w\xfd')
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0xfe, 0x7ffc0002}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x24090, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xe}, 0x0, 0x200000000010000, 0x2, 0x1, 0x8, 0x5, 0x2b}, 0x0, 0xfffffffffffffeff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xa}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000380)=ANY=[@ANYRESDEC=r0, @ANYRES64=r3], 0x0, 0xfffffffd}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000f40)={'filter\x00', 0x10, 0x4, 0x3f0, 0x110, 0x0, 0x0, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@random="e5fce0c960bc", @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x1e}, 0xf, 0xffffffff}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x2}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@remote, @broadcast, @loopback, 0x1, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000400)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0), 0x106, 0x9}}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r8)
sendmsg$NL80211_CMD_GET_SCAN(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r9, @ANYBLOB="01070000000000000000200000"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)

8.999053586s ago: executing program 8 (id=2179):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)
sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)

8.997571506s ago: executing program 8 (id=2190):
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x58f, &(0x7f0000000d80)="$eJzs3U1oHOUbAPBnZrP/fqX/VFBQ6aGoUKF0k/RDq6f2KhYKPQheNGy2oWSTLdmNNiFgei9iD6LSS73pwaPiwYMI4tGrF8WzUGxQaHrQlf1K02Q3bGKTjdnfD2b3feed3eednXnenRl22AD61rHaQxrxTERcSiKGVrUNRLPxWGO55aWF/IOlhXwS1erl35NIIuL+0kK+tXzSfD4UEYsR8XREfJeNOJGuj1uem58cKxYLM836cGXq2nB5bv7k1amxicJEYfr0y6+cPXfm7Oip0dUve1BdXctubl1v/nLr/Zs/vnbn1udfHF3MfziWxPkYbLatXo/HqfGZZOP8mvlntiNYDyW97gBbkmnmeS2VnoqhyDSzvp3q0I52Ddhm1X0RVaBPJfIf+lTrOKB2/tuadvL44+6FxglILe5yc2q0DDSuTcT++rnJwT+SR85MauebR3ayo+xJizciYmRgYP3+nzT3v60beRwdZFt9e6GxodZv/3Rl/IlHx5/mpa7Ff71/xKrxb3nd+PcwfqbD+Hepyxh/vfnrJx3j34h4tm38ZCV+0iZ+GhFvdxn/9htfn+vUVv004ni0j9+SbHx9ePjK1WJhpPHYNsY3x4++utH6H+wQv3HNdn/9a6bd59/msnZbX/3w5XOLG8R/8fmNt3+7z/9ARHzQZfwn7n/2eqe2uzeSe7WjgM1u/ySycafL+C+dP/Zzl4sCAAAAAAAAAACbkEbEYCRpbqWcprlc4x7eJ+NgWiyVKyeulGanx6N+r+yRyKatX1oNNepJrT7a/D1uq35qTf10phkwc6Bez+VLxfEerzsAAAAAAAAAAAAAAAAAAADsFofW3P//Z6Z+///av6sG9qrOf/kN7HXyH/rXo/mf9KwfwM7bzPf/94eND7CHVB3/Q/+S/9C/5D/0L/kP/Uv+Q/+S/9C/5D8AAAAAAAAAAAAAAAAAAAAAAAAAAGyLSxcv1qbqg6WFfK0+PjA3O1l65+R4oTyZm5rN5/KlmWu5iVJpoljI5UtTEZHZ6P2SUunaSEzPXh+uFMqV4fLc/FtTpdnp1n8GFrI7slYAAAAAAAAAAAAAAAAAAADw3zJYn5I0FxFpvZymuVzE4Yg4kkRy5WqxMBIR/4+InzLZfbX6aK87DQAAAAAAAAAAAAAAAAAAAHtMeW5+cqxYLMz0SWFgMwtHxOLj7UbtHTf9qmxzWxWT2HL06nsRu2QTKHQqJLErurGy8wMAAAAAAAAAAAAAAAAAADvq4U2/3b7i71Zh37Z1CgAAAAAAAAAAAAAAAAAAAPpO+lsSEbXp+NALg2tb/5csZ+rPEfHu7csfXR+rVGZGa/PvrcyvfNycf6oX/Qe61crTVh4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD5Xn5ifHisXCzDYWer2OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFvxTwAAAP//mmLWcg==")
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000002c0)="d8000000140081054e81f782db44b9040a1d080243000000040000a118000200fe80000000000e1208000f0100810401a80016eaa40006400303000806600cfab94dcf5c0461c1d67f6f94007134cf6ee08002a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7d9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace80ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r0}, 0x10)
utimensat(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="05000000040000000800000008"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000380)={{r2}, &(0x7f0000000300), &(0x7f0000000340)='%pS    \x00'}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='kmem_cache_free\x00', r3}, 0x10)
r4 = msgget$private(0x0, 0x220)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000400)=<r5=>0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, <r6=>0x0}, 0x6000)
getgroups(0x3, &(0x7f0000000500)=[<r7=>0x0, 0xee01, 0xee00])
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000540)=<r8=>0x0)
msgctl$IPC_SET(r4, 0x1, &(0x7f0000000580)={{0x3, r5, 0x0, r6, r7, 0x0, 0x1}, 0x0, 0x0, 0x10, 0x0, 0x6, 0x6, 0x7fff, 0xa, 0x4, 0xf5a, 0xffffffffffffffff, r8})
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r9, &(0x7f0000000300)=ANY=[], 0x15)
r10 = dup(r9)
write$P9_RLERRORu(r10, &(0x7f00000003c0)=ANY=[@ANYBLOB="8b"], 0x53)
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)

8.834284609s ago: executing program 8 (id=2192):
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x58f, &(0x7f0000000d80)="$eJzs3U1oHOUbAPBnZrP/fqX/VFBQ6aGoUKF0k/RDq6f2KhYKPQheNGy2oWSTLdmNNiFgei9iD6LSS73pwaPiwYMI4tGrF8WzUGxQaHrQlf1K02Q3bGKTjdnfD2b3feed3eednXnenRl22AD61rHaQxrxTERcSiKGVrUNRLPxWGO55aWF/IOlhXwS1erl35NIIuL+0kK+tXzSfD4UEYsR8XREfJeNOJGuj1uem58cKxYLM836cGXq2nB5bv7k1amxicJEYfr0y6+cPXfm7Oip0dUve1BdXctubl1v/nLr/Zs/vnbn1udfHF3MfziWxPkYbLatXo/HqfGZZOP8mvlntiNYDyW97gBbkmnmeS2VnoqhyDSzvp3q0I52Ddhm1X0RVaBPJfIf+lTrOKB2/tuadvL44+6FxglILe5yc2q0DDSuTcT++rnJwT+SR85MauebR3ayo+xJizciYmRgYP3+nzT3v60beRwdZFt9e6GxodZv/3Rl/IlHx5/mpa7Ff71/xKrxb3nd+PcwfqbD+Hepyxh/vfnrJx3j34h4tm38ZCV+0iZ+GhFvdxn/9htfn+vUVv004ni0j9+SbHx9ePjK1WJhpPHYNsY3x4++utH6H+wQv3HNdn/9a6bd59/msnZbX/3w5XOLG8R/8fmNt3+7z/9ARHzQZfwn7n/2eqe2uzeSe7WjgM1u/ySycafL+C+dP/Zzl4sCAAAAAAAAAACbkEbEYCRpbqWcprlc4x7eJ+NgWiyVKyeulGanx6N+r+yRyKatX1oNNepJrT7a/D1uq35qTf10phkwc6Bez+VLxfEerzsAAAAAAAAAAAAAAAAAAADsFofW3P//Z6Z+///av6sG9qrOf/kN7HXyH/rXo/mf9KwfwM7bzPf/94eND7CHVB3/Q/+S/9C/5D/0L/kP/Uv+Q/+S/9C/5D8AAAAAAAAAAAAAAAAAAAAAAAAAAGyLSxcv1qbqg6WFfK0+PjA3O1l65+R4oTyZm5rN5/KlmWu5iVJpoljI5UtTEZHZ6P2SUunaSEzPXh+uFMqV4fLc/FtTpdnp1n8GFrI7slYAAAAAAAAAAAAAAAAAAADw3zJYn5I0FxFpvZymuVzE4Yg4kkRy5WqxMBIR/4+InzLZfbX6aK87DQAAAAAAAAAAAAAAAAAAAHtMeW5+cqxYLMz0SWFgMwtHxOLj7UbtHTf9qmxzWxWT2HL06nsRu2QTKHQqJLErurGy8wMAAAAAAAAAAAAAAAAAADvq4U2/3b7i71Zh37Z1CgAAAAAAAAAAAAAAAAAAAPpO+lsSEbXp+NALg2tb/5csZ+rPEfHu7csfXR+rVGZGa/PvrcyvfNycf6oX/Qe61crTVh4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD5Xn5ifHisXCzDYWer2OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFvxTwAAAP//mmLWcg==")
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000002c0)="d8000000140081054e81f782db44b9040a1d080243000000040000a118000200fe80000000000e1208000f0100810401a80016eaa40006400303000806600cfab94dcf5c0461c1d67f6f94007134cf6ee08002a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7d9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace80ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r0}, 0x10)
utimensat(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="05000000040000000800000008"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000380)={{r2}, &(0x7f0000000300), &(0x7f0000000340)='%pS    \x00'}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='kmem_cache_free\x00', r3}, 0x10)
r4 = msgget$private(0x0, 0x220)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000400)=<r5=>0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, <r6=>0x0}, 0x6000)
getgroups(0x3, &(0x7f0000000500)=[<r7=>0x0, 0xee01, 0xee00])
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000540)=<r8=>0x0)
msgctl$IPC_SET(r4, 0x1, &(0x7f0000000580)={{0x3, r5, 0x0, r6, r7, 0x0, 0x1}, 0x0, 0x0, 0x10, 0x0, 0x6, 0x6, 0x7fff, 0xa, 0x4, 0xf5a, 0xffffffffffffffff, r8})
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff530000008003950323030302e75"], 0x15)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r9, &(0x7f0000000300)=ANY=[], 0x15)
dup(r9)
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)

8.7294629s ago: executing program 8 (id=2182):
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x58f, &(0x7f0000000d80)="$eJzs3U1oHOUbAPBnZrP/fqX/VFBQ6aGoUKF0k/RDq6f2KhYKPQheNGy2oWSTLdmNNiFgei9iD6LSS73pwaPiwYMI4tGrF8WzUGxQaHrQlf1K02Q3bGKTjdnfD2b3feed3eednXnenRl22AD61rHaQxrxTERcSiKGVrUNRLPxWGO55aWF/IOlhXwS1erl35NIIuL+0kK+tXzSfD4UEYsR8XREfJeNOJGuj1uem58cKxYLM836cGXq2nB5bv7k1amxicJEYfr0y6+cPXfm7Oip0dUve1BdXctubl1v/nLr/Zs/vnbn1udfHF3MfziWxPkYbLatXo/HqfGZZOP8mvlntiNYDyW97gBbkmnmeS2VnoqhyDSzvp3q0I52Ddhm1X0RVaBPJfIf+lTrOKB2/tuadvL44+6FxglILe5yc2q0DDSuTcT++rnJwT+SR85MauebR3ayo+xJizciYmRgYP3+nzT3v60beRwdZFt9e6GxodZv/3Rl/IlHx5/mpa7Ff71/xKrxb3nd+PcwfqbD+Hepyxh/vfnrJx3j34h4tm38ZCV+0iZ+GhFvdxn/9htfn+vUVv004ni0j9+SbHx9ePjK1WJhpPHYNsY3x4++utH6H+wQv3HNdn/9a6bd59/msnZbX/3w5XOLG8R/8fmNt3+7z/9ARHzQZfwn7n/2eqe2uzeSe7WjgM1u/ySycafL+C+dP/Zzl4sCAAAAAAAAAACbkEbEYCRpbqWcprlc4x7eJ+NgWiyVKyeulGanx6N+r+yRyKatX1oNNepJrT7a/D1uq35qTf10phkwc6Bez+VLxfEerzsAAAAAAAAAAAAAAAAAAADsFofW3P//Z6Z+///av6sG9qrOf/kN7HXyH/rXo/mf9KwfwM7bzPf/94eND7CHVB3/Q/+S/9C/5D/0L/kP/Uv+Q/+S/9C/5D8AAAAAAAAAAAAAAAAAAAAAAAAAAGyLSxcv1qbqg6WFfK0+PjA3O1l65+R4oTyZm5rN5/KlmWu5iVJpoljI5UtTEZHZ6P2SUunaSEzPXh+uFMqV4fLc/FtTpdnp1n8GFrI7slYAAAAAAAAAAAAAAAAAAADw3zJYn5I0FxFpvZymuVzE4Yg4kkRy5WqxMBIR/4+InzLZfbX6aK87DQAAAAAAAAAAAAAAAAAAAHtMeW5+cqxYLMz0SWFgMwtHxOLj7UbtHTf9qmxzWxWT2HL06nsRu2QTKHQqJLErurGy8wMAAAAAAAAAAAAAAAAAADvq4U2/3b7i71Zh37Z1CgAAAAAAAAAAAAAAAAAAAPpO+lsSEbXp+NALg2tb/5csZ+rPEfHu7csfXR+rVGZGa/PvrcyvfNycf6oX/Qe61crTVh4DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD5Xn5ifHisXCzDYWer2OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFvxTwAAAP//mmLWcg==")
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000002c0)="d8000000140081054e81f782db44b9040a1d080243000000040000a118000200fe80000000000e1208000f0100810401a80016eaa40006400303000806600cfab94dcf5c0461c1d67f6f94007134cf6ee08002a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7d9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace80ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r0}, 0x10)
utimensat(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="05000000040000000800000008"], 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000380)={{r2}, &(0x7f0000000300), &(0x7f0000000340)='%pS    \x00'}, 0x20)
msgget$private(0x0, 0x220)

8.519649053s ago: executing program 8 (id=2184):
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000181100"/20, @ANYRES16=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x18)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000000), r2)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0180000000000000000001"], 0x28}}, 0x40000)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f00000003c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000380)={&(0x7f0000000280)={0x100, 0x0, 0x8, 0x301, 0x0, 0x0, {0x0, 0x0, 0xa}, [@CTA_TIMEOUT_DATA={0x4c, 0x4, 0x0, 0x1, @gre=[@CTA_TIMEOUT_GRE_REPLIED={0x8}, @CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x5}, @CTA_TIMEOUT_GRE_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x3}, @CTA_TIMEOUT_GRE_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x8f}, @CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0xfff}, @CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0xd}, @CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x16b3}, @CTA_TIMEOUT_GRE_REPLIED={0x8, 0x2, 0x1, 0x0, 0x9248}, @CTA_TIMEOUT_GRE_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x4}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x6006}, @CTA_TIMEOUT_DATA={0x4c, 0x4, 0x0, 0x1, @udp=[@CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0x1ff}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x6}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x1ff}, @CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0x10001}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x7fffffff}, @CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0xd9b}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x5}, @CTA_TIMEOUT_UDP_REPLIED={0x8, 0x2, 0x1, 0x0, 0x2}, @CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x40}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xfbfb}, @CTA_TIMEOUT_DATA={0x3c, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_PARTOPEN={0x8, 0x3, 0x1, 0x0, 0xfffffff7}, @CTA_TIMEOUT_DCCP_REQUEST={0x8, 0x1, 0x1, 0x0, 0x9}, @CTA_TIMEOUT_DCCP_OPEN={0x8, 0x4, 0x1, 0x0, 0xe20}, @CTA_TIMEOUT_DCCP_CLOSEREQ={0x8, 0x5, 0x1, 0x0, 0x1}, @CTA_TIMEOUT_DCCP_RESPOND={0x8, 0x2, 0x1, 0x0, 0x9}, @CTA_TIMEOUT_DCCP_RESPOND={0x8, 0x2, 0x1, 0x0, 0x6}, @CTA_TIMEOUT_DCCP_OPEN={0x8, 0x4, 0x1, 0x0, 0x4}]}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x1b}]}, 0x100}, 0x1, 0x0, 0x0, 0x10}, 0x20008891)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)

7.968891861s ago: executing program 8 (id=2196):
syz_emit_ethernet(0x5de, &(0x7f0000003040)={@remote, @random="00006a9ce7f3", @void, {@ipv6={0x86dd, @icmpv6={0xa, 0x6, "b52972", 0x5a8, 0x3a, 0x1, @private0, @mcast1, {[@dstopts={0x2e, 0x9, '\x00', [@generic={0x80, 0x12, "a4d2caff511d1870d50d80f53286e8c56dea"}, @padn, @pad1, @enc_lim={0x4, 0x1, 0x39}, @calipso={0x7, 0x8, {0x0, 0x0, 0x9, 0x3}}, @jumbo={0xc2, 0x4, 0x3}, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}, @calipso={0x7, 0x8, {0x3, 0x0, 0x3, 0x3}}, @padn]}, @hopopts={0x33, 0x2, '\x00', [@calipso={0x7, 0x10, {0x2, 0x2, 0x3, 0x6, [0xd79]}}]}, @hopopts={0x87, 0x3, '\x00', [@padn={0x1, 0x2, [0x0, 0x0]}, @pad1, @hao={0xc9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @ra={0x5, 0x2, 0xf}]}, @fragment={0x6c, 0x0, 0x6, 0x0, 0x0, 0x6, 0x68}, @routing={0x2f, 0x2, 0x1, 0x6, 0x0, [@loopback]}, @srh={0x89, 0x12, 0x4, 0x9, 0x7, 0x30, 0x9, [@loopback, @local, @remote, @loopback, @private0={0xfc, 0x0, '\x00', 0x1}, @private1={0xfc, 0x1, '\x00', 0x1}, @private0={0xfc, 0x0, '\x00', 0x1}, @remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}]}, @srh={0x67, 0xe, 0x4, 0x7, 0x8, 0x20, 0x8, [@mcast2, @empty, @mcast2, @private1={0xfc, 0x1, '\x00', 0x1}, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast2, @loopback]}, @hopopts={0x3c, 0x13, '\x00', [@ra={0x5, 0x2, 0xce}, @generic={0x0, 0xa, "ccf29387ec9704e2f17a"}, @generic={0x0, 0x89, "93bba308d4dbe9eaac4f11be683a32c72465763cc17c20cc577fa212e0cc535cab445d4682ca71fb0d535ff3c35f08fc354878f0a8f93386e15b859ebed0dc1ce42e2f1760ef360b7f2132543f1b9f5b761a60f6ea6903a4c2935564dd02d46ba15bc640c2352b2714a5d4fd8684f6169d04ec475b78ad19d44dc2310eb61fd6dad4da3fe9618374d5"}]}], @mlv2_report={0x8f, 0x0, 0x0, 0x1, 0x8, [{0x4, 0xa, 0x4, @local, [@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @private1, @dev={0xfe, 0x80, '\x00', 0x10}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}], [0x7, 0x1, 0x3, 0x6, 0x7ff, 0x6, 0xfa0, 0x401, 0x3, 0x2]}, {0x0, 0x3, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}, [@loopback, @private2={0xfc, 0x2, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @multicast1}, @private1, @mcast2, @private2], [0x7, 0x35a, 0x1]}, {0x1, 0x5, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}, [@dev={0xfe, 0x80, '\x00', 0x28}, @mcast1, @private0], [0xffff, 0x7, 0xd094, 0x58e, 0x2]}, {0x6, 0x1, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}, [@mcast1, @remote], [0x80000000]}, {0xff, 0x0, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}, [@ipv4={'\x00', '\xff\xff', @broadcast}, @private1={0xfc, 0x1, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x2e}]}, {0x4, 0x2, 0x6, @private0={0xfc, 0x0, '\x00', 0x1}, [@mcast2, @empty, @empty, @remote, @private1={0xfc, 0x1, '\x00', 0x1}, @private2], [0x4, 0x80000000]}, {0x8, 0x1, 0x6, @mcast1, [@dev={0xfe, 0x80, '\x00', 0x1e}, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, @local, @loopback], [0x80000001]}, {0x0, 0x4, 0x4, @rand_addr=' \x01\x00', [@local, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast1], [0xf8c, 0x4, 0x435, 0x80000001]}]}}}}}}, 0x0)

7.968672732s ago: executing program 41 (id=2196):
syz_emit_ethernet(0x5de, &(0x7f0000003040)={@remote, @random="00006a9ce7f3", @void, {@ipv6={0x86dd, @icmpv6={0xa, 0x6, "b52972", 0x5a8, 0x3a, 0x1, @private0, @mcast1, {[@dstopts={0x2e, 0x9, '\x00', [@generic={0x80, 0x12, "a4d2caff511d1870d50d80f53286e8c56dea"}, @padn, @pad1, @enc_lim={0x4, 0x1, 0x39}, @calipso={0x7, 0x8, {0x0, 0x0, 0x9, 0x3}}, @jumbo={0xc2, 0x4, 0x3}, @hao={0xc9, 0x10, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}, @calipso={0x7, 0x8, {0x3, 0x0, 0x3, 0x3}}, @padn]}, @hopopts={0x33, 0x2, '\x00', [@calipso={0x7, 0x10, {0x2, 0x2, 0x3, 0x6, [0xd79]}}]}, @hopopts={0x87, 0x3, '\x00', [@padn={0x1, 0x2, [0x0, 0x0]}, @pad1, @hao={0xc9, 0x10, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, @ra={0x5, 0x2, 0xf}]}, @fragment={0x6c, 0x0, 0x6, 0x0, 0x0, 0x6, 0x68}, @routing={0x2f, 0x2, 0x1, 0x6, 0x0, [@loopback]}, @srh={0x89, 0x12, 0x4, 0x9, 0x7, 0x30, 0x9, [@loopback, @local, @remote, @loopback, @private0={0xfc, 0x0, '\x00', 0x1}, @private1={0xfc, 0x1, '\x00', 0x1}, @private0={0xfc, 0x0, '\x00', 0x1}, @remote, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}]}, @srh={0x67, 0xe, 0x4, 0x7, 0x8, 0x20, 0x8, [@mcast2, @empty, @mcast2, @private1={0xfc, 0x1, '\x00', 0x1}, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast2, @loopback]}, @hopopts={0x3c, 0x13, '\x00', [@ra={0x5, 0x2, 0xce}, @generic={0x0, 0xa, "ccf29387ec9704e2f17a"}, @generic={0x0, 0x89, "93bba308d4dbe9eaac4f11be683a32c72465763cc17c20cc577fa212e0cc535cab445d4682ca71fb0d535ff3c35f08fc354878f0a8f93386e15b859ebed0dc1ce42e2f1760ef360b7f2132543f1b9f5b761a60f6ea6903a4c2935564dd02d46ba15bc640c2352b2714a5d4fd8684f6169d04ec475b78ad19d44dc2310eb61fd6dad4da3fe9618374d5"}]}], @mlv2_report={0x8f, 0x0, 0x0, 0x1, 0x8, [{0x4, 0xa, 0x4, @local, [@ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @private1, @dev={0xfe, 0x80, '\x00', 0x10}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}], [0x7, 0x1, 0x3, 0x6, 0x7ff, 0x6, 0xfa0, 0x401, 0x3, 0x2]}, {0x0, 0x3, 0x6, @private1={0xfc, 0x1, '\x00', 0x1}, [@loopback, @private2={0xfc, 0x2, '\x00', 0x1}, @ipv4={'\x00', '\xff\xff', @multicast1}, @private1, @mcast2, @private2], [0x7, 0x35a, 0x1]}, {0x1, 0x5, 0x3, @private2={0xfc, 0x2, '\x00', 0x1}, [@dev={0xfe, 0x80, '\x00', 0x28}, @mcast1, @private0], [0xffff, 0x7, 0xd094, 0x58e, 0x2]}, {0x6, 0x1, 0x2, @private2={0xfc, 0x2, '\x00', 0x1}, [@mcast1, @remote], [0x80000000]}, {0xff, 0x0, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}, [@ipv4={'\x00', '\xff\xff', @broadcast}, @private1={0xfc, 0x1, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x2e}]}, {0x4, 0x2, 0x6, @private0={0xfc, 0x0, '\x00', 0x1}, [@mcast2, @empty, @empty, @remote, @private1={0xfc, 0x1, '\x00', 0x1}, @private2], [0x4, 0x80000000]}, {0x8, 0x1, 0x6, @mcast1, [@dev={0xfe, 0x80, '\x00', 0x1e}, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, @local, @loopback], [0x80000001]}, {0x0, 0x4, 0x4, @rand_addr=' \x01\x00', [@local, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private1={0xfc, 0x1, '\x00', 0x1}, @mcast1], [0xf8c, 0x4, 0x435, 0x80000001]}]}}}}}}, 0x0)

1.832362982s ago: executing program 1 (id=2332):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c3"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000008c0)=ANY=[@ANYBLOB="54000000000801010000ffffe00000000a000000050003002f0000000600024000000000240004800800024000000000080001400000fcff07000140800000010800014080000001090001"], 0x54}, 0x1, 0x0, 0x0, 0x4004}, 0x28040000)

1.750054344s ago: executing program 1 (id=2334):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$kcm(0xa, 0x1, 0x106)
r1 = socket$packet(0x11, 0x2, 0x300)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0xc001}, 0x4000000)
socket$inet6(0xa, 0x3, 0x7)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x40}, {0x6, 0x0, 0x6c, 0xfffffffb}]}, 0x10)
sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev, 0x2}, 0x80, 0x0}, 0xe07e872424df67ca)

1.697174285s ago: executing program 1 (id=2335):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, 0x0, 0x0)
listen(r0, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000040)={@local, @multicast, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x66, 0x0, 0xc, 0x6, 0x0, @rand_addr=0x64010101, @remote}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x0, 0x0, 0xffe}}}}}}, 0x0)

1.626385695s ago: executing program 1 (id=2337):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x4004944)
sendmsg$NFT_BATCH(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
gettid()
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
read$ptp(r1, 0x0, 0x0)
timer_create(0x0, 0x0, &(0x7f0000bbdffc)=<r2=>0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(r3, &(0x7f0000000000)='map_files\x00')
mq_notify(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x16, 0x0, @tid=r3})
timer_settime(r2, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r4, &(0x7f0000000200)=""/102400, 0x19000, 0x1000000000)
r5 = dup(0xffffffffffffffff)
write$P9_RLERRORu(r5, &(0x7f00000000c0)=ANY=[@ANYBLOB='S\x00\x00\x00\a\x00', @ANYBLOB="fe4cecb210"], 0x53)
memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x800000, &(0x7f0000019200)=ANY=[@ANYBLOB='{\x00\x00\x00\x00\x00\x00\x00,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno', @ANYBLOB])
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
modify_ldt$write(0x1, &(0x7f0000000040)={0x806, 0x100000}, 0x10)
syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.550115627s ago: executing program 4 (id=2339):
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020100008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xc97c, 0x0, @perf_config_ext={0x0, 0x5}, 0x8, 0x0, 0x409, 0x4, 0x0, 0x40, 0xfffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000440)=""/117, 0x75)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

1.527498157s ago: executing program 4 (id=2340):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, &(0x7f0000000000))
r1 = add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x101}, 0x18)
keyctl$restrict_keyring(0xa, r1, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000400)='ex\x0f\xac\xd1\xeb\xf4\xd8&w\xef\x9f`T3%\xfa\xbf\xef\xeb\x8e1w\xfd')
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0xfe, 0x7ffc0002}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x24090, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xe}, 0x0, 0x200000000010000, 0x2, 0x1, 0x8, 0x5, 0x2b}, 0x0, 0xfffffffffffffeff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xa}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000380)=ANY=[@ANYRESDEC=r0, @ANYRES64=r3], 0x0, 0xfffffffd}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000f40)={'filter\x00', 0x10, 0x4, 0x3f0, 0x110, 0x0, 0x0, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@random="e5fce0c960bc", @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x1e}, 0xf, 0xffffffff}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x2}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@remote, @broadcast, @loopback, 0x1, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000400)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={<r8=>0xffffffffffffffff}, 0x106, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @ib_path={0x0, r8, 0x1, 0x2}}, 0x20)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r10}, 0x10)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r11)
sendmsg$NL80211_CMD_GET_SCAN(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
r12 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$TIOCL_SETSEL(r12, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0x101, 0x300, 0x0, 0x101, 0x300}})

970.212035ms ago: executing program 3 (id=2345):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffe12}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000006c000000160a01020000000000000000010000000900010073797a30000000000900020073797a300000000040000380"], 0xfc}}, 0x0)

927.115725ms ago: executing program 2 (id=2346):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$kcm(0xa, 0x1, 0x106)
r1 = socket$packet(0x11, 0x2, 0x300)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0xc001}, 0x4000000)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x40}, {0x6, 0x0, 0x6c, 0xfffffffb}]}, 0x10)
sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev, 0x2}, 0x80, 0x0}, 0xe07e872424df67ca)

926.280705ms ago: executing program 2 (id=2347):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10)
listen(r0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)

917.619285ms ago: executing program 3 (id=2348):
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3f403fdaf68902874"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={0x0, r1}, 0x18)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000600)=@raw={'raw\x00', 0x8, 0x3, 0x4c0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f0, 0xffffffff, 0xffffffff, 0x3f0, 0xffffffff, 0xb, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x1a}, @dev={0xfe, 0x80, '\x00', 0x28}, [0xffffff00, 0xffffff00, 0x0, 0xff000000], [0xff, 0x0, 0x9f19fd7a5e924fa7, 0xff], 'macvtap0\x00', 'bridge0\x00', {0xff}, {0xff}, 0x2b, 0x7, 0x5, 0x10}, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x1c8, 0x230, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@tcpmss={{0x28}, {0x39d3, 0x9, 0x1}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)

888.015106ms ago: executing program 2 (id=2349):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, 0xffffffffffffffff, 0x0, 0xa002a0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={&(0x7f0000000080), &(0x7f0000000140)=""/184, &(0x7f0000000200), &(0x7f0000001540), 0x1}, 0x38)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000000)='./file1\x00', 0x3000056, &(0x7f00000004c0), 0x80, 0x55c, &(0x7f0000000d80)="$eJzs3d9rW1UcAPDvTdv9dutgDBWRwh6czKVr648JPsxH0eFA32do78pouowmHWsdbHtwL77IEEQciO/67uPwH/CvGOhgyCj64EvlpjddtiZN1mZLZz4fuOWc3Juc+82939Nzc25IAANrLPtTiHglIr5JIg5FRJKvG4585djadisPr01nSxKrq5/9ldS3y+qN12o8b39eeTkifvsq4kRhY7vVpeW5UrmcLuT18dr85fHq0vLJi/Ol2XQ2vTQ5NXX6nanJ9997t2exvnnun+8/vfvR6a+PrXz3y/3Dt5M4Ewfydc1xbMON5spYjOXvyUiceWLDiR40tpMk/d4BtmQoz/ORyPqAQzGUZz3w/3c9IlaBAZXIfxhQjXFA49q+R9fBL4wHH65dAG2Mf3jts5HYU7822reSPHZllF3vjvag/ayNX/+8cztbonefQwB0dONmRJwaHt7Y/yV5/7d1p7rY5sk29H/w/NzNxj9vtRr/FNbHP9Fi/LO/Re5uRef8L9zvQTNtZeO/D1qOf9cnrUaH8tpL9THfSHLhYjnN+raDEXE8RnZn9c3mc06v3Fttt655/JctWfuNsWC+H/eHdz/+nJlSrbSdmJs9uBnxasvxb7J+/JMWxz97P8512cbR9M7r7dZ1jv/ZWv0p4o2Wx//RjFay+fzkeP18GG+cFRv9fevo7+3a73f82fHft3n8o0nzfG316dv4cc+/abt1j8Uf3Z//u5LP6+Vd+WNXS7XawkTEruSTjY9PPnpuo97YPov/+LHN+79W5//eiPiiy/hvHfn5ta7i79Pxn3mq4//0hXsff/lDu/a76//erpeO54900/91u4Pbee8AAAAAAABgpylExIFICsX1cqFQLK7d33Ek9hXKlWrtxIXK4qWZqH9XdjRGCo2Z7kNN90NM5PfDNuqTT9SnIuJwRHw7tLdeL05XyjP9Dh4AAAAAAAAAAAAAAAAAAAB2iP1tvv+f+WOo33sHPHN+8hsGV8f878UvPQE7kv//MLjkPwwu+Q+DS/7D4JL/MLjkPwwu+Q+DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAT507ezZbVlceXpvO6jNXlhbnKldOzqTVueL84nRxurJwuThbqcyW0+J0Zb7T65UrlcsTk7F4dbyWVmvj1aXl8/OVxUu18xfnS7Pp+XTkuUQFAAAAAAAAAAAAAAAAAAAAL5bq0vJcqVxOF/pWuN7X1hW2WxjutM3Bfu+hwlYK/e6ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCR/wIAAP//K903aw==")
r2 = socket$inet(0x2, 0x3, 0x6)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000140)='xfrm0\x00', 0x10)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x4, 0x0, r0, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x1}, 0x50)
socket$inet(0x2, 0x3, 0x6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
r3 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x30046, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4b98, &(0x7f0000000180)={0x0, 0xca92, 0x2000, 0x0, 0x2}, &(0x7f0000000200), &(0x7f0000000280))
close(r3)

734.953989ms ago: executing program 1 (id=2351):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000006, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x9, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc)
r1 = socket$inet6(0xa, 0x3, 0x2f)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000100)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@loopback, 0x0, 0x0, 0xffff, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x6c}, 0x0, @in6=@empty, 0x0, 0x0, 0x0, 0x3}}, 0xe8)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r2 = io_uring_setup(0x7058, &(0x7f0000000040)={0x0, 0x44ec, 0x40, 0x2, 0x4})
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x3, 0x1}, 0x50)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000340)={{0x1, 0x1, 0x18, <r4=>r2, {0xee00, 0xee01}}, './file0\x00'})
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000003c0)={0xffffffffffffffff, 0x8, 0x10}, 0xc)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000d00000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x170)
fgetxattr(r7, &(0x7f00000003c0)=@known='security.selinux\x00', 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{0x1, <r8=>0xffffffffffffffff}, &(0x7f0000000400), &(0x7f0000000440)}, 0x20)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x3, 0x8, 0x8}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r9}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x14, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@map_idx_val={0x18, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x46}, @exit, @btf_id={0x18, 0x2, 0x3, 0x0, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000001c0)='GPL\x00', 0x5, 0x0, &(0x7f0000000200), 0x40f00, 0x0, '\x00', 0x0, 0x0, r4, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000380)={0x1, 0xd, 0x1, 0x9}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[r5, r6, r7, r8, 0xffffffffffffffff, r9, 0xffffffffffffffff, 0x1], 0x0, 0x10, 0x2}, 0x94)
r10 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r10, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}], 0x1)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000040)={'veth1_to_hsr\x00', <r12=>0x0})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r13=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000000)={'veth1_to_batadv\x00', <r14=>0x0})
r15 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0x6, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', r14}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000400)={r15, r12, 0x25, 0x0, @void}, 0x10)
io_uring_register$IORING_REGISTER_PERSONALITY(r10, 0x8, 0x1000000000000, 0x0)
shmget$private(0x0, 0x1000, 0x800, &(0x7f0000ffd000/0x1000)=nil)

667.63832ms ago: executing program 4 (id=2353):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x2, 0xbf22, 0x1, 0xffffffffffffffff, 0xfffffffe}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r0, 0x0, 0xa002a0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={&(0x7f0000000080), &(0x7f0000000140)=""/184, &(0x7f0000000200), &(0x7f0000001540), 0x1, r0}, 0x38)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000000)='./file1\x00', 0x3000056, &(0x7f00000004c0), 0x80, 0x55c, &(0x7f0000000d80)="$eJzs3d9rW1UcAPDvTdv9dutgDBWRwh6czKVr648JPsxH0eFA32do78pouowmHWsdbHtwL77IEEQciO/67uPwH/CvGOhgyCj64EvlpjddtiZN1mZLZz4fuOWc3Juc+82939Nzc25IAANrLPtTiHglIr5JIg5FRJKvG4585djadisPr01nSxKrq5/9ldS3y+qN12o8b39eeTkifvsq4kRhY7vVpeW5UrmcLuT18dr85fHq0vLJi/Ol2XQ2vTQ5NXX6nanJ9997t2exvnnun+8/vfvR6a+PrXz3y/3Dt5M4Ewfydc1xbMON5spYjOXvyUiceWLDiR40tpMk/d4BtmQoz/ORyPqAQzGUZz3w/3c9IlaBAZXIfxhQjXFA49q+R9fBL4wHH65dAG2Mf3jts5HYU7822reSPHZllF3vjvag/ayNX/+8cztbonefQwB0dONmRJwaHt7Y/yV5/7d1p7rY5sk29H/w/NzNxj9vtRr/FNbHP9Fi/LO/Re5uRef8L9zvQTNtZeO/D1qOf9cnrUaH8tpL9THfSHLhYjnN+raDEXE8RnZn9c3mc06v3Fttt655/JctWfuNsWC+H/eHdz/+nJlSrbSdmJs9uBnxasvxb7J+/JMWxz97P8512cbR9M7r7dZ1jv/ZWv0p4o2Wx//RjFay+fzkeP18GG+cFRv9fevo7+3a73f82fHft3n8o0nzfG316dv4cc+/abt1j8Uf3Z//u5LP6+Vd+WNXS7XawkTEruSTjY9PPnpuo97YPov/+LHN+79W5//eiPiiy/hvHfn5ta7i79Pxn3mq4//0hXsff/lDu/a76//erpeO54900/91u4Pbee8AAAAAAABgpylExIFICsX1cqFQLK7d33Ek9hXKlWrtxIXK4qWZqH9XdjRGCo2Z7kNN90NM5PfDNuqTT9SnIuJwRHw7tLdeL05XyjP9Dh4AAAAAAAAAAAAAAAAAAAB2iP1tvv+f+WOo33sHPHN+8hsGV8f878UvPQE7kv//MLjkPwwu+Q+DS/7D4JL/MLjkPwwu+Q+DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAT507ezZbVlceXpvO6jNXlhbnKldOzqTVueL84nRxurJwuThbqcyW0+J0Zb7T65UrlcsTk7F4dbyWVmvj1aXl8/OVxUu18xfnS7Pp+XTkuUQFAAAAAAAAAAAAAAAAAAAAL5bq0vJcqVxOF/pWuN7X1hW2WxjutM3Bfu+hwlYK/e6ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCR/wIAAP//K903aw==")
r4 = socket$inet(0x2, 0x3, 0x6)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000140)='xfrm0\x00', 0x10)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x4, 0x0, r1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x1}, 0x50)
socket$inet(0x2, 0x3, 0x6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
r5 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x30046, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4b98, &(0x7f0000000180)={0x0, 0xca92, 0x2000, 0x0, 0x2}, &(0x7f0000000200), &(0x7f0000000280))
close(r5)

604.0734ms ago: executing program 2 (id=2355):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000006, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x9, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r1, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc)
r2 = socket$inet6(0xa, 0x3, 0x2f)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000100)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@loopback, 0x0, 0x0, 0xffff, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x6c}, 0x0, @in6=@empty, 0x0, 0x0, 0x0, 0x3}}, 0xe8)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r3 = io_uring_setup(0x7058, &(0x7f0000000040)={0x0, 0x44ec, 0x40, 0x2, 0x4})
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x3, 0x1}, 0x50)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000340)={{0x1, 0x1, 0x18, <r5=>r3, {0xee00, 0xee01}}, './file0\x00'})
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000003c0)={0xffffffffffffffff, 0x8, 0x10}, 0xc)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000d00000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x170)
fgetxattr(r8, &(0x7f00000003c0)=@known='security.selinux\x00', 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{0x1, <r9=>0xffffffffffffffff}, &(0x7f0000000400), &(0x7f0000000440)}, 0x20)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x3, 0x8, 0x8}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r10}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x14, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@map_idx_val={0x18, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x46}, @exit, @btf_id={0x18, 0x2, 0x3, 0x0, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000001c0)='GPL\x00', 0x5, 0x0, &(0x7f0000000200), 0x40f00, 0x0, '\x00', 0x0, 0x0, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000380)={0x1, 0xd, 0x1, 0x9}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[r6, r7, r8, r9, r0, r10, 0xffffffffffffffff, 0x1], 0x0, 0x10, 0x2}, 0x94)
r11 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r11, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}], 0x1)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000040)={'veth1_to_hsr\x00', <r13=>0x0})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r14=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r14, 0x8933, &(0x7f0000000000)={'veth1_to_batadv\x00', <r15=>0x0})
r16 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0x6, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', r15}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000400)={r16, r13, 0x25, 0x0, @void}, 0x10)

523.885462ms ago: executing program 3 (id=2356):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000006, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x1, 0x1, 0x8, 0x20005, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_route(0x10, 0x3, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x9, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r1, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc)
r2 = socket$inet6(0xa, 0x3, 0x2f)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000100)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in6=@loopback, 0x0, 0x0, 0xffff, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x0, 0x6c}, 0x0, @in6=@empty, 0x0, 0x0, 0x0, 0x3}}, 0xe8)
connect$inet6(r2, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r3 = io_uring_setup(0x7058, &(0x7f0000000040)={0x0, 0x44ec, 0x40, 0x2, 0x4})
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x8, 0x0, 0xffffffffffffffff, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x3, 0x1}, 0x50)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000340)={{0x1, 0x1, 0x18, <r5=>r3, {0xee00, 0xee01}}, './file0\x00'})
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000003c0)={0xffffffffffffffff, 0x8, 0x10}, 0xc)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000d00000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = open(&(0x7f0000000000)='./bus\x00', 0x1050c1, 0x170)
fgetxattr(r8, &(0x7f00000003c0)=@known='security.selinux\x00', 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{0x1, <r9=>0xffffffffffffffff}, &(0x7f0000000400), &(0x7f0000000440)}, 0x20)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x12, 0x3, 0x8, 0x8}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r10}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x14, &(0x7f0000000280)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [@map_idx_val={0x18, 0x0, 0x6, 0x0, 0x4, 0x0, 0x0, 0x0, 0x46}, @exit, @btf_id={0x18, 0x2, 0x3, 0x0, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000001c0)='GPL\x00', 0x5, 0x0, &(0x7f0000000200), 0x40f00, 0x0, '\x00', 0x0, 0x0, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000380)={0x1, 0xd, 0x1, 0x9}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[r6, r7, r8, r9, r0, r10, 0xffffffffffffffff, 0x1], 0x0, 0x10, 0x2}, 0x94)
r11 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r11, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}], 0x1)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000040)={'veth1_to_hsr\x00', <r13=>0x0})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r14=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r14, 0x8933, &(0x7f0000000000)={'veth1_to_batadv\x00', <r15=>0x0})
r16 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0x6, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', r15}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000400)={r16, r13, 0x25, 0x0, @void}, 0x10)

483.666712ms ago: executing program 0 (id=2357):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000007000000000000009500000a000000009ba8049504d1ef22f4102116876d029f4275de4ae88320687303e0c3439830682829"], &(0x7f0000000280)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xfffffffe}, 0x10}, 0x94)

448.289333ms ago: executing program 0 (id=2358):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$kcm(0xa, 0x1, 0x106)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x40}, {0x6, 0x0, 0x6c, 0xfffffffb}]}, 0x10)
sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev, 0x2}, 0x80, 0x0}, 0xe07e872424df67ca)

411.509174ms ago: executing program 0 (id=2359):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10)
listen(r0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)

353.369044ms ago: executing program 0 (id=2360):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x2, 0xbf22, 0x1, 0xffffffffffffffff, 0xfffffffe}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r0, 0x0, 0xa002a0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={&(0x7f0000000080), &(0x7f0000000140)=""/184, &(0x7f0000000200), &(0x7f0000001540), 0x1, r0}, 0x38)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000000)='./file1\x00', 0x3000056, &(0x7f00000004c0), 0x80, 0x55c, &(0x7f0000000d80)="$eJzs3d9rW1UcAPDvTdv9dutgDBWRwh6czKVr648JPsxH0eFA32do78pouowmHWsdbHtwL77IEEQciO/67uPwH/CvGOhgyCj64EvlpjddtiZN1mZLZz4fuOWc3Juc+82939Nzc25IAANrLPtTiHglIr5JIg5FRJKvG4585djadisPr01nSxKrq5/9ldS3y+qN12o8b39eeTkifvsq4kRhY7vVpeW5UrmcLuT18dr85fHq0vLJi/Ol2XQ2vTQ5NXX6nanJ9997t2exvnnun+8/vfvR6a+PrXz3y/3Dt5M4Ewfydc1xbMON5spYjOXvyUiceWLDiR40tpMk/d4BtmQoz/ORyPqAQzGUZz3w/3c9IlaBAZXIfxhQjXFA49q+R9fBL4wHH65dAG2Mf3jts5HYU7822reSPHZllF3vjvag/ayNX/+8cztbonefQwB0dONmRJwaHt7Y/yV5/7d1p7rY5sk29H/w/NzNxj9vtRr/FNbHP9Fi/LO/Re5uRef8L9zvQTNtZeO/D1qOf9cnrUaH8tpL9THfSHLhYjnN+raDEXE8RnZn9c3mc06v3Fttt655/JctWfuNsWC+H/eHdz/+nJlSrbSdmJs9uBnxasvxb7J+/JMWxz97P8512cbR9M7r7dZ1jv/ZWv0p4o2Wx//RjFay+fzkeP18GG+cFRv9fevo7+3a73f82fHft3n8o0nzfG316dv4cc+/abt1j8Uf3Z//u5LP6+Vd+WNXS7XawkTEruSTjY9PPnpuo97YPov/+LHN+79W5//eiPiiy/hvHfn5ta7i79Pxn3mq4//0hXsff/lDu/a76//erpeO54900/91u4Pbee8AAAAAAABgpylExIFICsX1cqFQLK7d33Ek9hXKlWrtxIXK4qWZqH9XdjRGCo2Z7kNN90NM5PfDNuqTT9SnIuJwRHw7tLdeL05XyjP9Dh4AAAAAAAAAAAAAAAAAAAB2iP1tvv+f+WOo33sHPHN+8hsGV8f878UvPQE7kv//MLjkPwwu+Q+DS/7D4JL/MLjkPwwu+Q+DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAT507ezZbVlceXpvO6jNXlhbnKldOzqTVueL84nRxurJwuThbqcyW0+J0Zb7T65UrlcsTk7F4dbyWVmvj1aXl8/OVxUu18xfnS7Pp+XTkuUQFAAAAAAAAAAAAAAAAAAAAL5bq0vJcqVxOF/pWuN7X1hW2WxjutM3Bfu+hwlYK/e6ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCR/wIAAP//K903aw==")
r4 = socket$inet(0x2, 0x3, 0x6)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000140)='xfrm0\x00', 0x10)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x4, 0x0, r1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x1}, 0x50)
socket$inet(0x2, 0x3, 0x6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
r5 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x30046, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4b98, &(0x7f0000000180)={0x0, 0xca92, 0x2000, 0x0, 0x2}, &(0x7f0000000200), &(0x7f0000000280))
close(r5)

352.604204ms ago: executing program 4 (id=2361):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c0000000200000000000000"], 0x0, 0x26}, 0x28)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffe12}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000007000000000000009500000a000000009ba8049504d1ef22f4102116876d029f4275de4ae88320687303e0c3439830682829"], &(0x7f0000000280)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0xfffffffe}, 0x10}, 0x94)

334.948735ms ago: executing program 1 (id=2362):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x4004944)
sendmsg$NFT_BATCH(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = gettid()
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
read$ptp(r2, 0x0, 0x0)
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r1}, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(r3, &(0x7f0000000000)='map_files\x00')
mq_notify(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x16, 0x0, @tid=r3})
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
pread64(r4, &(0x7f0000000200)=""/102400, 0x19000, 0x1000000000)
r5 = dup(0xffffffffffffffff)
write$P9_RLERRORu(r5, &(0x7f00000000c0)=ANY=[@ANYBLOB='S\x00\x00\x00\a\x00', @ANYBLOB="fe4cecb210"], 0x53)
memfd_create(&(0x7f0000000ac0)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x1)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080), 0x800000, &(0x7f0000019200)=ANY=[@ANYBLOB='{\x00\x00\x00\x00\x00\x00\x00,rfdno=', @ANYRESHEX, @ANYBLOB=',wfdno', @ANYBLOB])
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
modify_ldt$write(0x1, &(0x7f0000000040)={0x806, 0x100000}, 0x10)
syz_clone(0x26801000, 0x0, 0x0, 0x0, 0x0, 0x0)

312.213955ms ago: executing program 2 (id=2363):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
clock_nanosleep(0x2, 0xfffffdfc, 0x0, 0x0)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040), 0x1000, 0x0)
ioctl$SNAPSHOT_FREE(r2, 0x3305)
syz_clone(0x40200080, 0x0, 0x0, 0x0, 0x0, 0x0)

273.212205ms ago: executing program 4 (id=2364):
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020100008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xc97c, 0x0, @perf_config_ext={0x0, 0x5}, 0x8, 0x0, 0x409, 0x4, 0x0, 0x40, 0xfffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000440)=""/117, 0x75)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

243.276546ms ago: executing program 3 (id=2365):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffe12}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a30000000006c000000160a01020000000000000000010000000900010073797a30000000000900020073797a300000000040000380"], 0xfc}}, 0x0)

238.119356ms ago: executing program 4 (id=2366):
socket(0xa, 0x5, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000480)={0x0, 0xe, 0x8}, 0xc)
ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, &(0x7f00000007c0)={0x5, r1, 'id0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="070000000400000008000000d900000000000200", @ANYRES32=r0, @ANYBLOB="00000000000000000100"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
ftruncate(r2, 0x2000009)
statfs(&(0x7f0000000200)='.\x00', 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000d900000000000000", @ANYRES32, @ANYBLOB="0000000000000000dfffffff0000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7030000000000080000000000000000b70000000000950000000000000078602c134e89f201e4f4c5e96de31ca93fca66ef43b945045a05c37947c940efb3364a5c067cdacf7e8c45ffff22abf54289f023fde3ce56b5fa75d14aedf645e5dac6d2c2c4e4ebdf2e3caad5dd4b3901ac9a3d347c02b0cceabbe2a57bef78a96774d77868d142745d3336a690b9ea017e98d9971f47c7979af8865b34cb11a51671d6b03cabe4e0ecbf3e27b10f2a361f2c42997581f1b431ed423b9c341c578c"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r4}, 0x18)
syz_genetlink_get_family_id$nfc(&(0x7f0000000000), 0xffffffffffffffff)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_io_uring_setup(0x313, &(0x7f0000000880)={0x0, 0x2351, 0x2, 0x0, 0x26f, 0x0, r2}, &(0x7f0000000000), &(0x7f0000000180))
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x1218088, &(0x7f0000000f80)=ANY=[@ANYRESHEX=0x0], 0xa, 0x2c4, &(0x7f0000002340)="$eJzs3U+rG1UYB+B3ktzJVBfJwpUIHbALV8XbnbhJkRbEu7JkoS70YluQmyC0EPAPxq7cunHhwk8gCH6QbvwGglvBnRUKIzOZ6cxN03gjTcXe51m995zzy5wzOeTOJicfvTI/uZnH7Xtf/hpZlkRvEpN4kMQ4etH4Ok6ZfBsAwP/Zg6KIP4qVXXJJRGT7mxYAsEdn+/8/aMufn8m0AIA9uvHe++9cPTq69m4WWVyff7OY9k/1X70dn8QsbsXrMYqHEdWDwkFUTwtleb0oiuUgL43j0ny5mC6mEfMP7zf53yOq/GGMYlw1PXraqPJvH107zFc6+eVimsQL9fUnZf5KjOKlR+FeN39lQz6mabz2amf+l2MUv3wcn8YsblaTaPNfHeb5W8V3f37xQTm9Mp8sF9NhNa5V9J/VewIAAAAAAAAAAAAAAAAAAAAAwPPvcn12zjDNL8aledlUn7/Tfxhp+WfeGLepsn9VJU1T93ygoiiWRfzQOVIwL+qB7fk+g3h50D1YEAAAAAAAAAAAAAAAAAAAAM6vu599fnI8m92681SK5jSAQUT8dSPi377OpNNyMbYPHtbXPJ7NenV5asz9tNsS/WZMErF1GuUintJt+afiwvqcm+LHn8oF7vKCWafljc0LPNj/uprddXKcbL7WMJqWrN4k36cR7Zg0znit9EldReyy/dKNXaOd156+WBXLLWMi2TaxN39b3bm6JVlfRVrd1Y3xg7roxNf2xpne98hW8cc/K5LqtI7h/j6MAAAAAAAAAAAAAAAAAADgnGu//buh897WaK/wVWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnhPt7/8/Vlx4YteyDm9KrRVp3Ln7Hy8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAc+DvAAAA//8Nf1L3")
syz_open_procfs(0x0, &(0x7f00000000c0)='mountinfo\x00')

181.501487ms ago: executing program 3 (id=2367):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000600)=@raw={'raw\x00', 0x8, 0x3, 0x4c0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f0, 0xffffffff, 0xffffffff, 0x3f0, 0xffffffff, 0xb, 0x0, {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x1a}, @dev={0xfe, 0x80, '\x00', 0x28}, [0xffffff00, 0xffffff00, 0x0, 0xff000000], [0xff, 0x0, 0x9f19fd7a5e924fa7, 0xff], 'macvtap0\x00', 'bridge0\x00', {0xff}, {0xff}, 0x2b, 0x7, 0x5, 0x10}, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x1c8, 0x230, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@tcpmss={{0x28}, {0x39d3, 0x9, 0x1}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)

140.687097ms ago: executing program 3 (id=2368):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$FS_IOC_GET_ENCRYPTION_NONCE(r0, 0x8010661b, &(0x7f0000000000))
r1 = add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1000000e}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x101}, 0x18)
keyctl$restrict_keyring(0xa, r1, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000400)='ex\x0f\xac\xd1\xeb\xf4\xd8&w\xef\x9f`T3%\xfa\xbf\xef\xeb\x8e1w\xfd')
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0xfe, 0x7ffc0002}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x24090, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, @perf_bp={0x0, 0xe}, 0x0, 0x200000000010000, 0x2, 0x1, 0x8, 0x5, 0x2b}, 0x0, 0xfffffffffffffeff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xa}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000380)=ANY=[@ANYRESDEC=r0, @ANYRES64=r3], 0x0, 0xfffffffd}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000000702"], 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000f40)={'filter\x00', 0x10, 0x4, 0x3f0, 0x110, 0x0, 0x0, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@random="e5fce0c960bc", @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x1e}, 0xf, 0xffffffff}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x2}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@remote, @broadcast, @loopback, 0x1, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000400)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={<r8=>0xffffffffffffffff}, 0x106, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @ib_path={0x0, r8, 0x1, 0x2}}, 0x20)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r10}, 0x10)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r11)
sendmsg$NL80211_CMD_GET_SCAN(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
r12 = syz_open_dev$tty1(0xc, 0x4, 0x2)
ioctl$TIOCL_SETSEL(r12, 0x541c, &(0x7f0000000000)={0x2, {0x2, 0x101, 0x300, 0x0, 0x101, 0x300}})

124.535088ms ago: executing program 2 (id=2369):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0xe)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x2, 0xbf22, 0x1, 0xffffffffffffffff, 0xfffffffe}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r0, 0x0, 0xa002a0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={&(0x7f0000000080), &(0x7f0000000140)=""/184, &(0x7f0000000200), &(0x7f0000001540), 0x1, r0}, 0x38)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f0000000000)='./file1\x00', 0x3000056, &(0x7f00000004c0), 0x80, 0x55c, &(0x7f0000000d80)="$eJzs3d9rW1UcAPDvTdv9dutgDBWRwh6czKVr648JPsxH0eFA32do78pouowmHWsdbHtwL77IEEQciO/67uPwH/CvGOhgyCj64EvlpjddtiZN1mZLZz4fuOWc3Juc+82939Nzc25IAANrLPtTiHglIr5JIg5FRJKvG4585djadisPr01nSxKrq5/9ldS3y+qN12o8b39eeTkifvsq4kRhY7vVpeW5UrmcLuT18dr85fHq0vLJi/Ol2XQ2vTQ5NXX6nanJ9997t2exvnnun+8/vfvR6a+PrXz3y/3Dt5M4Ewfydc1xbMON5spYjOXvyUiceWLDiR40tpMk/d4BtmQoz/ORyPqAQzGUZz3w/3c9IlaBAZXIfxhQjXFA49q+R9fBL4wHH65dAG2Mf3jts5HYU7822reSPHZllF3vjvag/ayNX/+8cztbonefQwB0dONmRJwaHt7Y/yV5/7d1p7rY5sk29H/w/NzNxj9vtRr/FNbHP9Fi/LO/Re5uRef8L9zvQTNtZeO/D1qOf9cnrUaH8tpL9THfSHLhYjnN+raDEXE8RnZn9c3mc06v3Fttt655/JctWfuNsWC+H/eHdz/+nJlSrbSdmJs9uBnxasvxb7J+/JMWxz97P8512cbR9M7r7dZ1jv/ZWv0p4o2Wx//RjFay+fzkeP18GG+cFRv9fevo7+3a73f82fHft3n8o0nzfG316dv4cc+/abt1j8Uf3Z//u5LP6+Vd+WNXS7XawkTEruSTjY9PPnpuo97YPov/+LHN+79W5//eiPiiy/hvHfn5ta7i79Pxn3mq4//0hXsff/lDu/a76//erpeO54900/91u4Pbee8AAAAAAABgpylExIFICsX1cqFQLK7d33Ek9hXKlWrtxIXK4qWZqH9XdjRGCo2Z7kNN90NM5PfDNuqTT9SnIuJwRHw7tLdeL05XyjP9Dh4AAAAAAAAAAAAAAAAAAAB2iP1tvv+f+WOo33sHPHN+8hsGV8f878UvPQE7kv//MLjkPwwu+Q+DS/7D4JL/MLjkPwwu+Q+DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAT507ezZbVlceXpvO6jNXlhbnKldOzqTVueL84nRxurJwuThbqcyW0+J0Zb7T65UrlcsTk7F4dbyWVmvj1aXl8/OVxUu18xfnS7Pp+XTkuUQFAAAAAAAAAAAAAAAAAAAAL5bq0vJcqVxOF/pWuN7X1hW2WxjutM3Bfu+hwlYK/e6ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCR/wIAAP//K903aw==")
r4 = socket$inet(0x2, 0x3, 0x6)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000140)='xfrm0\x00', 0x10)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x4, 0x0, r1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x5, 0x1}, 0x50)
socket$inet(0x2, 0x3, 0x6)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x26e1, 0x0)
r5 = perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x30046, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0xfffffffffffffffe}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x4b98, &(0x7f0000000180)={0x0, 0xca92, 0x2000, 0x0, 0x2}, &(0x7f0000000200), &(0x7f0000000280))
close(r5)

36.222169ms ago: executing program 0 (id=2370):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$kcm(0xa, 0x1, 0x106)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x40}, {0x6, 0x0, 0x6c, 0xfffffffb}]}, 0x10)
sendmsg$kcm(r0, &(0x7f0000000780)={&(0x7f0000000000)=@in6={0xa, 0x0, 0x0, @dev, 0x2}, 0x80, 0x0}, 0xe07e872424df67ca)

0s ago: executing program 0 (id=2371):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000380)={0x2, 0x4e22, @empty}, 0x10)
listen(r0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

: ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  232.544924][ T6638] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.563277][T10533] JBD2: no valid journal superblock found
[  232.569037][T10533] EXT4-fs (loop6): Could not load journal inode
[  232.599876][T10541] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  232.631270][T10539] loop9: detected capacity change from 0 to 1024
[  232.639611][T10539] EXT4-fs (loop9): couldn't mount as ext2 due to feature incompatibilities
[  232.669189][T10541] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  232.669189][T10541]    program syz.7.1876 not setting count and/or reply_len properly
[  232.909996][T10554] loop7: detected capacity change from 0 to 1024
[  232.940515][T10554] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  232.951447][T10554] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  232.982662][T10554] JBD2: no valid journal superblock found
[  232.988434][T10554] EXT4-fs (loop7): Could not load journal inode
[  233.040841][T10560] loop5: detected capacity change from 0 to 1024
[  233.053268][T10558] loop7: detected capacity change from 0 to 1024
[  233.064892][T10560] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  233.075877][T10560] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  233.087978][T10558] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  233.098966][T10558] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  233.118883][T10560] JBD2: no valid journal superblock found
[  233.124685][T10560] EXT4-fs (loop5): Could not load journal inode
[  233.133157][T10558] JBD2: no valid journal superblock found
[  233.138912][T10558] EXT4-fs (loop7): Could not load journal inode
[  233.218842][T10562] netlink: 'syz.5.1885': attribute type 1 has an invalid length.
[  233.240763][T10564] netlink: 'syz.7.1886': attribute type 1 has an invalid length.
[  233.508321][T10568] loop5: detected capacity change from 0 to 1024
[  233.521501][T10568] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  233.532560][T10568] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  233.543704][T10568] JBD2: no valid journal superblock found
[  233.549544][T10568] EXT4-fs (loop5): Could not load journal inode
[  233.605903][T10575] loop8: detected capacity change from 0 to 512
[  233.610258][T10577] loop5: detected capacity change from 0 to 1024
[  233.618949][T10575] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  233.636433][T10575] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.662869][T10584] FAULT_INJECTION: forcing a failure.
[  233.662869][T10584] name failslab, interval 1, probability 0, space 0, times 0
[  233.675483][T10584] CPU: 0 UID: 0 PID: 10584 Comm: syz.9.1892 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(voluntary) 
[  233.675512][T10584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  233.675526][T10584] Call Trace:
[  233.675532][T10584]  <TASK>
[  233.675541][T10584]  __dump_stack+0x1d/0x30
[  233.675563][T10584]  dump_stack_lvl+0xe8/0x140
[  233.675686][T10584]  dump_stack+0x15/0x1b
[  233.675762][T10584]  should_fail_ex+0x265/0x280
[  233.675790][T10584]  ? dev_create_fw_entry+0x43/0xf0
[  233.675820][T10584]  should_failslab+0x8c/0xb0
[  233.675863][T10584]  __kmalloc_cache_noprof+0x4c/0x320
[  233.675928][T10584]  ? __pfx_fw_name_devm_release+0x10/0x10
[  233.676055][T10584]  dev_create_fw_entry+0x43/0xf0
[  233.676114][T10584]  ? __pfx_devm_name_match+0x10/0x10
[  233.676215][T10584]  devres_for_each_res+0xfc/0x160
[  233.676241][T10584]  ? __pfx_devm_name_match+0x10/0x10
[  233.676272][T10584]  ? __pfx_dev_create_fw_entry+0x10/0x10
[  233.676363][T10584]  dev_cache_fw_image+0x62/0x270
[  233.676427][T10584]  ? __pfx_dev_cache_fw_image+0x10/0x10
[  233.676459][T10584]  dpm_for_each_dev+0x5d/0xa0
[  233.676491][T10584]  ? __pfx_fw_pm_notify+0x10/0x10
[  233.676525][T10584]  fw_pm_notify+0x164/0x1a0
[  233.676553][T10584]  ? __pfx_autoremove_wake_function+0x10/0x10
[  233.676604][T10584]  notifier_call_chain_robust+0x77/0x350
[  233.676674][T10584]  blocking_notifier_call_chain_robust+0x50/0x80
[  233.676706][T10584]  pm_notifier_call_chain_robust+0x2c/0x60
[  233.676738][T10584]  snapshot_open+0x1a5/0x270
[  233.676822][T10584]  ? __pfx_snapshot_open+0x10/0x10
[  233.676849][T10584]  misc_open+0x1d3/0x200
[  233.676871][T10584]  chrdev_open+0x2e8/0x3a0
[  233.676892][T10584]  do_dentry_open+0x646/0xa20
[  233.676964][T10584]  ? __pfx_chrdev_open+0x10/0x10
[  233.676983][T10584]  vfs_open+0x37/0x1e0
[  233.677006][T10584]  path_openat+0x1c5e/0x2170
[  233.677036][T10584]  ? kvm_sched_clock_read+0x11/0x20
[  233.677126][T10584]  do_filp_open+0x109/0x230
[  233.677160][T10584]  do_sys_openat2+0xa6/0x110
[  233.677182][T10584]  __x64_sys_openat+0xf2/0x120
[  233.677208][T10584]  x64_sys_call+0x1af/0x2fb0
[  233.677243][T10584]  do_syscall_64+0xd2/0x200
[  233.677274][T10584]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  233.677320][T10584]  ? clear_bhb_loop+0x40/0x90
[  233.677414][T10584]  ? clear_bhb_loop+0x40/0x90
[  233.677436][T10584]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.677455][T10584] RIP: 0033:0x7f47bbb3e929
[  233.677469][T10584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.677487][T10584] RSP: 002b:00007f47ba1a7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  233.677583][T10584] RAX: ffffffffffffffda RBX: 00007f47bbd65fa0 RCX: 00007f47bbb3e929
[  233.677594][T10584] RDX: 0000000000000400 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  233.677604][T10584] RBP: 00007f47ba1a7090 R08: 0000000000000000 R09: 0000000000000000
[  233.677615][T10584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.677625][T10584] R13: 0000000000000000 R14: 00007f47bbd65fa0 R15: 00007ffc21998868
[  233.677642][T10584]  </TASK>
[  233.842541][T10575] ext4 filesystem being mounted at /184/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  233.893410][T10577] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[  234.000243][T10575] EXT4-fs error (device loop8): ext4_xattr_block_get:593: inode #15: comm syz.8.1887: corrupted xattr block 19: overlapping e_value 
[  234.026930][T10575] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop8 ino=15
[  234.073645][T10594] loop9: detected capacity change from 0 to 1024
[  234.090255][T10575] EXT4-fs error (device loop8): ext4_xattr_block_get:593: inode #15: comm syz.8.1887: corrupted xattr block 19: overlapping e_value 
[  234.104778][T10594] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  234.115735][T10594] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  234.128717][T10575] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop8 ino=15
[  234.143433][T10594] JBD2: no valid journal superblock found
[  234.149216][T10594] EXT4-fs (loop9): Could not load journal inode
[  234.172126][T10575] EXT4-fs error (device loop8): ext4_xattr_block_get:593: inode #15: comm syz.8.1887: corrupted xattr block 19: overlapping e_value 
[  234.208864][T10575] EXT4-fs error (device loop8): ext4_xattr_block_get:593: inode #15: comm syz.8.1887: corrupted xattr block 19: overlapping e_value 
[  234.219127][T10596] loop9: detected capacity change from 0 to 1024
[  234.239253][T10575] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop8 ino=15
[  234.249097][T10596] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  234.260061][T10596] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  234.294358][T10598] loop5: detected capacity change from 0 to 1024
[  234.311407][T10596] JBD2: no valid journal superblock found
[  234.317211][T10596] EXT4-fs (loop9): Could not load journal inode
[  234.321513][T10598] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  234.334492][T10598] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  234.367916][T10598] JBD2: no valid journal superblock found
[  234.373735][T10598] EXT4-fs (loop5): Could not load journal inode
[  234.390138][T10600] netlink: 'syz.9.1898': attribute type 1 has an invalid length.
[  234.432814][T10602] netlink: 'syz.9.1899': attribute type 1 has an invalid length.
[  234.483677][ T6730] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.525094][T10608] netlink: 'syz.8.1911': attribute type 1 has an invalid length.
[  234.545545][T10609] __nla_validate_parse: 5 callbacks suppressed
[  234.545558][T10609] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1900'.
[  235.049248][T10618] loop7: detected capacity change from 0 to 1024
[  235.057549][T10618] EXT4-fs (loop7): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  235.068533][T10618] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  235.079878][T10618] JBD2: no valid journal superblock found
[  235.084355][T10621] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1903'.
[  235.085673][T10618] EXT4-fs (loop7): Could not load journal inode
[  235.218684][T10629] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1906'.
[  235.322931][T10631] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=10631 comm=syz.9.1907
[  235.365676][T10633] loop9: detected capacity change from 0 to 1024
[  235.375476][T10633] EXT4-fs (loop9): couldn't mount as ext2 due to feature incompatibilities
[  235.515086][T10635] loop9: detected capacity change from 0 to 1024
[  235.528670][T10635] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  235.539615][T10635] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  235.550899][T10635] JBD2: no valid journal superblock found
[  235.556750][T10635] EXT4-fs (loop9): Could not load journal inode
[  235.627519][T10639] loop9: detected capacity change from 0 to 1024
[  235.636472][T10639] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  235.647528][T10639] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  235.663858][T10639] JBD2: no valid journal superblock found
[  235.669613][T10639] EXT4-fs (loop9): Could not load journal inode
[  236.649485][   T29] kauditd_printk_skb: 387 callbacks suppressed
[  236.649498][   T29] audit: type=1326 audit(1752127141.385:2781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10649 comm="syz.5.1921" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1f18a3e929 code=0x0
[  236.690002][T10660] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10660 comm=syz.8.1922
[  236.707730][T10662] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1921'.
[  236.709715][   T29] audit: type=1326 audit(1752127141.445:2782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10657 comm="syz.9.1918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47bbb3e929 code=0x7ffc0000
[  236.747595][   T29] audit: type=1326 audit(1752127141.465:2783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10657 comm="syz.9.1918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f47bbb3e929 code=0x7ffc0000
[  236.772988][T10663] loop7: detected capacity change from 0 to 1024
[  236.782810][T10663] EXT4-fs (loop7): couldn't mount as ext2 due to feature incompatibilities
[  236.792046][T10665] validate_nla: 1 callbacks suppressed
[  236.792057][T10665] netlink: 'syz.6.1924': attribute type 1 has an invalid length.
[  236.817918][   T29] audit: type=1326 audit(1752127141.555:2784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10657 comm="syz.9.1918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f47bbb3e963 code=0x7ffc0000
[  236.858954][T10670] loop6: detected capacity change from 0 to 1024
[  236.864875][   T29] audit: type=1326 audit(1752127141.555:2785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10657 comm="syz.9.1918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f47bbb3e963 code=0x7ffc0000
[  236.887915][T10658] loop9: detected capacity change from 0 to 1024
[  236.888640][   T29] audit: type=1326 audit(1752127141.555:2786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10657 comm="syz.9.1918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47bbb3e929 code=0x7ffc0000
[  236.918522][   T29] audit: type=1326 audit(1752127141.555:2787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10657 comm="syz.9.1918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47bbb3e929 code=0x7ffc0000
[  236.942268][T10670] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  236.953217][T10670] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  236.957612][   T29] audit: type=1326 audit(1752127141.605:2788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10657 comm="syz.9.1918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f47bbb3e929 code=0x7ffc0000
[  236.986375][   T29] audit: type=1326 audit(1752127141.605:2789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10657 comm="syz.9.1918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47bbb3e929 code=0x7ffc0000
[  237.009924][   T29] audit: type=1326 audit(1752127141.605:2790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10657 comm="syz.9.1918" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f47bbb3e929 code=0x7ffc0000
[  237.010931][T10670] JBD2: no valid journal superblock found
[  237.034402][T10658] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  237.039117][T10670] EXT4-fs (loop6): Could not load journal inode
[  237.056467][T10658] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  237.076865][T10658] JBD2: no valid journal superblock found
[  237.082719][T10658] EXT4-fs (loop9): Could not load journal inode
[  237.142770][T10674] loop8: detected capacity change from 0 to 1024
[  237.164891][T10674] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  237.175908][T10674] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  237.195435][T10674] JBD2: no valid journal superblock found
[  237.201232][T10674] EXT4-fs (loop8): Could not load journal inode
[  237.510146][T10685] loop8: detected capacity change from 0 to 1024
[  237.520205][T10686] loop9: detected capacity change from 0 to 1024
[  237.529427][T10686] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  237.540371][T10686] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  237.553959][T10685] EXT4-fs (loop8): couldn't mount as ext2 due to feature incompatibilities
[  237.563198][T10689] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1941'.
[  237.572206][T10686] JBD2: no valid journal superblock found
[  237.577992][T10686] EXT4-fs (loop9): Could not load journal inode
[  237.727715][T10695] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1930'.
[  237.736629][T10696] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1931'.
[  238.098711][T10706] netlink: 'syz.7.1936': attribute type 1 has an invalid length.
[  238.123895][T10708] loop7: detected capacity change from 0 to 1024
[  238.144245][T10708] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  238.163513][T10708] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1937'.
[  238.180184][ T6638] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.200848][T10713] FAULT_INJECTION: forcing a failure.
[  238.200848][T10713] name failslab, interval 1, probability 0, space 0, times 0
[  238.213680][T10713] CPU: 0 UID: 0 PID: 10713 Comm: syz.7.1938 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(voluntary) 
[  238.213705][T10713] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  238.213716][T10713] Call Trace:
[  238.213724][T10713]  <TASK>
[  238.213731][T10713]  __dump_stack+0x1d/0x30
[  238.213754][T10713]  dump_stack_lvl+0xe8/0x140
[  238.213848][T10713]  dump_stack+0x15/0x1b
[  238.213866][T10713]  should_fail_ex+0x265/0x280
[  238.213897][T10713]  should_failslab+0x8c/0xb0
[  238.213933][T10713]  kmem_cache_alloc_noprof+0x50/0x310
[  238.213962][T10713]  ? skb_clone+0x151/0x1f0
[  238.213996][T10713]  skb_clone+0x151/0x1f0
[  238.214024][T10713]  __netlink_deliver_tap+0x2c9/0x500
[  238.214055][T10713]  netlink_unicast+0x64c/0x670
[  238.214094][T10713]  netlink_sendmsg+0x58b/0x6b0
[  238.214130][T10713]  ? __pfx_netlink_sendmsg+0x10/0x10
[  238.214164][T10713]  __sock_sendmsg+0x142/0x180
[  238.214184][T10713]  ____sys_sendmsg+0x31e/0x4e0
[  238.214216][T10713]  ___sys_sendmsg+0x17b/0x1d0
[  238.214311][T10713]  __x64_sys_sendmsg+0xd4/0x160
[  238.214348][T10713]  x64_sys_call+0x2999/0x2fb0
[  238.214371][T10713]  do_syscall_64+0xd2/0x200
[  238.214403][T10713]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  238.214472][T10713]  ? clear_bhb_loop+0x40/0x90
[  238.214490][T10713]  ? clear_bhb_loop+0x40/0x90
[  238.214508][T10713]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.214526][T10713] RIP: 0033:0x7f90729ae929
[  238.214541][T10713] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.214592][T10713] RSP: 002b:00007f9071017038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  238.214610][T10713] RAX: ffffffffffffffda RBX: 00007f9072bd5fa0 RCX: 00007f90729ae929
[  238.214623][T10713] RDX: 0000000000000850 RSI: 0000200000000000 RDI: 0000000000000003
[  238.214771][T10713] RBP: 00007f9071017090 R08: 0000000000000000 R09: 0000000000000000
[  238.214781][T10713] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  238.214791][T10713] R13: 0000000000000000 R14: 00007f9072bd5fa0 R15: 00007fffe0adc3e8
[  238.214810][T10713]  </TASK>
[  238.214824][T10713] netlink: 'syz.7.1938': attribute type 39 has an invalid length.
[  238.460239][T10718] loop5: detected capacity change from 0 to 1024
[  238.470557][T10718] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  238.470855][T10717] loop6: detected capacity change from 0 to 1024
[  238.481565][T10718] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  238.501375][T10717] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  238.512441][T10717] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  238.540108][T10717] JBD2: no valid journal superblock found
[  238.545900][T10717] EXT4-fs (loop6): Could not load journal inode
[  238.554434][T10718] JBD2: no valid journal superblock found
[  238.560182][T10718] EXT4-fs (loop5): Could not load journal inode
[  238.560406][T10723] loop9: detected capacity change from 0 to 1024
[  238.580803][T10724] netlink: 'syz.8.1944': attribute type 1 has an invalid length.
[  238.613064][T10724] 8021q: adding VLAN 0 to HW filter on device bond0
[  238.632104][T10730] loop7: detected capacity change from 0 to 512
[  238.632159][T10723] EXT4-fs (loop9): couldn't mount as ext2 due to feature incompatibilities
[  238.646385][T10730] ext4: Unknown parameter 'mask'
[  238.661777][T10724] 8021q: adding VLAN 0 to HW filter on device bond0
[  238.662825][T10730] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1947'.
[  238.687074][T10724] bond0: (slave vxcan3): The slave device specified does not support setting the MAC address
[  238.706717][T10724] bond0: (slave vxcan3): Error -95 calling set_mac_address
[  238.815449][T10744] netlink: 'syz.8.1951': attribute type 1 has an invalid length.
[  238.842614][T10750] loop7: detected capacity change from 0 to 512
[  238.860284][T10750] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  238.866358][T10753] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1955'.
[  238.873741][T10750] EXT4-fs error (device loop7): ext4_get_journal_inode:5796: comm syz.7.1954: inode #1661: comm syz.7.1954: iget: illegal inode #
[  238.893043][T10750] EXT4-fs (loop7): no journal found
[  238.898258][T10750] EXT4-fs (loop7): can't get journal size
[  238.905620][T10750] EXT4-fs (loop7): warning: mounting fs with errors, running e2fsck is recommended
[  238.916283][T10750] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8056c118, mo2=0002]
[  238.925000][T10750] EXT4-fs (loop7): Errors on filesystem, clearing orphan list.
[  238.936946][T10750] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.952411][T10759] netlink: 'syz.8.1966': attribute type 1 has an invalid length.
[  238.977713][ T6638] EXT4-fs error (device loop7): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  238.986082][T10763] loop8: detected capacity change from 0 to 1024
[  239.007490][ T6638] EXT4-fs error (device loop7): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: inode out of bounds - offset=20, inode=196622, rec_len=40, size=60 fake=0
[  239.027348][ T6638] EXT4-fs warning (device loop7): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  239.031374][T10763] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  239.042115][ T6638] EXT4-fs error (device loop7): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  239.052646][T10763] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  239.074524][ T6638] EXT4-fs error (device loop7): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: inode out of bounds - offset=20, inode=196622, rec_len=40, size=60 fake=0
[  239.085249][T10763] JBD2: no valid journal superblock found
[  239.102410][ T6638] EXT4-fs warning (device loop7): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  239.107343][T10763] EXT4-fs (loop8): Could not load journal inode
[  239.128339][ T6638] EXT4-fs error (device loop7): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  239.150113][ T6638] EXT4-fs error (device loop7): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: inode out of bounds - offset=20, inode=196622, rec_len=40, size=60 fake=0
[  239.169267][ T6638] EXT4-fs warning (device loop7): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  239.184171][ T6638] EXT4-fs error (device loop7): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  239.191635][T10766] loop8: detected capacity change from 0 to 1024
[  239.205917][ T6638] EXT4-fs error (device loop7): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: inode out of bounds - offset=20, inode=196622, rec_len=40, size=60 fake=0
[  239.230338][T10766] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  239.230900][ T6638] EXT4-fs warning (device loop7): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  239.241261][T10766] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  239.259045][ T6638] EXT4-fs error (device loop7): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  239.272288][T10766] JBD2: no valid journal superblock found
[  239.289076][ T6638] EXT4-fs error (device loop7): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: inode out of bounds - offset=20, inode=196622, rec_len=40, size=60 fake=0
[  239.291626][T10766] EXT4-fs (loop8): Could not load journal inode
[  239.311664][ T6638] EXT4-fs warning (device loop7): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  239.334586][ T6638] EXT4-fs warning (device loop7): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  239.350363][ T6638] EXT4-fs warning (device loop7): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  239.374355][ T6638] EXT4-fs warning (device loop7): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  239.374824][T10770] loop8: detected capacity change from 0 to 1024
[  239.400058][T10770] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  239.411067][T10770] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  239.424413][ T6638] EXT4-fs warning (device loop7): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  239.432095][T10772] loop6: detected capacity change from 0 to 512
[  239.442707][ T6638] EXT4-fs warning (device loop7): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  239.466467][T10772] ext4: Unknown parameter 'mask'
[  239.471787][T10770] JBD2: no valid journal superblock found
[  239.477611][T10770] EXT4-fs (loop8): Could not load journal inode
[  239.566784][T10779] loop6: detected capacity change from 0 to 1024
[  239.579549][T10779] EXT4-fs (loop6): couldn't mount as ext2 due to feature incompatibilities
[  239.599693][T10781] netlink: 'syz.8.1964': attribute type 39 has an invalid length.
[  239.609274][T10760] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.697885][T10790] netlink: 'syz.9.1969': attribute type 1 has an invalid length.
[  239.707011][T10792] loop6: detected capacity change from 0 to 512
[  239.721756][T10792] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  239.730762][T10792] EXT4-fs error (device loop6): ext4_get_journal_inode:5796: comm syz.6.1970: inode #1661: comm syz.6.1970: iget: illegal inode #
[  239.750750][T10796] loop9: detected capacity change from 0 to 1024
[  239.752278][  T578] netdevsim netdevsim7 netdevsim1 (unregistering): left allmulticast mode
[  239.764496][T10792] EXT4-fs (loop6): no journal found
[  239.770880][T10792] EXT4-fs (loop6): can't get journal size
[  239.785527][T10796] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  239.791387][  T578] netdevsim netdevsim7 netdevsim1 (unregistering): left promiscuous mode
[  239.796472][T10796] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  239.804947][  T578] bridge0: port 3(netdevsim1) entered disabled state
[  239.820328][T10800] __nla_validate_parse: 3 callbacks suppressed
[  239.820341][T10800] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1973'.
[  239.826688][T10796] JBD2: no valid journal superblock found
[  239.827500][T10800] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1973'.
[  239.836300][T10796] EXT4-fs (loop9): Could not load journal inode
[  239.842939][T10792] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  239.857206][T10800] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1973'.
[  239.867727][T10792] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8056c118, mo2=0002]
[  239.885313][T10792] EXT4-fs (loop6): Errors on filesystem, clearing orphan list.
[  239.898374][T10798] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1972'.
[  239.899013][T10792] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.951432][T10798] loop8: detected capacity change from 0 to 512
[  239.962437][T10798] ext4: Unknown parameter 'subj_user'
[  239.976628][T10800] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1973'.
[  239.985607][T10800] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1973'.
[  240.001299][T10808] loop9: detected capacity change from 0 to 1024
[  240.013856][T10808] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  240.024809][T10808] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  240.069020][T10808] JBD2: no valid journal superblock found
[  240.069458][ T6590] EXT4-fs error (device loop6): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  240.074835][T10808] EXT4-fs (loop9): Could not load journal inode
[  240.127356][T10813] loop8: detected capacity change from 0 to 1024
[  240.137481][ T6590] EXT4-fs error (device loop6): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: inode out of bounds - offset=20, inode=196622, rec_len=40, size=60 fake=0
[  240.161298][T10813] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  240.162158][ T6590] EXT4-fs warning (device loop6): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  240.172253][T10813] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  240.186998][ T6590] EXT4-fs error (device loop6): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  240.198541][T10813] JBD2: no valid journal superblock found
[  240.222782][T10813] EXT4-fs (loop8): Could not load journal inode
[  240.234267][ T6590] EXT4-fs error (device loop6): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: inode out of bounds - offset=20, inode=196622, rec_len=40, size=60 fake=0
[  240.234420][ T6590] EXT4-fs warning (device loop6): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  240.234563][ T6590] EXT4-fs error (device loop6): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  240.234883][ T6590] EXT4-fs error (device loop6): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: inode out of bounds - offset=20, inode=196622, rec_len=40, size=60 fake=0
[  240.234970][ T6590] EXT4-fs warning (device loop6): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  240.235095][ T6590] EXT4-fs error (device loop6): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  240.235297][ T6590] EXT4-fs error (device loop6): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: inode out of bounds - offset=20, inode=196622, rec_len=40, size=60 fake=0
[  240.235565][ T6590] EXT4-fs warning (device loop6): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  240.235680][ T6590] EXT4-fs error (device loop6): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  240.235822][ T6590] EXT4-fs error (device loop6): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: inode out of bounds - offset=20, inode=196622, rec_len=40, size=60 fake=0
[  240.235966][ T6590] EXT4-fs warning (device loop6): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  240.248651][T10819] loop5: detected capacity change from 0 to 1024
[  240.265111][T10784] chnl_net:caif_netlink_parms(): no params data found
[  240.267916][T10819] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[  240.286225][T10822] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1979'.
[  240.403863][ T6590] EXT4-fs warning (device loop6): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  240.490426][ T6590] EXT4-fs warning (device loop6): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  240.515284][ T6590] EXT4-fs warning (device loop6): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  240.525712][  T578] bridge_slave_1: left allmulticast mode
[  240.535353][  T578] bridge_slave_1: left promiscuous mode
[  240.541134][  T578] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.544498][ T6590] EXT4-fs warning (device loop6): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  240.563117][ T6590] EXT4-fs warning (device loop6): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  240.577826][  T578] bridge_slave_0: left allmulticast mode
[  240.583560][  T578] bridge_slave_0: left promiscuous mode
[  240.589361][  T578] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.654445][  T578]  (unregistering): (slave bond_slave_0): Releasing backup interface
[  240.663324][  T578]  (unregistering): (slave bond_slave_1): Releasing backup interface
[  240.671843][  T578]  (unregistering): Released all slaves
[  240.689792][T10784] bridge0: port 1(bridge_slave_0) entered blocking state
[  240.697000][T10784] bridge0: port 1(bridge_slave_0) entered disabled state
[  240.704275][T10784] bridge_slave_0: entered allmulticast mode
[  240.710617][T10784] bridge_slave_0: entered promiscuous mode
[  240.720369][T10784] bridge0: port 2(bridge_slave_1) entered blocking state
[  240.727547][T10784] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.734901][T10784] bridge_slave_1: entered allmulticast mode
[  240.741214][T10784] bridge_slave_1: entered promiscuous mode
[  240.753514][T10809] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.762839][  T578] hsr_slave_0: left promiscuous mode
[  240.768411][  T578] hsr_slave_1: left promiscuous mode
[  240.774121][  T578] batman_adv: batadv0: Removing interface: batadv_slave_0
[  240.786324][T10829] netlink: 'syz.5.1981': attribute type 1 has an invalid length.
[  240.792787][T10831] loop8: detected capacity change from 0 to 1024
[  240.800982][  T578] batman_adv: batadv0: Removing interface: batadv_slave_1
[  240.801042][T10831] EXT4-fs (loop8): couldn't mount as ext2 due to feature incompatibilities
[  240.869261][T10839] loop5: detected capacity change from 0 to 1024
[  240.876524][T10839] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  240.887557][T10839] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  240.909080][T10839] JBD2: no valid journal superblock found
[  240.914882][T10839] EXT4-fs (loop5): Could not load journal inode
[  240.958447][T10784] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  240.975822][T10784] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  241.004239][T10784] team0: Port device team_slave_0 added
[  241.019717][T10784] team0: Port device team_slave_1 added
[  241.024356][T10853] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1985'.
[  241.034177][T10853] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1985'.
[  241.046369][T10853] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1985'.
[  241.064408][T10784] batman_adv: batadv0: Adding interface: batadv_slave_0
[  241.071375][T10784] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  241.097447][T10784] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  241.116106][T10856] loop5: detected capacity change from 0 to 512
[  241.124836][T10784] batman_adv: batadv0: Adding interface: batadv_slave_1
[  241.131785][T10784] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  241.157787][T10784] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  241.177471][T10856] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  241.199359][T10865] loop8: detected capacity change from 0 to 1024
[  241.217144][T10865] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  241.228175][T10865] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  241.231590][T10856] EXT4-fs error (device loop5): ext4_get_journal_inode:5796: comm syz.5.1986: inode #1661: comm syz.5.1986: iget: illegal inode #
[  241.241920][T10865] JBD2: no valid journal superblock found
[  241.256867][T10784] hsr_slave_0: entered promiscuous mode
[  241.257068][T10865] EXT4-fs (loop8): Could not load journal inode
[  241.264398][T10856] EXT4-fs (loop5): no journal found
[  241.274015][T10856] EXT4-fs (loop5): can't get journal size
[  241.287641][T10784] hsr_slave_1: entered promiscuous mode
[  241.294699][T10784] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  241.302906][T10856] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  241.312411][T10784] Cannot create hsr debugfs directory
[  241.326704][T10856] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8056c118, mo2=0002]
[  241.348208][T10856] EXT4-fs (loop5): Errors on filesystem, clearing orphan list.
[  241.363237][T10856] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  241.420310][T10870] loop9: detected capacity change from 0 to 512
[  241.442789][ T6586] EXT4-fs error (device loop5): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  241.463804][T10870] ext4: Unknown parameter 'subj_user'
[  241.469857][ T6586] EXT4-fs error (device loop5): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  241.492700][ T6586] EXT4-fs error (device loop5): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: inode out of bounds - offset=20, inode=196622, rec_len=40, size=60 fake=0
[  241.538454][ T6586] EXT4-fs warning (device loop5): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  241.554979][ T6586] EXT4-fs error (device loop5): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  241.576278][ T6586] EXT4-fs error (device loop5): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: inode out of bounds - offset=20, inode=196622, rec_len=40, size=60 fake=0
[  241.597315][ T6586] EXT4-fs warning (device loop5): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  241.612161][ T6586] EXT4-fs error (device loop5): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  241.612531][  T578] netdevsim netdevsim6 netdevsim1 (unregistering): left allmulticast mode
[  241.634364][ T6586] EXT4-fs error (device loop5): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: inode out of bounds - offset=20, inode=196622, rec_len=40, size=60 fake=0
[  241.641860][  T578] netdevsim netdevsim6 netdevsim1 (unregistering): left promiscuous mode
[  241.662566][ T6586] EXT4-fs warning (device loop5): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  241.668654][  T578] bridge0: port 3(netdevsim1) entered disabled state
[  241.689923][ T6586] EXT4-fs error (device loop5): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  241.711040][ T6586] EXT4-fs error (device loop5): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: inode out of bounds - offset=20, inode=196622, rec_len=40, size=60 fake=0
[  241.730076][ T6586] EXT4-fs warning (device loop5): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  241.744737][ T6586] EXT4-fs error (device loop5): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  241.747049][T10840] chnl_net:caif_netlink_parms(): no params data found
[  241.782901][ T6586] EXT4-fs warning (device loop5): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  241.800111][ T6586] EXT4-fs warning (device loop5): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  241.806180][T10892] netlink: 'syz.9.1993': attribute type 1 has an invalid length.
[  241.819115][ T6586] EXT4-fs warning (device loop5): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  241.845202][   T29] kauditd_printk_skb: 193 callbacks suppressed
[  241.845214][   T29] audit: type=1326 audit(1752127146.585:2984): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10894 comm="syz.9.1994" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f47bbb3e929 code=0x0
[  241.845760][ T6586] EXT4-fs warning (device loop5): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  241.891240][ T6586] EXT4-fs warning (device loop5): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  241.906433][ T6586] EXT4-fs warning (device loop5): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  241.942970][T10840] bridge0: port 1(bridge_slave_0) entered blocking state
[  241.950119][T10840] bridge0: port 1(bridge_slave_0) entered disabled state
[  241.981640][T10840] bridge_slave_0: entered allmulticast mode
[  241.997712][T10840] bridge_slave_0: entered promiscuous mode
[  242.020331][T10840] bridge0: port 2(bridge_slave_1) entered blocking state
[  242.027440][T10840] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.036367][T10840] bridge_slave_1: entered allmulticast mode
[  242.042958][T10840] bridge_slave_1: entered promiscuous mode
[  242.058215][T10887] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.078702][T10840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  242.100479][  T578] bridge_slave_1: left allmulticast mode
[  242.106237][  T578] bridge_slave_1: left promiscuous mode
[  242.112163][  T578] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.119859][  T578] bridge_slave_0: left allmulticast mode
[  242.125648][  T578] bridge_slave_0: left promiscuous mode
[  242.131303][  T578] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.193836][  T578] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  242.203039][  T578] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  242.211994][  T578] bond0 (unregistering): Released all slaves
[  242.220040][  T578] bond1 (unregistering): Released all slaves
[  242.229256][T10840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  242.259252][T10840] team0: Port device team_slave_0 added
[  242.266931][T10840] team0: Port device team_slave_1 added
[  242.292271][  T578] hsr_slave_0: left promiscuous mode
[  242.298309][  T578] hsr_slave_1: left promiscuous mode
[  242.303931][  T578] batman_adv: batadv0: Removing interface: batadv_slave_0
[  242.311409][  T578] batman_adv: batadv0: Removing interface: batadv_slave_1
[  242.399857][T10840] batman_adv: batadv0: Adding interface: batadv_slave_0
[  242.406904][T10840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  242.432903][T10840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  242.444345][T10840] batman_adv: batadv0: Adding interface: batadv_slave_1
[  242.451355][T10840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  242.477352][T10840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  242.497298][   T29] audit: type=1326 audit(1752127147.235:2985): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10939 comm="syz.8.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1ff90e929 code=0x7ffc0000
[  242.520953][   T29] audit: type=1326 audit(1752127147.235:2986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10939 comm="syz.8.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1ff90e929 code=0x7ffc0000
[  242.544515][   T29] audit: type=1326 audit(1752127147.235:2987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10939 comm="syz.8.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7ff1ff90e929 code=0x7ffc0000
[  242.567894][   T29] audit: type=1326 audit(1752127147.235:2988): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10939 comm="syz.8.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1ff90e929 code=0x7ffc0000
[  242.591428][   T29] audit: type=1326 audit(1752127147.235:2989): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10939 comm="syz.8.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7ff1ff90e929 code=0x7ffc0000
[  242.623178][T10840] hsr_slave_0: entered promiscuous mode
[  242.629148][T10840] hsr_slave_1: entered promiscuous mode
[  242.635301][T10840] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  242.643044][T10840] Cannot create hsr debugfs directory
[  242.698401][   T29] audit: type=1400 audit(1752127147.435:2990): avc:  denied  { create } for  pid=10948 comm="syz.9.1998" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  242.759892][   T29] audit: type=1400 audit(1752127147.465:2991): avc:  denied  { getopt } for  pid=10948 comm="syz.9.1998" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  242.807532][T10961] loop9: detected capacity change from 0 to 1024
[  242.821389][T10961] EXT4-fs (loop9): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  242.832353][T10961] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  242.843839][T10961] JBD2: no valid journal superblock found
[  242.849651][T10961] EXT4-fs (loop9): Could not load journal inode
[  242.885394][T10970] loop9: detected capacity change from 0 to 512
[  242.889278][T10916] chnl_net:caif_netlink_parms(): no params data found
[  242.898824][T10970] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[  242.907894][T10970] EXT4-fs error (device loop9): ext4_get_journal_inode:5796: comm syz.9.2001: inode #1661: comm syz.9.2001: iget: illegal inode #
[  242.926680][T10970] EXT4-fs (loop9): no journal found
[  242.931915][T10970] EXT4-fs (loop9): can't get journal size
[  242.949332][T10970] EXT4-fs (loop9): warning: mounting fs with errors, running e2fsck is recommended
[  242.959133][T10970] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8056c118, mo2=0002]
[  242.968656][T10970] EXT4-fs (loop9): Errors on filesystem, clearing orphan list.
[  242.976911][T10970] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  242.991229][T10916] bridge0: port 1(bridge_slave_0) entered blocking state
[  242.998351][T10916] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.005724][T10916] bridge_slave_0: entered allmulticast mode
[  243.012266][T10916] bridge_slave_0: entered promiscuous mode
[  243.019061][T10916] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.026215][T10916] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.033680][T10916] bridge_slave_1: entered allmulticast mode
[  243.040137][T10916] bridge_slave_1: entered promiscuous mode
[  243.065788][ T6827] EXT4-fs error (device loop9): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  243.067236][T10916] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  243.099032][T10916] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  243.099173][ T6827] EXT4-fs error (device loop9): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: inode out of bounds - offset=20, inode=196622, rec_len=40, size=60 fake=0
[  243.129050][ T6827] EXT4-fs warning (device loop9): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  243.146154][ T6827] EXT4-fs error (device loop9): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  243.167388][ T6827] EXT4-fs error (device loop9): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: inode out of bounds - offset=20, inode=196622, rec_len=40, size=60 fake=0
[  243.168638][T10916] team0: Port device team_slave_0 added
[  243.186464][ T6827] EXT4-fs warning (device loop9): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  243.198478][T10916] team0: Port device team_slave_1 added
[  243.216560][ T6827] EXT4-fs error (device loop9): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  243.245732][ T6827] EXT4-fs error (device loop9): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: inode out of bounds - offset=20, inode=196622, rec_len=40, size=60 fake=0
[  243.266557][  T578] netdevsim netdevsim5 netdevsim1 (unregistering): left allmulticast mode
[  243.272438][ T6827] EXT4-fs warning (device loop9): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  243.282065][  T578] netdevsim netdevsim5 netdevsim1 (unregistering): left promiscuous mode
[  243.292227][ T6827] EXT4-fs error (device loop9): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  243.297872][  T578] bridge0: port 3(netdevsim1) entered disabled state
[  243.319816][ T6827] EXT4-fs error (device loop9): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: inode out of bounds - offset=20, inode=196622, rec_len=40, size=60 fake=0
[  243.345415][   T29] audit: type=1326 audit(1752127148.085:2992): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10939 comm="syz.8.1997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1ff90e929 code=0x7ffc0000
[  243.345637][T10916] batman_adv: batadv0: Adding interface: batadv_slave_0
[  243.375944][ T6827] EXT4-fs warning (device loop9): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  243.376059][ T6827] EXT4-fs error (device loop9): ext4_inlinedir_to_tree:1340: inode #12: block 7: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=60, inode=196622, rec_len=40, size=60 fake=0
[  243.390281][T10916] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.390337][T10916] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  243.413964][ T6827] EXT4-fs error (device loop9): empty_inline_dir:1786: inode #12: block 7: comm syz-executor: bad entry in directory: inode out of bounds - offset=20, inode=196622, rec_len=40, size=60 fake=0
[  243.445965][T10916] batman_adv: batadv0: Adding interface: batadv_slave_1
[  243.473172][T10916] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  243.499209][T10916] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  243.513881][ T6827] EXT4-fs warning (device loop9): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  243.537076][ T6827] EXT4-fs warning (device loop9): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  243.561053][ T6827] EXT4-fs warning (device loop9): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  243.578515][T11003] netlink: 'syz.8.2003': attribute type 1 has an invalid length.
[  243.582111][ T6827] EXT4-fs warning (device loop9): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  243.608501][ T6827] EXT4-fs warning (device loop9): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  243.626222][T10916] hsr_slave_0: entered promiscuous mode
[  243.627951][ T6827] EXT4-fs warning (device loop9): empty_inline_dir:1793: bad inline directory (dir #12) - inode 196622, rec_len 40, name_len 5inline size 60
[  243.652558][T10916] hsr_slave_1: entered promiscuous mode
[  243.658509][T10916] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  243.689028][T10916] Cannot create hsr debugfs directory
[  243.694696][  T578] bridge_slave_1: left allmulticast mode
[  243.700332][  T578] bridge_slave_1: left promiscuous mode
[  243.706040][  T578] bridge0: port 2(bridge_slave_1) entered disabled state
[  243.707568][T11008] loop8: detected capacity change from 0 to 512
[  243.721897][T11008] EXT4-fs (loop8): external journal device major/minor numbers have changed
[  243.731222][  T578] bridge_slave_0: left allmulticast mode
[  243.736917][  T578] bridge_slave_0: left promiscuous mode
[  243.742577][  T578] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.765422][T11008] EXT4-fs (loop8): failed to open journal device unknown-block(11,131) -6
[  243.781076][T11008] netlink: 'syz.8.2004': attribute type 3 has an invalid length.
[  243.790649][   T29] audit: type=1400 audit(1752127148.525:2993): avc:  denied  { create } for  pid=11007 comm="syz.8.2004" anonclass=[io_uring] scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  243.844399][  T578]  (unregistering): (slave bond_slave_0): Releasing backup interface
[  243.853383][  T578]  (unregistering): (slave bond_slave_1): Releasing backup interface
[  243.861867][  T578]  (unregistering): Released all slaves
[  243.927516][  T578] hsr_slave_0: left promiscuous mode
[  243.934059][  T578] hsr_slave_1: left promiscuous mode
[  243.939791][  T578] batman_adv: batadv0: Removing interface: batadv_slave_0
[  243.947530][  T578] batman_adv: batadv0: Removing interface: batadv_slave_1
[  243.977398][T10983] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.180462][T11046] chnl_net:caif_netlink_parms(): no params data found
[  244.222302][T11046] bridge0: port 1(bridge_slave_0) entered blocking state
[  244.229381][T11046] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.237926][T11046] bridge_slave_0: entered allmulticast mode
[  244.244683][T11046] bridge_slave_0: entered promiscuous mode
[  244.251569][T11046] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.258743][T11046] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.267249][T11046] bridge_slave_1: entered allmulticast mode
[  244.273765][T11046] bridge_slave_1: entered promiscuous mode
[  244.293071][T11046] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  244.304915][T11046] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  244.326534][T11046] team0: Port device team_slave_0 added
[  244.333418][T11046] team0: Port device team_slave_1 added
[  244.349301][T11046] batman_adv: batadv0: Adding interface: batadv_slave_0
[  244.356358][T11046] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  244.382360][T11046] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  244.393860][T11046] batman_adv: batadv0: Adding interface: batadv_slave_1
[  244.400804][T11046] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  244.426777][T11046] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  244.459184][T11046] hsr_slave_0: entered promiscuous mode
[  244.465431][T11046] hsr_slave_1: entered promiscuous mode
[  244.471524][T11046] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  244.479123][T11046] Cannot create hsr debugfs directory
[  244.602949][  T578] netdevsim netdevsim9 netdevsim1 (unregistering): left allmulticast mode
[  244.611622][  T578] netdevsim netdevsim9 netdevsim1 (unregistering): left promiscuous mode
[  244.620244][  T578] bridge0: port 3(netdevsim1) entered disabled state
[  244.672651][T11128] loop8: detected capacity change from 0 to 1024
[  244.679535][T11128] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  244.690490][T11128] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  244.710762][T11128] JBD2: no valid journal superblock found
[  244.716628][T11128] EXT4-fs (loop8): Could not load journal inode
[  244.785968][  T578] bridge_slave_1: left allmulticast mode
[  244.791765][  T578] bridge_slave_1: left promiscuous mode
[  244.797673][  T578] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.805485][  T578] bridge_slave_0: left allmulticast mode
[  244.811141][  T578] bridge_slave_0: left promiscuous mode
[  244.816935][  T578] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.864702][  T578]  (unregistering): (slave bond_slave_0): Releasing backup interface
[  244.873640][  T578]  (unregistering): (slave bond_slave_1): Releasing backup interface
[  244.882255][  T578]  (unregistering): Released all slaves
[  244.915246][  T578] hsr_slave_0: left promiscuous mode
[  244.921005][  T578] hsr_slave_1: left promiscuous mode
[  244.926682][  T578] batman_adv: batadv0: Removing interface: batadv_slave_0
[  244.934142][  T578] batman_adv: batadv0: Removing interface: batadv_slave_1
[  246.001404][T10784] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  246.019331][T10784] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  246.028913][T10784] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  246.038820][T10784] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  246.080220][T10784] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.100996][T10784] 8021q: adding VLAN 0 to HW filter on device team0
[  246.110681][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.117835][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.131263][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.138354][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.156554][T10784] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  246.166988][T10784] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  246.240261][T10784] 8021q: adding VLAN 0 to HW filter on device batadv0
[  246.254917][T10840] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  246.264158][T10840] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  246.282208][T10840] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  246.292211][T10840] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  246.363910][T10840] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.379768][T10840] 8021q: adding VLAN 0 to HW filter on device team0
[  246.398150][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.405294][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.415194][   T56] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.422283][   T56] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.437513][T10840] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  246.447926][T10840] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  246.484552][T10784] veth0_vlan: entered promiscuous mode
[  246.494482][T10784] veth1_vlan: entered promiscuous mode
[  246.525464][T10784] veth0_macvtap: entered promiscuous mode
[  246.534990][T10784] veth1_macvtap: entered promiscuous mode
[  246.544320][T10840] 8021q: adding VLAN 0 to HW filter on device batadv0
[  246.557203][T10916] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  246.566252][T10916] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  246.575682][T10916] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  246.584839][T10916] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  246.603918][T10784] batman_adv: batadv0: Interface activated: batadv_slave_0
[  246.617567][T10784] batman_adv: batadv0: Interface activated: batadv_slave_1
[  246.631081][T10784] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  246.640015][T10784] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  246.648791][T10784] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  246.657611][T10784] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  246.741689][T10840] veth0_vlan: entered promiscuous mode
[  246.743079][T11416] loop8: detected capacity change from 0 to 1024
[  246.759364][T10916] 8021q: adding VLAN 0 to HW filter on device bond0
[  246.770286][T11416] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  246.773452][T10840] veth1_vlan: entered promiscuous mode
[  246.781204][T11416] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  246.803445][T10916] 8021q: adding VLAN 0 to HW filter on device team0
[  246.810631][T11416] JBD2: no valid journal superblock found
[  246.816528][T11416] EXT4-fs (loop8): Could not load journal inode
[  246.843576][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.850681][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  246.865906][T10840] veth0_macvtap: entered promiscuous mode
[  246.879901][  T578] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.887011][  T578] bridge0: port 2(bridge_slave_1) entered forwarding state
[  246.899735][T10840] veth1_macvtap: entered promiscuous mode
[  246.913080][T11423] loop8: detected capacity change from 0 to 512
[  246.931226][T11046] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  246.943422][T10840] batman_adv: batadv0: Interface activated: batadv_slave_0
[  246.960971][T11046] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  246.984198][T10840] batman_adv: batadv0: Interface activated: batadv_slave_1
[  246.995140][T11046] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  247.002700][T11431] netlink: 'syz.8.2012': attribute type 1 has an invalid length.
[  247.012974][T11046] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  247.026387][T10840] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  247.035168][T10840] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  247.043954][T10840] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  247.052784][T10840] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  247.082155][   T29] kauditd_printk_skb: 14 callbacks suppressed
[  247.082170][   T29] audit: type=1400 audit(1752127151.825:3008): avc:  denied  { read append } for  pid=11442 comm="syz.8.2014" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  247.113181][   T29] audit: type=1400 audit(1752127151.825:3009): avc:  denied  { open } for  pid=11442 comm="syz.8.2014" path="/dev/loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  247.140870][   T29] audit: type=1400 audit(1752127151.825:3010): avc:  denied  { ioctl } for  pid=11442 comm="syz.8.2014" path="/dev/loop-control" dev="devtmpfs" ino=99 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  247.167119][   T29] audit: type=1400 audit(1752127151.855:3011): avc:  denied  { read write } for  pid=11442 comm="syz.8.2014" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  247.175906][T11046] 8021q: adding VLAN 0 to HW filter on device bond0
[  247.190641][   T29] audit: type=1400 audit(1752127151.855:3012): avc:  denied  { open } for  pid=11442 comm="syz.8.2014" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  247.202503][T11046] 8021q: adding VLAN 0 to HW filter on device team0
[  247.227285][   T29] audit: type=1400 audit(1752127151.885:3013): avc:  denied  { create } for  pid=11442 comm="syz.8.2014" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  247.246795][   T29] audit: type=1400 audit(1752127151.885:3014): avc:  denied  { write } for  pid=11442 comm="syz.8.2014" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  247.270496][   T29] audit: type=1400 audit(1752127151.885:3015): avc:  denied  { open } for  pid=11442 comm="syz.8.2014" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  247.310223][T10916] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.320015][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.327132][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  247.374849][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.381964][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  247.418373][T11472] loop2: detected capacity change from 0 to 512
[  247.475706][T11472] ext4: Unknown parameter 'mask'
[  247.518991][T11046] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.522967][T11472] __nla_validate_parse: 4 callbacks suppressed
[  247.522981][T11472] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1982'.
[  247.561419][T11472] team0 (unregistering): Port device team_slave_0 removed
[  247.570599][T11472] team0 (unregistering): Port device team_slave_1 removed
[  247.597749][T10916] veth0_vlan: entered promiscuous mode
[  247.613367][T10916] veth1_vlan: entered promiscuous mode
[  247.640116][   T29] audit: type=1326 audit(1752127152.365:3016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11419 comm="syz.4.2010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f209d44e929 code=0x7ffc0000
[  247.645294][T10916] veth0_macvtap: entered promiscuous mode
[  247.691289][   T29] audit: type=1326 audit(1752127152.415:3017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11507 comm="syz.4.2018" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f209d44e929 code=0x7ffc0000
[  247.762892][T10916] veth1_macvtap: entered promiscuous mode
[  247.776327][T10916] batman_adv: batadv0: Interface activated: batadv_slave_0
[  247.786229][T10916] batman_adv: batadv0: Interface activated: batadv_slave_1
[  247.798146][T10916] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  247.807011][T10916] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  247.816025][T10916] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  247.824809][T10916] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  247.850610][T11518] netlink: 'syz.4.2018': attribute type 10 has an invalid length.
[  247.858678][T11518] lo: entered promiscuous mode
[  247.865146][T11518] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  247.887494][T11046] veth0_vlan: entered promiscuous mode
[  247.902796][T11046] veth1_vlan: entered promiscuous mode
[  247.920925][T11046] veth0_macvtap: entered promiscuous mode
[  247.936520][T11046] veth1_macvtap: entered promiscuous mode
[  247.954464][T11046] batman_adv: batadv0: Interface activated: batadv_slave_0
[  247.966469][T11046] batman_adv: batadv0: Interface activated: batadv_slave_1
[  247.988456][T11046] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  247.997280][T11046] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  248.006105][T11046] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  248.014879][T11046] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  248.047407][T11544] loop3: detected capacity change from 0 to 1024
[  248.065728][T11544] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  248.210736][T11572] netlink: 'syz.0.2022': attribute type 1 has an invalid length.
[  248.309205][T11589] netlink: 136 bytes leftover after parsing attributes in process `syz.8.2025'.
[  248.318360][T11589] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[  248.405749][T11590] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  248.595209][T11635] loop4: detected capacity change from 0 to 512
[  248.607569][T11635] EXT4-fs: Ignoring removed oldalloc option
[  248.626953][T11635] EXT4-fs error (device loop4): ext4_iget_extra_inode:5035: inode #15: comm syz.4.2029: corrupted in-inode xattr: e_value size too large
[  248.641798][T11635] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.2029: couldn't read orphan inode 15 (err -117)
[  248.657097][T11635] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  248.684915][T10784] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.759781][T11653] loop4: detected capacity change from 0 to 8192
[  248.776607][T11663] loop2: detected capacity change from 0 to 1024
[  248.794359][T11663] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  248.805405][T11663] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  248.871459][T11663] JBD2: no valid journal superblock found
[  248.877284][T11663] EXT4-fs (loop2): Could not load journal inode
[  248.925931][T11677] FAULT_INJECTION: forcing a failure.
[  248.925931][T11677] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  248.939188][T11677] CPU: 0 UID: 0 PID: 11677 Comm: syz.2.2033 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(voluntary) 
[  248.939216][T11677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  248.939228][T11677] Call Trace:
[  248.939235][T11677]  <TASK>
[  248.939242][T11677]  __dump_stack+0x1d/0x30
[  248.939301][T11677]  dump_stack_lvl+0xe8/0x140
[  248.939317][T11677]  dump_stack+0x15/0x1b
[  248.939377][T11677]  should_fail_ex+0x265/0x280
[  248.939404][T11677]  should_fail+0xb/0x20
[  248.939425][T11677]  should_fail_usercopy+0x1a/0x20
[  248.939522][T11677]  _copy_to_user+0x20/0xa0
[  248.939540][T11677]  simple_read_from_buffer+0xb5/0x130
[  248.939567][T11677]  proc_fail_nth_read+0x100/0x140
[  248.939600][T11677]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  248.939679][T11677]  vfs_read+0x1a0/0x6f0
[  248.939703][T11677]  ? __rcu_read_unlock+0x4f/0x70
[  248.939722][T11677]  ? __fget_files+0x184/0x1c0
[  248.939739][T11677]  ? __sys_bind+0x223/0x2a0
[  248.939844][T11677]  ksys_read+0xda/0x1a0
[  248.939911][T11677]  __x64_sys_read+0x40/0x50
[  248.939940][T11677]  x64_sys_call+0x2d77/0x2fb0
[  248.940022][T11677]  do_syscall_64+0xd2/0x200
[  248.940101][T11677]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  248.940123][T11677]  ? clear_bhb_loop+0x40/0x90
[  248.940141][T11677]  ? clear_bhb_loop+0x40/0x90
[  248.940167][T11677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.940185][T11677] RIP: 0033:0x7fda658ad33c
[  248.940199][T11677] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  248.940215][T11677] RSP: 002b:00007fda63f17030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  248.940263][T11677] RAX: ffffffffffffffda RBX: 00007fda65ad5fa0 RCX: 00007fda658ad33c
[  248.940276][T11677] RDX: 000000000000000f RSI: 00007fda63f170a0 RDI: 0000000000000004
[  248.940356][T11677] RBP: 00007fda63f17090 R08: 0000000000000000 R09: 0000000000000000
[  248.940368][T11677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  248.940378][T11677] R13: 0000000000000000 R14: 00007fda65ad5fa0 R15: 00007ffdde088d38
[  248.940398][T11677]  </TASK>
[  249.203692][T11681] netlink: 'syz.3.2034': attribute type 1 has an invalid length.
[  249.252734][T11685] loop2: detected capacity change from 0 to 1024
[  249.272918][T11685] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  249.531564][T11727] loop8: detected capacity change from 0 to 512
[  249.543612][T11727] ext4: Unknown parameter 'mask'
[  249.601405][T11732] loop2: detected capacity change from 0 to 1024
[  249.610051][T11732] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  249.621356][T11736] netlink: 'syz.0.2039': attribute type 10 has an invalid length.
[  249.629358][T11735] loop4: detected capacity change from 0 to 1024
[  249.629464][T11736] lo: entered promiscuous mode
[  249.642079][T11736] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  249.662831][T11727] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2043'.
[  249.681025][T11735] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  249.691995][T11735] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  249.708979][T11735] JBD2: no valid journal superblock found
[  249.714787][T11735] EXT4-fs (loop4): Could not load journal inode
[  249.764052][T11748] loop8: detected capacity change from 0 to 1024
[  249.826382][T11748] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  249.842185][T11748] ext4 filesystem being mounted at /227/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  249.845729][T11756] netlink: 'syz.4.2047': attribute type 1 has an invalid length.
[  249.886094][T11763] netlink: 'syz.2.2048': attribute type 1 has an invalid length.
[  249.893384][T11767] loop4: detected capacity change from 0 to 1024
[  249.914872][T11767] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  249.934326][ T6730] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  249.952499][T11767] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  249.998279][T11767] FAULT_INJECTION: forcing a failure.
[  249.998279][T11767] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  250.011400][T11767] CPU: 0 UID: 0 PID: 11767 Comm: syz.4.2049 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(voluntary) 
[  250.011495][T11767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  250.011515][T11767] Call Trace:
[  250.011569][T11767]  <TASK>
[  250.011577][T11767]  __dump_stack+0x1d/0x30
[  250.011599][T11767]  dump_stack_lvl+0xe8/0x140
[  250.011697][T11767]  dump_stack+0x15/0x1b
[  250.011715][T11767]  should_fail_ex+0x265/0x280
[  250.011744][T11767]  should_fail+0xb/0x20
[  250.011770][T11767]  should_fail_usercopy+0x1a/0x20
[  250.011858][T11767]  _copy_from_user+0x1c/0xb0
[  250.011879][T11767]  autofs_dev_ioctl+0xdd/0x6a0
[  250.011905][T11767]  ? __pfx_autofs_dev_ioctl+0x10/0x10
[  250.011928][T11767]  __se_sys_ioctl+0xce/0x140
[  250.012013][T11767]  __x64_sys_ioctl+0x43/0x50
[  250.012036][T11767]  x64_sys_call+0x19a8/0x2fb0
[  250.012114][T11767]  do_syscall_64+0xd2/0x200
[  250.012147][T11767]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  250.012197][T11767]  ? clear_bhb_loop+0x40/0x90
[  250.012216][T11767]  ? clear_bhb_loop+0x40/0x90
[  250.012254][T11767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.012272][T11767] RIP: 0033:0x7f209d44e929
[  250.012288][T11767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.012306][T11767] RSP: 002b:00007f209bab7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  250.012328][T11767] RAX: ffffffffffffffda RBX: 00007f209d675fa0 RCX: 00007f209d44e929
[  250.012341][T11767] RDX: 0000200000000240 RSI: 00000000c0189374 RDI: 0000000000000004
[  250.012354][T11767] RBP: 00007f209bab7090 R08: 0000000000000000 R09: 0000000000000000
[  250.012366][T11767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  250.012379][T11767] R13: 0000000000000000 R14: 00007f209d675fa0 R15: 00007ffd9dd7a8c8
[  250.012398][T11767]  </TASK>
[  250.239619][T11785] loop8: detected capacity change from 0 to 1024
[  250.262459][T11785] EXT4-fs (loop8): couldn't mount as ext2 due to feature incompatibilities
[  250.273887][T10784] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.319131][T11789] loop4: detected capacity change from 0 to 1024
[  250.354413][T11789] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  250.368242][T11789] ext4 filesystem being mounted at /12/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  250.481779][T10784] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.496689][T11807] netlink: 'syz.8.2053': attribute type 3 has an invalid length.
[  250.504625][T11807] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2053'.
[  250.545946][T11791] team0 (unregistering): Port device team_slave_0 removed
[  250.557355][T11811] FAULT_INJECTION: forcing a failure.
[  250.557355][T11811] name failslab, interval 1, probability 0, space 0, times 0
[  250.558372][T11791] team0 (unregistering): Port device team_slave_1 removed
[  250.570046][T11811] CPU: 1 UID: 0 PID: 11811 Comm: syz.4.2054 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(voluntary) 
[  250.570118][T11811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  250.570131][T11811] Call Trace:
[  250.570138][T11811]  <TASK>
[  250.570147][T11811]  __dump_stack+0x1d/0x30
[  250.570168][T11811]  dump_stack_lvl+0xe8/0x140
[  250.570254][T11811]  dump_stack+0x15/0x1b
[  250.570271][T11811]  should_fail_ex+0x265/0x280
[  250.570325][T11811]  should_failslab+0x8c/0xb0
[  250.570346][T11811]  kmem_cache_alloc_noprof+0x50/0x310
[  250.570402][T11811]  ? skb_clone+0x151/0x1f0
[  250.570433][T11811]  skb_clone+0x151/0x1f0
[  250.570468][T11811]  __netlink_deliver_tap+0x2c9/0x500
[  250.570563][T11811]  netlink_unicast+0x64c/0x670
[  250.570592][T11811]  netlink_sendmsg+0x58b/0x6b0
[  250.570620][T11811]  ? __pfx_netlink_sendmsg+0x10/0x10
[  250.570652][T11811]  __sock_sendmsg+0x142/0x180
[  250.570675][T11811]  ____sys_sendmsg+0x31e/0x4e0
[  250.570714][T11811]  ___sys_sendmsg+0x17b/0x1d0
[  250.570778][T11811]  __x64_sys_sendmsg+0xd4/0x160
[  250.570812][T11811]  x64_sys_call+0x2999/0x2fb0
[  250.570833][T11811]  do_syscall_64+0xd2/0x200
[  250.570864][T11811]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  250.570967][T11811]  ? clear_bhb_loop+0x40/0x90
[  250.570991][T11811]  ? clear_bhb_loop+0x40/0x90
[  250.571012][T11811]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.571032][T11811] RIP: 0033:0x7f209d44e929
[  250.571048][T11811] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.571065][T11811] RSP: 002b:00007f209bab7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  250.571084][T11811] RAX: ffffffffffffffda RBX: 00007f209d675fa0 RCX: 00007f209d44e929
[  250.571122][T11811] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000005
[  250.571135][T11811] RBP: 00007f209bab7090 R08: 0000000000000000 R09: 0000000000000000
[  250.571210][T11811] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  250.571222][T11811] R13: 0000000000000000 R14: 00007f209d675fa0 R15: 00007ffd9dd7a8c8
[  250.571239][T11811]  </TASK>
[  250.902575][T11831] loop3: detected capacity change from 0 to 512
[  250.908943][T11827] tipc: Started in network mode
[  250.913870][T11827] tipc: Node identity ac14140f, cluster identity 4711
[  250.928682][T11831] ext4: Unknown parameter 'mask'
[  250.934360][T11827] tipc: New replicast peer: 255.255.255.83
[  250.936058][T11831] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2058'.
[  250.940231][T11827] tipc: Enabled bearer <udp:£>, priority 10
[  251.019627][T11840] loop8: detected capacity change from 0 to 1024
[  251.020019][T11845] netlink: 'syz.4.2062': attribute type 1 has an invalid length.
[  251.038842][T11831] team0 (unregistering): Port device team_slave_0 removed
[  251.047424][T11840] EXT4-fs (loop8): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  251.058576][T11840] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  251.075348][T11831] team0 (unregistering): Port device team_slave_1 removed
[  251.084043][T11840] JBD2: no valid journal superblock found
[  251.089859][T11840] EXT4-fs (loop8): Could not load journal inode
[  251.202961][T11866] loop4: detected capacity change from 0 to 1024
[  251.223087][T11866] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  251.334289][T11868] netlink: 'syz.8.2065': attribute type 10 has an invalid length.
[  251.342407][T11868] lo: entered promiscuous mode
[  251.348751][T11868] : (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  251.400328][T11890] loop3: detected capacity change from 0 to 1024
[  251.428378][T11890] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  251.440850][T11890] ext4 filesystem being mounted at /7/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  251.531580][T10916] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.568303][T11906] netlink: 'syz.3.2070': attribute type 39 has an invalid length.
[  251.668059][T11924] FAULT_INJECTION: forcing a failure.
[  251.668059][T11924] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  251.681227][T11924] CPU: 0 UID: 0 PID: 11924 Comm: syz.3.2071 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(voluntary) 
[  251.681255][T11924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  251.681267][T11924] Call Trace:
[  251.681273][T11924]  <TASK>
[  251.681308][T11924]  __dump_stack+0x1d/0x30
[  251.681335][T11924]  dump_stack_lvl+0xe8/0x140
[  251.681353][T11924]  dump_stack+0x15/0x1b
[  251.681396][T11924]  should_fail_ex+0x265/0x280
[  251.681426][T11924]  should_fail+0xb/0x20
[  251.681450][T11924]  should_fail_usercopy+0x1a/0x20
[  251.681522][T11924]  strncpy_from_user+0x25/0x230
[  251.681580][T11924]  ? kmem_cache_alloc_noprof+0x186/0x310
[  251.681606][T11924]  ? getname_flags+0x80/0x3b0
[  251.681631][T11924]  getname_flags+0xae/0x3b0
[  251.681653][T11924]  user_path_at+0x28/0x130
[  251.681796][T11924]  __se_sys_pivot_root+0xbc/0x720
[  251.681814][T11924]  ? fput+0x8f/0xc0
[  251.681838][T11924]  __x64_sys_pivot_root+0x31/0x40
[  251.681858][T11924]  x64_sys_call+0x2aac/0x2fb0
[  251.681947][T11924]  do_syscall_64+0xd2/0x200
[  251.681976][T11924]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  251.682033][T11924]  ? clear_bhb_loop+0x40/0x90
[  251.682064][T11924]  ? clear_bhb_loop+0x40/0x90
[  251.682082][T11924]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.682100][T11924] RIP: 0033:0x7f210268e929
[  251.682114][T11924] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.682131][T11924] RSP: 002b:00007f2100cf7038 EFLAGS: 00000246 ORIG_RAX: 000000000000009b
[  251.682150][T11924] RAX: ffffffffffffffda RBX: 00007f21028b5fa0 RCX: 00007f210268e929
[  251.682237][T11924] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000200000000500
[  251.682249][T11924] RBP: 00007f2100cf7090 R08: 0000000000000000 R09: 0000000000000000
[  251.682261][T11924] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  251.682273][T11924] R13: 0000000000000000 R14: 00007f21028b5fa0 R15: 00007fffed032358
[  251.682292][T11924]  </TASK>
[  251.932051][ T3538] tipc: Node number set to 2886997007
[  251.952293][T11937] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2074'.
[  251.967786][T11937] loop3: detected capacity change from 0 to 512
[  251.978439][T11937] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  251.991580][T11937] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  252.021397][T11937] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  252.046894][T11947] loop2: detected capacity change from 0 to 512
[  252.056923][T11937] EXT4-fs (loop3): 1 truncate cleaned up
[  252.065651][T11937] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  252.080502][T11952] netlink: 'syz.8.2075': attribute type 1 has an invalid length.
[  252.092018][T11947] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  252.108984][T11947] ext4 filesystem being mounted at /11/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  252.123396][T10916] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.132695][   T29] kauditd_printk_skb: 227 callbacks suppressed
[  252.132753][   T29] audit: type=1326 audit(1752127156.865:3245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11932 comm="syz.2.2073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda658ae929 code=0x7ffc0000
[  252.162515][   T29] audit: type=1326 audit(1752127156.865:3246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11932 comm="syz.2.2073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fda658ae929 code=0x7ffc0000
[  252.186090][   T29] audit: type=1400 audit(1752127156.865:3247): avc:  denied  { add_name } for  pid=11932 comm="syz.2.2073" name="memory.events" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  252.207669][   T29] audit: type=1400 audit(1752127156.865:3248): avc:  denied  { create } for  pid=11932 comm="syz.2.2073" name="memory.events" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  252.248872][   T29] audit: type=1400 audit(1752127156.875:3249): avc:  denied  { read open } for  pid=11932 comm="syz.2.2073" path="/11/bus/memory.events" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  252.272632][   T29] audit: type=1326 audit(1752127156.875:3250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11932 comm="syz.2.2073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda658ae929 code=0x7ffc0000
[  252.296484][   T29] audit: type=1326 audit(1752127156.875:3251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11932 comm="syz.2.2073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7fda658ae929 code=0x7ffc0000
[  252.320326][   T29] audit: type=1326 audit(1752127156.875:3252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11932 comm="syz.2.2073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda658ae929 code=0x7ffc0000
[  252.343856][   T29] audit: type=1326 audit(1752127156.875:3253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11932 comm="syz.2.2073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fda658ae929 code=0x7ffc0000
[  252.367730][   T29] audit: type=1326 audit(1752127156.875:3254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11932 comm="syz.2.2073" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda658ae929 code=0x7ffc0000
[  252.391505][T11962] loop3: detected capacity change from 0 to 512
[  252.400545][T11962] EXT4-fs (loop3): orphan cleanup on readonly fs
[  252.417112][T11962] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2076: bg 0: block 248: padding at end of block bitmap is not set
[  252.438472][T11962] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.2076: Failed to acquire dquot type 1
[  252.454034][T11962] EXT4-fs (loop3): 1 truncate cleaned up
[  252.460287][T11962] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  252.479487][T11962] netlink: 'syz.3.2076': attribute type 10 has an invalid length.
[  252.487724][T11962] geneve1: entered promiscuous mode
[  252.498162][T11962] bond0: (slave geneve1): Enslaving as an active interface with an up link
[  252.518753][T11962] syz.3.2076 (11962) used greatest stack depth: 9304 bytes left
[  252.527767][T10916] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.595107][T11997] loop8: detected capacity change from 0 to 1024
[  252.602475][T11997] EXT4-fs (loop8): couldn't mount as ext2 due to feature incompatibilities
[  252.626889][T12002] loop4: detected capacity change from 0 to 512
[  252.642554][T12002] ext4: Unknown parameter 'mask'
[  252.649614][T12002] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2080'.
[  252.664246][T11998] loop3: detected capacity change from 0 to 1024
[  252.683122][T11998] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  252.694125][T11998] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  252.720488][T11998] JBD2: no valid journal superblock found
[  252.726306][T11998] EXT4-fs (loop3): Could not load journal inode
[  252.791815][T10840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.083704][T12058] loop2: detected capacity change from 0 to 512
[  253.111321][T12058] ext4: Unknown parameter 'mask'
[  253.132219][T12058] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2093'.
[  253.222446][T12076] loop4: detected capacity change from 0 to 1024
[  253.232142][T12076] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  253.296193][T12079] loop8: detected capacity change from 0 to 128
[  253.308373][T12079] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  253.324532][T12079] ext4 filesystem being mounted at /237/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  253.336200][T12079] xt_CT: You must specify a L4 protocol and not use inversions on it
[  253.344806][T12080] lo: entered promiscuous mode
[  253.350939][T12080] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  253.498009][T12121] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2108'.
[  253.574333][T12137] loop4: detected capacity change from 0 to 512
[  253.596272][T12137] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  253.609978][T12137] ext4 filesystem being mounted at /28/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  253.657794][T12153] loop2: detected capacity change from 0 to 512
[  253.666341][T12153] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  253.683190][T12153] EXT4-fs (loop2): invalid journal inode
[  253.696299][T12153] EXT4-fs (loop2): can't get journal size
[  253.704270][T12153] EXT4-fs (loop2): 1 truncate cleaned up
[  253.710601][T12153] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.792447][T12173] FAULT_INJECTION: forcing a failure.
[  253.792447][T12173] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  253.805886][T12173] CPU: 0 UID: 0 PID: 12173 Comm: syz.0.2102 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(voluntary) 
[  253.805917][T12173] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  253.805931][T12173] Call Trace:
[  253.805937][T12173]  <TASK>
[  253.805945][T12173]  __dump_stack+0x1d/0x30
[  253.805967][T12173]  dump_stack_lvl+0xe8/0x140
[  253.805987][T12173]  dump_stack+0x15/0x1b
[  253.806082][T12173]  should_fail_ex+0x265/0x280
[  253.806112][T12173]  should_fail+0xb/0x20
[  253.806146][T12173]  should_fail_usercopy+0x1a/0x20
[  253.806180][T12173]  _copy_from_user+0x1c/0xb0
[  253.806261][T12173]  memdup_user+0x5e/0xd0
[  253.806338][T12173]  __se_sys_kexec_load+0x109/0x160
[  253.806368][T12173]  __x64_sys_kexec_load+0x55/0x70
[  253.806401][T12173]  x64_sys_call+0xa36/0x2fb0
[  253.806480][T12173]  do_syscall_64+0xd2/0x200
[  253.806507][T12173]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  253.806529][T12173]  ? clear_bhb_loop+0x40/0x90
[  253.806602][T12173]  ? clear_bhb_loop+0x40/0x90
[  253.806677][T12173]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.806699][T12173] RIP: 0033:0x7fb40b17e929
[  253.806747][T12173] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  253.806778][T12173] RSP: 002b:00007fb4097e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[  253.806797][T12173] RAX: ffffffffffffffda RBX: 00007fb40b3a5fa0 RCX: 00007fb40b17e929
[  253.806811][T12173] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  253.806854][T12173] RBP: 00007fb4097e7090 R08: 0000000000000000 R09: 0000000000000000
[  253.806864][T12173] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  253.806875][T12173] R13: 0000000000000000 R14: 00007fb40b3a5fa0 R15: 00007fff3eb46c58
[  253.806890][T12173]  </TASK>
[  254.010943][ T6730] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  254.011087][T10840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.138766][T12195] loop3: detected capacity change from 0 to 1024
[  254.151089][T12203] loop2: detected capacity change from 0 to 1024
[  254.167431][T12195] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.171131][T12203] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.199872][T12195] ext4 filesystem being mounted at /16/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  254.202173][T12203] ext4 filesystem being mounted at /20/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  254.280181][T10916] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.295518][T10840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.368353][T10784] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.379346][T12231] smc: net device bond0 applied user defined pnetid SYZ2
[  254.434361][T12235] loop3: detected capacity change from 0 to 1024
[  254.453605][T12235] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  254.498736][T12242] validate_nla: 6 callbacks suppressed
[  254.498751][T12242] netlink: 'syz.4.2119': attribute type 1 has an invalid length.
[  254.509650][T12231] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  254.534016][T12235] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.2118: Invalid block bitmap block 0 in block_group 0
[  254.561666][T12250] netlink: 'syz.0.2121': attribute type 1 has an invalid length.
[  254.575898][T12235] EXT4-fs (loop3): Remounting filesystem read-only
[  254.595354][T12235] EXT4-fs (loop3): 1 orphan inode deleted
[  254.608157][T12235] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  254.625513][T12231] batman_adv: batadv0: Removing interface: batadv_slave_1
[  254.634518][T10916] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.689700][T12271] netlink: 'syz.4.2123': attribute type 13 has an invalid length.
[  254.690752][T12270] netlink: 'syz.0.2132': attribute type 1 has an invalid length.
[  254.780051][T12288] netlink: 'syz.4.2127': attribute type 13 has an invalid length.
[  254.831472][T12293] syzkaller0: entered promiscuous mode
[  254.836997][T12293] syzkaller0: entered allmulticast mode
[  254.845611][T12299] loop3: detected capacity change from 0 to 512
[  254.867622][T12299] ext4 filesystem being mounted at /21/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  254.937322][T12311] loop8: detected capacity change from 0 to 1024
[  254.948554][T12308] syzkaller0: entered promiscuous mode
[  254.954097][T12308] syzkaller0: entered allmulticast mode
[  254.964845][T12316] loop4: detected capacity change from 0 to 512
[  255.000404][T12323] netlink: 'syz.2.2137': attribute type 1 has an invalid length.
[  255.006670][T12316] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  255.016700][T12316] EXT4-fs (loop4): invalid journal inode
[  255.022549][T12316] EXT4-fs (loop4): can't get journal size
[  255.024392][T12311] EXT4-fs (loop8): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  255.040311][T12316] EXT4-fs (loop4): 1 truncate cleaned up
[  255.046796][T12311] EXT4-fs error (device loop8): ext4_read_block_bitmap_nowait:483: comm syz.8.2134: Invalid block bitmap block 0 in block_group 0
[  255.067611][T12311] EXT4-fs (loop8): Remounting filesystem read-only
[  255.080629][T12311] EXT4-fs (loop8): 1 orphan inode deleted
[  255.248798][T12356] dvmrp1: entered allmulticast mode
[  255.258537][T12338] smc: net device bond0 erased user defined pnetid SYZ2
[  255.271239][T12360] loop8: detected capacity change from 0 to 1024
[  255.293303][T12360] ext4 filesystem being mounted at /241/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  255.361238][T12338] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  255.391806][T12380] netlink: 'syz.2.2150': attribute type 1 has an invalid length.
[  255.459307][T12338] batman_adv: batadv0: Removing interface: batadv_slave_1
[  255.522151][T12398] loop2: detected capacity change from 0 to 1024
[  255.544901][T12398] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  255.566762][T12398] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.2153: Invalid block bitmap block 0 in block_group 0
[  255.580607][T12398] EXT4-fs (loop2): Remounting filesystem read-only
[  255.587321][T12398] EXT4-fs (loop2): 1 orphan inode deleted
[  255.695548][T12426] loop4: detected capacity change from 0 to 1024
[  255.732195][T12433] loop3: detected capacity change from 0 to 512
[  255.741144][T12433] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  255.763880][T12433] EXT4-fs (loop3): invalid journal inode
[  255.771409][T12433] EXT4-fs (loop3): can't get journal size
[  255.778939][T12437] loop2: detected capacity change from 0 to 1024
[  255.790624][T12433] EXT4-fs (loop3): 1 truncate cleaned up
[  255.802399][T12426] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  255.842436][T12437] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  255.923972][T12454] netlink: 'syz.2.2162': attribute type 2 has an invalid length.
[  255.965377][T12461] netlink: 'syz.2.2163': attribute type 1 has an invalid length.
[  255.990645][T12464] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2157'.
[  256.010016][T12467] loop2: detected capacity change from 0 to 512
[  256.075016][T12464] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  256.082522][T12464] batman_adv: batadv0: Removing interface: batadv_slave_0
[  256.091301][T12464] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  256.098789][T12464] batman_adv: batadv0: Removing interface: batadv_slave_1
[  256.179961][T12485] loop4: detected capacity change from 0 to 1024
[  256.210973][T12485] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  256.228439][T12478] smc: net device bond0 applied user defined pnetid SYZ2
[  256.243302][T12478] smc: net device bond0 erased user defined pnetid SYZ2
[  256.259465][T12485] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.2169: Invalid block bitmap block 0 in block_group 0
[  256.280941][T12478] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  256.325674][T12485] EXT4-fs (loop4): Remounting filesystem read-only
[  256.334304][T12478] batman_adv: batadv0: Removing interface: batadv_slave_1
[  256.341669][T12498] loop8: detected capacity change from 0 to 1024
[  256.351254][T12485] EXT4-fs (loop4): 1 orphan inode deleted
[  256.361552][T12498] ext4 filesystem being mounted at /246/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  256.484545][T12516] netlink: 'syz.8.2175': attribute type 1 has an invalid length.
[  256.497330][T12517] loop2: detected capacity change from 0 to 1024
[  256.524176][T12517] ext4 filesystem being mounted at /39/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  256.626565][T12539] loop2: detected capacity change from 0 to 1024
[  256.630941][T12541] loop8: detected capacity change from 0 to 1024
[  256.644118][T12539] EXT4-fs mount: 22 callbacks suppressed
[  256.644133][T12539] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.669837][T12541] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.687719][T12539] ext4 filesystem being mounted at /41/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  256.710925][T12541] ext4 filesystem being mounted at /251/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  256.759849][ T6730] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.772609][T10840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.807046][T12569] loop8: detected capacity change from 0 to 1024
[  256.836269][T12569] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.849310][T12569] ext4 filesystem being mounted at /252/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  256.875136][ T6730] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.926219][T12583] loop8: detected capacity change from 0 to 1024
[  256.954222][T12583] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  256.987137][T12583] ext4 filesystem being mounted at /253/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.010596][T12597] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2181'.
[  257.028825][T12597] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  257.035165][ T6730] EXT4-fs error (device loop8): ext4_readdir:264: inode #2: block 16: comm syz-executor: path /253/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0
[  257.036334][T12597] batman_adv: batadv0: Removing interface: batadv_slave_0
[  257.058296][ T6730] EXT4-fs error (device loop8): ext4_ext_check_inode:523: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  257.092470][ T6730] EXT4-fs error (device loop8): ext4_ext_check_inode:523: inode #11: comm syz-executor: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  257.145218][   T29] kauditd_printk_skb: 723 callbacks suppressed
[  257.145247][   T29] audit: type=1400 audit(1752127161.885:3968): avc:  denied  { getattr } for  pid=12601 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf" dev="tmpfs" ino=482 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  257.178866][   T29] audit: type=1400 audit(1752127161.885:3969): avc:  denied  { getattr } for  pid=12601 comm="dhcpcd-run-hook" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=508 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  257.216238][   T29] audit: type=1400 audit(1752127161.955:3970): avc:  denied  { read } for  pid=12604 comm="syz.0.2185" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  257.239554][   T29] audit: type=1400 audit(1752127161.955:3971): avc:  denied  { open } for  pid=12604 comm="syz.0.2185" path="/dev/autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  257.335601][T12615] smc: net device bond0 applied user defined pnetid SYZ2
[  257.344637][T12615] smc: net device bond0 erased user defined pnetid SYZ2
[  257.354380][   T29] audit: type=1400 audit(1752127161.955:3972): avc:  denied  { read } for  pid=12603 comm="sed" name="eth0.dhcp" dev="tmpfs" ino=508 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  257.376428][   T29] audit: type=1400 audit(1752127161.955:3973): avc:  denied  { open } for  pid=12603 comm="sed" path="/run/dhcpcd/hook-state/resolv.conf/eth0.dhcp" dev="tmpfs" ino=508 scontext=system_u:system_r:dhcpc_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  257.401483][   T29] audit: type=1400 audit(1752127162.005:3974): avc:  denied  { prog_run } for  pid=12604 comm="syz.0.2185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  257.420629][   T29] audit: type=1400 audit(1752127162.005:3975): avc:  denied  { map_create } for  pid=12604 comm="syz.0.2185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  257.439994][   T29] audit: type=1400 audit(1752127162.005:3976): avc:  denied  { map_read map_write } for  pid=12604 comm="syz.0.2185" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  257.459971][   T29] audit: type=1400 audit(1752127162.025:3977): avc:  denied  { read write } for  pid=10784 comm="syz-executor" name="loop4" dev="devtmpfs" ino=104 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  257.523737][T12637] loop3: detected capacity change from 0 to 1024
[  257.533785][ T6730] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.552279][T12637] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.566677][T12637] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  257.577440][T12645] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  257.627030][T12645] batman_adv: batadv0: Removing interface: batadv_slave_1
[  257.654385][T12649] loop4: detected capacity change from 0 to 2048
[  257.689380][T12649] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  257.715624][T10916] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  257.792631][T12667] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2201'.
[  257.807308][T12649] bridge0: port 3(netdevsim1) entered blocking state
[  257.814118][T12649] bridge0: port 3(netdevsim1) entered disabled state
[  257.836116][T12649] netdevsim netdevsim4 netdevsim1: entered allmulticast mode
[  257.845164][T12674] Restarting kernel threads ...
[  257.845146][T12649] netdevsim netdevsim4 netdevsim1: entered promiscuous mode
[  257.858357][T12649] bridge0: port 3(netdevsim1) entered blocking state
[  257.865145][T12649] bridge0: port 3(netdevsim1) entered forwarding state
[  257.882603][T12674] Done restarting kernel threads.
[  257.969697][T12695] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2204'.
[  258.018691][T10784] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.085779][T12709] loop4: detected capacity change from 0 to 1024
[  258.117505][T12709] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  258.215154][T12665] chnl_net:caif_netlink_parms(): no params data found
[  258.238128][T12738] loop2: detected capacity change from 0 to 1024
[  258.296477][T12738] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.308966][T12738] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  258.319957][T12665] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.327205][T12665] bridge0: port 1(bridge_slave_0) entered disabled state
[  258.342574][T12665] bridge_slave_0: entered allmulticast mode
[  258.349240][T12665] bridge_slave_0: entered promiscuous mode
[  258.365028][T12665] bridge0: port 2(bridge_slave_1) entered blocking state
[  258.372301][T12665] bridge0: port 2(bridge_slave_1) entered disabled state
[  258.382699][T12665] bridge_slave_1: entered allmulticast mode
[  258.398648][T12665] bridge_slave_1: entered promiscuous mode
[  258.399342][T10840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  258.436282][T12665] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  258.449703][T12665] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  258.491862][T12665] team0: Port device team_slave_0 added
[  258.498913][T12665] team0: Port device team_slave_1 added
[  258.515264][T12665] batman_adv: batadv0: Adding interface: batadv_slave_0
[  258.522270][T12665] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  258.548272][T12665] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  258.563531][T12665] batman_adv: batadv0: Adding interface: batadv_slave_1
[  258.570577][T12665] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  258.596559][T12665] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  258.635348][T12768] loop2: detected capacity change from 0 to 2048
[  258.642816][T12665] hsr_slave_0: entered promiscuous mode
[  258.648862][T12665] hsr_slave_1: entered promiscuous mode
[  258.664917][T12790] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2217'.
[  258.675981][T12768] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.732849][T12795] Restarting kernel threads ...
[  258.756307][T12795] Done restarting kernel threads.
[  258.863086][T12768] bridge0: port 3(netdevsim1) entered blocking state
[  258.869991][T12768] bridge0: port 3(netdevsim1) entered disabled state
[  258.882512][T12768] netdevsim netdevsim2 netdevsim1: entered allmulticast mode
[  258.891097][T12768] netdevsim netdevsim2 netdevsim1: entered promiscuous mode
[  258.899490][T12768] bridge0: port 3(netdevsim1) entered blocking state
[  258.906233][T12768] bridge0: port 3(netdevsim1) entered forwarding state
[  258.906730][T12822] loop3: detected capacity change from 0 to 1024
[  258.954952][T12822] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  258.977717][T12822] ext4 filesystem being mounted at /35/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  259.009783][T10840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.021837][T10916] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.059424][T12847] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2228'.
[  259.073594][T12846] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2227'.
[  259.175344][T12665] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  259.192677][T12665] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  259.211310][T12665] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  259.231370][T12665] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  259.300413][T12665] 8021q: adding VLAN 0 to HW filter on device bond0
[  259.326865][T12665] 8021q: adding VLAN 0 to HW filter on device team0
[  259.344540][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[  259.351635][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[  259.415905][ T3879] bridge0: port 2(bridge_slave_1) entered blocking state
[  259.423113][ T3879] bridge0: port 2(bridge_slave_1) entered forwarding state
[  259.599334][T12880] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[  259.614569][T12665] 8021q: adding VLAN 0 to HW filter on device batadv0
[  259.682943][T12930] loop4: detected capacity change from 0 to 1024
[  259.718489][T12930] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  259.740764][T12665] veth0_vlan: entered promiscuous mode
[  259.764175][T12665] veth1_vlan: entered promiscuous mode
[  259.801280][T12665] veth0_macvtap: entered promiscuous mode
[  259.819078][T12665] veth1_macvtap: entered promiscuous mode
[  259.837470][T12955] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2241'.
[  259.847908][T12665] batman_adv: batadv0: Interface activated: batadv_slave_0
[  259.868447][T12665] batman_adv: batadv0: Interface activated: batadv_slave_1
[  259.883401][T12665] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  259.889434][T12959] validate_nla: 4 callbacks suppressed
[  259.889447][T12959] netlink: 'syz.2.2243': attribute type 1 has an invalid length.
[  259.892164][T12665] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  259.914267][T12665] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  259.923061][T12665] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  260.052716][T12979] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2245'.
[  260.067991][T12982] Restarting kernel threads ...
[  260.075096][T12982] Done restarting kernel threads.
[  260.214761][T12998] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2252'.
[  260.359517][T12998] loop4: detected capacity change from 0 to 512
[  260.412503][T12998] ext4: Unknown parameter 'subj_user'
[  260.443257][T13018] netlink: 'syz.2.2255': attribute type 1 has an invalid length.
[  260.463502][T13018] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2255'.
[  260.555991][T12991] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[  260.582299][T13038] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2259'.
[  260.595953][T13039] loop2: detected capacity change from 0 to 1024
[  260.603160][T13039] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  260.685582][T13053] netlink: 'syz.3.2261': attribute type 1 has an invalid length.
[  260.901525][T13086] netlink: 'syz.4.2267': attribute type 1 has an invalid length.
[  260.947970][T13095] loop4: detected capacity change from 0 to 2048
[  260.955866][T13057] team0 (unregistering): Port device team_slave_0 removed
[  260.966144][T13057] team0 (unregistering): Port device team_slave_1 removed
[  260.974533][T13087] loop2: detected capacity change from 0 to 1024
[  260.989423][T13087] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  261.008574][T13095] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.197583][T10784] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  261.235530][T13131] netlink: 'syz.4.2276': attribute type 1 has an invalid length.
[  261.759330][T13190] loop2: detected capacity change from 0 to 2048
[  261.794956][T13190] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.857458][T13216] lo: left promiscuous mode
[  261.896060][T13216] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  261.975031][T10840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.052512][T13240] Restarting kernel threads ...
[  262.057731][T13240] Done restarting kernel threads.
[  262.158044][   T29] kauditd_printk_skb: 430 callbacks suppressed
[  262.158059][   T29] audit: type=1400 audit(1752127166.895:4408): avc:  denied  { read write } for  pid=10840 comm="syz-executor" name="loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  262.188644][   T29] audit: type=1400 audit(1752127166.895:4409): avc:  denied  { open } for  pid=10840 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=102 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  262.218403][   T29] audit: type=1400 audit(1752127166.915:4410): avc:  denied  { ioctl } for  pid=10840 comm="syz-executor" path="/dev/loop2" dev="devtmpfs" ino=102 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  262.244218][   T29] audit: type=1400 audit(1752127166.935:4411): avc:  denied  { map_create } for  pid=13265 comm="syz.2.2296" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  262.263562][   T29] audit: type=1400 audit(1752127166.935:4412): avc:  denied  { map_read map_write } for  pid=13265 comm="syz.2.2296" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[  262.284876][   T29] audit: type=1400 audit(1752127167.025:4413): avc:  denied  { read } for  pid=13265 comm="syz.2.2296" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  262.308018][   T29] audit: type=1400 audit(1752127167.025:4414): avc:  denied  { open } for  pid=13265 comm="syz.2.2296" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  262.332731][   T29] audit: type=1400 audit(1752127167.025:4415): avc:  denied  { create } for  pid=13271 comm="syz.3.2298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  262.352612][   T29] audit: type=1400 audit(1752127167.025:4416): avc:  denied  { create } for  pid=13271 comm="syz.3.2298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  262.372576][   T29] audit: type=1400 audit(1752127167.025:4417): avc:  denied  { setopt } for  pid=13271 comm="syz.3.2298" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  262.455442][T13280] loop3: detected capacity change from 0 to 1024
[  262.475902][T13280] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  262.662743][T13306] Restarting kernel threads ...
[  262.672263][T13306] Done restarting kernel threads.
[  262.912855][T13346] __nla_validate_parse: 8 callbacks suppressed
[  262.912871][T13346] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2312'.
[  262.969432][T13351] lo: left promiscuous mode
[  263.000864][T13351] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  263.102684][T13369] Restarting kernel threads ...
[  263.107907][T13369] Done restarting kernel threads.
[  263.469159][T13417] loop1: detected capacity change from 0 to 1024
[  263.470173][T13418] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[  263.501715][T13417] EXT4-fs (loop1): couldn't mount as ext2 due to feature incompatibilities
[  263.728712][T13454] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2330'.
[  263.780911][T13462] netlink: 'syz.1.2332': attribute type 1 has an invalid length.
[  263.862475][T13469] Restarting kernel threads ...
[  263.868113][T13469] Done restarting kernel threads.
[  263.999957][T13497] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2337'.
[  264.041033][T13503] loop2: detected capacity change from 0 to 1024
[  264.081721][T13503] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  264.281879][T13522] loop2: detected capacity change from 0 to 1024
[  264.295333][T13522] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  264.656600][T13592] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2345'.
[  264.729708][T13606] loop2: detected capacity change from 0 to 1024
[  264.742287][T13606] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  264.812577][T13615] Restarting kernel threads ...
[  264.822227][T13615] Done restarting kernel threads.
[  264.941408][T13601] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[  264.963484][T13638] loop4: detected capacity change from 0 to 1024
[  264.980672][T13638] EXT4-fs (loop4): couldn't mount as ext2 due to feature incompatibilities
[  265.291077][T13689] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2362'.
[  265.364703][T13701] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2365'.
[  265.431757][T13710] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[  265.506344][T13719] loop2: detected capacity change from 0 to 1024
[  265.510054][T13707] loop4: detected capacity change from 0 to 8192
[  265.530915][T13719] EXT4-fs (loop2): couldn't mount as ext2 due to feature incompatibilities
[  265.610105][T13725] ==================================================================
[  265.618234][T13725] BUG: KCSAN: data-race in fat_alloc_clusters / fat_statfs
[  265.625460][T13725] 
[  265.627777][T13725] write to 0xffff8881131aa0ac of 4 bytes by task 13707 on cpu 1:
[  265.635485][T13725]  fat_alloc_clusters+0x662/0xa80
[  265.640506][T13725]  fat_get_block+0x258/0x5e0
[  265.645089][T13725]  __block_write_begin_int+0x3fd/0xf90
[  265.650549][T13725]  cont_write_begin+0x5fc/0x970
[  265.655399][T13725]  fat_write_begin+0x4f/0xe0
[  265.659983][T13725]  cont_write_begin+0x1ad/0x970
[  265.664833][T13725]  fat_write_begin+0x4f/0xe0
[  265.669423][T13725]  generic_cont_expand_simple+0xb0/0x150
[  265.675053][T13725]  fat_cont_expand+0x3e/0x170
[  265.679724][T13725]  fat_setattr+0x2a5/0x8a0
[  265.684142][T13725]  notify_change+0x806/0x890
[  265.688739][T13725]  do_ftruncate+0x34b/0x450
[  265.693236][T13725]  __x64_sys_ftruncate+0x68/0xc0
[  265.698175][T13725]  x64_sys_call+0xd65/0x2fb0
[  265.702759][T13725]  do_syscall_64+0xd2/0x200
[  265.707266][T13725]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.713156][T13725] 
[  265.715470][T13725] read to 0xffff8881131aa0ac of 4 bytes by task 13725 on cpu 0:
[  265.723085][T13725]  fat_statfs+0x182/0x200
[  265.727412][T13725]  vfs_statfs+0xc5/0x1c0
[  265.731647][T13725]  user_statfs+0x71/0x110
[  265.735969][T13725]  __x64_sys_statfs+0x65/0xf0
[  265.740639][T13725]  x64_sys_call+0x1edd/0x2fb0
[  265.745306][T13725]  do_syscall_64+0xd2/0x200
[  265.749809][T13725]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.755692][T13725] 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  265.758002][T13725] value changed: 0x00001f1c -> 0x00001f1b
[  265.763703][T13725] 
[  265.766011][T13725] Reported by Kernel Concurrency Sanitizer on:
[  265.772150][T13725] CPU: 0 UID: 0 PID: 13725 Comm: syz.4.2366 Not tainted 6.16.0-rc5-syzkaller-00053-g8c2e52ebbe88 #0 PREEMPT(voluntary) 
[  265.784639][T13725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  265.794683][T13725] ==================================================================
[  266.145224][   T56] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.205574][   T56] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.285587][   T56] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.324638][   T56] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.405689][   T56] bridge_slave_1: left allmulticast mode
[  266.411470][   T56] bridge_slave_1: left promiscuous mode
[  266.417276][   T56] bridge0: port 2(bridge_slave_1) entered disabled state
[  266.426194][   T56] bridge_slave_0: left allmulticast mode
[  266.431854][   T56] bridge_slave_0: left promiscuous mode
[  266.437613][   T56] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.514349][   T56] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  266.526401][   T56] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  266.536027][   T56] bond0 (unregistering): Released all slaves
[  266.585843][   T56] hsr_slave_0: left promiscuous mode
[  266.591422][   T56] hsr_slave_1: left promiscuous mode
[  266.597145][   T56] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  266.604743][   T56] batman_adv: batadv0: Removing interface: batadv_slave_0
[  266.612614][   T56] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  266.620016][   T56] batman_adv: batadv0: Removing interface: batadv_slave_1
[  266.630020][   T56] veth1_macvtap: left promiscuous mode
[  266.635538][   T56] veth0_macvtap: left promiscuous mode
[  266.641095][   T56] veth1_vlan: left promiscuous mode
[  266.646338][   T56] veth0_vlan: left promiscuous mode
[  266.938339][   T56] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.975448][   T56] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.014183][   T56] bridge0: port 3(netdevsim1) entered disabled state
[  267.022198][   T56] netdevsim netdevsim2 netdevsim1 (unregistering): left allmulticast mode
[  267.030780][   T56] netdevsim netdevsim2 netdevsim1 (unregistering): left promiscuous mode
[  267.039343][   T56] bridge0: port 3(netdevsim1) entered disabled state
[  267.049712][   T56] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.094657][   T56] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.163623][   T56] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.204371][   T56] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.254938][   T56] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.294930][   T56] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.348712][   T56] bridge_slave_1: left allmulticast mode
[  267.354413][   T56] bridge_slave_1: left promiscuous mode
[  267.360171][   T56] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.368228][   T56] bridge_slave_0: left allmulticast mode
[  267.373947][   T56] bridge_slave_0: left promiscuous mode
[  267.379563][   T56] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.388127][   T56] bridge_slave_1: left allmulticast mode
[  267.393870][   T56] bridge_slave_1: left promiscuous mode
[  267.399488][   T56] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.407286][   T56] bridge_slave_0: left allmulticast mode
[  267.412936][   T56] bridge_slave_0: left promiscuous mode
[  267.418590][   T56] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.468106][   T56] dvmrp1 (unregistering): left allmulticast mode
[  267.514969][   T56] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  267.524600][   T56] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  267.533896][   T56] bond0 (unregistering): Released all slaves
[  267.552322][   T56] bond0 (unregistering): (slave geneve1): Releasing backup interface
[  267.584228][   T56] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  267.593775][   T56] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  267.602985][   T56] bond0 (unregistering): Released all slaves
[  267.646305][   T56] hsr_slave_0: left promiscuous mode
[  267.652396][   T56] hsr_slave_1: left promiscuous mode
[  267.659625][   T56] hsr_slave_0: left promiscuous mode
[  267.665369][   T56] hsr_slave_1: left promiscuous mode
[  267.671024][   T56] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  267.678720][   T56] batman_adv: batadv0: Removing interface: batadv_slave_0
[  267.692029][   T56] veth1_macvtap: left promiscuous mode
[  267.697548][   T56] veth0_macvtap: left promiscuous mode
[  267.704160][   T56] veth1_vlan: left promiscuous mode
[  267.709538][   T56] veth0_vlan: left promiscuous mode
[  267.715559][   T56] veth1_macvtap: left promiscuous mode
[  267.721073][   T56] veth0_macvtap: left promiscuous mode
[  267.727634][   T56] veth1_vlan: left promiscuous mode
[  267.734326][   T56] veth0_vlan: left promiscuous mode
[  268.286168][   T41] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.324674][   T41] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.364981][   T41] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.405130][   T41] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.472349][   T41] bridge_slave_1: left allmulticast mode
[  268.478017][   T41] bridge_slave_1: left promiscuous mode
[  268.483750][   T41] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.491445][   T41] bridge_slave_0: left allmulticast mode
[  268.497111][   T41] bridge_slave_0: left promiscuous mode
[  268.502739][   T41] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.563815][   T41] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  268.573700][   T41] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  268.583072][   T41] bond0 (unregistering): Released all slaves
[  268.615685][   T41] hsr_slave_0: left promiscuous mode
[  268.621329][   T41] hsr_slave_1: left promiscuous mode
[  268.627494][   T41] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  268.635028][   T41] batman_adv: batadv0: Removing interface: batadv_slave_0
[  268.646452][   T41] veth1_macvtap: left promiscuous mode
[  268.651967][   T41] veth0_macvtap: left promiscuous mode
[  268.657906][   T41] veth1_vlan: left promiscuous mode
[  268.663777][   T41] veth0_vlan: left promiscuous mode
[  275.566397][   T56] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  275.604102][   T56] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0