last executing test programs:

54.779387209s ago: executing program 0 (id=131):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r0 = syz_io_uring_setup(0x10d6, &(0x7f0000000480)={0x0, 0xb3c2, 0x100, 0x0, 0x34f}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000002c0)={0x1, &(0x7f0000000200)=[{0x32, 0x0, 0x0, 0x4}]}, 0x10)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r4 = syz_open_pts(r3, 0x0)
ioctl$TCSETSW(r3, 0x5403, &(0x7f00000000c0)={0x81, 0xd, 0x2c2f, 0x7f, 0x1, "1381146fee396d8d24902b030211e952c832fe"})
ioctl$TIOCSTI(r4, 0x5412, &(0x7f00000018c0)=0x13)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8})
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x9, 0x6}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$TIOCL_GETKMSGREDIRECT(r3, 0x541c, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICADD(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x0)
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

54.690326121s ago: executing program 0 (id=133):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x6, 0x42341, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ptrace(0x10, r0)
ptrace$getregs(0xc, r0, 0xffffffffffffdcaf, &(0x7f0000000040)=""/45)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x2, 0x0, 0x1, 0x8, 0xa76, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'ip6gretap0\x00', <r4=>0x0})
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000000)={@remote, r4}, 0x14)
sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd24, 0x2000, {0x0, 0x0, 0x74, r4, {0xfffd, 0x10}, {0x1, 0xfff1}, {0xfff2, 0x3}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x14004804}, 0x840)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='kmem_cache_free\x00', r5, 0x0, 0xffffffffffffffff}, 0x18)
r6 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r6, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
r7 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000040), 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x36, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r8}, 0x18)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x24008050)
sendmsg$WG_CMD_SET_DEVICE(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c8}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

54.463353595s ago: executing program 0 (id=141):
getsockopt$bt_l2cap_L2CAP_LM(0xffffffffffffffff, 0x6, 0x3, &(0x7f0000000200), &(0x7f0000000280)=0x4)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
write$selinux_load(0xffffffffffffffff, &(0x7f0000001580)={0xf97cff8c, 0x8, 'SE Linux', "9b016c8d9787df19fde622bdab4367f155d3de1e705952ab65c09dc76f34d73dafa6407b3f59242440fe687170ca43c6d719b76fd0b5689905060bc607be30d03a832dfec5d6d9a59cb333c888b9f085b39defdd566dc177626ac5a3e1caaf5463cf728c1263c215443e5586c6bd95bf91fec1b8f89befded992f95969033fc536932191fc283f8b7c1e7d1bafddf38c7f4d2186dbd45dd02ed563adb86dfd46875af7ec97b31c954a2cb1051c896357bb141d00f6372beee32b3c208d8c04aebbb7c49f64f8f6f491fb877fc1f6ea385384128c94ee725a7682eb8124d5ad582ad0d41e2fcb716eee3d61bdfe2f158f5f3261df0918669d6c3cb42a229973059a4f56019d797b898197e1a785032f48b3560057668191eaf360eb39cfd61f6ef800b4149c30d3dc51cbd3418d60f6a648dc8e1147fddac8ed02b6c0961ed853b45b94945746ea217b3dd25fcaee1a7ffb4c91c102cca45b5a5ea4c6c1e58f8f83c47bf07eced582cd2cccfa474ff3f68c52e99ad3cf5a510447d7cee23432bb457235592758c7fadb5b5996980ab9a84b8418d9a9cb2097b12c3f7773a4651d997f91ca59a4091ea93d56915b1616cd9a20cc771442ace2e6bbddb5ad3378b06f909694228a40539104bd68bf18f5917ffc4869640e42355bbadca13dd0068f3b48f4fc1a3ef0b306ad9b13e2790f838c112ad6c05bf402374e775ecd1dde8a9049ef9de89440ba16674015650d5970e620008b3a4d42afe1fcc8c1befd635bc985e048d37a277fdd5ac71f34b6baafc11005062ddc4fd675917025954e99b54ab5f6e3798a758c08ab574f550a7227c3c1eee33c2fd18f263e43a25be8f6b68067d92848e1e5a1427d1c4f0a29d6e46361e2eb49d0793b436bf33b2f1e8ca29dcdcd29f3f7f49a506db8479825fa0ad5fce2050e8ff2cd01e7216154c8daf42b7883deb08271bd4be4f5c831642a18bb885de7371a1b6c896ee1375c0b6a7a9d0caddedad657f1213b41a47343f309ae30498e3012681ae68b5e266bfedd2b24a08d4591a39abf53d8d58c7e305c86dc5dcfcfd0780e1e88695a5381e0c096de84fec289dcf13e2ee95394e73074999ead49e6d5138224e55287cda26abc1527abc064833141d3aa697b8ab8a835b7dfdb12743746d49e02c8dbecf5e20fe47f962e35d29f4a3e14d74e6f55aadef8e8ab94fffbdf28e2c9bcd57ae8c90f0d7619c38b5cb8b8532607e6c8a58b30aa0d81be3faadaccd9022eb6eb262997cee417767e1c1cadcb0616ac819c26c5d47f2cde1427cdbfe19d062d4e667178af6569913a4cf9b06d0ad446ec4f6f48d540bd3985ab55decb1bf0abb6adc0f3aedc3678dbb60d9ce998556928874f02f6cd87a780ae35285b39f80924d8a5ff387ce48a70e6f70c44753f21f63024a628b03d7a3710b23b4beb93504931e34ef6066e282873da96b85cdffbb66a98ad5ab7aafb120436bfd7fa0c9f01c85fe1e42a35426c7015671428a3ba47e597fb3c1170142473c6669c8e870ab95bbf3871ffd3d72db328f9db4b9ddcbe6605659bf6aa6cee90c7a1828c8b351b8c33346e42d8487c933c9a3e4909d23b874239f52e77a4fed99e689a4fefc8a4c509e6f930edca92b9d159a934ca4eeba2e0d859dfea1ea35b6cf3225d773c41d035dc0f8a7510589f9d5ac88cf4568359d9983c71534dcd6a1d88d7ac4d76a2d44625c93c19e5826790f721493740b5df84a4570fbf22c1ac3049e0548c91984613f2a0c49ab09a78a2cf79c8f140a249d3afd4355fe99900d8c50e2b97a076bf0b18d2a1331c2aba816f8730e05b81ad5bfc0a7e635660438f471f273d1757c1d4124b676489d5e95c28e0123cb01244bb698f1573c3727ed8304d9f87c92545c3c220dc9fb5a5c80d85ba75631389eab84514cfcfa2a8a5c1468244a6f15d9e269c431ff46cf5cb8206d06be0201c4c00cdd31c8cbe1d9016618091d1d775a6445861a0eedc282f1a721203ca7a814dfbc0c6d5426201d88d705b720fb644ceb1c558ef0d1ff142a6aa07f9abe691ecae2ec4ba1e750c38c8802484626e3f4c68e60f5635dfa9862370afde93161b2d05f0334afb58905c336af94fff2367df7753896f853e3edd59fb4ff6010e2dbe0ce871cca2afd86837836c7ff640a713c283143ec6993592b046cfe27183f0e608e0588fdbb8c77f984d8b78dc970941a109d940f73f0c6ee079df7590669ea7c4cbdfd20ee4370a12b861d81c6089b744f4e6739fe4aa6a8b1ca68dc17dfa4aecec735e56d6c6580359714ec5ad446c38ae4c82f7f716833c7aa361405d5bf54c8153ed1b07712b8a5900dd0be1e97c2de5f8085ff82e33f82b89244b18bc0ca28069d1b51350ee96b7009a0e83d540856cbf9aad6f1529d169bbf94ece1c49334dbb025cfcb0b8e42837932ec773c5201d709d039b0949d307ca2e579ef682865e1487fb34b848eebdc09fa738dc2414fe2020158d1161b6dd9fc49eebc648b8d032748d2999aad17c59c73243de639b1b72e7ddfb4e75c3001061d6799980acfff4688b9404531b87f31d591458360cd11d71755d205876b996c3b891778de6f9199863b9eb3cb7c0ce6b0628acb199648f7a83a95cd9da8b815219bfaa5d671829455d39e4832f99483d2e383d0562bf8da67b819048c88b8a52aa465ba068432dafd9583ba6ca5ca1e178971f300897e8b777f0f1cd536a6c3d8e1d26a5e5bdfa6bccd276076346ca10ed715e7fcfc35d09875bdb5e74512d63ae976d8d869a3b8e3d5515d77054ae62eaac6d43e6776daf6e51c732beb59417b34b147493f43afc5b202c20aa54989b05cc443bdae7fe03632364d3ba01c08a192885d7e4dbd4638316659fd21250ae7ae2ba780d10c03f937e6b4055d87504aec42f8d915fd6915ce93316f6e78472d015c60167bb552a47351a27c4ca66863374425d273f1c19ca05ba54c3700996e72071eee070689fd7a197453807b6cf7934e7b99a0a3132295b12945d470b7892c0d26de07b57f0df93cc95cafe7cbac11e1e45e6bb4e685f42002995530366e9b387fdaa428424eee5c61b1fa9d13147173fe3fce86af79caefb0385b443899e17d56a99cb319a4f773c01240ad48c8ee8bb4b6b4222b4df4db3dfb7e5a0f211f304a63bd21d338654d9525214b5eebf45a2bac4396588b7df7d528bbf929ff99cc741598bfc99f48954244b3478e4b4c1d9e7bb43b9b417b312fb8bba9ccf0eef690b43a47581d3994037088d0b9f7d972cedc6c9121c3c433750688c6ba4cc218950aa01fcda2c6633071dc016dc10c6974c5f7c42515e007e08e4846a0dbe0f99565c485f31a6db6770316234a782ae682abe12e4f5c8704c68c191cee912589782d50df20e2e78d1d6946ea8e1f22b417e6dd4e3e285e3e6e71cbd1cd5ce19552a17032cc4c67f9b77e32c17bbf860406ef6c3dae7deda227ddbed15d85af4c9d8478c62eda1f887d58f07075c4849753d83c3118fd334fa6c9b6c4702c5cced1e0af9e89d3570957b6a41374a396c946de96982f68bc1faa3aef3f62e85de75ab52adf0dc79a8add1bcf8fc21bd2042adff53f6c96b6a91b86b164465561341a8aa194c400ff311874cb81e4a667b7cefa57f33b2d7e870b18bb6f0f54beada12653479816e0475f505fda41eefe0951c44e4fd58fb5986dd5bb65c1ba8550171345e80a675c2d33809a50f833644e67e3230abe3480c7b39828111af893c26763a7f52777434b0a14036967cad42e529e2ab9e4ff8618ec7bd19e078f7b82da83ac2ff2b189f0aabb283444f4a10777c69331df6c980d35ee8ecc2fedc694f20de5e62b189751f5a8492bd8f0c42ad63e378be8c49b38de51d9b7f991d1bb655b8dbb4f0229fc9c56b17270920e312d4d9586248df369a2bcf6ea821fdc1693faf6d8e70db51dd1a4d7f253e46c5c17193bca48c8a74ac338500819a39938bdb7831ed4640a86cb5c23fa2d34e125eadebcccd2c8ec2d3c96cedaa303e6a22b8c2c2b2ba06b03ac2c641a4af3beea49f4bcabd3061eb5601b4989c9dbbb622eea7417ef2e24f7dd211d39a10dd813cbdb5ed12975a88bd5ef3a5741d73a04f2a23a7b27e7c884483c78d208e47b62aed3f4d9b8ebaab84192eabda629d3792902adf86cbb52c69ac87d4f5f13f8e058d247d145d2b96a8ef2f1c91025fe467d3c4c964c4d231f005c01d9345ac44930d33c2542b22d5dee0ec537bd0e8a4c58270d587ec041a892253c67d71c55f9a232a9cbe39d30987e68387edf523750e29d7061c28c87aae7d57e62aa0823d2f5f0289556c4afecfb808635880320f9d09fef6aa4585124a3c3a8d5cc9e3aed00f9f89c0c17a3b1407220a41679f3b3068a6d46a029d233e3e0ba437e49cd2d70b2144b93d7c0153e8b6bc702a8eb199f64c3ca736d90ebc12f9b1ba5abefd6322419e0be95c7307e9e85639f1231e2ae7d7022e218b6b0f0a1712f0db98ef8ff4a9575a8967ed3ad03ab7836c7822c88f21b9ce099330a18a16d3cac9423253d775283781243c09c463e4ef9e47410039eca5238920ffcfb2943fa0c7464562990470acacd04d6b7387d1cc1d81d3bbce8c8539c95fd3771e1682cf2813cdcea72e0f25804e93e2473c343f7429f308d4e629c8d6d8ddb43969c7d638069af2785cf4fde6a89bd996691ae40609d15e0dbe653bdee26958544ac5f264c2e0728081bc82f3f913f768d7b9267ae49a0389ea537ae36043017f1e4914624bb21009c0081c4a39374e0dacb3c535a506128679afb5958f591ba168dcfbb6ef4f222db3f1c931ab854142127b4cf3ee49d9dc532fe54b92c828ca288b29870382cb15b3a42fbce45e357bf8c2422f45bba852b75c11613aa2af0111df67be5a1dc1145adeea30f5e9325622b37186806520fb19f31a19d0a20e1b97fdf4cd2083ffb627ff3c7d11de5ec358095c136896708641b7ee293515d13200a76013d3acc0fb1b2814f475e3eda6caf1e46d5fa65ef987b4dadaacb840691b32267e032e802d51fa87f46d81cde456faca351c6d6eb641c1b9cf1799a199b3fd5f914b9dde91d012915db3c04a44a7c596da098763e35609a9870e82364b2e552aecda7fbe2d26a88c4dece82a84070c3f37d85adbe70fdd31e4c4e7b4a6f3d6534772d4661410ce1cff935e112304c05c2dc58d5921235d364e44f6c17ccf6f4430a1be58786614f06087a6cf4bd56af3c9c333ea72e91ea7cce0229c40202fa6df021cc7c99670998d628e8b66be820af56ff4140d500115c33fb1fc2c07dc0e2f84e487629a24dd778dd88bf771d0ee18eb4b6bd6b85520c7e921e975d549e4f503f88a1add9b41561670e50cea8414d9359c3be2b4ea32a725166d037995ba279fb37dd321bf35ff17b57ca34d0bd06dc004686dd27584a8f33d346123f6c2117b7f077326ee6e891d820c286b801be165066c6b170adbf0312bdf60c777eea9a8d72f91f27b89f81af0ca727f6dca54dfe253a457ee7f652ba121934bde4445d1cad238dc0cc4da809e7d1ec0d8dc5d18d1e2247a4bacfe69ebb25ce9f7251e0d380edadda65030623c5e9936f6ea29caa54842cce0f851a48826ee94e9cc3e7cd33dab7b0668e0032e2f48f4e5644be614a340794b0528e77d2ff342b938fa459221c7ff1932c04880f40fa753d0fc785ec1da9280706f40b5a3b4829b58f29ab7601f7be81205261e9ce13718782ab0ab4a4276effc7bf8c671f7eb51426ef6f7b095c09e1b2790586c90b7ea1b3b8cc0af96c63cd9"}, 0x1010)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000000)=ANY=[@ANYRES32], 0x20)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x67, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x2}, 0x18)
r3 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1064, 0x80, 0x200003, 0x1af}, &(0x7f00000001c0)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x1, 0xffffffffffffffff, 0x0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000200)=[{0x0}, {0x0}], 0x2}, 0x0, 0x3, 0x0, {0x2}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r3, 0x47f8, 0x0, 0x0, 0x0, 0x0)

54.343474747s ago: executing program 0 (id=142):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00'}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
lsm_get_self_attr(0x2, 0x0, &(0x7f0000000080), 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001240)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005205000000dc1c56d19f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981179186e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2a434b9048ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d6356e4450d043ed20d313cd56a56d2e4cdf26f19af9a41695a58a9b6b45af1ca939b18d7b57791b99cfc6ec2a0848c29fea4eb8b82395a38e8aca5ab4bfc2ad8acf2e51b766f8ecd16194ad41ec097082f7fa32179ef99dafa6c2aa206a25ddc33e6f0a09169eeff428c71f54e1dfcfcd7cfc8f6e169f11c47d504"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRESOCT=r0], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000008c0)=ANY=[@ANYBLOB="1800000000000005000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r4, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r7, 0x107, 0x12, &(0x7f0000000300)={0x0, 0x8000}, 0x4)
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000340)=[{0x6, 0x0, 0x0, 0x5}]}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000140)="b9ff03076804268cb89e14f088a847e0ffff2000000000000000ac141416e0885a049a179424", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x48)
mount_setattr(r2, &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000080)={0x2, 0xf8, 0x40000, {r2}}, 0x20)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1200000009000000040000000200000000000000", @ANYRES32, @ANYBLOB="14b7d0051d8153f6a825861e78e5929ec0", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r8, <r9=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000380)=r1}, 0x20)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r10}, 0x10)
setregid(0x0, 0x0)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="1c0000000203034000000000000000feff000000080001000100"], 0x1c}}, 0x0)
r12 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_VERDICT(r12, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="20000000010301"], 0x20}}, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r9, &(0x7f00000001c0), 0x0}, 0x20)
execveat(r2, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000840)={[&(0x7f0000000540)='\x00', &(0x7f0000000600)='(^\x00', &(0x7f0000000680)='syzkaller\x00', &(0x7f00000006c0)='kmem_cache_free\x00', &(0x7f0000000700)='{(&[&#),\x8f.{@)${{-!\xb9@&\x00', &(0x7f0000000780)='GPL\x00', &(0x7f0000000800)='^]\'\\^%:\x00']}, &(0x7f0000000a00)={[&(0x7f0000000880)='%\x00', &(0x7f0000000940)='sys_enter\x00', &(0x7f0000000980)='GPL\x00', &(0x7f00000009c0)='@\x00']}, 0x400)

54.314780058s ago: executing program 0 (id=143):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000400)=@newqdisc={0x38, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_pie={{0x8}, {0xc, 0x2, [@TCA_PIE_BETA={0x4}]}}]}, 0x38}}, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000100)={'nr0\x00', {0x2, 0x4e22, @multicast1}})
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0xc100c6, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@errors_remount}, {@debug}, {@inlinecrypt}]}, 0x6, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
syz_mount_image$msdos(&(0x7f00000011c0), &(0x7f0000001200)='./file0\x00', 0x8490, &(0x7f0000000040)={[{@nodots}, {@fat=@dos1xfloppy}, {@nodots}, {@dots}]}, 0x1, 0x1212, &(0x7f0000003680)="$eJzs3M1rHGUcB/BfX9KX1KTxrdpefNCLXgbbgwfxYJAUpAtK2witIEzIRJesu2FnD1nxkB68ePIP8ejJgnrSU/4Lb0EQvSiII5uZpk2pa02brIbPB4Z5+T4zzzMPzMAsz7Nbb3zx8epKma30Y5cUR3e2N+KVb1//9fNrN25emW+1Fq6mdHn++sXXUkqzL3zz/qdfvvjd4Mx7X83ePhmbcx9s/Xzpx81zm+e3/rz+UbtM7TJ1e4OUp6Veb5AvdYq03C5Xs5Te7RR5WaR2tyz6dT6qqlOklU5vbW2Y8u7yzPRavyjLlHeHabUYpkEvDfrDlH+Yt7spy7I0Mx3s1a1mXVWjZSpORFVV1emYjjPxRMzEbJyNuXgynoqn45l4Ns7Fc/F8nN8uNeGmAwAAAAAAAAAAAAAAAAAAwCHzW3X//P+z2/P/7/w7wPj5/79PruEAAAAAAAAAAAAAAAAAAABwiFy7cfPKfKu1cDWlUxE/bawvri/W6zq//HZr4dU/qtrOWb+sry8e28kvploTnrhTarrJL+3Om/NPxcsv1fkoe+ud1n35hViOiO9/2PcuAAAAgEMvSzvm7h69+32fZX+X11vbvw888Pv+eFw4fmC3wR6Vw09W86lmJ+90iv72kf/LRvWYLxifPTBaiohHruJo08v//vQjE+3nk027D6jS26Oqxpa5tYcrf/1oDdv90NRRs7NxT+EjETFaxl1w6r/y7DzsLb+5/28hJuWeV994xw6oQQAAAAAAAAAAADyUxzBUME6PH/D4TyPLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4C924EAAAAAAQJC/9SAXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBWAAAA///cI17y")

54.123233092s ago: executing program 0 (id=149):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x80)
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a37f7fb9a16059ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a9883815654486fe42cf2f676cdbb91f7582ab314be"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19}, 0x42)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r0, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x40, 0x140a, 0x400, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x1}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x2}]}, 0x40}, 0x1, 0x0, 0x0, 0x404c04d}, 0x810)
syz_emit_ethernet(0x66, &(0x7f00000068c0)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb86dd6007000000303a00fe8000000000000000000000000000bbff020000000000000000000000000001"], 0x0)

54.122944192s ago: executing program 32 (id=149):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x80)
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a37f7fb9a16059ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a9883815654486fe42cf2f676cdbb91f7582ab314be"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19}, 0x42)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r0, &(0x7f0000000380)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x40, 0x140a, 0x400, 0x70bd25, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x3}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x1}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x2}]}, 0x40}, 0x1, 0x0, 0x0, 0x404c04d}, 0x810)
syz_emit_ethernet(0x66, &(0x7f00000068c0)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb86dd6007000000303a00fe8000000000000000000000000000bbff020000000000000000000000000001"], 0x0)

31.784575001s ago: executing program 4 (id=532):
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r0, &(0x7f00000002c0)={&(0x7f0000000180)={0x24, @long={0x3, 0x3, {0xaaaaaaaaaaaa0302}}}, 0x14, &(0x7f0000000040)={&(0x7f00000001c0)="be1393", 0x3}, 0x1, 0x0, 0x0, 0x40854}, 0x8008804)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0xffffffff}, 0x10)
r1 = syz_init_net_socket$llc(0x1a, 0x3, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
recvfrom$llc(r1, &(0x7f0000000300)=""/4096, 0x1000, 0x40000040, &(0x7f0000000000)={0x1a, 0x1b, 0x56, 0xfb, 0x5, 0x0, @multicast}, 0x10)

31.736586181s ago: executing program 4 (id=534):
r0 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0xff00000000000000, 0xac14140c}, 0xff000000}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)="8bcd", 0xffe3}], 0x1, 0x0, 0x0, 0x900}, 0x60)

31.735399411s ago: executing program 4 (id=535):
r0 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_int(r0, 0x107, 0x15, 0x0, &(0x7f0000000480)) (async)
getsockopt$packet_int(r0, 0x107, 0x15, 0x0, &(0x7f0000000480))
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
socket$nl_route(0x10, 0x3, 0x0) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0) (async)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f00000002c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xa, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}, 0x1, 0xfffc}, 0x4000800)
sendmsg$nl_route_sched(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000003080)=@delchain={0x50, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x20, 0x2, [@TCA_FLOWER_INDEV={0x14, 0x2, 'bridge_slave_0\x00'}, @TCA_FLOWER_KEY_IPV4_SRC={0x8, 0xa, @initdev={0xac, 0x1e, 0x0, 0x0}}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x10}, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0x3, 0x2) (async)
r6 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
ioctl$EVIOCGKEYCODE(0xffffffffffffffff, 0x80084504, &(0x7f0000000240)=""/4096)
write$tun(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="080000f607000000000014"], 0x30)
io_uring_setup(0x2cb0, &(0x7f0000001300)={0x0, 0x9447, 0x2000, 0x3, 0x3c3}) (async)
r7 = io_uring_setup(0x2cb0, &(0x7f0000001300)={0x0, 0x9447, 0x2000, 0x3, 0x3c3})
io_uring_register$IORING_REGISTER_RING_FDS(r7, 0x14, &(0x7f00000012c0)=[{0x2, 0x1, 0x0, &(0x7f0000001380)=[{&(0x7f0000001240)=""/45, 0x2d}, {&(0x7f0000001400)=""/188, 0xbc}], &(0x7f00000013c0)=[0xa, 0x0, 0x2, 0x2000000000000, 0xfff]}], 0x1) (async)
io_uring_register$IORING_REGISTER_RING_FDS(r7, 0x14, &(0x7f00000012c0)=[{0x2, 0x1, 0x0, &(0x7f0000001380)=[{&(0x7f0000001240)=""/45, 0x2d}, {&(0x7f0000001400)=""/188, 0xbc}], &(0x7f00000013c0)=[0xa, 0x0, 0x2, 0x2000000000000, 0xfff]}], 0x1)
socket$inet_sctp(0x2, 0x5, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES16, @ANYBLOB="0000000000000000b705"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000001280)=ANY=[@ANYBLOB="0a0000000400000008000000089a8e3ed5a9f3ed60c9d14f297e9a8523c665d9bcc9d95b60b4089c4fc608986bde5dbb14672a13d293725596f0bb6aae75b46e"], 0x50) (async)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001280)=ANY=[@ANYBLOB="0a0000000400000008000000089a8e3ed5a9f3ed60c9d14f297e9a8523c665d9bcc9d95b60b4089c4fc608986bde5dbb14672a13d293725596f0bb6aae75b46e"], 0x50)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r9}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r8}, &(0x7f0000000200), &(0x7f0000000240)=r9}, 0x20)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f68737200000000140001"], 0xfc}}, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0) (async)
execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
socket(0x10, 0x3, 0x0)

31.379907788s ago: executing program 4 (id=544):
syz_mount_image$ext4(&(0x7f0000000280)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000480)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@nojournal_checksum}, {@norecovery}, {@resuid}, {@quota}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r1, &(0x7f00000009c0)="3bf5", 0x2)
sendfile(r1, r0, 0x0, 0x3ffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000600)=ANY=[@ANYRES8=r0, @ANYRESDEC=r1, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x7, 0x4, 0x8, 0xd9}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b7000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r3}, 0x18)
add_key(&(0x7f0000000040)='asymmetric\x00', 0x0, &(0x7f0000000300)='0', 0x1, 0x0)
sendfile(r2, r0, 0x0, 0x7fffeffd)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x4, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000feffffff0000000000000000850000002a00000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = syz_clone(0x8d002240, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r6, 0xd8, &(0x7f00000002c0)=""/192)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r5}, 0x18)
r7 = syz_io_uring_setup(0x497, &(0x7f0000000300)={0x0, 0x4661, 0x800, 0x5, 0x20e}, &(0x7f0000000240)=<r8=>0x0, &(0x7f0000000680)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_LINKAT={0x27, 0xa, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000140)='./file0\x00', 0xffffffffffffffff, 0x400, 0x1})
io_uring_enter(r7, 0x40f9, 0x217, 0xa5, 0x0, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x8fff, 0x0)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r10, 0x89f1, &(0x7f0000010640)={'tunl0\x00', &(0x7f00000001c0)=@ethtool_cmd={0x2f, 0x4, 0x6, 0x0, 0x5, 0x0, 0x3, 0xfc, 0xff, 0xff, 0x0, 0xffffffff, 0x0, 0xff, 0x2, 0x45, [0x5, 0x89ff]}})
move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0)
execve(&(0x7f0000000040)='./file0\x00', &(0x7f0000000780)={[&(0x7f0000000840)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000b80)=ANY=[@ANYBLOB="140000001000010000000000000063400a00000a48000000d50a0b040000000000000000020000001c0004801800018008000100647570000c0002800800014000000073797a30000000000900020073797a3200000000140000001100015ebab85143ae720000000000000000000300751ef24c9c71ba3f955a447af2fdf3afc6ad23c1f0a13853cde47f85b1828e08a0b5202c3c4775c901cf7edbb06fa77c9335cd6b5e67cda953b07f57115f2d02fe46bdbadb30d9a74010e68a40c2a3ca618584ec2a24b46d99"], 0x70}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x10)

30.513475594s ago: executing program 4 (id=564):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000340), 0x10}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000008c0)=r1, 0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x0, 0xc0000001}, {0x3, 0x0, 0xf, 0x0, 0x1, 0xffffffff}, 0x7, 0x10, 0x2000000}}]}}]}, 0x58}}, 0x0)

29.70569411s ago: executing program 4 (id=577):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x100, 0x0, 0x0, 0x0, 0x58}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000"], 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa00000}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xaa)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = eventfd2(0x0, 0x800)
io_setup(0x6, &(0x7f0000000140)=<r3=>0x0)
io_submit(r3, 0x2, &(0x7f00000000c0)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0xfffd, r1, 0x0, 0x0, 0x0, 0x0, 0x3, r2}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
shutdown(r1, 0x0)

29.595482582s ago: executing program 33 (id=577):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x100, 0x0, 0x0, 0x0, 0x58}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000"], 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xa00000}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xaa)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = eventfd2(0x0, 0x800)
io_setup(0x6, &(0x7f0000000140)=<r3=>0x0)
io_submit(r3, 0x2, &(0x7f00000000c0)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0xfffd, r1, 0x0, 0x0, 0x0, 0x0, 0x3, r2}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
shutdown(r1, 0x0)

26.645785219s ago: executing program 3 (id=618):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)}, &(0x7f0000000100)=0x10)
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000180), 0x101000)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r1, 0xc0145401, &(0x7f00000001c0)={0x3, 0x3, 0x8001, 0x2, 0xfffffe00})
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r2=>0x0]}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x7d, &(0x7f0000000040)={r2, @in={{0xa, 0x4e21, @empty}}, 0xffff, 0x40}, 0x88)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000820004000000000000000c00850000000f00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3, 0x0, 0x4}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})

26.59461247s ago: executing program 3 (id=621):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000d00)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180100000100a7d9000000000020b200850000007b00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001340)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x6}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_VERDICT(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="2000000001030101000002000000000000000000"], 0x20}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYRES16=r1, @ANYRESHEX=r0, @ANYRES8=r2, @ANYRES16=r1, @ANYRESOCT=r1, @ANYRESDEC=r0], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05"], 0x48)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="540000001000010028bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="6cf2040000000000140003086e657464657673696d30000000000000200016801c00018018000c801400010007000000370500000100000081000000"], 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x40)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x9, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="1800040000008500000002000000000018110000", @ANYRESHEX, @ANYRESDEC=0x0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, @cgroup_sock=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r5}, 0x18)
getrlimit(0x5, &(0x7f0000000240))
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
r8 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r8)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
ioctl$IOCTL_GET_NCIDEV_IDX(r7, 0x0, &(0x7f0000000340))
recvfrom$inet_nvme(r8, &(0x7f0000000240)=""/209, 0xd1, 0x12022, &(0x7f0000000380)=@generic={0x23, "82a62ae487224984506639ccdb47b8e6fef4e33483aa27d5877ca3a031ec96b66f32ebff5b3bf4afc7b7a988ed664c8a22c48c32e8fe077122d12225129d7a540fa674eec563252758810fb25e9cc26193f4c820dd0f9c0f997c5460734f26eb03decfaec0c45d1fc55e879d9147ddccf4002bc9621b7186b02d6f231c53"}, 0x80)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r9 = inotify_init1(0x80000)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
get_mempolicy(0x0, 0x0, 0x200, &(0x7f0000e9f000/0x1000)=nil, 0x3)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r11}, 0x10)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0xfed7, &(0x7f00000002c0)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaaaa86dd6002adf700383a00fe88000000000000000e000000000001ff020000000000000000000000000001"], 0x0)
inotify_add_watch(r9, &(0x7f0000000200)='.\x00', 0x10000a0)

26.543585021s ago: executing program 3 (id=623):
r0 = io_uring_setup(0x7d98, &(0x7f00000003c0)={0x0, 0xdf07, 0x2, 0x1, 0x105})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
io_setup(0x8, &(0x7f00000001c0)=<r2=>0x0)
io_submit(r2, 0x3a, &(0x7f00000006c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}])
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001400000000000000003"], 0x118}}, 0x0)
io_getevents(r2, 0x2, 0x2, &(0x7f0000001340)=[{}, {}], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$phonet_pipe(0x23, 0x5, 0x2)
listen(r5, 0xa)
ioctl$SIOCPNENABLEPIPE(r5, 0x89ed, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

26.06370874s ago: executing program 3 (id=629):
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000580)="240000001e005f031400ff01000000f80700b3586ff606c2e553797c080008e467dc0000", 0x24)
recvmmsg(r0, &(0x7f0000005180), 0x400000000000166, 0x1a000, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x1}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000700)={[{@nodelalloc}, {@bsdgroups}, {@nobh}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x6}}, {@barrier_val={'barrier', 0x3d, 0x3ff}}, {@nodiscard}, {@stripe={'stripe', 0x3d, 0x10001}}]}, 0xfc, 0x582, &(0x7f0000000b40)="$eJzs3d9rW+UbAPDnpO3W/fh+28EY6oUUduFkLl1bf0zwYl6J6HCg9zO0WRlNl9GkY60Dtwt3440MQcSB6L33Xg7/Af+KgQ6GjKIX3lROctKFNunSLF2z5vOBs73vOSd9z5P3PG/ek5OQAAbWRPpPLuLliPgmiRhr2jYc2caJ+n5rj2/OpksS6+uf/pVEkq1r7J9k/x/JKi9FxG9fRZzObW23srK6UCiViktZfbK6eG2ysrJ65spiYb44X7w6PTNz7q2Z6Xffebtnsb5+8Z/vP7n/4bmvT65998vDY3eTOB9Hs23NcTyDW82ViZjInpOROL9px6keNNZPkr0+ALoylOX5SKRjwFgMZVnf0vrY8zw0YJd9maY1MKAS+Q8DqjEPaFzb9+g6+IXx6P36BdDW+Ifr743EaO3a6PBaUr8yOljfml7vjveg/bSNX/+8dzddot37EAd70BDAJrduR8TZ4eGt41+SjX/dO9vBPpvbGLTXH9hL99P5zxut5j+5jflPNM9/Mkda5G43np7/uYc9aKatdP73Xsv578ZNq/GhrPa/2pxvJLl8pVRMx7b/R8SpGDmY1qci4oPWN0E+z609WG/XfvP8L13S9htzwew4Hg5vmv/NFaqFZ4+87tHtiFdazn+Tjf5PWvR/+nxc7LCNE8V7r7bb9vT4d9f6TxGvtez/J52ZbH9/crJ2Pkw2zoqt/r5z4vd27W8b/2jPw90i7f/D28c/njTfr63svI0fR/8tttvW7fl/IPmsVj6QrbtRqFaXpiIOJB9vXT/95LGNemP/NP5TJ7cf/1qd/4fSxO4w/jvH7zTvOrqz+HdXGv/cjvp/54UHH33xQ7v2O+v/N2ulU9maTsa/Tg/wWZ47AAAAAAAA6De5iDgaSS6/Uc7l8vn65zuOx+FcqVypnr5cXr46F7Xvyo7HSK5xp3us6fMQU9nnYRv16U31mYg4FhHfDh2q1fOz5dLcXgcPAAAAAAAAAAAAAAAAAAAAfeJIxGir7/+n/hhq/Zg2q4EX0TY/+Q3sc+3zP9vSi196AvqS138YXF3kv/cAYJ/w+g+DS/7D4JL/MLjkPwwu+Q+Dayf5//OFXTwQAAAAAAAAAAAAAAAAAAAAAAAAAAAA2B8uXriQLutrj2/OpvW56yvLC+XrZ+aKlYX84vJsfra8dC0/Xy7Pl4r52fLi0/5eqVy+NjUdyzcmq8VKdbKysnppsbx8tXrpymJhvnipOPJcogIAAAAAAAAAAAAAAAAAAIAXS2VldaFQKhWXFBS6Kgz3x2H0YSHXH4fRZWGvRyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOK/AAAA//92vTrs")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
pread64(r1, &(0x7f0000000000)=""/36, 0x24, 0x100000000)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000000000001845000008000400000000000200000095004be06900000000000000"], &(0x7f0000000300)='GPL\x00', 0x9, 0x1, &(0x7f0000000340)=""/1, 0x0, 0x3}, 0x94)
r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_ADD(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)={0x14, r2, 0x209}, 0x14}, 0x1, 0x0, 0x0, 0x24008881}, 0x0)
r4 = open(&(0x7f0000000500)='./bus\x00', 0xc00, 0x0)
ioctl$LOOP_SET_STATUS64(r4, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1c0000000, 0x8005, 0x0, 0x9, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8eee730b7ca0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200, 0x1]})
chdir(&(0x7f0000000100)='./file0\x00')
socket(0x10, 0x3, 0x0) (async)
write(r0, &(0x7f0000000580)="240000001e005f031400ff01000000f80700b3586ff606c2e553797c080008e467dc0000", 0x24) (async)
recvmmsg(r0, &(0x7f0000005180), 0x400000000000166, 0x1a000, 0x0) (async)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x1}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) (async)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000700)={[{@nodelalloc}, {@bsdgroups}, {@nobh}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x6}}, {@barrier_val={'barrier', 0x3d, 0x3ff}}, {@nodiscard}, {@stripe={'stripe', 0x3d, 0x10001}}]}, 0xfc, 0x582, &(0x7f0000000b40)="$eJzs3d9rW+UbAPDnpO3W/fh+28EY6oUUduFkLl1bf0zwYl6J6HCg9zO0WRlNl9GkY60Dtwt3440MQcSB6L33Xg7/Af+KgQ6GjKIX3lROctKFNunSLF2z5vOBs73vOSd9z5P3PG/ek5OQAAbWRPpPLuLliPgmiRhr2jYc2caJ+n5rj2/OpksS6+uf/pVEkq1r7J9k/x/JKi9FxG9fRZzObW23srK6UCiViktZfbK6eG2ysrJ65spiYb44X7w6PTNz7q2Z6Xffebtnsb5+8Z/vP7n/4bmvT65998vDY3eTOB9Hs23NcTyDW82ViZjInpOROL9px6keNNZPkr0+ALoylOX5SKRjwFgMZVnf0vrY8zw0YJd9maY1MKAS+Q8DqjEPaFzb9+g6+IXx6P36BdDW+Ifr743EaO3a6PBaUr8yOljfml7vjveg/bSNX/+8dzddot37EAd70BDAJrduR8TZ4eGt41+SjX/dO9vBPpvbGLTXH9hL99P5zxut5j+5jflPNM9/Mkda5G43np7/uYc9aKatdP73Xsv578ZNq/GhrPa/2pxvJLl8pVRMx7b/R8SpGDmY1qci4oPWN0E+z609WG/XfvP8L13S9htzwew4Hg5vmv/NFaqFZ4+87tHtiFdazn+Tjf5PWvR/+nxc7LCNE8V7r7bb9vT4d9f6TxGvtez/J52ZbH9/crJ2Pkw2zoqt/r5z4vd27W8b/2jPw90i7f/D28c/njTfr63svI0fR/8tttvW7fl/IPmsVj6QrbtRqFaXpiIOJB9vXT/95LGNemP/NP5TJ7cf/1qd/4fSxO4w/jvH7zTvOrqz+HdXGv/cjvp/54UHH33xQ7v2O+v/N2ulU9maTsa/Tg/wWZ47AAAAAAAA6De5iDgaSS6/Uc7l8vn65zuOx+FcqVypnr5cXr46F7Xvyo7HSK5xp3us6fMQU9nnYRv16U31mYg4FhHfDh2q1fOz5dLcXgcPAAAAAAAAAAAAAAAAAAAAfeJIxGir7/+n/hhq/Zg2q4EX0TY/+Q3sc+3zP9vSi196AvqS138YXF3kv/cAYJ/w+g+DS/7D4JL/MLjkPwwu+Q+Dayf5//OFXTwQAAAAAAAAAAAAAAAAAAAAAAAAAAAA2B8uXriQLutrj2/OpvW56yvLC+XrZ+aKlYX84vJsfra8dC0/Xy7Pl4r52fLi0/5eqVy+NjUdyzcmq8VKdbKysnppsbx8tXrpymJhvnipOPJcogIAAAAAAAAAAAAAAAAAAIAXS2VldaFQKhWXFBS6Kgz3x2H0YSHXH4fRZWGvRyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOK/AAAA//92vTrs") (async)
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111) (async)
openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
socket$key(0xf, 0x3, 0x2) (async)
pread64(r1, &(0x7f0000000000)=""/36, 0x24, 0x100000000) (async)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000000000001845000008000400000000000200000095004be06900000000000000"], &(0x7f0000000300)='GPL\x00', 0x9, 0x1, &(0x7f0000000340)=""/1, 0x0, 0x3}, 0x94) (async)
syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
sendmsg$FOU_CMD_ADD(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000500)={0x14, r2, 0x209}, 0x14}, 0x1, 0x0, 0x0, 0x24008881}, 0x0) (async)
open(&(0x7f0000000500)='./bus\x00', 0xc00, 0x0) (async)
ioctl$LOOP_SET_STATUS64(r4, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1c0000000, 0x8005, 0x0, 0x9, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8eee730b7ca0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200, 0x1]}) (async)
chdir(&(0x7f0000000100)='./file0\x00') (async)

25.749510326s ago: executing program 3 (id=634):
r0 = syz_open_dev$usbfs(0x0, 0x1ff, 0x2)
dup(r0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f60000008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value=0x2000000}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r4}, 0x10)
unshare(0x62040200)
r5 = perf_event_open(&(0x7f0000000fc0)={0x2, 0x80, 0x82, 0x1, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}, 0x0, 0x0, 0x3, 0x4, 0x0, 0xd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x40082406, &(0x7f0000000180)='cpu>=0||!')

24.566997519s ago: executing program 3 (id=655):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000480)='kmem_cache_free\x00', r2}, 0x18)
tee(r2, r3, 0x7, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r4=>0x0})
bind$can_raw(r0, &(0x7f0000000000)={0x1d, r4}, 0x10)
bind$can_raw(r0, &(0x7f0000000080), 0x10)

24.552001629s ago: executing program 34 (id=655):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000480)='kmem_cache_free\x00', r2}, 0x18)
tee(r2, r3, 0x7, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000300)={'vxcan1\x00', <r4=>0x0})
bind$can_raw(r0, &(0x7f0000000000)={0x1d, r4}, 0x10)
bind$can_raw(r0, &(0x7f0000000080), 0x10)

14.544270441s ago: executing program 2 (id=853):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(r2, &(0x7f0000000540)=[{{&(0x7f00000002c0)={0x2, 0x4e21, @local}, 0x10, 0x0}}, {{&(0x7f0000000000)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="24000000000000000000000007000000441414"], 0x28}}], 0x2, 0x200c4)
setsockopt(r1, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
recvmmsg$unix(r3, &(0x7f0000006cc0)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000980)=""/4096, 0x1000}], 0x1}}, {{0x0, 0x0, &(0x7f0000002780)=[{&(0x7f0000003100)=""/4096, 0x1000}], 0x1}}], 0x2, 0x400122a0, 0x0)
sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r1, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f0000000640)=ANY=[@ANYRES32=0x0, @ANYBLOB="000001c34df78769f0ab640fdfe7e869c9732915077ef5b351c0cdbc2258b04203452667434a482dc05c86c34ca30819aecfd02c21ee0e15158b039bd07c40b09ab00153f5bfafd43ed7a9482e10b33850f8a7f68d27ef16adfd7892012e2872579ebcca790c7b448ae862cee0bc88e678d809021f8af5c4bacf21bd4d4e85463dcbd4901284de6c5c9a9aba9b64cad84608bdaafb762a9557510c414c11"], 0x9)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000aac020000060a0b040000000000000000020000003c020480380201800a0001006d6174636800000028020280080002400000000114020300d67a8527f76ec1d39e537c4c3060c6a405106c72848aa8bcb429b3a20d532452032d5f166334739d1719a5778bd4f724ee4ca57f2527aeeb0c75755d68fc6fa55f4825682ee95e581039823e5963beedcf65b8b005623d90772b8b6ebd2498b0aff725a3eabb6c99cb2edfe10b9c33be8a971e08401bc0807e75a2ff376b7934473bc1f02bb512b77414daf260c9c7d4e1f0758b56ec5823892af310e6252fcfb1d9dbad362baa26f43f12f831fd221926d6536eeff641db46920ae0e48f3ff5de599714ba6510ce479d4116a519792281736f39c9fc0e10ef557392c43389271cebcf36543fcf6f83bf74b93ee4eb5e8c82e35bb4784cc1ed0ad291b16e8368487589f7590bf5896f340a36555a1cf69736da230a809176dbdfba3d47efb9a6932e5503d277532b7d4e6f7c7373a298e5843a9f74d5fd07fbc6ad22bc644ba9b3c94ec3c8f0b9321b16e5826b1f058f781760a5d4b6a8880202b41689139c37cd51f65a92d883f8901add03b650c9ec182fb565a4d657ebba9d6a5eb426b22d5933b72362e6ec327fb679aa8034b8b3b6680ad138be47652a3e77981187d2921cebfc1639aa280e3d38dba9b1af49ceded79c78a2d656b3a3e946e17e6257def6679f70f11aa01a2d906aecf4dbc7d1a332a8932ed719ce7eecb5450f494f944b3f6b637502ddba609c6e45dcfad1db7c7dda3e2c8d5ddcf27132985442e9b8df16f96c82e72e3e2491856d07756b9f08000100627066000900010073797a30000000000900020073797a3200000000440005800800024000000002080001"], 0x2d4}}, 0x4048010)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r0}, &(0x7f0000000080), 0x0}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r4, 0x0, 0x8000000000000}, 0x18)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r6}, 0x10)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x4)
ioctl$PIO_UNIMAPCLR(r7, 0x4b68, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800e00010069703665727370616e0000002000028006000200300000001400060000000000000000000000ffff7f00000108000a00", @ANYRESOCT], 0x5c}}, 0x0)

14.361463874s ago: executing program 2 (id=857):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0xd9}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="04000000000000001b000000b70000000000000095000000000000000000000000000000000000003b10b6d0cd1373949b68e59379e5e6251457a01c98e8976693e17491f17d642faabaab5f8d2c01e1b18a4e81cdec2301c9508724341bf2b20754545208b56e452129a5b90097a96518ee85f6f926bbe5f6407557d45fe94b2f3000dcff65ffaf45f0c8f74d9b5132a65b2ec0a1243a358bf410f7f9bf09ded00d492748d4f4dcc8c5f55057916f80ac584bbcf5321c623f6890"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x60, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x94)
socket$inet6(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000680)='sched_switch\x00', r2}, 0x18)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x410c04, &(0x7f0000000600)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10}}, {@noload}]}, 0x1, 0x779, &(0x7f0000001900)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTuZ206bmWmSJjPV+XzgZs65907O+c79cc7MPdwbQN8aT//kIg5HxLtJxGhjfhIRQ/XUYMTJjfVura0W0ymJ9fWXf0nq69xcWy1G03tSBxuZ/0fEN29FHMltLre6vDJXKJdLi438ZG3+wmR1eeXo+fnCbGm2tHB8anr62ImnThzfvVh/+37l0LX3Xnj885N/vPm/q+98m8TJONRY1hzHbhmP8cZnMpR+hHd5frcL67Gk1xVgR9JDc2DjKI/DMRoD9RQA8E/2ekSsAwB9JtH+A0CfyX4HuLm2Wsym3v4i0V3Xn4uI/RvxZ9c3N5YMNq7Z7a9fBx25mdx1ZSSJiLFdKH88Ij7+8tVP0yn26DokQCtvXI6Is2Pjm8//yaYxC9v1RIdl+xqv4/fMd/6D7vkq7f883ar/l7vd/4kW/Z/hFsfuTtz3+D+wC4V0kPb/nm0a23arKf6GsYFG7l/1Pt9Qcu58uZSe2/4dERMxNJzmpzqUMXHjzxvtljX3/359/7VP0vLT1ztr5H4aHL77PTOFWuFBYm52/XLEI4Ot4k9ub/+kTf/39BbLePGZtz9qtyyNP403mzbHH43RSXtj/UrEYy23/50RbUnH8YmT9d1hMtspWvjihw9H2pXfvP3TKS0/+y7QDen2H+kc/1jSPF6zuv0yvrsy+nW7ZfePv/X+vy95pZ7O+hGXCrXa4lTEvuSlzfOP3Xlvls/WT+OfeLT18d9p/0+/E57dYvyD137+bOfx7600/pltbf/tJ67emhtoV/7Wtv90PTXRmLOV899WK/ggnx0AAAAAAAAAAAAAAAAAAAAAAAAAbFUuIg5FksvfTudy+fzGM7z/GyO5cqVaO3KusrQwE/VnZY/FUC671eVo0/1Qpxr3w8/yx+7JPxkR/4mID4YPJNl9FGd6HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZA62ef5/6sfhXtcOANgz+3tdAQCg67T/ANB/tP8A0H+0/wDQf7T/ANB/tP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADssdOnTqXT+u9rq8U0P3NxeWmucvHoTKk6l59fKuaLlcUL+dlKZbZcyhcr8/f7f+VK5cJ0LCxdmqyVqrXJ6vLKmfnK0kLtzPn5wmzpTGmoK1EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPZUl1fmCuVyaVFiB4n1h6MavU8MNHanh6U+XU0kD0c1djnR6ayR687JCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBv4K8AAAD//8yLIwE=")
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
clock_gettime(0x2, &(0x7f0000000240)={<r3=>0x0, <r4=>0x0})
timer_settime(0x0, 0x1, &(0x7f0000000080)={{r3, r4+10000000}, {0x0, 0x989680}}, 0x0)
rt_sigaction(0xe, &(0x7f0000000180)={&(0x7f0000000100)="f30f1efc66450f2832c482adbcaf07000000c4e1e00300aa9c43713ef2400f1ed3c4c2e93be7f2262e669f8f88a4a2e100430f12957b280000653ed9fa", 0x8000000, 0x0, {[0x8000]}}, 0x0, 0x8, &(0x7f0000000200))

13.934593153s ago: executing program 2 (id=864):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r0}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES8=r0, @ANYRES32=r2, @ANYRES32=r1], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r3}, 0x10)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

13.812059765s ago: executing program 2 (id=867):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000580), r0)
r2 = socket$igmp(0x2, 0x3, 0x2)
r3 = socket$netlink(0x10, 0x3, 0x14)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000500)='./file1\x00', 0x4000, &(0x7f00000001c0), 0x1, 0x4bc, &(0x7f0000000a40)="$eJzs3ctvW1UaAPDPdpMmaWb6mNGo7UjTSh2p81DjPDRqMjObWc3MotJoKrEBqYTEDSVOHMVOaaIuUth1wQKBQEIs2PMXsKErKiTEGvaIBSqCEiRAQjK613abOHGwII1p7u8n3ebch/2dU+s7Ovf4Xt8AMuts8k8uYjgiPoyIo43VrQecbfzZuH9zJllyUa9f/iKXHpestw5tve5IRKxHxEBE/P/fEc/ktsetrq7NT5fLpeXmerG2sFSsrq5duLYwPVeaKy2OTV6cmpocnRif2rO23n7puduX3vlv/9vfvHjv7svvvZtUa7i5b3M79lKj6X1xfNO2QxHxz0cRrAcKzfYM9roi/CTJ5/ebiDiX5v/RKKSfJpAF9Xq9/n39cKfd63XgwMqnY+BcfiQiGuV8fmSkMYb/bQzly5Vq7a9XKyuLs42x8rHoy1+9Vi6NNs8VjkVfLlkfS8sP18fb1ici0jHwK4XBdH1kplKe3d+uDmhzpC3/vy408h/ICKf8kF3yH7JL/kN2yX/ILvkP2SX/IbvkP2SX/Ifskv+QXfIfskv+Qyb979KlZKm37n+fvb66Ml+5fmG2VJ0fWViZGZmpLC+NzFUqc+k9Ows/9n7lSmVp7G+xcqNYK1Vrxerq2pWFyspi7Up6X/+VUt++tAroxvEzdz7ORcT63wfTJdHf3CdX4WCr13PR63uQgd4o9LoDAnrG1B9kl3N8oP0netvHBQOdXrj0cL4QeLzke10BoGfOn/L9H2SV+X/ILvP/kF3G+MAOj+jbYrf5f+DxZP4fsmu4w/O/frXp2V2jEfHriPio0He49awv4CDIf5Zrjv/PH/3jcPve/ty36VcE/RHx/BuXX7sxXastjyXbv3ywvfZ6c/v4phd2PGEAeqWVp608BgCya+P+zZnWsp9xP/9X4yKE7fEPNecmB9LvKIc2cluuVcjt0bUL67ci4uRO8XPN5503TmSGNgrb4p9o/s013iKt76H0uen7E//Upvh/2BT/9M/+X4FsuJP0P6M75V8+zel4kH9b+5/hPbp2onP/l3/Q/xU69H9nuozx7JsvfNox/q2I0zvGb8UbSGO1x0/qdr7L+PeeeuJ3nfbV32q8z07xW5JSsbawVKyurl1If0durrQ4NnlxampydGJ8qpjOURdbM9Xb/ePkB3d3a/9Qh/i7tT/Z9ucu2//d799/8uwu8f90bufP/8Qu8Qcj4i9dxv9q/JOnO+1L4s92aH9+l/jJtoku41df/c/hLg8FAPZBdXVtfrpcLi0rKCj0pHDrl1GNtkKveybgUauuJqfmSdL3uiYAAAAAAAAAAABAt/bjcuJetxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CD4IQAA//9HcdTQ")
r4 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r6, &(0x7f0000000140)="84", 0x1, 0xb57a)
fallocate(r4, 0x0, 0xbf5, 0x2000402)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000d80)={0xffffffffffffffff, 0x18000000000002a0, 0x2, 0x0, &(0x7f0000000040)="76ea", 0x0, 0x6400, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
setresuid(0xee01, 0xee01, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x9)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14, 0x3ed}, [], {0x14, 0x3f7}}, 0x28}, 0x1, 0x0, 0x0, 0x47729659aea227c}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000300)='rxrpc_call\x00', r7}, 0x18)
r9 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r9, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8, @multicast2}}, 0x24)
recvmmsg(r9, &(0x7f0000000d00), 0xf000, 0x10002, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r5, 0xc028660f, &(0x7f0000000040)={0xc, r4, 0x0, 0x0, 0x0, 0xfffffffffdffffff})
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401000000000000000000090002002f797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8804)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f0000000180)={0x0, 0x4, 0x0, 0x40, @vifc_lcl_ifindex, @multicast2}, 0x10)
setsockopt$MRT_FLUSH(r2, 0x0, 0xd4, &(0x7f0000000000)=0x9, 0x4)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone(0x8000, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
sendmsg$IEEE802154_LIST_PHY(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000000c0)={0x14, r1, 0x30b, 0x0, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x2400c0c3}, 0x20060000)

13.741231027s ago: executing program 2 (id=869):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
mmap(&(0x7f000095b000/0x4000)=nil, 0x4000, 0x2000009, 0x25813, r0, 0x0)
mmap(&(0x7f0000867000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0xffffe000)
getsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1064, 0x80, 0x200003, 0x1af}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f00000000c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x2, 0x1, 0xffffffffffffffff, 0x0, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x0, 0x3, 0x0, {0x2}})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r2, 0x47f8, 0x0, 0x0, 0x0, 0x0)

13.54853249s ago: executing program 2 (id=871):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x40000)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0xa}, 0x100202, 0x7fffffffffffffff, 0xfffffffb, 0x0, 0x0, 0x80000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
fadvise64(r2, 0x2, 0x0, 0x4)
ioctl$SIOCPNENABLEPIPE(r2, 0x89ed, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f00000005c0), 0x618942, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000440)="d800000018007b7be00212ba0d0505040a003f00000f040b067c55a1bc000900b80006990300000015000500fe800000000000000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b3162700e06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5005ccca262f3d40fad95667e04adcdf63cc1f215ce3bb9ad8ffd5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd601edef3d93452a92307f00000e97031e9f05e9f16e07000000", 0xd4}, {&(0x7f0000000100)="d8bcf4de", 0x4}], 0x2, 0x0, 0x0, 0x2663}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x207, &(0x7f0000000000), 0x1, 0x469, &(0x7f0000000100)="$eJzs3M9vFFUcAPDv7G5BfnZF/AGiomgk/mhpQeXgRRMTD5qY6AGPtRSCLNTQmghpbDEELyZKwt2YeDHxL/DkiagnE694NyTEcAE9rRl2dtlud8u2u91t3c8nGfpe9+2+73dm3s6bGaYBDKz96T9JxPaIuB4RwxGRq2+wpbKk7e7cmpv859bcZBLl8vt/J+nb4vatuclq0yT7ua1SKaQflLuURLFJvzPnL5yeKJWmzmX10dkzn4zOnL/w8qkzEyenTk6dHT969MjhsddeHX+lK3mmMd3e+/n0vj1vf3jl3cljVz769cdKvOXy1WuHFuXRHUMRMVdbJ42e625nfbejrpwU+hgIK7I5IgrZ3no9hiN/aWftteF464u+BgesqXK5XB5v/fJCGfgfS6LfEQD9UT3Qp+e/1aVHU4914eYblROgNO872VJ5pRAXszZDDee33bQ/Io4t/PttukTD9RQAgLXwczr/eanJ/K8Y8Uhdu53ZvaFiRDwYEbsi4qGI2B0RD0el7aMR8dgK+9/fUF86/8ndWF1m7Unnf69n97YWz/9qd8GK+ay2427+Q8mJU6WpQ9k6ORhDm9P6WNNPTyIW0p9/fN2q//r5X7qk/VfnglkcNwqbF7/n+MTsRMeJZ25ejNhbaJZ/EoV7WcSeiNi7yj5OvfDDvsW/yddK989/GV24z1T+LuL5yvZfiIb8q5Ll70+OPhClqUOj1b1iqd9+v/xeq/47yr8L0u2/ten+X8u/mNTfr51Z8hGb7tfH5T+/bHlOs9r9f1PywaLOP5uYnT03FrEpeWfp7+sucFfr1fZp/gcPNB//u+Lemng8ItKd+ImIeDIinspifzoinomIA8vk/8ubz368+vzXVpr//Iq2/8oL+dPXfmrVf3vb/0i1cjeodr7/2g2wk3UHAAAAG0UuIrZHkhuplXO5kZHK/5ffHVtzpemZ2RdPTH969njlGYFiDOWqV7qG666HjmXXhqv18aw+n9UPZ9eNr+a33K2PTE6Xjvc7eRhw21qM/9Rf+X5HB6w5z2vB4DL+YXCtfvz75oCN7j6jONerOIDecxSHwdVs/M/3IQ6g9xz/YXDVxv83bTSue9yr8eFNYONx/IfBZfzDQOrkuf51UYjvI5Zvk6yXUFdU+KqTtxd6EGHk1seK6mFhPB/RxzAK7f5Vizhfnu+4035/MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTHfwEAAP//qO7n/A==")

13.54035186s ago: executing program 35 (id=871):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x40000)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={0x0, 0xa}, 0x100202, 0x7fffffffffffffff, 0xfffffffb, 0x0, 0x0, 0x80000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x13, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
fadvise64(r2, 0x2, 0x0, 0x4)
ioctl$SIOCPNENABLEPIPE(r2, 0x89ed, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f00000005c0), 0x618942, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000440)="d800000018007b7be00212ba0d0505040a003f00000f040b067c55a1bc000900b80006990300000015000500fe800000000000000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b3162700e06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5005ccca262f3d40fad95667e04adcdf63cc1f215ce3bb9ad8ffd5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd601edef3d93452a92307f00000e97031e9f05e9f16e07000000", 0xd4}, {&(0x7f0000000100)="d8bcf4de", 0x4}], 0x2, 0x0, 0x0, 0x2663}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x207, &(0x7f0000000000), 0x1, 0x469, &(0x7f0000000100)="$eJzs3M9vFFUcAPDv7G5BfnZF/AGiomgk/mhpQeXgRRMTD5qY6AGPtRSCLNTQmghpbDEELyZKwt2YeDHxL/DkiagnE694NyTEcAE9rRl2dtlud8u2u91t3c8nGfpe9+2+73dm3s6bGaYBDKz96T9JxPaIuB4RwxGRq2+wpbKk7e7cmpv859bcZBLl8vt/J+nb4vatuclq0yT7ua1SKaQflLuURLFJvzPnL5yeKJWmzmX10dkzn4zOnL/w8qkzEyenTk6dHT969MjhsddeHX+lK3mmMd3e+/n0vj1vf3jl3cljVz769cdKvOXy1WuHFuXRHUMRMVdbJ42e625nfbejrpwU+hgIK7I5IgrZ3no9hiN/aWftteF464u+BgesqXK5XB5v/fJCGfgfS6LfEQD9UT3Qp+e/1aVHU4914eYblROgNO872VJ5pRAXszZDDee33bQ/Io4t/PttukTD9RQAgLXwczr/eanJ/K8Y8Uhdu53ZvaFiRDwYEbsi4qGI2B0RD0el7aMR8dgK+9/fUF86/8ndWF1m7Unnf69n97YWz/9qd8GK+ay2427+Q8mJU6WpQ9k6ORhDm9P6WNNPTyIW0p9/fN2q//r5X7qk/VfnglkcNwqbF7/n+MTsRMeJZ25ejNhbaJZ/EoV7WcSeiNi7yj5OvfDDvsW/yddK989/GV24z1T+LuL5yvZfiIb8q5Ll70+OPhClqUOj1b1iqd9+v/xeq/47yr8L0u2/ten+X8u/mNTfr51Z8hGb7tfH5T+/bHlOs9r9f1PywaLOP5uYnT03FrEpeWfp7+sucFfr1fZp/gcPNB//u+Lemng8ItKd+ImIeDIinspifzoinomIA8vk/8ubz368+vzXVpr//Iq2/8oL+dPXfmrVf3vb/0i1cjeodr7/2g2wk3UHAAAAG0UuIrZHkhuplXO5kZHK/5ffHVtzpemZ2RdPTH969njlGYFiDOWqV7qG666HjmXXhqv18aw+n9UPZ9eNr+a33K2PTE6Xjvc7eRhw21qM/9Rf+X5HB6w5z2vB4DL+YXCtfvz75oCN7j6jONerOIDecxSHwdVs/M/3IQ6g9xz/YXDVxv83bTSue9yr8eFNYONx/IfBZfzDQOrkuf51UYjvI5Zvk6yXUFdU+KqTtxd6EGHk1seK6mFhPB/RxzAK7f5Vizhfnu+4035/MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTHfwEAAP//qO7n/A==")

2.507906182s ago: executing program 5 (id=1085):
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x410c04, &(0x7f0000000600)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10}}, {@noload}]}, 0x1, 0x779, &(0x7f0000001900)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTuZ206bmWmSJjPV+XzgZs65907O+c79cc7MPdwbQN8aT//kIg5HxLtJxGhjfhIRQ/XUYMTJjfVura0W0ymJ9fWXf0nq69xcWy1G03tSBxuZ/0fEN29FHMltLre6vDJXKJdLi438ZG3+wmR1eeXo+fnCbGm2tHB8anr62ImnThzfvVh/+37l0LX3Xnj885N/vPm/q+98m8TJONRY1hzHbhmP8cZnMpR+hHd5frcL67Gk1xVgR9JDc2DjKI/DMRoD9RQA8E/2ekSsAwB9JtH+A0CfyX4HuLm2Wsym3v4i0V3Xn4uI/RvxZ9c3N5YMNq7Z7a9fBx25mdx1ZSSJiLFdKH88Ij7+8tVP0yn26DokQCtvXI6Is2Pjm8//yaYxC9v1RIdl+xqv4/fMd/6D7vkq7f883ar/l7vd/4kW/Z/hFsfuTtz3+D+wC4V0kPb/nm0a23arKf6GsYFG7l/1Pt9Qcu58uZSe2/4dERMxNJzmpzqUMXHjzxvtljX3/359/7VP0vLT1ztr5H4aHL77PTOFWuFBYm52/XLEI4Ot4k9ub/+kTf/39BbLePGZtz9qtyyNP403mzbHH43RSXtj/UrEYy23/50RbUnH8YmT9d1hMtspWvjihw9H2pXfvP3TKS0/+y7QDen2H+kc/1jSPF6zuv0yvrsy+nW7ZfePv/X+vy95pZ7O+hGXCrXa4lTEvuSlzfOP3Xlvls/WT+OfeLT18d9p/0+/E57dYvyD137+bOfx7600/pltbf/tJ67emhtoV/7Wtv90PTXRmLOV899WK/ggnx0AAAAAAAAAAAAAAAAAAAAAAAAAbFUuIg5FksvfTudy+fzGM7z/GyO5cqVaO3KusrQwE/VnZY/FUC671eVo0/1Qpxr3w8/yx+7JPxkR/4mID4YPJNl9FGd6HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZA62ef5/6sfhXtcOANgz+3tdAQCg67T/ANB/tP8A0H+0/wDQf7T/ANB/tP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADssdOnTqXT+u9rq8U0P3NxeWmucvHoTKk6l59fKuaLlcUL+dlKZbZcyhcr8/f7f+VK5cJ0LCxdmqyVqrXJ6vLKmfnK0kLtzPn5wmzpTGmoK1EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPZUl1fmCuVyaVFiB4n1h6MavU8MNHanh6U+XU0kD0c1djnR6ayR687JCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBv4K8AAAD//8yLIwE=")
timer_create(0xfffffffffffffffd, 0x0, &(0x7f00000000c0)=<r0=>0x0)
clock_gettime(0x2, &(0x7f0000000240)={<r1=>0x0, <r2=>0x0})
timer_settime(r0, 0x1, &(0x7f0000000080)={{r1, r2+10000000}, {0x0, 0x989680}}, 0x0)
rt_sigaction(0xe, &(0x7f0000000180)={&(0x7f0000000100)="f30f1efc66450f2832c482adbcaf07000000c4e1e00300aa9c43713ef2400f1ed3c4c2e93be7f2262e669f8f88a4a2e100430f12957b280000653ed9fa", 0x8000000, 0x0, {[0x8000]}}, 0x0, 0x8, &(0x7f0000000200))

2.507480762s ago: executing program 5 (id=1086):
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000200)={0xffffffffffffffff, 0x20, &(0x7f0000000180)={&(0x7f0000000340)=""/4096, 0x1000, <r2=>0x0, &(0x7f0000001340)=""/94, 0x5e}}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1a, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f00000013c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @tracing=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000540)=@generic={&(0x7f0000000500)='./file0\x00', r5}, 0x18)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001580)={0x1b, 0xc, &(0x7f0000001640)=ANY=[@ANYRESHEX=0x0, @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095943ac57068bc3b62c2da3ff3b8b6a71fada06a23577517a65d0050fade5f5f53977ebc4bfe4b20ea0871d6e699804f80f1a379c4afdf36e7376e14cbfe695c40b26123133426c9ccf6a8df38e23719b62e5380f8b1571c0aabd984fc0b07e659b7e330d900e338f81f771016815adf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffffd2}, 0x94)
r7 = socket$inet_sctp(0x2, 0x5, 0x84)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f00000007c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000000800)={'batadv0\x00', <r10=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r8, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000180)={0x24, r9, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r10}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0xc010}, 0x40)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r11}, 0x10)
r12 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r12, &(0x7f0000000040), 0x10)
listen(r12, 0x0)
r13 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r13, &(0x7f0000000080), 0x10)
sendmmsg(r13, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
r14 = accept4$unix(r12, 0x0, 0x0, 0x0)
recvfrom$unix(r14, &(0x7f0000000140)=""/263, 0x40000, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3, 0x0, 0x10000001}, 0x18)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)

2.308134276s ago: executing program 5 (id=1090):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x11c167, 0x0, 0xfffffffc, 0xb95b5ec032cc8e84}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000003b00)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x7fff}, 0x18)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r3, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4008804)

2.205693588s ago: executing program 5 (id=1096):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a37f7fb9a16059ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a9883815654486fe42cf2f676cdbb91f7582ab314be"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340), 0x10}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000008c0)=r1, 0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x0, 0xc0000001}, {0x3, 0x0, 0xf, 0x0, 0x1, 0xffffffff}, 0x7, 0x10, 0x2000000}}]}}]}, 0x58}}, 0x0)

2.08640734s ago: executing program 5 (id=1099):
r0 = socket$packet(0x11, 0x3, 0x300)
socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x2, 0x4)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1, 0x0, 0x6}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000000)={0x6, 0x0, 0x0, &(0x7f0000000200)='syzkaller\x00', 0x1}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x5412, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r3, &(0x7f00000018c0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000380)="12", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f0000000240)=' ', 0x1}], 0x1}}], 0x2, 0x48800)
syz_usb_disconnect(0xffffffffffffffff)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f00000000c0)='vegas\x00', 0x6)
shutdown(r3, 0x2)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000140)=0x7f)
r4 = syz_usb_connect$hid(0x4, 0x3f, &(0x7f0000000100)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x20, 0x56a, 0x39, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x5, 0x20, 0x7, [{{0x9, 0x4, 0x0, 0xc5, 0x1, 0x3, 0x1, 0x3, 0x5, {0x9, 0x21, 0x6, 0xcb, 0x1, {0x22, 0x8b2}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x40, 0x1a, 0x52}}, [{{0x9, 0x5, 0x2, 0x3, 0x400, 0x3, 0x9, 0x3}}]}}}]}}]}}, &(0x7f00000003c0)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x310, 0x9, 0x40, 0x89, 0xff, 0x3}, 0x4e, &(0x7f00000006c0)=ANY=[@ANYBLOB="050f4e000514100402cdf86d5330b35d6de6629dea3f3f108c1410040404a52ee7cf1616047dd1e307dfab8d5803100b1410040867a76c91493286ccf1278c386e5e18d80ace01051003000600020081ff"], 0x1, [{0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0x1004}}]})
syz_usb_disconnect(r4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f00000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r5}, 0x10)
syz_usb_ep_read(r4, 0x0, 0x4e, &(0x7f0000000740)=""/78)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r7, 0x5, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x8e, 0x3}, {0xc}, {0xc}}]}, 0x54}}, 0x0)

1.973377032s ago: executing program 8 (id=1102):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x200280d0}, 0x40)
r1 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r1, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
setsockopt$inet6_opts(r1, 0x29, 0x37, &(0x7f0000000000)=ANY=[@ANYBLOB="00020401"], 0x18)
connect$inet6(r1, &(0x7f0000000240)={0xa, 0x6e23, 0xfffffdff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000001840), 0x3b, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r4, 0x0, r5, 0x0, 0xf3a, 0x0)
write(r2, &(0x7f00000000c0)="9063e2b6110400000000000000", 0xd)
vmsplice(r5, &(0x7f0000000380)=[{&(0x7f0000013580)="0dd2e7c8926dc6acd0ae6c178054e95986faff9544de5fc4c30adf404da41181a77466ac5075905ea5f50134fdd517a957fe2ee59b61f9fe8d7aabe595ea23de2723e437af0423a56686a4c2d957be1a0ab922fbbd3cb1d8c6ab0d58440a327c8eb05d445b4ac5f20abe449e4084f8b996268d0564f67980d3ed3479e0edfe5cec7b4f89bface391c9c4c58ad123b91c33173c72326d1df18804a9ea20f9ece48f784d8ca2318e3d2b316666b5dfb7295c4915989d5bcb120e8fedaa97b93a137c256ce4", 0x20013644}, {&(0x7f0000013680)="c578381bf5113dad8319d9ea5294285ae9a90384ce23866477bef9de4399237d8b3522c9c194e71edaf3332a2f169682f9d8fa271683d4d441b710409e506333e0c3b64e52e8720734b6787f4a84f5bebb046649c6c697d978affd349031b2cd874c7a8961a586a9f2d62f945e7a5bf2f5f7a31684c0503704881d2578a2a98ac3ef4e4a4b0dcdb70db735d5c1652eed3848b2dd4131bb0eb7cfadfaf5", 0x9d}], 0x2, 0x0)
tee(r5, r5, 0x48f5, 0x45c6c83444aaf97f)
write$binfmt_script(r5, 0x0, 0xd9)
write(r3, 0x0, 0x0)

1.857087174s ago: executing program 7 (id=1106):
r0 = socket(0x11, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000180)={0x11, 0x0, r2, 0x1, 0x1, 0x6, @multicast}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000b00)=ANY=[@ANYBLOB="00050000270000012cbd7000fedbdf2509025159595638800800f400c1e3510bb77dc90981878e093c7ece11"], 0x500}], 0x1, 0x0, 0x0, 0x20000001}, 0x20040051)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb7, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0xa8}, [@ldst={0x5, 0x3, 0x0, 0xa}]}, &(0x7f00000002c0)='GPL\x00', 0x5, 0xbc, &(0x7f0000000300)=""/188, 0x0, 0x2, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080), 0x10}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000001c000000bca30000000000002403000020feffff620a00fef8ffffff71a400fe000000001f03000000000000e5000600000000002604fdffff02000015010000033800001d13fcff000000007a0af0ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f00000000c0), 0x10}, 0x94)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_int(r3, 0x1, 0x27, 0x0, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x10)
setsockopt$sock_int(r4, 0x1, 0x2a, &(0x7f0000000000), 0x4)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x880, &(0x7f00000001c0)=ANY=[@ANYBLOB='shortname=lower,iocharset=iso8859-1,fmask=00000000000000000000066,uni_xlate=1,uni_xlate=0,fmask=00000000000000000000003,uid=', @ANYRESHEX=0x0, @ANYBLOB=',uni_xlate=0,utf8=1,check=strict,nonumtail=0,rodir,errors=continue,shortname=lower,umaQk=00000000000000000000007,rodir,sys_immutable,\x00'], 0x4, 0x2dc, &(0x7f0000000bc0)="$eJzs3c1uG1UfBvBnEsf221fCXrBCSIwEC1ZV0ytwhFIJkRVVFsACIppKKI6QWikSH8Ltii0bFiy4AiQkLoQNd8AFILGjlSoNmvE4toubj6pu+fj9Nj45c54z/zMZJ5NFjj969fjoVpnb97/8Nf1+kY1RRnlQZJiNzNzLktE3AQD+yR5UVX6vplYdL+6tzhVJ+muuDQBYj/N+/7deOm391L52114aALAmN997/52dvb3dd8uynxvHX5/s13/Z16/T4zu380nGOcy1DPIoaR4UttI8LdTNG1VVTTrlw7Ish3njeHKyXyePP/y5nX/nt6TJb2eQYdN1+rTR5N/e290upxbyk7qOK+35R3X+egZ5+TS8lL++Ip/9bt58faH+qxnkl4/zaca51RQxzfeyt/vVdlm+VX37xxcf1OXV+WJyst9rxs1Vm8/5WwMAAAAAAAAAAAAAAAAAAAAAwL/Y1XbvnF6a/Xvqrnb/nc1H9RdbKWeGy/vzTPPFbKLF/YGqqppU+X62P8+1siyrduA838krnXRezKoBAAAAAAAAAAAAAAAAAADg7+XuZ58fHYzHh3eeSaPYmM7aSfLwZvK084wWel7L8phRstTTa1dyMB63Z8/4cLgwYafpaePZnI0pkjPLqBfxjC7LeY3/LVa42Pjhx8tO2D9/zNbqcz1V48rqazi7u44OitXXsJdZT7+9Sb7rJvMx3VywjO6TDlW5zO3XXVFhMrhIfLbW6Tz/bw5NzkileHJhm6fvy7aneHwV3eaqroxvtY089gaZ3xsXup/Tn8b/+rOisFsHAAAAAAAAAAAAAAAAAACs1fy/f1ccvH9mdKPqra0sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHiu5p//f4nGpA1fYHA3d+6+4CUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwH/BnAAAA//+lXFN6")
creat(&(0x7f00000001c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x36)
r5 = socket$inet6(0xa, 0x4, 0x5)
ioctl$BTRFS_IOC_DEV_REPLACE(r5, 0xca289435, &(0x7f0000001880)={0x1, 0x9, @status={[0x8, 0x3, 0x40, 0x1, 0x1ff, 0x2]}, [0x7f, 0x7, 0x10000, 0x2, 0x2d, 0x8001, 0x0, 0x6, 0x0, 0x9, 0x5, 0x5b, 0x7, 0x81, 0x30ca, 0x3, 0xffffffffffffffff, 0xd, 0x7, 0x1, 0x5, 0xffffffffffffffff, 0x5, 0x800, 0x7, 0x9, 0x2f, 0x8000000000000000, 0x1ff, 0x40, 0x400, 0xc8f7, 0x2dc, 0x5, 0x1, 0x9, 0xfffffffffffffffd, 0x10, 0xe, 0x72, 0x1, 0x1, 0x6, 0x6, 0x2, 0xa8, 0x3, 0x6, 0x4, 0x7, 0xcbb6, 0x7, 0x1, 0x5000000000000000, 0x7fffffff, 0x7, 0x1000, 0x4, 0x4, 0x7f, 0x5, 0x4, 0x5e2c, 0x7]})

1.791536316s ago: executing program 7 (id=1109):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a37f7fb9a16059ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a9883815654486fe42cf2f676cdbb91f7582ab314be"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340), 0x10}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000008c0)=r1, 0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000046c0)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x2c, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x0, 0xc0000001}, {0x3, 0x0, 0xf, 0x0, 0x1, 0xffffffff}, 0x7, 0x10, 0x2000000}}]}}]}, 0x58}}, 0x0)

1.757397717s ago: executing program 7 (id=1112):
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x410c04, &(0x7f0000000600)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10}}, {@noload}]}, 0x1, 0x779, &(0x7f0000001900)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTuZ206bmWmSJjPV+XzgZs65907O+c79cc7MPdwbQN8aT//kIg5HxLtJxGhjfhIRQ/XUYMTJjfVura0W0ymJ9fWXf0nq69xcWy1G03tSBxuZ/0fEN29FHMltLre6vDJXKJdLi438ZG3+wmR1eeXo+fnCbGm2tHB8anr62ImnThzfvVh/+37l0LX3Xnj885N/vPm/q+98m8TJONRY1hzHbhmP8cZnMpR+hHd5frcL67Gk1xVgR9JDc2DjKI/DMRoD9RQA8E/2ekSsAwB9JtH+A0CfyX4HuLm2Wsym3v4i0V3Xn4uI/RvxZ9c3N5YMNq7Z7a9fBx25mdx1ZSSJiLFdKH88Ij7+8tVP0yn26DokQCtvXI6Is2Pjm8//yaYxC9v1RIdl+xqv4/fMd/6D7vkq7f883ar/l7vd/4kW/Z/hFsfuTtz3+D+wC4V0kPb/nm0a23arKf6GsYFG7l/1Pt9Qcu58uZSe2/4dERMxNJzmpzqUMXHjzxvtljX3/359/7VP0vLT1ztr5H4aHL77PTOFWuFBYm52/XLEI4Ot4k9ub/+kTf/39BbLePGZtz9qtyyNP403mzbHH43RSXtj/UrEYy23/50RbUnH8YmT9d1hMtspWvjihw9H2pXfvP3TKS0/+y7QDen2H+kc/1jSPF6zuv0yvrsy+nW7ZfePv/X+vy95pZ7O+hGXCrXa4lTEvuSlzfOP3Xlvls/WT+OfeLT18d9p/0+/E57dYvyD137+bOfx7600/pltbf/tJ67emhtoV/7Wtv90PTXRmLOV899WK/ggnx0AAAAAAAAAAAAAAAAAAAAAAAAAbFUuIg5FksvfTudy+fzGM7z/GyO5cqVaO3KusrQwE/VnZY/FUC671eVo0/1Qpxr3w8/yx+7JPxkR/4mID4YPJNl9FGd6HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZA62ef5/6sfhXtcOANgz+3tdAQCg67T/ANB/tP8A0H+0/wDQf7T/ANB/tP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADssdOnTqXT+u9rq8U0P3NxeWmucvHoTKk6l59fKuaLlcUL+dlKZbZcyhcr8/f7f+VK5cJ0LCxdmqyVqrXJ6vLKmfnK0kLtzPn5wmzpTGmoK1EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPZUl1fmCuVyaVFiB4n1h6MavU8MNHanh6U+XU0kD0c1djnR6ayR687JCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBv4K8AAAD//8yLIwE=")
timer_create(0xfffffffffffffffd, 0x0, &(0x7f00000000c0)=<r0=>0x0)
clock_gettime(0x2, &(0x7f0000000240)={<r1=>0x0, <r2=>0x0})
timer_settime(r0, 0x1, &(0x7f0000000080)={{r1, r2+10000000}, {0x0, 0x989680}}, 0x0)
rt_sigaction(0xe, &(0x7f0000000180)={&(0x7f0000000100)="f30f1efc66450f2832c482adbcaf07000000c4e1e00300aa9c43713ef2400f1ed3c4c2e93be7f2262e669f8f88a4a2e100430f12957b280000653ed9fa", 0x8000000, 0x0, {[0x8000]}}, 0x0, 0x8, &(0x7f0000000200))

1.615841989s ago: executing program 7 (id=1113):
r0 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'ipvlan0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c000000100003052cbd7000fedbdf2500000020", @ANYRES32=0x0, @ANYBLOB="0000000000080400240012800b0001006d61637365630000140002800500060000000000050007000000000008000500", @ANYRES32=r1], 0x4c}}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r4 = open$dir(&(0x7f0000000080)='./file0\x00', 0x2, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r4, 0x0)
write(r4, &(0x7f0000000240)="2cd889f03e14f3c4", 0x8)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0xff, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r5, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wlan1\x00', <r8=>0x0})
r9 = socket$packet(0x11, 0x2, 0x300)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r11, 0x0, 0x7fff}, 0x18)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r12=>0x0})
r13 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r13, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r12, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)
sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r6, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000340)={0x4c, r7, 0x300, 0x70bd28, 0x25dfdbff, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0xb}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x30}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x14}, @NL80211_ATTR_COOKIE={0xc, 0x58, 0x1e}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x20000004)
sendmsg$NL80211_CMD_START_P2P_DEVICE(r2, &(0x7f00000002c0)={&(0x7f0000000180), 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x14, r3, 0x200, 0x70bd28, 0x25dfdbff, {{}, {@void, @void}}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8eb27c313946051c}, 0x800)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f0000000080)={[{@usrquota}, {@noblock_validity}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x8c9}}, {@debug}, {@inlinecrypt}]}, 0x6, 0x5fc, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
r14 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r14, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x8}, 0x94)
r15 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r15}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)

1.278842505s ago: executing program 1 (id=1117):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r2=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{0x0}, {0x0}], 0x2, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r2}}], 0x20, 0x2400e044}, 0x0)

1.185402917s ago: executing program 1 (id=1119):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x103, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x11c167, 0x0, 0xfffffffc, 0xb95b5ec032cc8e84}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x3)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r2, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4008804)

1.086174279s ago: executing program 1 (id=1121):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r0 = syz_io_uring_setup(0x10d6, &(0x7f0000000480)={0x0, 0xb3c2, 0x100, 0x0, 0x34f}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f00000018c0)=0x13)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8})
sendmsg$NLBL_UNLABEL_C_STATICADD(0xffffffffffffffff, 0x0, 0x0)
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

1.04604427s ago: executing program 6 (id=1124):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000700000045000000a000020095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000040000000000000000000300000a20000000000a05000000000000000000070000000900010073797a300000000044000000090a010400000000000000000700ffff08000a40000000030900020073797a31000000000900010073797a3000000000080005400000002106000d40931000005c0000000c0a01020000000000000000070000000900020073797a31000000000900010073797a3000000000300003802c0000800400018024000b80100001800c000100636f756e7465720010000180090001006c617374"], 0xe8}, 0x1, 0x0, 0x0, 0x10}, 0x8000)
r2 = socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'syzkaller0\x00', <r4=>0x0})
bind$packet(r3, &(0x7f0000000440)={0x11, 0x1a, r4, 0x1, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, 0x14)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r4, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000080))
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000002000000000000000018090000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x39, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r7}, 0x10)
r8 = getpgid(0x0)
r9 = syz_pidfd_open(r8, 0x0)
pidfd_send_signal(r9, 0x0, 0x0, 0x4)
ioctl$PAGEMAP_SCAN(r6, 0xc0606610, &(0x7f0000000100)={0x60, 0x0, &(0x7f00001c9000/0x3000)=nil, &(0x7f0000729000/0x4000)=nil, 0x0, &(0x7f0000000040)=[{0x10000000000000, 0xfffffffffffffc00}], 0x1, 0x0, 0x44, 0x2, 0x0, 0xe})
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='sys_enter\x00', r10}, 0x10)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x20044080}, 0x8000)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x531, &(0x7f0000000640)="$eJzs3cFvI1cZAPBvvPFudjfbpMABKrUUWrRbwdpJQ9uIQykSglMlRLkvIXGiKE4cxU67iSrI/gVICAESJ7hwQeIPQEIrceGIkCrBGaQiEIItSHCADvJ4nARnnLiLE+86v580O++98cz3PW9mPDN+GgdwYT0bEa9FxPtpmr4QEdN5eymfYr8ztV/33oO3l9pTEmn6xl+TSPK27raSfH49X20yIr765YhvJMfjNnf31hfr9dp2Xq+2Nraqzd2922sbi6u11drm/PzcywuvLLy0MDuUft6IiFe/+MfvffsnX3r1F5956w93/nzrm+20pvLlR/vxAU2ctLDT9fKVyZ4Vth8y2KOo3Z9yt3J1sHXunWE+AAD01z7H/1BEfDIiXojpuHTy6SwAAADwGEo/PxX/TiLSYpf7tAMAAACPkVI2BjYpVfKxAFNRKlUqnTG8H4lrpXqj2fr0SmNnc7kzVnYmyqWVtXptNh8rPBPlpF2fy8qH9Rd76vMR8WREfHf6alavLDXqy6O++QEAAAAXxPWe6/9/THeu/wEAAIAxMzPqBAAAAIAz5/ofAAAAxp/rfwAAABhrX3n99faUdn//evnN3Z31xpu3l2vN9crGzlJlqbG9VVltNFazZ/ZtnLa9eqOx9dnY3LlbbdWarWpzd+/ORmNns3VnLSbPpUMAAADAMU9+/P7vkojY/9zVbGq7POqkgHMxcVBK8nnB3v/7Jzrzd88pKeBcXBrgNe9eKW53ngCPt4nehj77OjB+yqNOABi55JTlfQfv/Dqff2K4+QAAAMN382PF3/+fdj0QsV86h/SAM5SmaTrqHIDR6Pn+P50eVSLAucu+/x90II8zfhgr5YFGAALj7P/+/v9U7jMAAMCoTWVTUqrkt/emolSqVCJuZD8LUE5W1uq12Yh4IiJ+O12+0q7PZWsmA4wRAAAAAAAAAAAAAAAAAAAAAAAAAAAieyp3kv0GGAAAADC+Ikp/Sn7ZeZb/zennp3rvD1xO/pX9JPDliHjrh298/+5iq7U9127/20F76wd5+4ujuIMBAAAA9Opep2fzf446GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADGzXsP3l7qTgO8/Oqw4v7lCxExUxR/Iiaz+WSUI+La35OYOLJeEhGXhhB//15EfLQoftJO6yBkUfxhvAmnxI+Z/F0oin99CPHhIrvfPv68VrT/leLZbF68/01E/E/9YfU//sXB8e9Sn/3/xoAxnnrnZ9W+8e9FPDVRfPzpxk/6xH9uwPhf/9reXr9l6Y8ibnY/f7Ij3tEIh6Vqa2Or2tzdu722sbhaW61tzs/PvbzwysJLC7PVlbV6Lf+3MMZ3nv75+yf1/1rh51+SZ9O//88XbK/oM+k/79x98OFuZf94/FvPFcT/1Y/zVxyPX8rjfCovt5ff7Jb3O+Wjnvnpb545qf/Lh/0vf5D//1v9Ntrr2I7y9KB/OgDAGWju7q0v1uu17bEttK/SH4E0FB7BwreGusE0TdP2PlWw6H5EDLKdJIbc01JxPoeFvkeAUR+ZAACAYTs86R91JgAAAAAAAAAAAAAAAAAAAHBxncdT1npjHj4CORnGI7QBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIbivwEAAP//NDTX8w==")
r11 = accept4$unix(r5, &(0x7f0000000240)=@abs, &(0x7f00000002c0)=0x6e, 0x800)
accept$unix(r11, &(0x7f0000000340)=@abs, &(0x7f00000003c0)=0x6e)
sendmsg$key(r2, &(0x7f0000000400)={0x10000000, 0x0, &(0x7f0000000040)={&(0x7f0000000840)=ANY=[@ANYBLOB="020e0080150000000000000000000000030005000000000002004e24ac1e00010000000000000000030006003c000000020000fc34000000000000000000000001001800000000000800120000000200fcffffff000000000600330000000000000000000000eafffd8000000000000000000000000000aa000000000000000000000000000000000400"], 0xa8}}, 0x2)

1.013971701s ago: executing program 8 (id=1125):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x2}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x14, 0x2, [@TCA_HHF_NON_HH_WEIGHT={0x8, 0x7, 0x6}, @TCA_HHF_QUANTUM={0x8}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x48801}, 0x0)

968.621121ms ago: executing program 8 (id=1126):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000abd92de000000000000ea04850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x0, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x80, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r1}, 0x10)
syz_io_uring_setup(0x111, &(0x7f00000003c0)={0x0, 0x11, 0x2, 0x2}, 0x0, 0x0)
r2 = socket(0x10, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000380)=@gcm_256={{0x303}, "927be7843c9c7846", "7155908b2d2af96d045dd6f6b3391c2572fd190e8b4585f9c015f02de8b3f37a", "86d9c052", "b1e86cc3da58237c"}, 0x38)
write$binfmt_script(r3, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x14001, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYRES16=0x0], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @cgroup_sysctl=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0xffffffff, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
r6 = socket(0x10, 0x2, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r7, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r7, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r7, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r7, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x304}, "a6070000009332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "0100000000000102"}, 0x28)
write$binfmt_script(r7, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r7, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd87}, &(0x7f0000000240)=0x40)
writev(r7, &(0x7f0000000100)=[{&(0x7f0000000a40)="fb", 0x1}], 0x1)
close_range(r6, r7, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
close_range(r2, r3, 0x0)

958.628082ms ago: executing program 5 (id=1127):
r0 = io_uring_setup(0x7d98, &(0x7f00000003c0)={0x0, 0xdf07, 0x2, 0x1, 0x105})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
io_setup(0x8, &(0x7f00000001c0)=<r2=>0x0)
io_submit(r2, 0x3a, &(0x7f00000006c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0}])
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021940000000c0a01030000000000000000070000000900020073797a31000000000900010073797a3000000000680003806400dec6080003400000000258000b80200001800a00010071756f7461000000100002800c0001400000000000000000340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001400000000000000003"], 0x118}}, 0x0)
io_getevents(r2, 0x2, 0x2, &(0x7f0000001340)=[{}, {}], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000c00)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
r5 = socket$phonet_pipe(0x23, 0x5, 0x2)
listen(r5, 0xa)
ioctl$SIOCPNENABLEPIPE(r5, 0x89ed, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

892.208552ms ago: executing program 1 (id=1128):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="1800"/14, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x64, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x2}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x545, &(0x7f0000001300)="$eJzs3c9vHFcdAPDvrL2Okzi1CxygUktFi5IKshvXtLU4lCIhOFVClHsw9saysvZG9rqNrQo2fwESQoDECS5ckPgDkFAkLhwRUiQ4g1QEQpCCBIfSQbM7G5v1rL0xa2+8/nykybw3v77f5/iNZ3aeZgM4t56PiDci4sM0TV+KiNl8eSmfotWZsu3ef/jucjYlkaZv/S2JJF+WbZamado95uV8t+mI+NpXIr6Z7As4nc93dm8v1eu1zbxaba7fqW7t7F5fW19ara3WNhYW5l9dfG3xlcUbQ2nnlYh4/Ut/+v53fvrl13/52Xf+ePMv176VpTWTr++24xgmD1vZaXr5wnTPDpvHDPYkytpT/iCvXBxsn3snmRAAAH1l1/gfiYhPRcRLMRsTh1/OAgAAAGdQ+oWZ+CDpPL8rMNVnOQAAAHCGlNpjYJNSJR8LMBOlUqXSGcP7sbhUqje2mp+51djeWOmMlZ2LcunWWr12Ix8rPBflJKvPt8t79Zd76gsR8XREfG/2YrteWW7UV0b94QcAAACcE5d77v//Odu5/z9ccjrJAQAAAMMzN+oEAAAAgBPn/h8AAADGWnnUCQAAAAAn7qtvvplNaff7r1fe3tm+3Xj7+kpt63ZlfXu5stzYvFNZbTRW2+/sWz/qePVG487nYmP7brVZ22pWr+zs3lxvbG80b67F9Kk0CAAAADjg6U/e/30SEa3PX2xPmalRJwWcislHpe47PQt6/x+e6szfO6WkgFMxMcA2710oXu46Ac62yd4Fffo6MH6M/weO+kaPvoN3ftOZlYacDwAAMHxXP1H8/P/o6/mWS34443RiOL96nv+ns6NKBDh17ef/gw7kcbEAY6U80AhAYJz9v8//j5amj5UQAAAwdDPtKSlV8o/3ZqJUqlQirrS/FrCc3Fqr125ExFMR8bvZ8oWsPt/eMznyngEAAAAAAAAAAAAAAAAAAAAAAAAA6EjTJFIAAABgrEWU/pz8qvMu/6uzL870fj4wlfy7/ZXAUxHxzo/e+sHdpWZzcz5b/vdHy5s/zJe/PIpPMAAAAIBe3fv09vxfo84GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHHz/sN3l7vTAJtfHFbcv34xIuaK4k/GdHs+HeWIuPSPJCb37ZdExMQQ4rfuRcTHi+InWVqPQhbFH8YPoXUvaaVthfFjLv8pFMW/PIT4cJ7dz84/bxT1/1I8354X97/JiP+pH1f/8188Ov9N9On/VwaM8cyDn1f7xr8X8cxk8fmvGz/pE/+FgaKX4xtf393ttzb9ccTV7t+f9hlvf4S9UrW5fqe6tbN7fW19abW2WttYWJh/dfG1xVcWb1RvrdVr+b+FMb777C8+PKz9lwr//iV5Nv3b/2LB8SYK8v/Pg7sPP9qttA7Gv/ZCQfxf/yTf4mD8Uh7n03k5W3+1W251yvs997PfPndY+1f22l9+nP//a/0O2utAR3l2sF8dAOBEbO3s3l6q12ubY1vI7tKfgDSOU5iKJyKN8S18Oys8GNYB0zRNsz5VsOp+RAxynCSG3NJScT57hb5ngFGfmQAAgGHbu+gfdSYAAAAAAAAAAAAAAAAAAABwfp3GW9Z6Y+69AjkZxiu0AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACG4r8BAAD//7gG3Ac=")
socket$inet6_udplite(0xa, 0x2, 0x88)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)

891.985792ms ago: executing program 6 (id=1129):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x23, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x7fffffff, 0x3}, 0x0, 0x6, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xb)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c01803002d000b12d25a80648c2594f90124fc60100c022300040000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @broadcast}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x6, 0x3, 0xef, 0x9}]}, 0x10)
syz_emit_ethernet(0x3a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa08004500002c002e00000018907804000000010000808b0000000000000052e9d7169bc5482f37f1699885135e15788bf2f1c9fe54bd714ff5a915fc988ee128177a735d8db1940594bb12237765b30675d7d081779d5efd888cfb18366624a01629936ed637118cdbaabbce514b49c99313c2bf9b9534ec0d9172fd57ec5573d55165cceb48db2d8da30aaa4d"], 0x0)

750.387715ms ago: executing program 6 (id=1130):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r2=>0x0]}, &(0x7f0000000240)=0x8)
sendmsg$inet_sctp(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000001c0)}, {0x0}], 0x2, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0xa, 0x4, 0x28, 0x200000b, r2}}], 0x20, 0x2400e044}, 0x0)

749.821795ms ago: executing program 7 (id=1131):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x40c42, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000300))
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000740)={0x2a, 0x0, 0x7fff}, 0xc)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0100000004000000080000000b"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==") (fail_nth: 9)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="14000000100001000000f5ffffffffffffff000a14000000060a0000000000000000000002"], 0x3c}}, 0x0)
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000001300)=0xffff0002)
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f00000014c0)=0x3)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0xe, 0xd, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000851000000100000095000000000000001800000020646c2500000000002020207b1af8ff00000000bda100000000000007010000f8ffffffb702000008000000b703000000000000850000008c000000950000"], &(0x7f0000000180)='syzkaller\x00', 0x1}, 0x94)

513.69269ms ago: executing program 6 (id=1132):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
sendmmsg$inet(r2, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x4e21, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="ac1414aaffffffff0000000010000000000000000000000007"], 0x30}}], 0x1, 0x4008804)

450.442681ms ago: executing program 7 (id=1133):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x8, 0x2, 0x4, 0x5}, 0x48)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x8, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x1400e, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r0, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=@newtfilter={0x90, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r3, {0xfff1, 0xf}, {}, {0x8, 0x6}}, [@filter_kind_options=@f_flow={{0x9}, {0x58, 0x2, [@TCA_FLOW_ACT={0x54, 0x9, 0x0, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0x4000000, 0x20000001, 0x4, 0x2}, 0x1, r3}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}}, @TCA_RATE={0x6, 0x5, {0xff, 0x7}}]}, 0x90}}, 0x0) (fail_nth: 13)

449.640752ms ago: executing program 6 (id=1134):
syz_read_part_table(0x1059, &(0x7f0000000000)="$eJzsz8FNw0AUBNDxYmRbogNa4Ewn7scHCuFMT0hUwDmX6EdeR0oHSQ7v3Uazs9IPD/WRlpxqfG+ZkyXJuWpK8nb0VdVakr+ehtuwP+q2ek3ycoRx2f/JsF3LVv+fa9/VsC++l6/5aH4zZf25150AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8MwuAQAA//9ZkRMF")
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) (async)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0004}]}) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0004}]})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48) (async)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000001080), 0x1, 0x0) (async)
r3 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000001080), 0x1, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000010c0)={<r4=>0x0, @empty, @multicast2}, &(0x7f0000001100)=0xc)
connect$packet(r3, &(0x7f0000001140)={0x11, 0x1a, r4, 0x1, 0x40, 0x6, @broadcast}, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='kmem_cache_free\x00', r2, 0x0, 0x2}, 0x18)
setuid(0xee01)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES8=r0, @ANYBLOB="0000000000000000b777f8ff00000000bfa200000002010007020000f8ffffffb70400000000000085800000010000009500"/62], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000240)={[{@nombcache}, {@debug}, {@norecovery}, {@grpid}, {@nodelalloc}]}, 0x9, 0x61b, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvTDY/mrzvm7S8vK+92IBIC9qkSVspItjitZT64+YpNmmpTZvSRDS1YAr1oogXD4InD9b/QgtePXj14MWDSCGI9GCl2pXZzKa72Wyy+bG7SfbzgUmemcnO852Eb55nn31mJoCONZx9SSMORsT1JGKwYl8h8p3DSz/34PdbF7IliWLx9d+SuPVBslB5rCT/PpC/+O/BSH5IIw501dY7O3/zysT09NSNfH107ur10dn5m0cvX524NHVp6tr4C+OnTp44eWrs2JbOr1BRPnvn7XcHPzr35ldfPErGvv7pXBKn43EeW3ZeK1/bu6Was9/ZcBSXPHyyNS19PbXFY+8UfwxW/44zycoN7FgXI6I7X/4fg9FV8dccjA9fbWtwQFMVkyi3UUDHSdbP/+7aTX3NCQZooXI/oPzefrX3wbXSJvdKgFZYPLM0SLaU+90RUc7/wtLYYPSVxgb6HyRV4zxJRGxtZG5JVsf33527ky1RZxwOaI6F2+VR7pXtf1LKzaHoK631P0ir8j+tWLLtr22y/uEV6/IfWmfhdkQ8lbf/PbHp/H9rk/XLfwAAAAAAANg+985ExPOrzf9Ll+f/9Kwy/2cgIk5vQ/3rf/6X3s8LyTZUB1RYPBPxUs38378qZwcPdeWf8/+7NB+gO714eXrqWET8JyKORHdvtj5WfdiqCcJHPznweb36K+f/ZUtWf3kuYH6o+4UVF+JOTsxNbM/ZQ2dbvB3xsDT/91C+pXr+T9b+JzXt/8evZAl+vcE6Djx793zVhl+e/HtYP/+BZil+GXF41et/nnS3k7XvzzFa6g+MlnsFtZ5+/9Nv6tUv/6F9sva/f+38700q79czu7Hj90TE8flCsd7+zfb/e5I3usrHz7w3MTd3YyyiJzlbu318YzHDXlXOh3K+ZPl/5Jm1x/+W+/8VebgvIhYarPN/jwd+rrdP+w/tk+X/5Nrt/1B1+7/RQl+M3x36Nr/FWI3zDbX/J0pt+pF8i/E/qFR7P45GE7Qt4QIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADALpdGxL8iSUeWy2k6MhIxEBH/jf50emZ27rmLM+9cm8z2VT//f3BpPSk//3+oYn18xfrxiNgfEZ917Sutj1yYmZ5s98kDAAAAAAAAAAAAAAAAAADADjFQuua/2Lvy+v/Mr13tjg5oukL+Xb5D5yls+pXF3m0NBGi5zec/sNs1nv/dTY0DaL36+f/wUbGkpeEALaT/D51rk/nv4wLYA7T/0KkaHNPra3YcQDs03P4vNjcOAAAAAABgW+w/dO/HJCIWXtxXWjI9+T6T/WFvS9sdANA25vBC5yrMtDsCoF28xweS5dKfq17sX3/2f9KcgAAAAAAAAAAAAACAGocPuv4fOlUascYjvM3th71sjev/V0t+twuAPaT+oz8aafsTPQTYxbzHB9Zrx13/DwAAAAAAAAAAAAA7QN/NKxPT01M3Zud3X+HlnRHGxgoLEzsijG0tPF7vZ8qPmd/YkbsjYmecYKsL5VtwtDGMNv5PAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqvwTAAD//9ywLb8=")

388.861713ms ago: executing program 1 (id=1135):
sendmsg$802154_raw(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000180)={0x24, @long={0x3, 0x3, {0xaaaaaaaaaaaa0302}}}, 0x14, &(0x7f0000000040)={&(0x7f00000001c0)="be1393", 0x3}, 0x1, 0x0, 0x0, 0x40854}, 0x8008804)

56.778919ms ago: executing program 8 (id=1136):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x2}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x14, 0x2, [@TCA_HHF_NON_HH_WEIGHT={0x8, 0x7, 0x6}, @TCA_HHF_QUANTUM={0x8}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x48801}, 0x0)

55.883049ms ago: executing program 8 (id=1137):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000770000000e000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r2, &(0x7f0000000080), 0x1c)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x4000000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xa, 0x14, &(0x7f0000000640)=ANY=[@ANYRES32=r0, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0xb73, 0xfffffffffffffd99, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfd, 0x0, 0x7ffc0002}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kmem_cache_free\x00', r4, 0x0, 0xf7}, 0x18)
syslog(0x2, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r5, @ANYBLOB], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x67, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, 0x0, 0x0, 0x0, 0x1}, 0x94)
r7 = dup2(r2, r2)
getsockopt$inet6_mreq(r2, 0x29, 0x1b, &(0x7f0000000200)={@ipv4={""/10, ""/2, @private}, <r8=>0x0}, &(0x7f0000000300)=0x14)
r9 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000280), 0x1, 0x0)
writev(r9, &(0x7f0000000940)=[{&(0x7f0000000200)='\f7', 0x2}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES8=r0, @ANYRES32, @ANYBLOB="0000000400000000b708000000000000f6d4cf3e00000000bfa200000000000007020000f8ffffffb703000002000000be04000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x27, 0x0, 0x0, 0x0}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r10}, 0x10)
chown(&(0x7f00000002c0)='./file1\x00', 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x6, 0x16, &(0x7f0000000800)=ANY=[@ANYBLOB="180000000300000000000000fbffffff18110000681fff83f479322113c0d9d9b79ca3463219439e1509c36bf644aa134dd62f2a300ef924e115b97ade87e6", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000087470c000000000018250000", @ANYRES32=r7, @ANYBLOB="00000000518f000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020000000000008500000086000000bf91000000000000b7020000030000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x7, 0x3b, &(0x7f00000001c0)=""/59, 0x40f00, 0x29, '\x00', r8, 0x25, r9, 0x8, &(0x7f0000000340)={0xa, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x6, &(0x7f0000000380)=[r3, 0xffffffffffffffff, r5], &(0x7f00000003c0)=[{0x5, 0x1, 0xa, 0x7}, {0x4, 0x1, 0x7, 0x8}, {0x5, 0x1, 0xc, 0x7}, {0x4, 0x2, 0x3}, {0x5, 0x1, 0x3, 0x5}, {0x0, 0x5, 0x2, 0x4}], 0x10, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r6, 0x0, 0x2}, 0x18)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000001300)=@gcm_256={{0x304}, "67c3f71b0f188109", "2c9e910757c2725dd5795f705ac44b9d43498e33fe93a0c9001c5c65f7107d0d", "ddfb00", "5a3e2c1b40238e79"}, 0x38)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x2, &(0x7f0000000280)=@gcm_256={{0x304}, "54164ace030000f5", "faad50724acb18aba4e3bc654d684ad9c694f3e96ca4b72643dd3689727968e9", "5cb6d03a", "29a78ab9b0a4e8ae"}, 0x38)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000440), 0x82880, 0x0)
sendmsg$NL80211_CMD_ASSOCIATE(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="040027bd70004230bf34a9ffe1f873d8e23dfddbdf25260000000c0099000400000064000000"], 0x2c}, 0x1, 0x0, 0x0, 0x20000080}, 0xc054)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r0}, 0x10)

12.01715ms ago: executing program 1 (id=1138):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x410c04, &(0x7f0000000600)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x10}}, {@noload}]}, 0x1, 0x779, &(0x7f0000001900)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTuZ206bmWmSJjPV+XzgZs65907O+c79cc7MPdwbQN8aT//kIg5HxLtJxGhjfhIRQ/XUYMTJjfVura0W0ymJ9fWXf0nq69xcWy1G03tSBxuZ/0fEN29FHMltLre6vDJXKJdLi438ZG3+wmR1eeXo+fnCbGm2tHB8anr62ImnThzfvVh/+37l0LX3Xnj885N/vPm/q+98m8TJONRY1hzHbhmP8cZnMpR+hHd5frcL67Gk1xVgR9JDc2DjKI/DMRoD9RQA8E/2ekSsAwB9JtH+A0CfyX4HuLm2Wsym3v4i0V3Xn4uI/RvxZ9c3N5YMNq7Z7a9fBx25mdx1ZSSJiLFdKH88Ij7+8tVP0yn26DokQCtvXI6Is2Pjm8//yaYxC9v1RIdl+xqv4/fMd/6D7vkq7f883ar/l7vd/4kW/Z/hFsfuTtz3+D+wC4V0kPb/nm0a23arKf6GsYFG7l/1Pt9Qcu58uZSe2/4dERMxNJzmpzqUMXHjzxvtljX3/359/7VP0vLT1ztr5H4aHL77PTOFWuFBYm52/XLEI4Ot4k9ub/+kTf/39BbLePGZtz9qtyyNP403mzbHH43RSXtj/UrEYy23/50RbUnH8YmT9d1hMtspWvjihw9H2pXfvP3TKS0/+y7QDen2H+kc/1jSPF6zuv0yvrsy+nW7ZfePv/X+vy95pZ7O+hGXCrXa4lTEvuSlzfOP3Xlvls/WT+OfeLT18d9p/0+/E57dYvyD137+bOfx7600/pltbf/tJ67emhtoV/7Wtv90PTXRmLOV899WK/ggnx0AAAAAAAAAAAAAAAAAAAAAAAAAbFUuIg5FksvfTudy+fzGM7z/GyO5cqVaO3KusrQwE/VnZY/FUC671eVo0/1Qpxr3w8/yx+7JPxkR/4mID4YPJNl9FGd6HDsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZA62ef5/6sfhXtcOANgz+3tdAQCg67T/ANB/tP8A0H+0/wDQf7T/ANB/tP8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADssdOnTqXT+u9rq8U0P3NxeWmucvHoTKk6l59fKuaLlcUL+dlKZbZcyhcr8/f7f+VK5cJ0LCxdmqyVqrXJ6vLKmfnK0kLtzPn5wmzpTGmoK1EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPZUl1fmCuVyaVFiB4n1h6MavU8MNHanh6U+XU0kD0c1djnR6ayR687JCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBv4K8AAAD//8yLIwE=")
timer_create(0xfffffffffffffffd, 0x0, &(0x7f00000000c0)=<r0=>0x0)
clock_gettime(0x2, &(0x7f0000000240)={<r1=>0x0, <r2=>0x0})
timer_settime(r0, 0x1, &(0x7f0000000080)={{r1, r2+10000000}, {0x0, 0x989680}}, 0x0)
rt_sigaction(0xe, &(0x7f0000000180)={&(0x7f0000000100)="f30f1efc66450f2832c482adbcaf07000000c4e1e00300aa9c43713ef2400f1ed3c4c2e93be7f2262e669f8f88a4a2e100430f12957b280000653ed9fa", 0x8000000, 0x0, {[0x8000]}}, 0x0, 0x8, &(0x7f0000000200))

5.17367ms ago: executing program 8 (id=1139):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f0000000340)={'ip6tnl0\x00', &(0x7f00000001c0)=@ethtool_cmd={0x2e, 0x100008, 0x0, 0x8, 0xf, 0x3, 0x3, 0xfc, 0x0, 0x1, 0x0, 0x4000000, 0x0, 0xff, 0x0, 0xfffffeff}})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0x5, 0x2, 0x7}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000640), &(0x7f0000000740), 0x75, r3}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r4}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000300))
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = openat$cgroup_procs(r5, &(0x7f0000000840)='cgroup.procs\x00', 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r8}, 0x10)
write$cgroup_pid(r6, &(0x7f0000000380), 0x12)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f00000007c0)={0x7, 0x7, 0x7ff, 0x3, 0x3}, 0x14)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r1}, &(0x7f0000000000), &(0x7f00000005c0)=r2}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r9}, 0x18)
r10 = socket$kcm(0x29, 0x5, 0x0)
sendmsg(r10, &(0x7f0000002ec0)={0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f0000002b80)="b2", 0x1}], 0x1}, 0x4000)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='kfree\x00', r12, 0x0, 0x8000000100000}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1800403, &(0x7f0000000940), 0x2, 0x5ad, &(0x7f0000000180)="$eJzs3c1vVFUbAPDnzkwLpe9rKzEqLkyjIZAoLS1g8GMBe0LwY+fGSgtBho/QGi2aWBLcmBg3LkhcuRD/CyW6dWXiwoUbV4akGsNGY3TMnbkzDO1MOy0dbu39/ZLbOeeeOz3nQp85Z+49ZyaAwhpLf5Qi9kTE5SRipK2sElnhWOO4O7+/fzrdkqjVXv0tiSTb1zw+yR6Hsyf/PRLx/TdJ7C6vrHdu4er56Wp19kqWn5i/cHlibuHqgXMXps/Onp29OPXc1NEjh48cnTx4X+dXakufuP7WOyMfnXz9i8/+Sia//OlkEsfi1zONsvbz2CxjMRZ/1GofLN+f/rse3ezKclJu/Z3clSzfwZZVyWJkMCIei5Eot/1vjsSHL+faOKCvaklEDSioRPxDQTXHAc339r29Dy71eVQCPAhLx9OfAx3iv9K4NhijMRARe5c9r8MlvQ1J6/ju25PX0y36dB0O6Gzx2o4stTz+k3psjsbOem7XndI913nTEcCp7DHd/8oG6x9blhf/8OAsXouIxzuN/9eO/zfa4v/NDdYv/gEAAAAAAGDz3DoeEc92uv9Xyu7N7Yyn6vf/ksb9vx/urhA8tgn1r33/r3R7E6oBOlg6HvFSx/m/rTm+o+Us9//GbMDkzLnq7MGIeCgi9sfAjjQ/uUodBz7efaNbWfv8v3RL62/OBczacbuy497nzEzPT9/POQMNS9cinqh0n/+T9v9Je/+fSV8PLvdYx+69N091K1s7/oF+qX0esa9j/5+0jklW/3yOifp4YKI5Kljpyfc++apb/eIf8pP2/7tWj//RpP3zeubW9/sHI+LQQqXWrXyj4//B5LVy8/en3p2en78yGTGYnFi5f2p9bYbtqhkPzXhJ43//06tf/2uN/9vicCgiFnus89F/hn/uVqb/h/yk8T+zrv5//Ympm6Nfd6u/t/7/cL1P35/tcf0PVtdrgObdTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4LypFxP8iKY230qXS+HjEcEQ8ErtK1Utz88+cufT2xZm0rP79/6XmN/2ONPJJ8/v/R9vyU8vyhyLi4Yj4tDxUz4+fvlSdyfvkAQAAAAAAAAAAAAAAAAAAYIsY7rL+P/VLOe/WAX1XyR7FOxRPJe8GALkR/1Bc4h+KS/xDcYl/KK4Nxr/bBbAN6P+hqAZ6O2xnv9sB5EH/DwAAAAAA28qtF5+/kUTE4gtD9S01mJW1bgwO5dU6oJ9KeTcAyI05vFBcpv5AcfU4+RfYxpJW6s9ap/Lus/+T/jQIAAAAAAAAAAAAAFhh355bP665/h/Ylqz/h+Ky/h+Ky/p/KC7v8YG1VvFb/w8AAAAAAAAAAAAA+ZtbuHp+ulqdvSIhsdUSAxGxBZqRQ2Iw//DM+YUJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABo+TcAAP//Swsk/Q==")
close(r10)

0s ago: executing program 6 (id=1140):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r0 = syz_io_uring_setup(0x10d6, &(0x7f0000000480)={0x0, 0xb3c2, 0x100, 0x0, 0x34f}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f00000018c0)=0x13)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8})
sendmsg$NLBL_UNLABEL_C_STATICADD(0xffffffffffffffff, 0x0, 0x0)
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 7 (id=1141):
perf_event_open(&(0x7f0000000800)={0x5, 0x80, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0, 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r1}, 0x18)
syz_clone(0x4080b000, 0x0, 0x0, &(0x7f0000000e40), 0x0, 0x0) (async)
syz_clone(0x4080b000, 0x0, 0x0, &(0x7f0000000e40), 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000180)=0x14)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_mptcp_buf(r3, 0x11c, 0x1, &(0x7f0000000340), &(0x7f0000000380))
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000240)={'ip_vti0\x00', &(0x7f00000001c0)={'ip_vti0\x00', r2, 0x1, 0x10, 0x34, 0x6, {{0xa, 0x4, 0x3, 0x6, 0x28, 0x65, 0x0, 0x9, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x1e}, @multicast1, {[@generic={0x0, 0xd, "86cccaef650d0fc6ce03f3"}, @rr={0x7, 0x7, 0xa5, [@dev={0xac, 0x14, 0x14, 0x12}]}]}}}}}) (async)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000240)={'ip_vti0\x00', &(0x7f00000001c0)={'ip_vti0\x00', r2, 0x1, 0x10, 0x34, 0x6, {{0xa, 0x4, 0x3, 0x6, 0x28, 0x65, 0x0, 0x9, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x1e}, @multicast1, {[@generic={0x0, 0xd, "86cccaef650d0fc6ce03f3"}, @rr={0x7, 0x7, 0xa5, [@dev={0xac, 0x14, 0x14, 0x12}]}]}}}}})

kernel console output (not intermixed with test programs):

Released all slaves
[   66.421678][ T5349] FAULT_INJECTION: forcing a failure.
[   66.421678][ T5349] name failslab, interval 1, probability 0, space 0, times 0
[   66.434356][ T5349] CPU: 0 UID: 0 PID: 5349 Comm: syz.5.595 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   66.434391][ T5349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   66.434402][ T5349] Call Trace:
[   66.434409][ T5349]  <TASK>
[   66.434416][ T5349]  __dump_stack+0x1d/0x30
[   66.434499][ T5349]  dump_stack_lvl+0xe8/0x140
[   66.434518][ T5349]  dump_stack+0x15/0x1b
[   66.434534][ T5349]  should_fail_ex+0x265/0x280
[   66.434557][ T5349]  ? alloc_fs_context+0x44/0x4e0
[   66.434639][ T5349]  should_failslab+0x8c/0xb0
[   66.434692][ T5349]  __kmalloc_cache_noprof+0x4c/0x320
[   66.434720][ T5349]  alloc_fs_context+0x44/0x4e0
[   66.434742][ T5349]  fs_context_for_mount+0x22/0x30
[   66.434819][ T5349]  do_new_mount+0xe9/0x5e0
[   66.434841][ T5349]  ? security_capable+0x83/0x90
[   66.434863][ T5349]  path_mount+0x4a4/0xb20
[   66.434880][ T5349]  ? user_path_at+0x109/0x130
[   66.434983][ T5349]  __se_sys_mount+0x28f/0x2e0
[   66.435005][ T5349]  ? fput+0x8f/0xc0
[   66.435061][ T5349]  __x64_sys_mount+0x67/0x80
[   66.435083][ T5349]  x64_sys_call+0x2b4d/0x2ff0
[   66.435104][ T5349]  do_syscall_64+0xd2/0x200
[   66.435146][ T5349]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   66.435167][ T5349]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   66.435195][ T5349]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   66.435246][ T5349] RIP: 0033:0x7fc95ddaebe9
[   66.435260][ T5349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   66.435274][ T5349] RSP: 002b:00007fc95c817038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   66.435290][ T5349] RAX: ffffffffffffffda RBX: 00007fc95dfe5fa0 RCX: 00007fc95ddaebe9
[   66.435316][ T5349] RDX: 00002000000002c0 RSI: 0000200000000280 RDI: 0000200000000000
[   66.435328][ T5349] RBP: 00007fc95c817090 R08: 0000200000000300 R09: 0000000000000000
[   66.435341][ T5349] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   66.435353][ T5349] R13: 00007fc95dfe6038 R14: 00007fc95dfe5fa0 R15: 00007ffce04a6e28
[   66.435370][ T5349]  </TASK>
[   66.671489][ T2184] tipc: Disabling bearer <udp:syz2>
[   66.676748][ T2184] tipc: Left network mode
[   66.752549][ T2184] hsr_slave_0: left promiscuous mode
[   66.764000][ T5336] loop2: detected capacity change from 0 to 128
[   66.772937][ T2184] hsr_slave_1: left promiscuous mode
[   66.793590][ T5362] loop5: detected capacity change from 0 to 1024
[   66.800672][ T2184] veth1_macvtap: left promiscuous mode
[   66.809223][ T2184] veth0_macvtap: left promiscuous mode
[   66.814922][ T2184] veth1_vlan: left promiscuous mode
[   66.820721][ T2184] veth0_vlan: left promiscuous mode
[   66.827438][ T5362] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   66.839811][ T5362] ext4 filesystem being mounted at /94/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   66.906976][ T5367] usb usb1: check_ctrlrecip: process 5367 (syz.5.599) requesting ep 01 but needs 81
[   66.933218][ T5367] vhci_hcd: default hub control req: 020f v0004 i0001 l0
[   66.975211][   T86] smc: removing ib device !yz!
[   67.042897][ T5305] chnl_net:caif_netlink_parms(): no params data found
[   67.123531][ T3966] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.240945][ T5305] bridge0: port 1(bridge_slave_0) entered blocking state
[   67.248144][ T5305] bridge0: port 1(bridge_slave_0) entered disabled state
[   67.289905][ T5305] bridge_slave_0: entered allmulticast mode
[   67.306254][ T5305] bridge_slave_0: entered promiscuous mode
[   67.321214][ T5305] bridge0: port 2(bridge_slave_1) entered blocking state
[   67.328463][ T5305] bridge0: port 2(bridge_slave_1) entered disabled state
[   67.357664][ T5305] bridge_slave_1: entered allmulticast mode
[   67.373764][ T5305] bridge_slave_1: entered promiscuous mode
[   67.414509][ T5305] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   67.435119][ T5305] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   67.450559][   T29] kauditd_printk_skb: 404 callbacks suppressed
[   67.450573][   T29] audit: type=1326 audit(1757300083.631:3406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5388 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   67.483079][   T29] audit: type=1326 audit(1757300083.671:3407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5388 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   67.506799][   T29] audit: type=1326 audit(1757300083.671:3408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5388 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   67.530209][   T29] audit: type=1326 audit(1757300083.671:3409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5388 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   67.553751][   T29] audit: type=1326 audit(1757300083.671:3410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5388 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   67.577176][   T29] audit: type=1326 audit(1757300083.671:3411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5388 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   67.600524][   T29] audit: type=1326 audit(1757300083.671:3412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5388 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   67.623970][   T29] audit: type=1326 audit(1757300083.671:3413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5388 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   67.647293][   T29] audit: type=1326 audit(1757300083.671:3414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5388 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   67.670880][   T29] audit: type=1326 audit(1757300083.671:3415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5388 comm="syz.1.608" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   67.746238][ T5395] __nla_validate_parse: 3 callbacks suppressed
[   67.746268][ T5395] netlink: 104 bytes leftover after parsing attributes in process `syz.1.609'.
[   67.754309][ T5305] team0: Port device team_slave_0 added
[   68.215863][ T5305] team0: Port device team_slave_1 added
[   68.253697][ T5402] bond1: entered promiscuous mode
[   68.258781][ T5402] bond1: entered allmulticast mode
[   68.293182][ T5402] 8021q: adding VLAN 0 to HW filter on device bond1
[   68.316848][ T5402] bond1 (unregistering): Released all slaves
[   68.353573][ T5407] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[   68.369015][ T5305] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.376121][ T5305] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.402196][ T5305] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.431776][ T5305] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.438746][ T5305] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.464681][ T5305] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   68.516630][ T5305] hsr_slave_0: entered promiscuous mode
[   68.536649][ T5305] hsr_slave_1: entered promiscuous mode
[   68.546565][ T5305] debugfs: 'hsr0' already exists in 'hsr'
[   68.552376][ T5305] Cannot create hsr debugfs directory
[   68.642547][ T5427] netlink: 12 bytes leftover after parsing attributes in process `syz.3.621'.
[   68.652972][ T5427] netlink: 4 bytes leftover after parsing attributes in process `syz.3.621'.
[   68.676475][ T5305] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   68.686065][ T5305] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   68.695889][ T5305] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   68.704631][ T5305] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   68.745238][ T5305] 8021q: adding VLAN 0 to HW filter on device bond0
[   68.756821][ T5305] 8021q: adding VLAN 0 to HW filter on device team0
[   68.782479][ T2184] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.789572][ T2184] bridge0: port 1(bridge_slave_0) entered forwarding state
[   68.872219][ T2184] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.879331][ T2184] bridge0: port 2(bridge_slave_1) entered forwarding state
[   68.913180][ T5449] FAULT_INJECTION: forcing a failure.
[   68.913180][ T5449] name failslab, interval 1, probability 0, space 0, times 0
[   68.925887][ T5449] CPU: 0 UID: 0 PID: 5449 Comm: syz.2.627 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   68.925911][ T5449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   68.925920][ T5449] Call Trace:
[   68.925926][ T5449]  <TASK>
[   68.925934][ T5449]  __dump_stack+0x1d/0x30
[   68.925956][ T5449]  dump_stack_lvl+0xe8/0x140
[   68.925975][ T5449]  dump_stack+0x15/0x1b
[   68.926060][ T5449]  should_fail_ex+0x265/0x280
[   68.926151][ T5449]  should_failslab+0x8c/0xb0
[   68.926175][ T5449]  kmem_cache_alloc_node_noprof+0x57/0x320
[   68.926205][ T5449]  ? __alloc_skb+0x101/0x320
[   68.926228][ T5449]  __alloc_skb+0x101/0x320
[   68.926243][ T5449]  ? audit_log_start+0x365/0x6c0
[   68.926304][ T5449]  audit_log_start+0x380/0x6c0
[   68.926340][ T5449]  ? queue_stack_map_push_elem+0x317/0x450
[   68.926373][ T5449]  audit_seccomp+0x48/0x100
[   68.926459][ T5449]  ? __seccomp_filter+0x68c/0x10d0
[   68.926481][ T5449]  __seccomp_filter+0x69d/0x10d0
[   68.926532][ T5449]  ? mntput_no_expire+0x6f/0x460
[   68.926567][ T5449]  __secure_computing+0x82/0x150
[   68.926614][ T5449]  syscall_trace_enter+0xcf/0x1e0
[   68.926635][ T5449]  do_syscall_64+0xac/0x200
[   68.926659][ T5449]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   68.926720][ T5449]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   68.926748][ T5449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   68.926807][ T5449] RIP: 0033:0x7f1e0865d5fc
[   68.926821][ T5449] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   68.926839][ T5449] RSP: 002b:00007f1e070c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   68.926927][ T5449] RAX: ffffffffffffffda RBX: 00007f1e08895fa0 RCX: 00007f1e0865d5fc
[   68.926937][ T5449] RDX: 000000000000000f RSI: 00007f1e070c70a0 RDI: 0000000000000007
[   68.926950][ T5449] RBP: 00007f1e070c7090 R08: 0000000000000000 R09: 0000000000000000
[   68.926962][ T5449] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000002
[   68.926974][ T5449] R13: 00007f1e08896038 R14: 00007f1e08895fa0 R15: 00007ffd6f21d488
[   68.926995][ T5449]  </TASK>
[   69.173216][ T5454] loop3: detected capacity change from 0 to 1024
[   69.179986][ T5454] EXT4-fs: Ignoring removed nobh option
[   69.199681][ T5305] 8021q: adding VLAN 0 to HW filter on device batadv0
[   69.240664][ T5454] EXT4-fs (loop3): stripe (65537) is not aligned with cluster size (16), stripe is disabled
[   69.306130][ T5454] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.440513][ T5475] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[   69.460128][ T5305] veth0_vlan: entered promiscuous mode
[   69.471982][ T3309] EXT4-fs error (device loop3): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /148/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   69.498068][ T5305] veth1_vlan: entered promiscuous mode
[   69.505140][ T3309] EXT4-fs error (device loop3): ext4_empty_dir:3086: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   69.537819][ T5305] veth0_macvtap: entered promiscuous mode
[   69.554338][ T5492] FAULT_INJECTION: forcing a failure.
[   69.554338][ T5492] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   69.561773][ T5305] veth1_macvtap: entered promiscuous mode
[   69.567480][ T5492] CPU: 1 UID: 0 PID: 5492 Comm: syz.2.635 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   69.567505][ T5492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   69.567570][ T5492] Call Trace:
[   69.567575][ T5492]  <TASK>
[   69.567583][ T5492]  __dump_stack+0x1d/0x30
[   69.567601][ T5492]  dump_stack_lvl+0xe8/0x140
[   69.567619][ T5492]  dump_stack+0x15/0x1b
[   69.567694][ T5492]  should_fail_ex+0x265/0x280
[   69.567716][ T5492]  should_fail+0xb/0x20
[   69.567783][ T5492]  should_fail_usercopy+0x1a/0x20
[   69.567805][ T5492]  _copy_to_user+0x20/0xa0
[   69.567916][ T5492]  simple_read_from_buffer+0xb5/0x130
[   69.567935][ T5492]  proc_fail_nth_read+0x10e/0x150
[   69.567956][ T5492]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   69.567979][ T5492]  vfs_read+0x1a5/0x770
[   69.568066][ T5492]  ? __rcu_read_unlock+0x4f/0x70
[   69.568127][ T5492]  ? __fget_files+0x184/0x1c0
[   69.568151][ T5492]  ksys_read+0xda/0x1a0
[   69.568187][ T5492]  __x64_sys_read+0x40/0x50
[   69.568259][ T5492]  x64_sys_call+0x27bc/0x2ff0
[   69.568322][ T5492]  do_syscall_64+0xd2/0x200
[   69.568383][ T5492]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   69.568406][ T5492]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   69.568432][ T5492]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   69.568506][ T5492] RIP: 0033:0x7f1e0865d5fc
[   69.568522][ T5492] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   69.568615][ T5492] RSP: 002b:00007f1e070c7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   69.568633][ T5492] RAX: ffffffffffffffda RBX: 00007f1e08895fa0 RCX: 00007f1e0865d5fc
[   69.568645][ T5492] RDX: 000000000000000f RSI: 00007f1e070c70a0 RDI: 0000000000000007
[   69.568656][ T5492] RBP: 00007f1e070c7090 R08: 0000000000000000 R09: 0000000000000000
[   69.568667][ T5492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   69.568679][ T5492] R13: 00007f1e08896038 R14: 00007f1e08895fa0 R15: 00007ffd6f21d488
[   69.568699][ T5492]  </TASK>
[   69.719772][ T3309] EXT4-fs warning (device loop3): ext4_empty_dir:3089: inode #11: comm syz-executor: directory missing '.'
[   69.783160][ T3309] EXT4-fs error (device loop3): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /148/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   69.804725][ T3309] EXT4-fs error (device loop3): ext4_empty_dir:3086: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   69.824325][ T3309] EXT4-fs warning (device loop3): ext4_empty_dir:3089: inode #11: comm syz-executor: directory missing '.'
[   69.845097][ T5305] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.848680][ T3309] EXT4-fs error (device loop3): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /148/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   69.861889][ T5305] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.884218][ T3309] EXT4-fs error (device loop3): ext4_empty_dir:3086: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   69.907431][  T269] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.926668][  T269] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.954686][  T269] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.963722][ T3309] EXT4-fs warning (device loop3): ext4_empty_dir:3089: inode #11: comm syz-executor: directory missing '.'
[   69.976916][  T269] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.980577][ T3309] EXT4-fs error (device loop3): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /148/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   70.035928][ T5501] uprobe: syz.2.639:5501 failed to unregister, leaking uprobe
[   70.037214][ T3309] EXT4-fs error (device loop3): ext4_empty_dir:3086: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   70.088377][ T3309] EXT4-fs warning (device loop3): ext4_empty_dir:3089: inode #11: comm syz-executor: directory missing '.'
[   70.101626][ T3309] EXT4-fs error (device loop3): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /148/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   70.148218][ T3309] EXT4-fs warning (device loop3): ext4_empty_dir:3089: inode #11: comm syz-executor: directory missing '.'
[   70.163398][ T3309] EXT4-fs warning (device loop3): ext4_empty_dir:3089: inode #11: comm syz-executor: directory missing '.'
[   70.175449][ T3309] EXT4-fs warning (device loop3): ext4_empty_dir:3089: inode #11: comm syz-executor: directory missing '.'
[   70.193916][ T5515] loop5: detected capacity change from 0 to 512
[   70.209735][ T5515] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   70.223652][ T3309] EXT4-fs warning (device loop3): ext4_empty_dir:3089: inode #11: comm syz-executor: directory missing '.'
[   70.238762][ T5515] syzkaller1: entered promiscuous mode
[   70.244270][ T5515] syzkaller1: entered allmulticast mode
[   70.272582][ T5521] loop2: detected capacity change from 0 to 2048
[   70.279509][ T3309] EXT4-fs warning (device loop3): ext4_empty_dir:3089: inode #11: comm syz-executor: directory missing '.'
[   70.297549][ T3309] EXT4-fs warning (device loop3): ext4_empty_dir:3089: inode #11: comm syz-executor: directory missing '.'
[   70.321556][ T5521]  loop2: p1 < > p4
[   70.326801][ T5521] loop2: p4 size 8388608 extends beyond EOD, truncated
[   70.372371][ T5525] netlink: 'syz.5.645': attribute type 7 has an invalid length.
[   70.380056][ T5525] netlink: 8 bytes leftover after parsing attributes in process `syz.5.645'.
[   70.393758][ T5525] loop5: detected capacity change from 0 to 1024
[   70.409046][ T5525] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[   70.420046][ T5525] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[   70.438416][ T5525] JBD2: no valid journal superblock found
[   70.444279][ T5525] EXT4-fs (loop5): Could not load journal inode
[   70.468552][ T5531] loop1: detected capacity change from 0 to 2048
[   70.498357][ T5531] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   70.567440][ T5544] syz.5.652 uses obsolete (PF_INET,SOCK_PACKET)
[   70.641547][ T3309] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.834867][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.858211][ T5562] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[   70.899665][ T5575] loop5: detected capacity change from 0 to 512
[   70.943543][ T5575] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.971288][ T5575] ext4 filesystem being mounted at /107/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   70.981881][ T5584] loop2: detected capacity change from 0 to 2048
[   70.984673][ T5575] netlink: 552 bytes leftover after parsing attributes in process `syz.5.660'.
[   71.020048][ T5584]  loop2: p1 < > p4
[   71.027253][ T5584] loop2: p4 size 8388608 extends beyond EOD, truncated
[   71.038007][ T5584] netlink: 12 bytes leftover after parsing attributes in process `syz.2.663'.
[   71.081709][ T5553] chnl_net:caif_netlink_parms(): no params data found
[   71.085588][ T3966] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.119559][ T5599] sd 0:0:1:0: device reset
[   71.125007][ T5599] sd 0:0:1:0: device reset
[   71.154667][ T5602] netlink: 36 bytes leftover after parsing attributes in process `syz.5.668'.
[   71.169537][ T5605] pim6reg1: entered promiscuous mode
[   71.175098][ T5605] pim6reg1: entered allmulticast mode
[   71.175399][ T5602] netlink: 'syz.5.668': attribute type 11 has an invalid length.
[   71.189909][ T5553] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.191009][ T5602] netlink: 36 bytes leftover after parsing attributes in process `syz.5.668'.
[   71.197971][ T5553] bridge0: port 1(bridge_slave_0) entered disabled state
[   71.198697][ T5553] bridge_slave_0: entered allmulticast mode
[   71.221094][ T5553] bridge_slave_0: entered promiscuous mode
[   71.229534][ T5553] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.236829][ T5553] bridge0: port 2(bridge_slave_1) entered disabled state
[   71.244003][ T5553] bridge_slave_1: entered allmulticast mode
[   71.250664][ T5553] bridge_slave_1: entered promiscuous mode
[   71.290612][ T5553] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   71.311325][ T5553] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   71.345681][ T5553] team0: Port device team_slave_0 added
[   71.358844][ T5553] team0: Port device team_slave_1 added
[   71.425305][ T5553] batman_adv: batadv0: Adding interface: batadv_slave_0
[   71.432339][ T5553] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.441351][ T5615] mmap: syz.1.674 (5615) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   71.458455][ T5553] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   71.487408][ T5553] batman_adv: batadv0: Adding interface: batadv_slave_1
[   71.494422][ T5553] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   71.520385][ T5553] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   71.533645][ T5628] FAULT_INJECTION: forcing a failure.
[   71.533645][ T5628] name failslab, interval 1, probability 0, space 0, times 0
[   71.546357][ T5628] CPU: 1 UID: 0 PID: 5628 Comm: syz.2.678 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   71.546381][ T5628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   71.546391][ T5628] Call Trace:
[   71.546397][ T5628]  <TASK>
[   71.546447][ T5628]  __dump_stack+0x1d/0x30
[   71.546498][ T5628]  dump_stack_lvl+0xe8/0x140
[   71.546570][ T5628]  dump_stack+0x15/0x1b
[   71.546586][ T5628]  should_fail_ex+0x265/0x280
[   71.546606][ T5628]  should_failslab+0x8c/0xb0
[   71.546641][ T5628]  __kvmalloc_node_noprof+0x123/0x4e0
[   71.546666][ T5628]  ? alloc_fdtable+0xbd/0x1d0
[   71.546754][ T5628]  ? __kmalloc_cache_noprof+0x22e/0x320
[   71.546778][ T5628]  alloc_fdtable+0xbd/0x1d0
[   71.546797][ T5628]  dup_fd+0x4c7/0x540
[   71.546870][ T5628]  copy_files+0x98/0xf0
[   71.546948][ T5628]  copy_process+0xc5b/0x2000
[   71.546974][ T5628]  kernel_clone+0x16c/0x5c0
[   71.547025][ T5628]  ? vfs_write+0x7e8/0x960
[   71.547045][ T5628]  __x64_sys_clone+0xe6/0x120
[   71.547077][ T5628]  x64_sys_call+0x119c/0x2ff0
[   71.547096][ T5628]  do_syscall_64+0xd2/0x200
[   71.547174][ T5628]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   71.547192][ T5628]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   71.547219][ T5628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.547297][ T5628] RIP: 0033:0x7f1e0865ebe9
[   71.547311][ T5628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.547324][ T5628] RSP: 002b:00007f1e070c6fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[   71.547340][ T5628] RAX: ffffffffffffffda RBX: 00007f1e08895fa0 RCX: 00007f1e0865ebe9
[   71.547371][ T5628] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000640c7000
[   71.547383][ T5628] RBP: 00007f1e070c7090 R08: 0000000000000000 R09: 0000000000000000
[   71.547395][ T5628] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[   71.547444][ T5628] R13: 00007f1e08896038 R14: 00007f1e08895fa0 R15: 00007ffd6f21d488
[   71.547461][ T5628]  </TASK>
[   71.766328][ T5553] hsr_slave_0: entered promiscuous mode
[   71.777990][ T5553] hsr_slave_1: entered promiscuous mode
[   71.784216][ T5553] debugfs: 'hsr0' already exists in 'hsr'
[   71.789965][ T5553] Cannot create hsr debugfs directory
[   71.814342][ T5636] netlink: 12 bytes leftover after parsing attributes in process `syz.2.682'.
[   71.906755][ T5641] loop2: detected capacity change from 0 to 512
[   71.926291][ T5641] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   71.940989][ T5553] netdevsim netdevsim7 netdevsim0: renamed from eth0
[   71.962267][ T5553] netdevsim netdevsim7 netdevsim1: renamed from eth1
[   71.973972][ T5553] netdevsim netdevsim7 netdevsim2: renamed from eth2
[   71.984199][ T5641] EXT4-fs (loop2): 1 truncate cleaned up
[   71.985778][ T5553] netdevsim netdevsim7 netdevsim3: renamed from eth3
[   71.990515][ T5641] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.005281][ T5650] netlink: 32 bytes leftover after parsing attributes in process `syz.1.686'.
[   72.075442][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.080250][ T5553] 8021q: adding VLAN 0 to HW filter on device bond0
[   72.096313][ T5553] 8021q: adding VLAN 0 to HW filter on device team0
[   72.105671][   T86] bridge0: port 1(bridge_slave_0) entered blocking state
[   72.112778][   T86] bridge0: port 1(bridge_slave_0) entered forwarding state
[   72.126726][ T2323] bridge0: port 2(bridge_slave_1) entered blocking state
[   72.133832][ T2323] bridge0: port 2(bridge_slave_1) entered forwarding state
[   72.155057][ T5666] loop1: detected capacity change from 0 to 512
[   72.157066][ T5553] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   72.171711][ T5666] EXT4-fs: Ignoring removed nobh option
[   72.171950][ T5553] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   72.192602][ T5666] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.687: corrupted inode contents
[   72.206081][ T5666] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #3: comm syz.1.687: mark_inode_dirty error
[   72.218506][ T5666] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.687: corrupted inode contents
[   72.231484][ T5666] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.687: mark_inode_dirty error
[   72.243136][ T5666] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.687: Failed to acquire dquot type 0
[   72.248313][ T5553] 8021q: adding VLAN 0 to HW filter on device batadv0
[   72.256149][ T5666] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.687: corrupted inode contents
[   72.274286][ T5666] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.687: mark_inode_dirty error
[   72.286073][ T5666] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.687: corrupted inode contents
[   72.299837][ T5666] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.687: mark_inode_dirty error
[   72.312552][ T5666] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.687: corrupted inode contents
[   72.326758][ T5666] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[   72.336678][ T5666] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.687: corrupted inode contents
[   72.349462][ T5666] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.687: mark_inode_dirty error
[   72.362629][ T5666] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[   72.372479][ T5666] EXT4-fs (loop1): 1 truncate cleaned up
[   72.372578][ T5553] veth0_vlan: entered promiscuous mode
[   72.378788][ T5666] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   72.386149][ T5553] veth1_vlan: entered promiscuous mode
[   72.399398][ T5666] ext4 filesystem being mounted at /156/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   72.409124][ T5553] veth0_macvtap: entered promiscuous mode
[   72.422275][ T5553] veth1_macvtap: entered promiscuous mode
[   72.434569][ T5553] batman_adv: batadv0: Interface activated: batadv_slave_0
[   72.443517][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.444535][ T5553] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.463264][   T41] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.475100][   T41] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.489019][   T41] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.515622][   T41] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.762323][ T5717] __nla_validate_parse: 1 callbacks suppressed
[   72.762337][ T5717] netlink: 28 bytes leftover after parsing attributes in process `syz.7.702'.
[   72.777473][ T5717] netlink: 108 bytes leftover after parsing attributes in process `syz.7.702'.
[   72.815780][ T5717] netlink: 28 bytes leftover after parsing attributes in process `syz.7.702'.
[   72.835999][ T5717] netlink: 108 bytes leftover after parsing attributes in process `syz.7.702'.
[   72.845059][ T5717] netlink: 84 bytes leftover after parsing attributes in process `syz.7.702'.
[   72.896958][ T5720] futex_wake_op: syz.7.703 tries to shift op by -1; fix this program
[   72.907645][ T5720] pim6reg: entered allmulticast mode
[   72.916317][ T5720] pim6reg: left allmulticast mode
[   73.009110][ T5728] netlink: 'syz.6.707': attribute type 4 has an invalid length.
[   73.053257][ T5728] netlink: 4 bytes leftover after parsing attributes in process `syz.6.707'.
[   73.084255][ T5728] loop6: detected capacity change from 0 to 1024
[   73.123391][ T5728] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.137837][ T5739] loop2: detected capacity change from 0 to 8192
[   73.151189][   T29] kauditd_printk_skb: 433 callbacks suppressed
[   73.151203][   T29] audit: type=1400 audit(1757300089.341:3845): avc:  denied  { getopt } for  pid=5727 comm="syz.6.707" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   73.191979][ T5305] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.238549][ T5747] Illegal XDP return value 4294967294 on prog  (id 488) dev N/A, expect packet loss!
[   73.290416][   T29] audit: type=1326 audit(1757300089.471:3846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5752 comm="syz.7.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d5208ebe9 code=0x7ffc0000
[   73.313879][   T29] audit: type=1326 audit(1757300089.471:3847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5752 comm="syz.7.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d5208ebe9 code=0x7ffc0000
[   73.386005][   T29] audit: type=1326 audit(1757300089.481:3848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5752 comm="syz.7.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f5d5208ebe9 code=0x7ffc0000
[   73.409587][   T29] audit: type=1326 audit(1757300089.571:3849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5752 comm="syz.7.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d5208ebe9 code=0x7ffc0000
[   73.476429][   T29] audit: type=1326 audit(1757300089.631:3850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5752 comm="syz.7.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5d5208ebe9 code=0x7ffc0000
[   73.499896][   T29] audit: type=1326 audit(1757300089.631:3851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5752 comm="syz.7.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d5208ebe9 code=0x7ffc0000
[   73.523515][   T29] audit: type=1326 audit(1757300089.631:3852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5752 comm="syz.7.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5d5208ebe9 code=0x7ffc0000
[   73.547099][   T29] audit: type=1326 audit(1757300089.631:3853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5752 comm="syz.7.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d5208ebe9 code=0x7ffc0000
[   73.570698][   T29] audit: type=1326 audit(1757300089.631:3854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5752 comm="syz.7.718" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d5208ebe9 code=0x7ffc0000
[   73.698046][ T5758] sch_tbf: peakrate 64 is lower than or equals to rate 17038211371681383082 !
[   73.924703][ T5792] FAULT_INJECTION: forcing a failure.
[   73.924703][ T5792] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   73.937908][ T5792] CPU: 0 UID: 0 PID: 5792 Comm: syz.5.734 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   73.937992][ T5792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   73.938002][ T5792] Call Trace:
[   73.938008][ T5792]  <TASK>
[   73.938015][ T5792]  __dump_stack+0x1d/0x30
[   73.938115][ T5792]  dump_stack_lvl+0xe8/0x140
[   73.938133][ T5792]  dump_stack+0x15/0x1b
[   73.938150][ T5792]  should_fail_ex+0x265/0x280
[   73.938223][ T5792]  should_fail+0xb/0x20
[   73.938242][ T5792]  should_fail_usercopy+0x1a/0x20
[   73.938262][ T5792]  _copy_from_iter+0xd2/0xe80
[   73.938285][ T5792]  ? alloc_pages_mpol+0x201/0x250
[   73.938364][ T5792]  copy_page_from_iter+0x178/0x2a0
[   73.938390][ T5792]  tun_get_user+0x679/0x2680
[   73.938476][ T5792]  ? ref_tracker_alloc+0x1f2/0x2f0
[   73.938499][ T5792]  tun_chr_write_iter+0x15e/0x210
[   73.938525][ T5792]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   73.938630][ T5792]  vfs_write+0x527/0x960
[   73.938650][ T5792]  ksys_write+0xda/0x1a0
[   73.938667][ T5792]  __x64_sys_write+0x40/0x50
[   73.938683][ T5792]  x64_sys_call+0x27fe/0x2ff0
[   73.938711][ T5792]  do_syscall_64+0xd2/0x200
[   73.938734][ T5792]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   73.938752][ T5792]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   73.938831][ T5792]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   73.938864][ T5792] RIP: 0033:0x7fc95ddad69f
[   73.938876][ T5792] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[   73.938912][ T5792] RSP: 002b:00007fc95c817000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[   73.938927][ T5792] RAX: ffffffffffffffda RBX: 00007fc95dfe5fa0 RCX: 00007fc95ddad69f
[   73.938938][ T5792] RDX: 000000000000004e RSI: 0000200000001cc0 RDI: 00000000000000c8
[   73.938949][ T5792] RBP: 00007fc95c817090 R08: 0000000000000000 R09: 0000000000000000
[   73.938959][ T5792] R10: 000000000000004e R11: 0000000000000293 R12: 0000000000000001
[   73.938969][ T5792] R13: 00007fc95dfe6038 R14: 00007fc95dfe5fa0 R15: 00007ffce04a6e28
[   73.938987][ T5792]  </TASK>
[   73.941774][ T5788] loop7: detected capacity change from 0 to 512
[   74.171539][ T5788] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[   74.223367][ T5788] EXT4-fs warning (device loop7): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   74.287264][ T5809] FAULT_INJECTION: forcing a failure.
[   74.287264][ T5809] name failslab, interval 1, probability 0, space 0, times 0
[   74.299973][ T5809] CPU: 0 UID: 0 PID: 5809 Comm: syz.2.742 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   74.300023][ T5809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   74.300035][ T5809] Call Trace:
[   74.300043][ T5809]  <TASK>
[   74.300049][ T5809]  __dump_stack+0x1d/0x30
[   74.300067][ T5809]  dump_stack_lvl+0xe8/0x140
[   74.300140][ T5809]  dump_stack+0x15/0x1b
[   74.300157][ T5809]  should_fail_ex+0x265/0x280
[   74.300178][ T5809]  should_failslab+0x8c/0xb0
[   74.300244][ T5809]  kmem_cache_alloc_noprof+0x50/0x310
[   74.300265][ T5809]  ? getname_flags+0x80/0x3b0
[   74.300287][ T5809]  getname_flags+0x80/0x3b0
[   74.300313][ T5809]  __x64_sys_renameat2+0x5f/0x90
[   74.300398][ T5809]  x64_sys_call+0x3f9/0x2ff0
[   74.300416][ T5809]  do_syscall_64+0xd2/0x200
[   74.300514][ T5809]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   74.300607][ T5809]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   74.300630][ T5809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   74.300755][ T5809] RIP: 0033:0x7f1e0865ebe9
[   74.300772][ T5809] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   74.300789][ T5809] RSP: 002b:00007f1e070c7038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[   74.300808][ T5809] RAX: ffffffffffffffda RBX: 00007f1e08895fa0 RCX: 00007f1e0865ebe9
[   74.300819][ T5809] RDX: ffffffffffffff9c RSI: 00002000000007c0 RDI: ffffffffffffff9c
[   74.300863][ T5809] RBP: 00007f1e070c7090 R08: 0000000000000004 R09: 0000000000000000
[   74.300874][ T5809] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   74.300884][ T5809] R13: 00007f1e08896038 R14: 00007f1e08895fa0 R15: 00007ffd6f21d488
[   74.300903][ T5809]  </TASK>
[   74.484857][ T5809] ipvlan2: entered promiscuous mode
[   74.492958][ T5809] bridge0: port 3(ipvlan2) entered blocking state
[   74.499474][ T5809] bridge0: port 3(ipvlan2) entered disabled state
[   74.506215][ T5809] ipvlan2: entered allmulticast mode
[   74.511539][ T5809] bridge0: entered allmulticast mode
[   74.518543][ T5809] ipvlan2: left allmulticast mode
[   74.523599][ T5809] bridge0: left allmulticast mode
[   74.539699][ T5788] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.732: bg 0: block 248: padding at end of block bitmap is not set
[   74.565225][ T5815] IPv4: Oversized IP packet from 127.202.26.0
[   74.613672][ T5788] EXT4-fs error (device loop7): ext4_acquire_dquot:6937: comm syz.7.732: Failed to acquire dquot type 1
[   74.678187][ T5788] EXT4-fs (loop7): 1 truncate cleaned up
[   74.700843][ T5788] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[   74.942398][ T5553] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[   74.984295][   T41] EXT4-fs error (device loop7): ext4_release_dquot:6973: comm kworker/u8:2: Failed to release dquot type 1
[   75.285306][ T5827] loop1: detected capacity change from 0 to 2048
[   75.365356][ T5839] FAULT_INJECTION: forcing a failure.
[   75.365356][ T5839] name failslab, interval 1, probability 0, space 0, times 0
[   75.378311][ T5839] CPU: 0 UID: 0 PID: 5839 Comm: syz.7.748 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   75.378338][ T5839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   75.378388][ T5839] Call Trace:
[   75.378395][ T5839]  <TASK>
[   75.378404][ T5839]  __dump_stack+0x1d/0x30
[   75.378425][ T5839]  dump_stack_lvl+0xe8/0x140
[   75.378443][ T5839]  dump_stack+0x15/0x1b
[   75.378509][ T5839]  should_fail_ex+0x265/0x280
[   75.378528][ T5839]  ? v9fs_mount+0x51/0x5c0
[   75.378615][ T5839]  should_failslab+0x8c/0xb0
[   75.378635][ T5839]  __kmalloc_cache_noprof+0x4c/0x320
[   75.378665][ T5839]  v9fs_mount+0x51/0x5c0
[   75.378696][ T5839]  ? selinux_capable+0x31/0x40
[   75.378738][ T5839]  ? __pfx_v9fs_mount+0x10/0x10
[   75.378758][ T5839]  legacy_get_tree+0x78/0xd0
[   75.378777][ T5839]  vfs_get_tree+0x57/0x1d0
[   75.378875][ T5839]  do_new_mount+0x207/0x5e0
[   75.378894][ T5839]  ? security_capable+0x83/0x90
[   75.378916][ T5839]  path_mount+0x4a4/0xb20
[   75.378933][ T5839]  ? user_path_at+0x109/0x130
[   75.379006][ T5839]  __se_sys_mount+0x28f/0x2e0
[   75.379028][ T5839]  ? fput+0x8f/0xc0
[   75.379058][ T5839]  __x64_sys_mount+0x67/0x80
[   75.379152][ T5839]  x64_sys_call+0x2b4d/0x2ff0
[   75.379170][ T5839]  do_syscall_64+0xd2/0x200
[   75.379199][ T5839]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   75.379222][ T5839]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   75.379268][ T5839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.379307][ T5839] RIP: 0033:0x7f5d5208ebe9
[   75.379323][ T5839] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.379340][ T5839] RSP: 002b:00007f5d50ad6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   75.379359][ T5839] RAX: ffffffffffffffda RBX: 00007f5d522c6090 RCX: 00007f5d5208ebe9
[   75.379409][ T5839] RDX: 0000200000000080 RSI: 0000200000000000 RDI: 0000000000000000
[   75.379422][ T5839] RBP: 00007f5d50ad6090 R08: 0000200000002b80 R09: 0000000000000000
[   75.379434][ T5839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.379483][ T5839] R13: 00007f5d522c6128 R14: 00007f5d522c6090 R15: 00007ffe9aa3d968
[   75.379502][ T5839]  </TASK>
[   75.550881][ T5827] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   75.639424][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.708897][ T5847] FAULT_INJECTION: forcing a failure.
[   75.708897][ T5847] name failslab, interval 1, probability 0, space 0, times 0
[   75.721696][ T5847] CPU: 1 UID: 0 PID: 5847 Comm: syz.6.753 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   75.721720][ T5847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   75.721810][ T5847] Call Trace:
[   75.721816][ T5847]  <TASK>
[   75.721822][ T5847]  __dump_stack+0x1d/0x30
[   75.721841][ T5847]  dump_stack_lvl+0xe8/0x140
[   75.721857][ T5847]  dump_stack+0x15/0x1b
[   75.721871][ T5847]  should_fail_ex+0x265/0x280
[   75.721893][ T5847]  should_failslab+0x8c/0xb0
[   75.721988][ T5847]  kmem_cache_alloc_noprof+0x50/0x310
[   75.722068][ T5847]  ? security_file_alloc+0x32/0x100
[   75.722097][ T5847]  security_file_alloc+0x32/0x100
[   75.722163][ T5847]  init_file+0x5c/0x1d0
[   75.722190][ T5847]  alloc_empty_file+0x8b/0x200
[   75.722213][ T5847]  path_openat+0x68/0x2170
[   75.722231][ T5847]  ? _parse_integer_limit+0x170/0x190
[   75.722274][ T5847]  ? _parse_integer+0x27/0x40
[   75.722294][ T5847]  ? kstrtoull+0x111/0x140
[   75.722314][ T5847]  ? kstrtouint+0x76/0xc0
[   75.722336][ T5847]  do_filp_open+0x109/0x230
[   75.722379][ T5847]  do_sys_openat2+0xa6/0x110
[   75.722408][ T5847]  __x64_sys_open+0xe6/0x110
[   75.722434][ T5847]  x64_sys_call+0x1457/0x2ff0
[   75.722520][ T5847]  do_syscall_64+0xd2/0x200
[   75.722548][ T5847]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   75.722600][ T5847]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   75.722626][ T5847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   75.722646][ T5847] RIP: 0033:0x7f683030ebe9
[   75.722662][ T5847] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   75.722722][ T5847] RSP: 002b:00007f682ed6f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[   75.722742][ T5847] RAX: ffffffffffffffda RBX: 00007f6830545fa0 RCX: 00007f683030ebe9
[   75.722754][ T5847] RDX: 0000000000000040 RSI: 0000000000000300 RDI: 00002000000001c0
[   75.722825][ T5847] RBP: 00007f682ed6f090 R08: 0000000000000000 R09: 0000000000000000
[   75.722837][ T5847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   75.722849][ T5847] R13: 00007f6830546038 R14: 00007f6830545fa0 R15: 00007fff91e4b0e8
[   75.722867][ T5847]  </TASK>
[   75.961957][ T5853] loop7: detected capacity change from 0 to 512
[   75.969113][ T5853] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[   75.983107][ T5853] EXT4-fs (loop7): 1 truncate cleaned up
[   75.989110][ T5853] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.097502][   T51] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.108859][ T5553] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.140182][ T5870] loop7: detected capacity change from 0 to 512
[   76.147543][ T5870] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[   76.162959][ T5870] EXT4-fs warning (device loop7): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   76.178825][ T5870] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.760: bg 0: block 248: padding at end of block bitmap is not set
[   76.193715][ T5870] EXT4-fs error (device loop7): ext4_acquire_dquot:6937: comm syz.7.760: Failed to acquire dquot type 1
[   76.206766][ T5870] EXT4-fs (loop7): 1 truncate cleaned up
[   76.213333][ T5870] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[   76.228502][   T51] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.249576][ T5553] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[   76.259487][   T41] EXT4-fs error (device loop7): ext4_release_dquot:6973: comm kworker/u8:2: Failed to release dquot type 1
[   76.283843][ T5876] loop7: detected capacity change from 0 to 2048
[   76.302221][   T51] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.314021][ T5876] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.356133][ T5553] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.368846][   T51] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   76.457446][   T51] gretap0: left allmulticast mode
[   76.462576][   T51] gretap0: left promiscuous mode
[   76.467751][   T51] bridge0: port 3(gretap0) entered disabled state
[   76.504150][   T51] bridge_slave_1: left allmulticast mode
[   76.509855][   T51] bridge_slave_1: left promiscuous mode
[   76.515733][   T51] bridge0: port 2(bridge_slave_1) entered disabled state
[   76.526628][   T51] bridge_slave_0: left allmulticast mode
[   76.532520][   T51] bridge_slave_0: left promiscuous mode
[   76.538377][   T51] bridge0: port 1(bridge_slave_0) entered disabled state
[   76.743525][   T51] $Hÿ (unregistering): (slave bond_slave_0): Releasing backup interface
[   76.752538][   T51] bond_slave_0: left promiscuous mode
[   76.760726][   T51] $Hÿ (unregistering): (slave bond_slave_1): Releasing backup interface
[   76.769524][   T51] bond_slave_1: left promiscuous mode
[   76.776023][   T51] $Hÿ (unregistering): Released all slaves
[   76.866401][   T51] tipc: Left network mode
[   76.918820][ T5915] loop2: detected capacity change from 0 to 2048
[   76.966041][ T5915] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.010979][   T51] hsr_slave_0: left promiscuous mode
[   77.016749][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.030293][   T51] hsr_slave_1: left promiscuous mode
[   77.036430][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   77.043981][   T51] batman_adv: batadv0: Removing interface: batadv_slave_0
[   77.052724][ T5928] SELinux: failed to load policy
[   77.072387][   T51] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   77.079954][   T51] batman_adv: batadv0: Removing interface: batadv_slave_1
[   77.094776][ T5917] loop6: detected capacity change from 0 to 8192
[   77.106188][   T51] veth1_macvtap: left promiscuous mode
[   77.113178][   T51] veth0_macvtap: left promiscuous mode
[   77.120980][   T51] veth1_vlan: left promiscuous mode
[   77.126493][   T51] veth0_vlan: left promiscuous mode
[   77.261976][   T51] team0 (unregistering): Port device team_slave_1 removed
[   77.283686][   T51] team0 (unregistering): Port device team_slave_0 removed
[   77.355345][   T86] smc: removing ib device syz!
[   77.595639][ T5944] netlink: 56 bytes leftover after parsing attributes in process `syz.7.785'.
[   77.730164][ T5946] netlink: 96 bytes leftover after parsing attributes in process `syz.5.786'.
[   77.877892][ T5955] netlink: 80 bytes leftover after parsing attributes in process `syz.5.788'.
[   77.907091][ T5955] netlink: 'syz.5.788': attribute type 1 has an invalid length.
[   77.914979][ T5955] netlink: 'syz.5.788': attribute type 3 has an invalid length.
[   77.922747][ T5955] netlink: 132 bytes leftover after parsing attributes in process `syz.5.788'.
[   78.022250][ T5966] netlink: 20 bytes leftover after parsing attributes in process `syz.5.791'.
[   78.119874][ T5970] loop7: detected capacity change from 0 to 2048
[   78.152703][ T5970] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.172886][ T5553] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.191139][ T5978] syzkaller1: entered promiscuous mode
[   78.196691][ T5978] syzkaller1: entered allmulticast mode
[   78.237445][ T5986] loop2: detected capacity change from 0 to 512
[   78.266342][ T5986] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   78.279407][ T5986] ext4 filesystem being mounted at /152/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   78.291108][   T29] kauditd_printk_skb: 377 callbacks suppressed
[   78.291120][   T29] audit: type=1326 audit(1757300094.481:4226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5974 comm="syz.1.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=60 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   78.321513][   T29] audit: type=1326 audit(1757300094.511:4227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5972 comm="syz.1.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcc930aadb9 code=0x7ffc0000
[   78.344777][   T29] audit: type=1326 audit(1757300094.511:4228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5972 comm="syz.1.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   78.368098][   T29] audit: type=1326 audit(1757300094.511:4229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5972 comm="syz.1.793" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   78.409444][ T5986] EXT4-fs error (device loop2): ext4_find_dest_de:2052: inode #2: block 3: comm syz.2.797: bad entry in directory: inode out of bounds - offset=0, inode=131074, rec_len=12, size=2048 fake=1
[   78.432793][ T5986] EXT4-fs error (device loop2): ext4_find_dest_de:2052: inode #2: block 3: comm +}[@: bad entry in directory: inode out of bounds - offset=0, inode=131074, rec_len=12, size=2048 fake=1
[   78.465070][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.534541][ T5994] loop7: detected capacity change from 0 to 512
[   78.549642][   T29] audit: type=1400 audit(1757300094.731:4230): avc:  denied  { mount } for  pid=6000 comm="syz.1.803" name="/" dev="bpf" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[   78.590098][ T6005] loop1: detected capacity change from 0 to 2048
[   78.618926][ T6005] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.645627][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.757310][   T29] audit: type=1326 audit(1757300094.941:4231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.1.808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   78.782392][   T29] audit: type=1326 audit(1757300094.941:4232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.1.808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   78.788331][ T6015] can0: slcan on ttyS3.
[   78.805837][   T29] audit: type=1326 audit(1757300094.941:4233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.1.808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   78.833292][   T29] audit: type=1326 audit(1757300094.941:4234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.1.808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   78.856698][   T29] audit: type=1326 audit(1757300094.941:4235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6014 comm="syz.1.808" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   78.916291][ T6023] veth1_to_bond: entered allmulticast mode
[   78.925435][ T6023] bond_slave_1: entered promiscuous mode
[   78.960740][ T6022] bond_slave_1: left promiscuous mode
[   78.966205][ T6022] veth1_to_bond: left allmulticast mode
[   78.971817][ T6015] can0 (unregistered): slcan off ttyS3.
[   79.035254][ T6027] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[   79.089927][ T6035] syzkaller1: entered promiscuous mode
[   79.095555][ T6035] syzkaller1: entered allmulticast mode
[   79.111560][ T6040] loop7: detected capacity change from 0 to 2048
[   79.112584][ T6038] netlink: 'syz.6.816': attribute type 12 has an invalid length.
[   79.133589][ T6040] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.157266][ T5553] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.161565][ T6047] netlink: 20 bytes leftover after parsing attributes in process `syz.1.819'.
[   79.191258][ T6051] netlink: 'syz.6.821': attribute type 1 has an invalid length.
[   79.198965][ T6051] netlink: 224 bytes leftover after parsing attributes in process `syz.6.821'.
[   79.206530][ T6053] netlink: 48 bytes leftover after parsing attributes in process `syz.7.822'.
[   79.265679][ T6051] smc: net device bond0 applied user defined pnetid SYZ0
[   79.274519][ T6051] smc: net device bond0 erased user defined pnetid SYZ0
[   79.348622][ T6064] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[   79.357876][ T6060] loop6: detected capacity change from 0 to 2048
[   79.381500][ T6060] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.535648][ T5305] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   79.547661][ T6075] veth1_to_bond: entered allmulticast mode
[   79.584805][ T6075] bond_slave_1: entered promiscuous mode
[   79.594853][ T6074] bond_slave_1: left promiscuous mode
[   79.600451][ T6074] veth1_to_bond: left allmulticast mode
[   79.623877][ T6082] loop7: detected capacity change from 0 to 2048
[   79.741857][ T6082] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.835585][ T5553] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.134173][ T6104] loop5: detected capacity change from 0 to 128
[   80.140916][ T6104] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (18424!=39978)
[   80.150633][ T6104] EXT4-fs (loop5): group descriptors corrupted!
[   80.217017][ T6114] ipvlan2: entered promiscuous mode
[   80.223991][ T6114] bridge0: port 3(ipvlan2) entered blocking state
[   80.230669][ T6114] bridge0: port 3(ipvlan2) entered disabled state
[   80.237463][ T6114] ipvlan2: entered allmulticast mode
[   80.242858][ T6114] bridge0: entered allmulticast mode
[   80.248780][ T6114] ipvlan2: left allmulticast mode
[   80.253887][ T6114] bridge0: left allmulticast mode
[   80.266891][ T6115] IPv4: Oversized IP packet from 127.202.26.0
[   80.367100][ T6119] loop5: detected capacity change from 0 to 2048
[   80.382935][ T6119] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.406710][ T3966] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.467513][ T6127] netlink: 20 bytes leftover after parsing attributes in process `syz.5.849'.
[   80.751862][ T6137] netlink: 48 bytes leftover after parsing attributes in process `syz.2.853'.
[   81.222379][ T6149] loop2: detected capacity change from 0 to 2048
[   81.246948][ T6149] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.281636][ T3321] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.321698][ T6168] netlink: 'syz.5.866': attribute type 12 has an invalid length.
[   81.366941][ T6174] loop2: detected capacity change from 0 to 512
[   81.382793][ T6174] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.396104][ T6174] ext4 filesystem being mounted at /165/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.514264][ T6182] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.575910][ T6184] loop5: detected capacity change from 0 to 512
[   81.585252][ T6184] EXT4-fs error (device loop5): ext4_orphan_get:1392: inode #15: comm syz.5.870: casefold flag without casefold feature
[   81.598236][ T6184] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.870: couldn't read orphan inode 15 (err -117)
[   81.612067][ T6184] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.632294][ T6184] netlink: 4 bytes leftover after parsing attributes in process `syz.5.870'.
[   81.683862][  T269] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.714880][ T3966] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.735438][  T269] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.773052][  T269] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.786469][ T6194] loop1: detected capacity change from 0 to 512
[   81.817420][ T6198] loop5: detected capacity change from 0 to 2048
[   81.824774][  T269] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   81.843769][ T6194] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.872: casefold flag without casefold feature
[   81.857293][ T6198] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.880383][ T3966] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.890918][ T6194] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.872: couldn't read orphan inode 15 (err -117)
[   81.911477][  T269] bridge_slave_1: left allmulticast mode
[   81.917181][  T269] bridge_slave_1: left promiscuous mode
[   81.920846][ T6194] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.923056][  T269] bridge0: port 2(bridge_slave_1) entered disabled state
[   81.950566][  T269] bridge_slave_0: left allmulticast mode
[   81.956409][  T269] bridge_slave_0: left promiscuous mode
[   81.962419][  T269] bridge0: port 1(bridge_slave_0) entered disabled state
[   81.973299][ T6194] netlink: 4 bytes leftover after parsing attributes in process `syz.1.872'.
[   82.055268][  T269] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   82.085234][  T269] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   82.097502][ T6215] syz.7.878: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0
[   82.097594][  T269] bond0 (unregistering): Released all slaves
[   82.119175][ T6215] CPU: 0 UID: 0 PID: 6215 Comm: syz.7.878 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   82.119258][ T6215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   82.119272][ T6215] Call Trace:
[   82.119278][ T6215]  <TASK>
[   82.119285][ T6215]  __dump_stack+0x1d/0x30
[   82.119303][ T6215]  dump_stack_lvl+0xe8/0x140
[   82.119366][ T6215]  dump_stack+0x15/0x1b
[   82.119384][ T6215]  warn_alloc+0x12b/0x1a0
[   82.119415][ T6215]  ? audit_log_end+0x1d7/0x1f0
[   82.119509][ T6215]  ? audit_log_end+0x1d7/0x1f0
[   82.119606][ T6215]  __vmalloc_node_range_noprof+0x9c/0xe00
[   82.119638][ T6215]  ? __pfx_avc_audit_post_callback+0x10/0x10
[   82.119705][ T6215]  ? __rcu_read_unlock+0x4f/0x70
[   82.119725][ T6215]  ? __perf_event_task_sched_in+0xa5b/0xac0
[   82.119746][ T6215]  ? perf_cgroup_switch+0x10c/0x480
[   82.119764][ T6215]  ? update_load_avg+0x1da/0x820
[   82.119785][ T6215]  ? __list_add_valid_or_report+0x38/0xe0
[   82.119883][ T6215]  ? should_fail_ex+0x30/0x280
[   82.119906][ T6215]  ? xskq_create+0x36/0xe0
[   82.120001][ T6215]  vmalloc_user_noprof+0x7d/0xb0
[   82.120031][ T6215]  ? xskq_create+0x80/0xe0
[   82.120059][ T6215]  xskq_create+0x80/0xe0
[   82.120077][ T6215]  xsk_init_queue+0x95/0xf0
[   82.120143][ T6215]  xsk_setsockopt+0x477/0x640
[   82.120176][ T6215]  ? __pfx_xsk_setsockopt+0x10/0x10
[   82.120207][ T6215]  __sys_setsockopt+0x181/0x200
[   82.120230][ T6215]  __x64_sys_setsockopt+0x64/0x80
[   82.120257][ T6215]  x64_sys_call+0x20ec/0x2ff0
[   82.120337][ T6215]  do_syscall_64+0xd2/0x200
[   82.120430][ T6215]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   82.120452][ T6215]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   82.120476][ T6215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   82.120567][ T6215] RIP: 0033:0x7f5d5208ebe9
[   82.120582][ T6215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.120661][ T6215] RSP: 002b:00007f5d50af7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   82.120713][ T6215] RAX: ffffffffffffffda RBX: 00007f5d522c5fa0 RCX: 00007f5d5208ebe9
[   82.120724][ T6215] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000007
[   82.120738][ T6215] RBP: 00007f5d52111e19 R08: 0000000000000004 R09: 0000000000000000
[   82.120751][ T6215] R10: 0000200000000900 R11: 0000000000000246 R12: 0000000000000000
[   82.120768][ T6215] R13: 00007f5d522c6038 R14: 00007f5d522c5fa0 R15: 00007ffe9aa3d968
[   82.120787][ T6215]  </TASK>
[   82.364486][ T6215] Mem-Info:
[   82.368158][ T6215] active_anon:11211 inactive_anon:0 isolated_anon:0
[   82.368158][ T6215]  active_file:21042 inactive_file:2259 isolated_file:0
[   82.368158][ T6215]  unevictable:1 dirty:307 writeback:7
[   82.368158][ T6215]  slab_reclaimable:3503 slab_unreclaimable:28286
[   82.368158][ T6215]  mapped:36945 shmem:8125 pagetables:851
[   82.368158][ T6215]  sec_pagetables:0 bounce:0
[   82.368158][ T6215]  kernel_misc_reclaimable:0
[   82.368158][ T6215]  free:1818325 free_pcp:59296 free_cma:0
[   82.413652][ T6215] Node 0 active_anon:50064kB inactive_anon:0kB active_file:87184kB inactive_file:9036kB unevictable:4kB isolated(anon):0kB isolated(file):0kB mapped:153000kB dirty:1228kB writeback:28kB shmem:37720kB kernel_stack:3024kB pagetables:3404kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[   82.441248][ T6215] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[   82.470335][ T6215] lowmem_reserve[]: 0 2883 7862 7862
[   82.475689][ T6215] Node 0 DMA32 free:2949188kB boost:0kB min:4132kB low:7064kB high:9996kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2952820kB mlocked:0kB bounce:0kB free_pcp:3632kB local_pcp:100kB free_cma:0kB
[   82.506308][ T6215] lowmem_reserve[]: 0 0 4978 4978
[   82.511599][ T6215] Node 0 Normal free:4290308kB boost:0kB min:7184kB low:12280kB high:17376kB reserved_highatomic:0KB free_highatomic:0KB active_anon:58764kB inactive_anon:0kB active_file:91244kB inactive_file:9036kB unevictable:4kB writepending:1256kB present:5242880kB managed:5098240kB mlocked:4kB bounce:0kB free_pcp:230868kB local_pcp:2024kB free_cma:0kB
[   82.544063][ T6215] lowmem_reserve[]: 0 0 0 0
[   82.548585][ T6215] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[   82.561274][ T6215] Node 0 DMA32: 3*4kB (M) 3*8kB (M) 2*16kB (M) 2*32kB (M) 3*64kB (M) 4*128kB (M) 3*256kB (M) 3*512kB (M) 3*1024kB (M) 3*2048kB (M) 717*4096kB (M) = 2949188kB
[   82.577350][ T6215] Node 0 Normal: 1156*4kB (UME) 685*8kB (UE) 373*16kB (UE) 188*32kB (UME) 171*64kB (UE) 236*128kB (UME) 269*256kB (UME) 184*512kB (UM) 121*1024kB (UME) 80*2048kB (U) 920*4096kB (UM) = 4282376kB
[   82.596667][ T6215] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[   82.606038][ T6215] 38911 total pagecache pages
[   82.610909][ T6215] 0 pages in swap cache
[   82.615063][ T6215] Free swap  = 124996kB
[   82.619299][ T6215] Total swap = 124996kB
[   82.623568][ T6215] 2097051 pages RAM
[   82.627454][ T6215] 0 pages HighMem/MovableOnly
[   82.632196][ T6215] 80446 pages reserved
[   82.636576][  T269] bond1 (unregistering): (slave batadv1): Releasing active interface
[   82.651259][  T269] bond1 (unregistering): Released all slaves
[   82.704473][ T6194] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   82.712068][ T6194] batman_adv: batadv0: Removing interface: batadv_slave_0
[   82.723538][ T6194] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   82.730983][ T6194] batman_adv: batadv0: Removing interface: batadv_slave_1
[   82.775522][  T269] hsr_slave_0: left promiscuous mode
[   82.781464][  T269] hsr_slave_1: left promiscuous mode
[   82.787220][  T269] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   82.794732][  T269] batman_adv: batadv0: Removing interface: batadv_slave_0
[   82.838843][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.848551][  T269] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   82.855980][  T269] batman_adv: batadv0: Removing interface: batadv_slave_1
[   82.874208][  T269] veth1_macvtap: left promiscuous mode
[   82.886040][  T269] veth0_macvtap: left promiscuous mode
[   82.897557][  T269] veth1_vlan: left promiscuous mode
[   82.910677][  T269] veth0_vlan: left promiscuous mode
[   82.947052][ T6233] netlink: 36 bytes leftover after parsing attributes in process `syz.5.885'.
[   83.078712][  T269] team0 (unregistering): Port device team_slave_1 removed
[   83.085770][ T6236] loop1: detected capacity change from 0 to 512
[   83.092634][  T269] team0 (unregistering): Port device team_slave_0 removed
[   83.102007][ T6236] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   83.123537][ T6236] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   83.138436][ T6236] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.883: bg 0: block 248: padding at end of block bitmap is not set
[   83.140647][ T6188] chnl_net:caif_netlink_parms(): no params data found
[   83.161659][ T6228] netlink: 'syz.7.882': attribute type 12 has an invalid length.
[   83.169505][ T6228] ref_tracker: memory allocation failure, unreliable refcount tracker.
[   83.178698][ T6236] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.883: Failed to acquire dquot type 1
[   83.215241][ T6236] EXT4-fs (loop1): 1 truncate cleaned up
[   83.221994][ T6236] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[   83.270897][ T6247] netlink: 20 bytes leftover after parsing attributes in process `syz.7.888'.
[   83.286380][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[   83.295653][ T2323] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:8: Failed to release dquot type 1
[   83.308444][ T6188] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.315617][ T6188] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.323497][ T6188] bridge_slave_0: entered allmulticast mode
[   83.330957][ T6188] bridge_slave_0: entered promiscuous mode
[   83.333655][   T29] kauditd_printk_skb: 495 callbacks suppressed
[   83.333668][   T29] audit: type=1400 audit(1757300099.521:4728): avc:  denied  { write } for  pid=6250 comm="syz.1.890" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   83.337836][ T6188] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.370523][ T6188] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.377766][ T6188] bridge_slave_1: entered allmulticast mode
[   83.384339][ T6188] bridge_slave_1: entered promiscuous mode
[   83.395353][ T6255] loop1: detected capacity change from 0 to 512
[   83.402389][ T6255] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   83.413410][ T6188] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   83.421677][ T6255] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   83.425007][ T6188] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   83.440750][ T6255] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.891: bg 0: block 248: padding at end of block bitmap is not set
[   83.460710][ T6255] Quota error (device loop1): write_blk: dquota write failed
[   83.468093][ T6255] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   83.478087][ T6255] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.891: Failed to acquire dquot type 1
[   83.489831][ T6255] EXT4-fs (loop1): 1 truncate cleaned up
[   83.491911][ T6188] team0: Port device team_slave_0 added
[   83.495887][ T6255] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[   83.503625][ T6188] team0: Port device team_slave_1 added
[   83.532596][ T6188] batman_adv: batadv0: Adding interface: batadv_slave_0
[   83.539673][ T6188] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.566084][ T6188] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   83.577388][ T3312] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[   83.577449][ T6188] batman_adv: batadv0: Adding interface: batadv_slave_1
[   83.577572][ T2323] Quota error (device loop1): do_check_range: Getting block 0 out of range 1-5
[   83.586408][ T6188] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   83.593561][ T2323] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:8: Failed to release dquot type 1
[   83.639812][ T6188] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   83.658266][   T29] audit: type=1400 audit(1757300099.841:4729): avc:  denied  { setopt } for  pid=6258 comm="syz.1.892" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   83.688296][ T6188] hsr_slave_0: entered promiscuous mode
[   83.688658][ T6188] hsr_slave_1: entered promiscuous mode
[   83.688893][ T6188] debugfs: 'hsr0' already exists in 'hsr'
[   83.688906][ T6188] Cannot create hsr debugfs directory
[   83.772971][ T6188] netdevsim netdevsim8 netdevsim0: renamed from eth0
[   83.783152][ T6188] netdevsim netdevsim8 netdevsim1: renamed from eth1
[   83.792282][ T6188] netdevsim netdevsim8 netdevsim2: renamed from eth2
[   83.800771][ T6188] netdevsim netdevsim8 netdevsim3: renamed from eth3
[   83.816186][ T6188] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.823320][ T6188] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.830642][ T6188] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.837682][ T6188] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.847420][   T86] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.857421][   T86] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.918796][ T6188] 8021q: adding VLAN 0 to HW filter on device bond0
[   83.930878][ T6188] 8021q: adding VLAN 0 to HW filter on device team0
[   83.939998][  T386] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.947070][  T386] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.957119][  T386] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.964899][  T386] bridge0: port 2(bridge_slave_1) entered forwarding state
[   84.019528][ T6188] 8021q: adding VLAN 0 to HW filter on device batadv0
[   84.125151][ T6188] veth0_vlan: entered promiscuous mode
[   84.142204][ T6188] veth1_vlan: entered promiscuous mode
[   84.164723][ T6188] veth0_macvtap: entered promiscuous mode
[   84.171385][ T6293] netlink: zone id is out of range
[   84.177891][   T29] audit: type=1326 audit(1757300100.361:4730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6285 comm="syz.5.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc95ddaebe9 code=0x7ffc0000
[   84.178226][ T6188] veth1_macvtap: entered promiscuous mode
[   84.201386][   T29] audit: type=1326 audit(1757300100.361:4731): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6285 comm="syz.5.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc95ddaebe9 code=0x7ffc0000
[   84.207153][ T6293] netlink: zone id is out of range
[   84.230438][   T29] audit: type=1326 audit(1757300100.361:4732): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6285 comm="syz.5.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc95ddaebe9 code=0x7ffc0000
[   84.230464][   T29] audit: type=1326 audit(1757300100.361:4733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6285 comm="syz.5.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc95ddaebe9 code=0x7ffc0000
[   84.241287][ T6293] netlink: zone id is out of range
[   84.259037][   T29] audit: type=1326 audit(1757300100.361:4734): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6285 comm="syz.5.894" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc95ddaebe9 code=0x7ffc0000
[   84.282339][ T6293] netlink: zone id is out of range
[   84.321020][ T6188] batman_adv: batadv0: Interface activated: batadv_slave_0
[   84.332430][ T6188] batman_adv: batadv0: Interface activated: batadv_slave_1
[   84.348406][   T41] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   84.359674][ T6293] netlink: zone id is out of range
[   84.365484][ T6293] netlink: zone id is out of range
[   84.370683][ T6293] netlink: zone id is out of range
[   84.375796][ T6293] netlink: zone id is out of range
[   84.381458][ T6293] netlink: zone id is out of range
[   84.387200][ T6293] FAULT_INJECTION: forcing a failure.
[   84.387200][ T6293] name failslab, interval 1, probability 0, space 0, times 0
[   84.399970][ T6293] CPU: 0 UID: 0 PID: 6293 Comm: syz.6.897 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   84.399994][ T6293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   84.400005][ T6293] Call Trace:
[   84.400012][ T6293]  <TASK>
[   84.400037][ T6293]  __dump_stack+0x1d/0x30
[   84.400058][ T6293]  dump_stack_lvl+0xe8/0x140
[   84.400124][ T6293]  dump_stack+0x15/0x1b
[   84.400165][ T6293]  should_fail_ex+0x265/0x280
[   84.400184][ T6293]  should_failslab+0x8c/0xb0
[   84.400209][ T6293]  kmem_cache_alloc_node_noprof+0x57/0x320
[   84.400262][ T6293]  ? __alloc_skb+0x101/0x320
[   84.400283][ T6293]  __alloc_skb+0x101/0x320
[   84.400303][ T6293]  netlink_ack+0xfd/0x500
[   84.400332][ T6293]  ? __pfx_ovs_ct_limit_cmd_del+0x10/0x10
[   84.400421][ T6293]  netlink_rcv_skb+0x192/0x220
[   84.400440][ T6293]  ? __pfx_genl_rcv_msg+0x10/0x10
[   84.400506][ T6293]  genl_rcv+0x28/0x40
[   84.400596][ T6293]  netlink_unicast+0x5bd/0x690
[   84.400666][ T6293]  netlink_sendmsg+0x58b/0x6b0
[   84.400687][ T6293]  ? __pfx_netlink_sendmsg+0x10/0x10
[   84.400708][ T6293]  __sock_sendmsg+0x142/0x180
[   84.400751][ T6293]  ____sys_sendmsg+0x31e/0x4e0
[   84.400779][ T6293]  ___sys_sendmsg+0x17b/0x1d0
[   84.400833][ T6293]  __x64_sys_sendmsg+0xd4/0x160
[   84.400859][ T6293]  x64_sys_call+0x191e/0x2ff0
[   84.400876][ T6293]  do_syscall_64+0xd2/0x200
[   84.400900][ T6293]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   84.400977][ T6293]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   84.401002][ T6293]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.401024][ T6293] RIP: 0033:0x7f683030ebe9
[   84.401040][ T6293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.401057][ T6293] RSP: 002b:00007f682ed6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   84.401118][ T6293] RAX: ffffffffffffffda RBX: 00007f6830545fa0 RCX: 00007f683030ebe9
[   84.401131][ T6293] RDX: 000000000004c000 RSI: 0000200000000000 RDI: 0000000000000006
[   84.401144][ T6293] RBP: 00007f682ed6f090 R08: 0000000000000000 R09: 0000000000000000
[   84.401157][ T6293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   84.401205][ T6293] R13: 00007f6830546038 R14: 00007f6830545fa0 R15: 00007fff91e4b0e8
[   84.401222][ T6293]  </TASK>
[   84.638095][  T269] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   84.653200][   T41] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   84.674312][   T41] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   84.684438][ T6299] loop7: detected capacity change from 0 to 128
[   84.730728][ T6308] loop7: detected capacity change from 0 to 512
[   84.738394][ T6308] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[   84.751135][ T6309] FAULT_INJECTION: forcing a failure.
[   84.751135][ T6309] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   84.764518][ T6309] CPU: 1 UID: 0 PID: 6309 Comm: syz.6.902 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   84.764581][ T6309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   84.764590][ T6309] Call Trace:
[   84.764596][ T6309]  <TASK>
[   84.764602][ T6309]  __dump_stack+0x1d/0x30
[   84.764619][ T6309]  dump_stack_lvl+0xe8/0x140
[   84.764634][ T6309]  dump_stack+0x15/0x1b
[   84.764699][ T6309]  should_fail_ex+0x265/0x280
[   84.764717][ T6309]  should_fail+0xb/0x20
[   84.764731][ T6309]  should_fail_usercopy+0x1a/0x20
[   84.764749][ T6309]  _copy_from_user+0x1c/0xb0
[   84.764837][ T6309]  ___sys_sendmsg+0xc1/0x1d0
[   84.764866][ T6309]  __x64_sys_sendmsg+0xd4/0x160
[   84.764887][ T6309]  x64_sys_call+0x191e/0x2ff0
[   84.764903][ T6309]  do_syscall_64+0xd2/0x200
[   84.764973][ T6309]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   84.764991][ T6309]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   84.765011][ T6309]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   84.765058][ T6309] RIP: 0033:0x7f683030ebe9
[   84.765070][ T6309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   84.765083][ T6309] RSP: 002b:00007f682ed6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   84.765098][ T6309] RAX: ffffffffffffffda RBX: 00007f6830545fa0 RCX: 00007f683030ebe9
[   84.765108][ T6309] RDX: 0000000000044080 RSI: 0000200000000040 RDI: 0000000000000006
[   84.765118][ T6309] RBP: 00007f682ed6f090 R08: 0000000000000000 R09: 0000000000000000
[   84.765139][ T6309] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   84.765149][ T6309] R13: 00007f6830546038 R14: 00007f6830545fa0 R15: 00007fff91e4b0e8
[   84.765163][ T6309]  </TASK>
[   84.771986][ T6311] loop5: detected capacity change from 0 to 164
[   84.806617][ T6308] EXT4-fs warning (device loop7): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   84.823921][ T6311] Unable to read rock-ridge attributes
[   84.829684][ T6308] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.901: bg 0: block 248: padding at end of block bitmap is not set
[   84.836924][ T6311] Unable to read rock-ridge attributes
[   84.838184][ T6308] EXT4-fs error (device loop7): ext4_acquire_dquot:6937: comm syz.7.901: Failed to acquire dquot type 1
[   84.894804][ T6320] netlink: 20 bytes leftover after parsing attributes in process `syz.5.903'.
[   84.898232][ T6308] EXT4-fs (loop7): 1 truncate cleaned up
[   85.014691][ T6308] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[   85.041360][ T5553] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[   85.050814][  T386] EXT4-fs error (device loop7): ext4_release_dquot:6973: comm kworker/u8:6: Failed to release dquot type 1
[   85.068576][ T6322] netlink: 20 bytes leftover after parsing attributes in process `syz.7.906'.
[   85.618076][ T6393] FAULT_INJECTION: forcing a failure.
[   85.618076][ T6393] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   85.631443][ T6393] CPU: 0 UID: 0 PID: 6393 Comm: syz.5.910 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   85.631477][ T6393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   85.631489][ T6393] Call Trace:
[   85.631497][ T6393]  <TASK>
[   85.631506][ T6393]  __dump_stack+0x1d/0x30
[   85.631527][ T6393]  dump_stack_lvl+0xe8/0x140
[   85.631619][ T6393]  dump_stack+0x15/0x1b
[   85.631634][ T6393]  should_fail_ex+0x265/0x280
[   85.631700][ T6393]  should_fail_alloc_page+0xf2/0x100
[   85.631722][ T6393]  __alloc_frozen_pages_noprof+0xff/0x360
[   85.631753][ T6393]  alloc_pages_mpol+0xb3/0x250
[   85.631819][ T6393]  alloc_pages_noprof+0x90/0x130
[   85.631846][ T6393]  pte_alloc_one+0x2d/0x120
[   85.631866][ T6393]  __pte_alloc+0x32/0x2b0
[   85.631935][ T6393]  handle_mm_fault+0x1c55/0x2c20
[   85.632000][ T6393]  do_user_addr_fault+0x636/0x1090
[   85.632029][ T6393]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   85.632112][ T6393]  exc_page_fault+0x62/0xa0
[   85.632139][ T6393]  asm_exc_page_fault+0x26/0x30
[   85.632198][ T6393] RIP: 0033:0x7fc95dc70c46
[   85.632213][ T6393] Code: f0 72 6e 48 63 cd 48 01 c1 49 39 4f 08 72 4c 8d 4d ff 85 ed 74 33 66 0f 1f 44 00 00 48 39 f0 72 1b 4d 8b 07 49 89 c1 49 29 f1 <47> 0f b6 0c 08 45 84 c9 74 08 45 88 0c 00 49 8b 47 10 48 83 c0 01
[   85.632227][ T6393] RSP: 002b:00007fc95c8164a0 EFLAGS: 00010246
[   85.632240][ T6393] RAX: 0000000000000001 RBX: 00007fc95c816540 RCX: 0000000000000101
[   85.632251][ T6393] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 00007fc95c8165e0
[   85.632261][ T6393] RBP: 0000000000000102 R08: 00007fc9543f7000 R09: 0000000000000000
[   85.632273][ T6393] R10: 0000000000000000 R11: 00007fc95c816550 R12: 0000000000000001
[   85.632349][ T6393] R13: 00007fc95de4da20 R14: 0000000000000000 R15: 00007fc95c8165e0
[   85.632365][ T6393]  </TASK>
[   85.632375][ T6393] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[   85.818877][ T6393] loop5: detected capacity change from 0 to 512
[   85.829254][ T6393] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   85.898188][ T6419] loop6: detected capacity change from 0 to 512
[   85.906275][ T6419] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   85.921057][ T6393] EXT4-fs (loop5): orphan cleanup on readonly fs
[   85.928452][ T6393] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:517: comm syz.5.910: Block bitmap for bg 0 marked uninitialized
[   85.931362][ T6419] EXT4-fs (loop6): 1 truncate cleaned up
[   85.948142][ T6393] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   85.949664][ T6419] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.957817][ T6393] EXT4-fs (loop5): 1 orphan inode deleted
[   85.986689][ T6393] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   86.007637][ T6393] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[   86.031475][ T6393] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   86.051055][ T6393] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:517: comm syz.5.910: Block bitmap for bg 0 marked uninitialized
[   86.076380][ T6393] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:517: comm syz.5.910: Block bitmap for bg 0 marked uninitialized
[   86.090245][ T6393] EXT4-fs error (device loop5): ext4_read_block_bitmap_nowait:517: comm syz.5.910: Block bitmap for bg 0 marked uninitialized
[   86.116430][ T5305] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.117681][ T6393] netlink: 12 bytes leftover after parsing attributes in process `syz.5.910'.
[   86.193754][ T6455] netlink: 8 bytes leftover after parsing attributes in process `syz.6.919'.
[   86.213268][ T6456] loop7: detected capacity change from 0 to 1024
[   86.223327][ T6456] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.240796][ T6455] net_ratelimit: 2 callbacks suppressed
[   86.240810][ T6455] netlink: zone id is out of range
[   86.251655][ T6455] netlink: zone id is out of range
[   86.256768][ T6455] netlink: zone id is out of range
[   86.261911][ T6455] netlink: zone id is out of range
[   86.268036][ T6455] netlink: zone id is out of range
[   86.277350][ T6455] netlink: zone id is out of range
[   86.278797][ T6465] FAULT_INJECTION: forcing a failure.
[   86.278797][ T6465] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[   86.282858][ T6455] netlink: zone id is out of range
[   86.295842][ T6465] CPU: 1 UID: 0 PID: 6465 Comm: syz.1.922 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   86.295863][ T6465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   86.295875][ T6465] Call Trace:
[   86.295882][ T6465]  <TASK>
[   86.295890][ T6465]  __dump_stack+0x1d/0x30
[   86.295911][ T6465]  dump_stack_lvl+0xe8/0x140
[   86.295997][ T6465]  dump_stack+0x15/0x1b
[   86.296012][ T6465]  should_fail_ex+0x265/0x280
[   86.296034][ T6465]  should_fail_alloc_page+0xf2/0x100
[   86.296126][ T6465]  __alloc_frozen_pages_noprof+0xff/0x360
[   86.296160][ T6465]  alloc_pages_mpol+0xb3/0x250
[   86.296220][ T6465]  vma_alloc_folio_noprof+0x1aa/0x300
[   86.296311][ T6465]  do_wp_page+0x5db/0x24e0
[   86.296333][ T6465]  ? css_rstat_updated+0xb7/0x240
[   86.296360][ T6465]  ? __rcu_read_lock+0x37/0x50
[   86.296381][ T6465]  handle_mm_fault+0x77d/0x2c20
[   86.296484][ T6465]  ? __rcu_read_unlock+0x4f/0x70
[   86.296510][ T6465]  do_user_addr_fault+0x3fe/0x1090
[   86.296598][ T6465]  exc_page_fault+0x62/0xa0
[   86.296633][ T6465]  asm_exc_page_fault+0x26/0x30
[   86.296672][ T6465] RIP: 0010:__put_user_4+0xd/0x20
[   86.296751][ T6465] Code: 66 89 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 90 90 90 90 90 90 90 90 90 90
[   86.296767][ T6465] RSP: 0018:ffffc90001e4bd18 EFLAGS: 00050206
[   86.296783][ T6465] RAX: 00000000fffffff2 RBX: 0000000000000000 RCX: 0000200000006000
[   86.296795][ T6465] RDX: ffff888104449080 RSI: 00000000fffffff2 RDI: 0000000000000000
[   86.296808][ T6465] RBP: ffffc90001e4bec0 R08: 0001888145b51707 R09: 0000000000000000
[   86.296820][ T6465] R10: 0000000000000003 R11: 0000000000000000 R12: 0000000000000000
[   86.296832][ T6465] R13: 0000000000001800 R14: 0000000000000000 R15: 00000000fffffff2
[   86.296850][ T6465]  __se_sys_move_pages+0xa2f/0x1360
[   86.296907][ T6465]  ? get_pid_task+0x96/0xd0
[   86.296928][ T6465]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   86.296954][ T6465]  ? __fget_files+0x184/0x1c0
[   86.297022][ T6465]  ? fput+0x8f/0xc0
[   86.297047][ T6465]  ? ksys_write+0x192/0x1a0
[   86.297068][ T6465]  __x64_sys_move_pages+0x78/0x90
[   86.297151][ T6465]  x64_sys_call+0x2f78/0x2ff0
[   86.297172][ T6465]  do_syscall_64+0xd2/0x200
[   86.297238][ T6465]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   86.297267][ T6465]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   86.297293][ T6465]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.297313][ T6465] RIP: 0033:0x7fcc9310ebe9
[   86.297395][ T6465] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   86.297411][ T6465] RSP: 002b:00007fcc91b77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000117
[   86.297428][ T6465] RAX: ffffffffffffffda RBX: 00007fcc93345fa0 RCX: 00007fcc9310ebe9
[   86.297440][ T6465] RDX: 0000200000000040 RSI: 00000000000020a0 RDI: 0000000000000000
[   86.297451][ T6465] RBP: 00007fcc91b77090 R08: 0000200000000000 R09: 0000000000000000
[   86.297463][ T6465] R10: 0000200000001180 R11: 0000000000000246 R12: 0000000000000001
[   86.297474][ T6465] R13: 00007fcc93346038 R14: 00007fcc93345fa0 R15: 00007ffc8ac94f48
[   86.297606][ T6465]  </TASK>
[   86.299484][ T3966] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.300990][ T6455] netlink: zone id is out of range
[   86.301000][ T6455] netlink: zone id is out of range
[   86.532059][ T6474] loop1: detected capacity change from 0 to 764
[   86.536839][ T6455] netlink: zone id is out of range
[   86.657798][ T6474] rock: directory entry would overflow storage
[   86.664101][ T6474] rock: sig=0x4f50, size=4, remaining=3
[   86.669692][ T6474] iso9660: Corrupted directory entry in block 6 of inode 1792
[   86.695263][ T6487] loop8: detected capacity change from 0 to 512
[   86.702839][ T6487] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[   86.702850][ T6474] Symlink component flag not implemented
[   86.703187][ T6474] Symlink component flag not implemented (129)
[   86.725247][ T6474] rock: directory entry would overflow storage
[   86.731509][ T6474] rock: sig=0x4f50, size=4, remaining=3
[   86.737054][ T6474] iso9660: Corrupted directory entry in block 6 of inode 1792
[   86.755223][ T6487] EXT4-fs warning (device loop8): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   86.774994][ T6492] loop6: detected capacity change from 0 to 512
[   86.776118][ T6487] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.929: bg 0: block 248: padding at end of block bitmap is not set
[   86.783319][ T6492] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   86.806539][ T6487] EXT4-fs error (device loop8): ext4_acquire_dquot:6937: comm syz.8.929: Failed to acquire dquot type 1
[   86.810856][ T6494] netlink: 20 bytes leftover after parsing attributes in process `syz.1.931'.
[   86.818690][ T6487] EXT4-fs (loop8): 1 truncate cleaned up
[   86.831138][ T6492] EXT4-fs (loop6): 1 truncate cleaned up
[   86.832965][ T6487] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[   86.867250][  T386] EXT4-fs error (device loop8): ext4_release_dquot:6973: comm kworker/u8:6: Failed to release dquot type 1
[   87.123693][ T6522] FAULT_INJECTION: forcing a failure.
[   87.123693][ T6522] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   87.137014][ T6522] CPU: 0 UID: 0 PID: 6522 Comm: syz.7.944 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   87.137059][ T6522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   87.137070][ T6522] Call Trace:
[   87.137107][ T6522]  <TASK>
[   87.137116][ T6522]  __dump_stack+0x1d/0x30
[   87.137135][ T6522]  dump_stack_lvl+0xe8/0x140
[   87.137154][ T6522]  dump_stack+0x15/0x1b
[   87.137170][ T6522]  should_fail_ex+0x265/0x280
[   87.137192][ T6522]  should_fail+0xb/0x20
[   87.137211][ T6522]  should_fail_usercopy+0x1a/0x20
[   87.137249][ T6522]  _copy_to_user+0x20/0xa0
[   87.137278][ T6522]  simple_read_from_buffer+0xb5/0x130
[   87.137301][ T6522]  proc_fail_nth_read+0x10e/0x150
[   87.137354][ T6522]  ? __pfx_proc_fail_nth_read+0x10/0x10
[   87.137384][ T6522]  vfs_read+0x1a5/0x770
[   87.137400][ T6522]  ? __rcu_read_unlock+0x4f/0x70
[   87.137501][ T6522]  ? __fget_files+0x184/0x1c0
[   87.137526][ T6522]  ksys_read+0xda/0x1a0
[   87.137545][ T6522]  __x64_sys_read+0x40/0x50
[   87.137562][ T6522]  x64_sys_call+0x27bc/0x2ff0
[   87.137579][ T6522]  do_syscall_64+0xd2/0x200
[   87.137642][ T6522]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   87.137663][ T6522]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   87.137688][ T6522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   87.137728][ T6522] RIP: 0033:0x7f5d5208d5fc
[   87.137744][ T6522] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[   87.137807][ T6522] RSP: 002b:00007f5d50af7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   87.137826][ T6522] RAX: ffffffffffffffda RBX: 00007f5d522c5fa0 RCX: 00007f5d5208d5fc
[   87.137914][ T6522] RDX: 000000000000000f RSI: 00007f5d50af70a0 RDI: 0000000000000004
[   87.137926][ T6522] RBP: 00007f5d50af7090 R08: 0000000000000000 R09: 0000000000000000
[   87.137936][ T6522] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   87.137946][ T6522] R13: 00007f5d522c6038 R14: 00007f5d522c5fa0 R15: 00007ffe9aa3d968
[   87.137961][ T6522]  </TASK>
[   87.142156][ T6524] loop8: detected capacity change from 0 to 512
[   87.195563][ T6526] loop7: detected capacity change from 0 to 512
[   87.219097][ T6524] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[   87.229095][ T6526] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[   87.374550][ T6524] EXT4-fs warning (device loop8): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   87.390788][ T6526] EXT4-fs (loop7): 1 truncate cleaned up
[   87.423699][ T6524] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.943: bg 0: block 248: padding at end of block bitmap is not set
[   87.476013][ T6524] EXT4-fs error (device loop8): ext4_acquire_dquot:6937: comm syz.8.943: Failed to acquire dquot type 1
[   87.490033][ T6543] netlink: 16 bytes leftover after parsing attributes in process `syz.5.952'.
[   87.511900][ T6524] EXT4-fs (loop8): 1 truncate cleaned up
[   87.562430][   T31] EXT4-fs error (device loop8): ext4_release_dquot:6973: comm kworker/u8:1: Failed to release dquot type 1
[   87.753432][ T6565] loop5: detected capacity change from 0 to 2048
[   87.792564][ T6572] loop8: detected capacity change from 0 to 256
[   87.901129][ T6582] netlink: 20 bytes leftover after parsing attributes in process `syz.5.968'.
[   88.453841][ T6592] loop6: detected capacity change from 0 to 128
[   88.613762][ T6604] loop8: detected capacity change from 0 to 2048
[   88.667527][ T6609] netlink: 4 bytes leftover after parsing attributes in process `syz.8.978'.
[   88.681835][ T6609] loop8: detected capacity change from 0 to 1024
[   88.693611][ T6609] ext4 filesystem being mounted at /13/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   88.709154][   T29] kauditd_printk_skb: 408 callbacks suppressed
[   88.709226][   T29] audit: type=1400 audit(1757300104.901:5134): avc:  denied  { append } for  pid=6608 comm="syz.8.978" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   88.709822][ T6609] vhci_hcd: invalid port number 28
[   88.744448][ T6609] vhci_hcd: default hub control req: 0303 v0009 i001c l53
[   88.773479][ T6609] usb usb1: check_ctrlrecip: process 6609 (syz.8.978) requesting ep 01 but needs 81
[   88.783219][ T6609] vhci_hcd: default hub control req: 020f v0004 i0001 l0
[   88.912011][ T6623] loop7: detected capacity change from 0 to 512
[   88.972807][ T6623] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[   89.031564][ T6623] EXT4-fs warning (device loop7): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   89.067013][ T6636] loop6: detected capacity change from 0 to 2048
[   89.080307][ T6623] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz.7.983: bg 0: block 248: padding at end of block bitmap is not set
[   89.104957][ T6623] Quota error (device loop7): write_blk: dquota write failed
[   89.112547][ T6623] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[   89.139531][ T6623] EXT4-fs error (device loop7): ext4_acquire_dquot:6937: comm syz.7.983: Failed to acquire dquot type 1
[   89.151362][ T6623] EXT4-fs (loop7): 1 truncate cleaned up
[   89.166761][   T29] audit: type=1400 audit(1757300105.351:5135): avc:  denied  { mount } for  pid=6651 comm="syz.5.994" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[   89.190800][   T29] audit: type=1400 audit(1757300105.371:5136): avc:  denied  { mounton } for  pid=6651 comm="syz.5.994" path="/171/file0" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1
[   89.214973][ T2184] Quota error (device loop7): do_check_range: Getting block 0 out of range 1-5
[   89.215038][   T29] audit: type=1326 audit(1757300105.411:5137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6638 comm="syz.8.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff0220ebe9 code=0x7ffc0000
[   89.223979][ T2184] EXT4-fs error (device loop7): ext4_release_dquot:6973: comm kworker/u8:7: Failed to release dquot type 1
[   89.259177][   T29] audit: type=1326 audit(1757300105.411:5138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6638 comm="syz.8.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff0220ebe9 code=0x7ffc0000
[   89.283682][   T29] audit: type=1326 audit(1757300105.411:5139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6638 comm="syz.8.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff0220ebe9 code=0x7ffc0000
[   89.307160][   T29] audit: type=1326 audit(1757300105.411:5140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6638 comm="syz.8.990" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff0220ebe9 code=0x7ffc0000
[   89.335964][ T6657] loop5: detected capacity change from 0 to 512
[   89.346777][ T6657] EXT4-fs: Ignoring removed oldalloc option
[   89.372316][ T6657] EXT4-fs error (device loop5): ext4_xattr_inode_iget:433: comm syz.5.994: Parent and EA inode have the same ino 15
[   89.385257][ T6657] EXT4-fs error (device loop5): ext4_xattr_inode_iget:433: comm syz.5.994: Parent and EA inode have the same ino 15
[   89.398463][ T6657] EXT4-fs (loop5): 1 orphan inode deleted
[   89.449847][ T6675] loop6: detected capacity change from 0 to 512
[   89.456839][ T6675] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[   89.475575][ T6675] EXT4-fs (loop6): orphan cleanup on readonly fs
[   89.482594][ T6675] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:517: comm syz.6.1002: Block bitmap for bg 0 marked uninitialized
[   89.497579][ T6675] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6657: Corrupt filesystem
[   89.506839][ T6675] EXT4-fs (loop6): 1 orphan inode deleted
[   89.512964][ T6679] loop8: detected capacity change from 0 to 2048
[   89.519402][ T6675] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[   89.530505][ T6675] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   89.543391][ T6675] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:517: comm syz.6.1002: Block bitmap for bg 0 marked uninitialized
[   89.605721][ T6675] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:517: comm syz.6.1002: Block bitmap for bg 0 marked uninitialized
[   89.628799][ T6675] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:517: comm syz.6.1002: Block bitmap for bg 0 marked uninitialized
[   89.672672][ T6675] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1002'.
[   89.716742][ T6698] vhci_hcd vhci_hcd.0: pdev(8) rhport(0) sockfd(5)
[   89.723424][ T6698] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   89.731041][ T6698] vhci_hcd vhci_hcd.0: Device attached
[   89.752068][ T6698] loop8: detected capacity change from 0 to 2048
[   89.781089][ T6698]  loop8: p1 < > p4
[   89.786002][ T6698] loop8: p4 size 8388608 extends beyond EOD, truncated
[   89.804945][ T6715] loop7: detected capacity change from 0 to 512
[   89.811803][ T6700] vhci_hcd: connection closed
[   89.811936][   T51] vhci_hcd: stop threads
[   89.817464][ T6715] EXT4-fs (loop7): orphan cleanup on readonly fs
[   89.821000][   T51] vhci_hcd: release socket
[   89.828371][ T6715] EXT4-fs error (device loop7): ext4_orphan_get:1418: comm syz.7.1017: bad orphan inode 13
[   89.831830][   T51] vhci_hcd: disconnect device
[   89.847523][ T6715] ext4_test_bit(bit=12, block=18) = 1
[   89.852942][ T6715] is_bad_inode(inode)=0
[   89.857136][ T6715] NEXT_ORPHAN(inode)=2130706432
[   89.862005][ T6715] max_ino=32
[   89.865197][ T6715] i_nlink=1
[   89.875013][ T6715] EXT4-fs (loop7): warning: mounting fs with errors, running e2fsck is recommended
[   89.890742][ T6715] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   89.964733][ T6730] loop7: detected capacity change from 0 to 2048
[   90.001820][ T6734] FAULT_INJECTION: forcing a failure.
[   90.001820][ T6734] name failslab, interval 1, probability 0, space 0, times 0
[   90.014496][ T6734] CPU: 1 UID: 0 PID: 6734 Comm: syz.5.1023 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   90.014523][ T6734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   90.014574][ T6734] Call Trace:
[   90.014581][ T6734]  <TASK>
[   90.014588][ T6734]  __dump_stack+0x1d/0x30
[   90.014606][ T6734]  dump_stack_lvl+0xe8/0x140
[   90.014622][ T6734]  dump_stack+0x15/0x1b
[   90.014697][ T6734]  should_fail_ex+0x265/0x280
[   90.014736][ T6734]  ? sctp_add_bind_addr+0x71/0x1e0
[   90.014759][ T6734]  should_failslab+0x8c/0xb0
[   90.014779][ T6734]  __kmalloc_cache_noprof+0x4c/0x320
[   90.014876][ T6734]  sctp_add_bind_addr+0x71/0x1e0
[   90.015001][ T6734]  sctp_copy_local_addr_list+0x199/0x220
[   90.015026][ T6734]  sctp_copy_one_addr+0x7f/0x280
[   90.015050][ T6734]  sctp_bind_addr_copy+0x79/0x290
[   90.015151][ T6734]  sctp_assoc_set_bind_addr_from_ep+0xce/0xe0
[   90.015177][ T6734]  sctp_connect_new_asoc+0x1c3/0x3a0
[   90.015201][ T6734]  sctp_sendmsg+0xf10/0x18d0
[   90.015220][ T6734]  ? selinux_socket_sendmsg+0xb1/0x1b0
[   90.015246][ T6734]  ? __pfx_sctp_sendmsg+0x10/0x10
[   90.015261][ T6734]  inet_sendmsg+0xc5/0xd0
[   90.015290][ T6734]  __sock_sendmsg+0x102/0x180
[   90.015325][ T6734]  ____sys_sendmsg+0x345/0x4e0
[   90.015376][ T6734]  ___sys_sendmsg+0x17b/0x1d0
[   90.015408][ T6734]  __sys_sendmmsg+0x178/0x300
[   90.015438][ T6734]  __x64_sys_sendmmsg+0x57/0x70
[   90.015477][ T6734]  x64_sys_call+0x1c4a/0x2ff0
[   90.015497][ T6734]  do_syscall_64+0xd2/0x200
[   90.015527][ T6734]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   90.015573][ T6734]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   90.015682][ T6734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   90.015747][ T6734] RIP: 0033:0x7fc95ddaebe9
[   90.015763][ T6734] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   90.015778][ T6734] RSP: 002b:00007fc95c817038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   90.015812][ T6734] RAX: ffffffffffffffda RBX: 00007fc95dfe5fa0 RCX: 00007fc95ddaebe9
[   90.015823][ T6734] RDX: 0000000000000001 RSI: 0000200000000880 RDI: 0000000000000006
[   90.015833][ T6734] RBP: 00007fc95c817090 R08: 0000000000000000 R09: 0000000000000000
[   90.015844][ T6734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   90.015854][ T6734] R13: 00007fc95dfe6038 R14: 00007fc95dfe5fa0 R15: 00007ffce04a6e28
[   90.015869][ T6734]  </TASK>
[   90.352198][ T6754] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1032'.
[   90.365314][ T6750] loop6: detected capacity change from 0 to 8192
[   90.494291][ T6767] loop8: detected capacity change from 0 to 512
[   90.501536][ T6767] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[   90.532604][ T6767] EXT4-fs warning (device loop8): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   90.547371][ T6767] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.1035: bg 0: block 248: padding at end of block bitmap is not set
[   90.563362][ T6767] EXT4-fs error (device loop8): ext4_acquire_dquot:6937: comm syz.8.1035: Failed to acquire dquot type 1
[   90.575177][ T6767] EXT4-fs (loop8): 1 truncate cleaned up
[   90.672313][   T31] EXT4-fs error (device loop8): ext4_release_dquot:6973: comm kworker/u8:1: Failed to release dquot type 1
[   90.723432][ T6782] loop8: detected capacity change from 0 to 2048
[   90.953395][ T6805] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1047'.
[   91.175515][ T6815] loop1: detected capacity change from 0 to 512
[   91.186157][ T6815] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   91.209488][ T6817] loop5: detected capacity change from 0 to 512
[   91.218759][ T6817] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[   91.238134][ T6819] loop8: detected capacity change from 0 to 2048
[   91.246597][ T6815] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   91.264803][ T6817] EXT4-fs (loop5): 1 truncate cleaned up
[   91.289027][ T6815] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1051: bg 0: block 248: padding at end of block bitmap is not set
[   91.304550][ T6815] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.1051: Failed to acquire dquot type 1
[   91.316499][ T6815] EXT4-fs (loop1): 1 truncate cleaned up
[   91.342934][ T2323] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:8: Failed to release dquot type 1
[   91.653658][ T6854] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1063'.
[   91.765330][ T6876] loop7: detected capacity change from 0 to 512
[   91.787920][ T6876] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[   91.840266][ T6876] EXT4-fs (loop7): 1 truncate cleaned up
[   92.377181][ T6950] loop6: detected capacity change from 0 to 1024
[   92.387600][ T6950] EXT4-fs: Ignoring removed bh option
[   92.394310][ T6950] EXT4-fs: inline encryption not supported
[   92.400782][ T6950] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   92.424387][ T6950] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[   92.435919][ T6950] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #3: block 2: comm syz.6.1079: lblock 2 mapped to illegal pblock 2 (length 1)
[   92.451364][ T6950] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #3: block 48: comm syz.6.1079: lblock 0 mapped to illegal pblock 48 (length 1)
[   92.467902][ T6950] EXT4-fs error (device loop6): ext4_acquire_dquot:6937: comm syz.6.1079: Failed to acquire dquot type 0
[   92.484570][ T6950] EXT4-fs error (device loop6) in ext4_reserve_inode_write:6334: Corrupt filesystem
[   92.497212][ T6950] EXT4-fs error (device loop6): ext4_evict_inode:254: inode #11: comm syz.6.1079: mark_inode_dirty error
[   92.513478][ T6950] EXT4-fs warning (device loop6): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   92.524462][ T6950] EXT4-fs (loop6): 1 orphan inode deleted
[   92.549453][ T6955] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1081'.
[   92.564357][   T86] EXT4-fs error (device loop6): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:4: lblock 1 mapped to illegal pblock 1 (length 1)
[   92.598633][   T86] EXT4-fs error (device loop6): ext4_release_dquot:6973: comm kworker/u8:4: Failed to release dquot type 0
[   92.617518][ T6950] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   92.680995][ T6965] loop5: detected capacity change from 0 to 2048
[   92.723262][ T6970] loop1: detected capacity change from 0 to 512
[   92.731438][ T6970] EXT4-fs: Ignoring removed nomblk_io_submit option
[   92.739026][ T6970] EXT4-fs: Ignoring removed nomblk_io_submit option
[   92.746882][ T6970] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   92.757301][ T6970] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[   92.757311][ T6972] loop6: detected capacity change from 0 to 512
[   92.772156][ T6970] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[   92.780542][ T6972] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[   92.791415][ T6970] EXT4-fs (loop1): 1 truncate cleaned up
[   92.798340][ T6972] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   92.816728][ T6970] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters
[   92.822114][ T6972] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1087: bg 0: block 248: padding at end of block bitmap is not set
[   92.845813][ T6972] EXT4-fs error (device loop6): ext4_acquire_dquot:6937: comm syz.6.1087: Failed to acquire dquot type 1
[   92.860440][ T6972] EXT4-fs (loop6): 1 truncate cleaned up
[   92.866347][ T6970] EXT4-fs (loop1): Remounting filesystem read-only
[   92.911523][ T6899] EXT4-fs error (device loop6): ext4_release_dquot:6973: comm kworker/u8:22: Failed to release dquot type 1
[   92.932286][ T6984] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1091'.
[   92.997361][ T6994] ieee802154 phy1 wpan1: encryption failed: -22
[   93.066571][ T6998] loop6: detected capacity change from 0 to 2048
[   93.108607][ T7001] loop8: detected capacity change from 0 to 512
[   93.154166][ T7001] ext4 filesystem being mounted at /34/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   93.258450][ T7017] loop6: detected capacity change from 0 to 512
[   93.266758][ T7017] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[   93.282573][ T7017] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   93.297847][ T7017] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1103: bg 0: block 248: padding at end of block bitmap is not set
[   93.312566][ T7017] EXT4-fs error (device loop6): ext4_acquire_dquot:6937: comm syz.6.1103: Failed to acquire dquot type 1
[   93.324529][ T7017] EXT4-fs (loop6): 1 truncate cleaned up
[   93.340082][ T6927] EXT4-fs error (device loop6): ext4_release_dquot:6973: comm kworker/u8:50: Failed to release dquot type 1
[   93.364326][ T7026] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1105'.
[   93.379545][ T7028] loop7: detected capacity change from 0 to 256
[   93.410867][ T7034] ieee802154 phy1 wpan1: encryption failed: -22
[   93.432204][ T7037] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1110'.
[   93.473338][ T7042] loop7: detected capacity change from 0 to 2048
[   93.511233][ T7037] bridge_slave_0: left allmulticast mode
[   93.516907][ T7037] bridge_slave_0: left promiscuous mode
[   93.522649][ T7037] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.533713][ T7037] bridge_slave_1: left allmulticast mode
[   93.539527][ T7037] bridge0: port 2(bridge_slave_1) entered disabled state
[   93.572423][ T7037] bond0: (slave bond_slave_0): Releasing backup interface
[   93.585006][ T7037] bond0: (slave bond_slave_1): Releasing backup interface
[   93.597031][ T7037] team0: Port device team_slave_0 removed
[   93.608247][ T7037] team0: Port device team_slave_1 removed
[   93.615851][ T7037] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   93.623289][ T7037] batman_adv: batadv0: Removing interface: batadv_slave_0
[   93.635863][ T7037] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   93.643326][ T7037] batman_adv: batadv0: Removing interface: batadv_slave_1
[   93.675523][ T7053] vlan2: entered allmulticast mode
[   93.700554][ T7060] loop6: detected capacity change from 0 to 512
[   93.707863][ T7060] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[   93.716213][ T7052] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=7052 comm=syz.7.1113
[   93.725792][   T29] kauditd_printk_skb: 433 callbacks suppressed
[   93.725807][   T29] audit: type=1326 audit(1757300109.911:5559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7054 comm="syz.1.1114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   93.759158][   T29] audit: type=1326 audit(1757300109.911:5560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7054 comm="syz.1.1114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   93.796722][ T7052] loop7: detected capacity change from 0 to 1024
[   93.804261][ T7052] EXT4-fs: Ignoring removed bh option
[   93.809734][ T7052] EXT4-fs: inline encryption not supported
[   93.817312][ T7052] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   93.819792][ T7060] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   93.829052][ T7052] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[   93.844549][ T7060] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1116: bg 0: block 248: padding at end of block bitmap is not set
[   93.865157][ T7060] Quota error (device loop6): write_blk: dquota write failed
[   93.865707][ T7052] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #3: block 2: comm syz.7.1113: lblock 2 mapped to illegal pblock 2 (length 1)
[   93.872706][ T7060] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[   93.887459][ T7052] Quota error (device loop7): qtree_write_dquot: dquota write failed
[   93.896849][ T7060] EXT4-fs error (device loop6): ext4_acquire_dquot:6937: comm syz.6.1116: Failed to acquire dquot type 1
[   93.905701][ T7052] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #3: block 48: comm syz.7.1113: lblock 0 mapped to illegal pblock 48 (length 1)
[   93.932004][ T7060] EXT4-fs (loop6): 1 truncate cleaned up
[   93.941996][ T7052] Quota error (device loop7): v2_write_file_info: Can't write info structure
[   93.951056][ T7052] EXT4-fs error (device loop7): ext4_acquire_dquot:6937: comm syz.7.1113: Failed to acquire dquot type 0
[   93.963034][ T7052] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6334: Corrupt filesystem
[   93.972574][ T7052] EXT4-fs error (device loop7): ext4_evict_inode:254: inode #11: comm syz.7.1113: mark_inode_dirty error
[   93.973489][ T6927] Quota error (device loop6): do_check_range: Getting block 0 out of range 1-5
[   93.984405][ T7052] EXT4-fs warning (device loop7): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[   93.992905][ T6927] EXT4-fs error (device loop6): ext4_release_dquot:6973: comm kworker/u8:50: Failed to release dquot type 1
[   94.022747][ T7070] netlink: 20 bytes leftover after parsing attributes in process `syz.6.1118'.
[   94.024817][ T7052] EXT4-fs (loop7): 1 orphan inode deleted
[   94.040355][   T29] audit: type=1326 audit(1757300110.231:5561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7071 comm="syz.1.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   94.042741][ T6927] EXT4-fs error (device loop7): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:50: lblock 1 mapped to illegal pblock 1 (length 1)
[   94.078203][   T29] audit: type=1326 audit(1757300110.261:5562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7071 comm="syz.1.1119" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fcc9310ebe9 code=0x7ffc0000
[   94.089475][ T6927] Quota error (device loop7): remove_tree: Can't read quota data block 1
[   94.110171][ T6927] EXT4-fs error (device loop7): ext4_release_dquot:6973: comm kworker/u8:50: Failed to release dquot type 0
[   94.148531][ T7052] EXT4-fs error (device loop7): __ext4_get_inode_loc:4861: comm syz.7.1113: Invalid inode table block 1 in block_group 0
[   94.174887][ T7052] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6334: Corrupt filesystem
[   94.196372][ T7084] loop6: detected capacity change from 0 to 512
[   94.207042][ T7052] EXT4-fs error (device loop7): ext4_quota_off:7221: inode #3: comm syz.7.1113: mark_inode_dirty error
[   94.231175][ T7084] EXT4-fs warning (device loop6): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[   94.253775][ T7084] EXT4-fs (loop6): mount failed
[   94.345495][ T7095] netlink: 199836 bytes leftover after parsing attributes in process `syz.6.1129'.
[   94.370079][ T7097] loop1: detected capacity change from 0 to 512
[   94.386219][ T7097] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   94.452993][ T7097] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   94.463244][ T7102] FAULT_INJECTION: forcing a failure.
[   94.463244][ T7102] name failslab, interval 1, probability 0, space 0, times 0
[   94.475033][ T7097] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1128: bg 0: block 248: padding at end of block bitmap is not set
[   94.480070][ T7102] CPU: 1 UID: 0 PID: 7102 Comm: syz.7.1131 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   94.480092][ T7102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   94.480103][ T7102] Call Trace:
[   94.480110][ T7102]  <TASK>
[   94.480116][ T7102]  __dump_stack+0x1d/0x30
[   94.480138][ T7102]  dump_stack_lvl+0xe8/0x140
[   94.480155][ T7102]  dump_stack+0x15/0x1b
[   94.480170][ T7102]  should_fail_ex+0x265/0x280
[   94.480191][ T7102]  should_failslab+0x8c/0xb0
[   94.480213][ T7102]  kmem_cache_alloc_noprof+0x50/0x310
[   94.480236][ T7102]  ? mas_alloc_nodes+0x265/0x520
[   94.480265][ T7102]  mas_alloc_nodes+0x265/0x520
[   94.480291][ T7102]  mas_preallocate+0x33e/0x520
[   94.480324][ T7102]  mmap_region+0xbdd/0x1630
[   94.480361][ T7102]  do_mmap+0x9b3/0xbe0
[   94.480389][ T7102]  vm_mmap_pgoff+0x17a/0x2e0
[   94.480417][ T7102]  ksys_mmap_pgoff+0xc2/0x310
[   94.480432][ T7102]  ? __x64_sys_mmap+0x49/0x70
[   94.480452][ T7102]  x64_sys_call+0x14a3/0x2ff0
[   94.480470][ T7102]  do_syscall_64+0xd2/0x200
[   94.480496][ T7102]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   94.480517][ T7102]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   94.480541][ T7102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.480560][ T7102] RIP: 0033:0x7f5d5208ec23
[   94.480574][ T7102] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[   94.480589][ T7102] RSP: 002b:00007f5d50af6e18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[   94.480606][ T7102] RAX: ffffffffffffffda RBX: 00000000000005ab RCX: 00007f5d5208ec23
[   94.480615][ T7102] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[   94.480624][ T7102] RBP: 0000200000000182 R08: 00000000ffffffff R09: 0000000000000000
[   94.480632][ T7102] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000006
[   94.480641][ T7102] R13: 00007f5d50af6ef0 R14: 00007f5d50af6eb0 R15: 0000200000000940
[   94.480655][ T7102]  </TASK>
[   94.714663][ T7097] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.1128: Failed to acquire dquot type 1
[   94.778457][ T7097] EXT4-fs (loop1): 1 truncate cleaned up
[   94.809299][ T7112] FAULT_INJECTION: forcing a failure.
[   94.809299][ T7112] name failslab, interval 1, probability 0, space 0, times 0
[   94.822031][ T7112] CPU: 1 UID: 0 PID: 7112 Comm: syz.7.1133 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   94.822075][ T7112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   94.822086][ T7112] Call Trace:
[   94.822094][ T7112]  <TASK>
[   94.822102][ T7112]  __dump_stack+0x1d/0x30
[   94.822183][ T7112]  dump_stack_lvl+0xe8/0x140
[   94.822198][ T7112]  dump_stack+0x15/0x1b
[   94.822211][ T7112]  should_fail_ex+0x265/0x280
[   94.822233][ T7112]  should_failslab+0x8c/0xb0
[   94.822256][ T7112]  __kmalloc_noprof+0xa5/0x3e0
[   94.822315][ T7112]  ? tcf_idr_create+0x41/0x4a0
[   94.822382][ T7112]  tcf_idr_create+0x41/0x4a0
[   94.822411][ T7112]  tcf_idr_create_from_flags+0x60/0x80
[   94.822518][ T7112]  tcf_mirred_init+0x451/0x900
[   94.822538][ T7112]  ? tcf_action_init_1+0x11e/0x4a0
[   94.822569][ T7112]  tcf_action_init_1+0x367/0x4a0
[   94.822723][ T7112]  tcf_action_init+0x267/0x6d0
[   94.822765][ T7112]  tcf_exts_validate_ex+0x14e/0x2a0
[   94.822788][ T7112]  tcf_exts_validate+0x42/0x60
[   94.822863][ T7112]  flow_change+0x27d/0xc80
[   94.822941][ T7112]  ? __pfx_flow_change+0x10/0x10
[   94.822961][ T7112]  tc_new_tfilter+0xde1/0x10a0
[   94.823007][ T7112]  ? __rcu_read_unlock+0x4f/0x70
[   94.823035][ T7112]  ? ns_capable+0x7d/0xb0
[   94.823053][ T7112]  ? __pfx_tc_new_tfilter+0x10/0x10
[   94.823130][ T7112]  rtnetlink_rcv_msg+0x5fb/0x6d0
[   94.823160][ T7112]  netlink_rcv_skb+0x123/0x220
[   94.823179][ T7112]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[   94.823224][ T7112]  rtnetlink_rcv+0x1c/0x30
[   94.823247][ T7112]  netlink_unicast+0x5bd/0x690
[   94.823267][ T7112]  netlink_sendmsg+0x58b/0x6b0
[   94.823291][ T7112]  ? __pfx_netlink_sendmsg+0x10/0x10
[   94.823380][ T7112]  __sock_sendmsg+0x142/0x180
[   94.823479][ T7112]  ____sys_sendmsg+0x31e/0x4e0
[   94.823501][ T7112]  ___sys_sendmsg+0x17b/0x1d0
[   94.823544][ T7112]  __x64_sys_sendmsg+0xd4/0x160
[   94.823571][ T7112]  x64_sys_call+0x191e/0x2ff0
[   94.823590][ T7112]  do_syscall_64+0xd2/0x200
[   94.823664][ T7112]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   94.823685][ T7112]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   94.823710][ T7112]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.823731][ T7112] RIP: 0033:0x7f5d5208ebe9
[   94.823745][ T7112] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.823830][ T7112] RSP: 002b:00007f5d50af7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   94.823873][ T7112] RAX: ffffffffffffffda RBX: 00007f5d522c5fa0 RCX: 00007f5d5208ebe9
[   94.823883][ T7112] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000006
[   94.823894][ T7112] RBP: 00007f5d50af7090 R08: 0000000000000000 R09: 0000000000000000
[   94.823904][ T7112] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   94.823916][ T7112] R13: 00007f5d522c6038 R14: 00007f5d522c5fa0 R15: 00007ffe9aa3d968
[   94.823933][ T7112]  </TASK>
[   94.834006][ T6939] EXT4-fs error (device loop1): ext4_release_dquot:6973: comm kworker/u8:62: Failed to release dquot type 1
[   94.850255][ T7111] loop6: detected capacity change from 0 to 8192
[   95.234188][ T7132] ==================================================================
[   95.242388][ T7132] BUG: KCSAN: data-race in copy_mm / copy_page_range
[   95.249067][ T7132] 
[   95.251377][ T7132] read-write to 0xffff888103d5fa60 of 4 bytes by task 7131 on cpu 1:
[   95.259426][ T7132]  copy_page_range+0x250/0x3c20
[   95.264276][ T7132]  dup_mmap+0x885/0xf20
[   95.268421][ T7132]  copy_mm+0x11a/0x370
[   95.272494][ T7132]  copy_process+0xd08/0x2000
[   95.277097][ T7132]  kernel_clone+0x16c/0x5c0
[   95.281802][ T7132]  __x64_sys_clone+0xe6/0x120
[   95.286490][ T7132]  x64_sys_call+0x119c/0x2ff0
[   95.291245][ T7132]  do_syscall_64+0xd2/0x200
[   95.295746][ T7132]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.301631][ T7132] 
[   95.303940][ T7132] read to 0xffff888103d5f8c0 of 1408 bytes by task 7132 on cpu 0:
[   95.311728][ T7132]  copy_mm+0xe2/0x370
[   95.315791][ T7132]  copy_process+0xd08/0x2000
[   95.320467][ T7132]  kernel_clone+0x16c/0x5c0
[   95.324967][ T7132]  __x64_sys_clone+0xe6/0x120
[   95.329636][ T7132]  x64_sys_call+0x119c/0x2ff0
[   95.334301][ T7132]  do_syscall_64+0xd2/0x200
[   95.338939][ T7132]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.344835][ T7132] 
[   95.347145][ T7132] Reported by Kernel Concurrency Sanitizer on:
[   95.353297][ T7132] CPU: 0 UID: 0 PID: 7132 Comm: syz.7.1141 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   95.363003][ T7132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[   95.373046][ T7132] ==================================================================