last executing test programs:

10m25.241057453s ago: executing program 4 (id=178):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x1101088, 0x0)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000080)={0x0, 0x0, 0x20000}, 0x20)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
process_madvise(r1, &(0x7f0000000180)=[{&(0x7f0000000100)='l', 0x1}], 0x1, 0x11, 0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000440)='.\x00', 0x12000021)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
socketpair(0x3, 0xc, 0x10000, &(0x7f0000000140))
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000300)}], 0x1}, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
syz_mount_image$ext4(&(0x7f0000000880)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x42, &(0x7f0000000380)={[{@nomblk_io_submit}, {@quota}, {@errors_remount}, {@grpquota}, {@jqfmt_vfsv1}, {@nogrpid}]}, 0x4, 0x51a, &(0x7f00000008c0)="$eJzs3V9rZGcZAPDnnGSySZOaVL2ohdZild2iO5M0to1etBXFu4JS79eQTELIJBMyk3YTiqT4AQQRLXjllTeCH0CQfgQpFOy9qCiiu3rhhXrkzJzZzc6e2WQxMxOT3w/Omfe858/zvMnmzHv+7DkBXFnPR8QbETERES9GxHxRnxZDHHeHfLm7d95dy4d8zlt/TSIp6vq3OVusNt39KNU6PNpebTTq+8V0rb2zV2sdHt3c2lndrG/Wd5eXl15ZeXXl5ZXFx2/UwsNVebte+8Yff/yDn3/ztV9/6Z3f3frzje/l+X+9t8Dxw+04Dx93xpX8Z3HPZETsDyPYGEwU7amMOxEAAM4k7+N/MiI+1+n/z8dEpzfX0d+lmx59dgAAAMB5yF6fi38lERkAAABwab0eEXORpNXiXoC5SNNqtXsP76fjibTRbLW/uNE82F3P50UsRCXd2GrUF4t7aheikuTTS8Vtt73pl/qml78S8VRE/Gh+pjNdXWs21sd98gMAAACuiNm+4/9/zHeP/wEAAIBLpuR5WQAAAMAlM+j4PxlxHgAAAMDwDDr+vzbiPAAAAICh+Nabb+ZD1nuP9/rbhwfbzbdvrtdb29Wdg7XqWnN/r7rZbG52ntm3c9r2Gs3m3pdj9+B2rV1vtWutw6NbO82D3fatLe8PBAAAgHF56rMffJxExPFXZzpDbiofTQxYwbMC4NJIH2fhPwwvD2D0Bn3NA5ff5LgTAMbneNwJAOP2wKM+SjoFJ2/eSU8u/JshJgUAAJyr658pv/6fHwJUxp0cMFSPdf0fuFRc/4er60zX/++f/P9wmLkAo1XRA4Ar77RXfQx8eEfZ9f+psgWz7NRtAQAAQzXXGSdptbgWOBdpWq1GPNn5r/6VZGOrUV+MiE9ExG/nK9fy6aXuOl4PCAAAAAAAAAAAAAAAAAAAAAAAAABnlGVJZAAAAMClFpH+KYmImQHnB6aSf85H8Uqvd3761k9ur7bb+0t5/d/u1bffL+pfGumpCwAAAGCA3nF67zgeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM7T3TvvrhXD1Cjj/uVrEbHwQPy17pzJmO58TkclIp74exKTJ9ZLImLiHOIfvxcRT5fFT/K0YqHIoj9+GhEzo4n/bJZlpfFnzyE+XGUf5PufN8r+/tJ4vvNZ/vc/WQz/q8H7v/Te/m9iwP7vyTPGeOajX9YGxn8v4pnJ8v1PL34yIP4LZRss+aF89ztHRw9Vdjce2c8irkd5/JOxau2dvVrr8Ojm1s7qZn2zvru8vPTKyqsrL68s1ja2GvViXNrGHz77q//0Vf076+q0PwbEXzil/Z/PC5UTlVl/mCLYR7fvfKpbrPRtohP/xgvlv/+nHxE//zfxheJ7IJ9/vVc+7pZPeu4XHz5XmlgRf31A+0/7/d8YtNE+L377+78/46IAwAi0Do+2VxuN+v7QC+9nWTaqWGcq7M1eiDQuSqHXuxtaiOmL0tL/x8K1iBhd0PM4swUAAFw09zv9484EAAAAAAAAAAAAAAAAAAAArq7WYaTDfpxYf8zj8TQVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCR/hsAAP//zeHaBw==")
setxattr$trusted_overlay_opaque(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000340), &(0x7f0000000400), 0x2, 0x3)
r5 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r5, &(0x7f00000043c0)=[{{&(0x7f0000000080)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000580)='p', 0x1}], 0x1}}, {{&(0x7f00000006c0)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000cc0)=ANY=[], 0x20}}], 0x2, 0x20004800)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r6}, 0x10)
rt_sigtimedwait(0x0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_INITMSG(r4, 0x84, 0x2, &(0x7f0000000040)={0x803, 0x3, 0x0, 0x3}, 0x8)
sendto$inet(r4, &(0x7f0000000300)="ab", 0x1, 0x0, &(0x7f0000000100)={0x2, 0x4e22, @local}, 0x10)
close_range(r2, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x1c)
socket$inet6_tcp(0xa, 0x1, 0x0)

10m24.354190157s ago: executing program 4 (id=193):
ftruncate(0xffffffffffffffff, 0x80000)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180100002100ff00000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r2, 0x0, 0xe80, 0x0, &(0x7f00000006c0)="f6f4e9a1d78ad62ceef1884366a578bb3fb7dbfc", 0x0, 0x0, 0x0, 0x31, 0x0, &(0x7f0000000700)="49723b3ab53a13274c56e00d5be19f87e669877bbc7b7c0cb48fd1bbea1e688e7c84ccfb034a845b4493c90e1785234592", 0x0}, 0x50)
r3 = openat2(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', &(0x7f0000000300)={0x511042, 0x100, 0x21}, 0x18)
setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000380)=0x11188, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
sendmsg$nl_route_sched(r4, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000002240)=@newtaction={0x488, 0x30, 0x12f, 0x0, 0x0, {}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x90000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x488}}, 0x0)
mremap(&(0x7f0000ceb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f00004f0000/0x1000)=nil)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f0000000a40), 0x1, 0x756, &(0x7f0000001180)="$eJzs3M1rXOUaAPDnnGaafuTeyYUL9+pChBZaKD1Jmk27aty4KxQKbmtITkLISSZkJrUTC7auhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzuSjNGam0ybpSPr7wcl53vP1vE/m8GYO5D0BvLReL38kEUMRcTUiqpvb04g42o6ORdzeOG790a2pckmi1br2S1KeFuut6va1ks31yWifEv+PiAeViHPv/z1vvbk6P1kU+fJme6SxsDRSb66en1uYnM1n88Wx8UujF8fHL46OP7WG//VY6+m3Lh2/9+2ba2vffdW4+9rA+SQm2nXHZm09XuaZbPxOKjGxY/viQSTro6TfHQAAoCfl9/wjETHQ/pZajSPtCAAAADhMWoMtAAAA4NBLot89AAAAAA7W1v8BbM3tPah5sJ38/EZEDO+Wf6A9hzjiWFQi4sR68sTMhGTjNNiT23ci4v7Ezvvvi/IOu73Ha4/uaD85R/roHq/Ofrhfjj8Tu40/6fb4E7uMPwNb707Yo87j3+P8RzqMf1d7zPH1p69UOua/E/HqwG75k+38SYf8b/eY/+7aB/c67Wt9HnFm178/yRO5urwfYmJmruj6+oEHf5592K3+E53yJ93rX+qx/nfXf5vvNJaU+c+e6v7575a/vCc+3OxHGhH3Ntdle21HjlML33/Trf7piNbzfP6f9Vj/j18O3uzxUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhLI2IokjTbjtM0yyJORsR/40Ra1OqNczO1lcXpcl/EcFTSmbkiH42I6kY7Kdtj7fhx+8KO9nhE/OeH4xtJ54o8m6oV0/0uHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgG0nI2IokjSLiDQifq+maZZFDPRw7uAL6B8AAACwT4b73QEAAADgwHn+BwAAgMPveZ//k33uBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCoXb1ypVxa649uTZXt6RvNlfnajfPTeX0+W1iZyqZqy0vZbK02W+TZVG3hadcrarWlsUuxcnOkkdcbI/Xm6vWF2spi4/rcwuRsfj2vvJCqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFZD7SVJs4hI23GaZlnEvyJiOCrJzFyRj0bEvyPiYbUyWLbH+t1pAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9l29uTo/WRT5skAgeGHBexHxD+hGl6DfIxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1Qb67OTxZFvlzvd08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADor/SnJCLK5Uz19NDOvUeTP6rtdUS888m1j25ONhrLY+X2X7e3Nz7e3H6hH/0HAACAl8LlZzl46zl96zkeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/Xm6vxkUeTLewsuR3O1lXQ4pt81AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz+evAAAA//8KQsc4")
utimensat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)

10m23.621596021s ago: executing program 4 (id=195):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r4=>0x0})
sendmsg$ETHTOOL_MSG_PAUSE_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000280)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001c00000014000180080003000100000008000100", @ANYRES32=r4], 0x28}}, 0x0)

10m23.619920191s ago: executing program 4 (id=197):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x1218088, &(0x7f0000000d40)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae356940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c1a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b52a0352a82c794995bbb97c82fcde79d14fb20e5127150de"], 0x6, 0x2c2, &(0x7f00000008c0)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2nnAwMpOZndk1xkQ2K7f7+TT72+d5vjPPMxmys0WefPjy7OhuHvcfffFLZFkSvXGM40kSo+hF46s4ZfxNAADPsidFEb8XC5vkkojItjctAGCL1vv732/Lny5kWgDAFt1597239w8Obr2TRRa3Z18fT8r/7Mufi/79+/FxTONevBbDeBpRPSjsRvW0UJa3i6KY9/PSKK7P5seTMjn74HF9/P3fIqr8XgxjVDWdPG1U+bcObu3lC538vJzH8/X5x2X+ZgzjxZPwqfzNJfmYpPHqK53534hh/PxRfBLTuFtNos1/uZfnbxbf/vH5++X0ynwyP54MqnGtYueCXxoAAAAAAAAAAAAAAAAAAAAAAC6xG/XeOYPIr8X1WdlU77+z8zTS8te8MWpTZf+iSpqm7v5ARVHMi/i+s6VgXtQD2/19+vFSv7uxIAAAAAAAAAAAAAAAAAAAAFxdDz/97OhwOr334FyKZjeAfkT8eSfivx5n3Gm5FqsHD+pzHk6nvbo8NeZx2m2JnWZMErFyGuUizumy/Fvx3Nk5N8UPP5YL3OSAWafl9eUL3N3+upq76+gwWX6uQTQtWX2TfJdGtGPSWPNc6T91FbHJ7Zcu7RpuvPb0haqYrxgTyaqJvfHr4srVLcnZVaTVVV0a362LTvzMvbHW6x7ZIv7394qk2q1jsL03IwAAAAAAAAAAAAAAAAAAuOLaT/8u6Xy0MtorfBQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEui/f7/DYp5HV5jcBoPHv7PSwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAK+CsAAP//hipWFQ==")
ioctl$SECCOMP_IOCTL_NOTIF_SEND(0xffffffffffffffff, 0xc0182101, 0x0)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x851800, 0x0)
perf_event_open(&(0x7f00000003c0)={0x1, 0x80, 0x3c, 0x1, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0}, 0x0, 0x3, 0xffff, 0x0, 0x0, 0xfffffffa}, 0x0, 0x10, 0xffffffffffffffff, 0x2)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000000000c02000000000000000000000d0000000000005f"], 0x0, 0x34, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r1, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10, @void, @value}, 0x94)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r2, 0x4c04, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00"})
write$cgroup_type(r0, &(0x7f0000000240), 0x9)

10m23.619496951s ago: executing program 4 (id=198):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r4=>0x0})
sendmsg$ETHTOOL_MSG_PAUSE_SET(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000280)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000001c00000014000180080003000100000008000100", @ANYRES32=r4], 0x28}}, 0x0) (fail_nth: 2)

10m23.608766241s ago: executing program 4 (id=201):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0xb, &(0x7f0000000240)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000200000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000280), &(0x7f0000000200)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
quotactl_fd$Q_QUOTAON(0xffffffffffffffff, 0xffffffff80000201, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000000), &(0x7f0000000200)=0x4)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3, <r4=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket(0x2, 0x3, 0x5)
setsockopt(r5, 0xff, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1900000004000000040000000200010000000000", @ANYRES32=0x1, @ANYRES32=0x0, @ANYBLOB="040000"], 0x48)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r6, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.events\x00', 0x275a, 0x0)
writev(r7, &(0x7f0000000300)=[{&(0x7f00000000c0)="c0", 0x1}], 0x1)
r8 = epoll_create(0x3ff)
r9 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r9, &(0x7f0000000240)={0xa0000000})
epoll_ctl$EPOLL_CTL_MOD(r8, 0x3, r9, &(0x7f0000000280))

10m23.608646381s ago: executing program 32 (id=201):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0xb, &(0x7f0000000240)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000200000008"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000280), &(0x7f0000000200)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
quotactl_fd$Q_QUOTAON(0xffffffffffffffff, 0xffffffff80000201, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000000), &(0x7f0000000200)=0x4)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r3, <r4=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket(0x2, 0x3, 0x5)
setsockopt(r5, 0xff, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1900000004000000040000000200010000000000", @ANYRES32=0x1, @ANYRES32=0x0, @ANYBLOB="040000"], 0x48)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r6, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.events\x00', 0x275a, 0x0)
writev(r7, &(0x7f0000000300)=[{&(0x7f00000000c0)="c0", 0x1}], 0x1)
r8 = epoll_create(0x3ff)
r9 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r9, &(0x7f0000000240)={0xa0000000})
epoll_ctl$EPOLL_CTL_MOD(r8, 0x3, r9, &(0x7f0000000280))

9m59.044893607s ago: executing program 3 (id=524):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000002500)=ANY=[@ANYBLOB="18006af900b2a9e1a2bd05000000000018110000878bac735da4d47dcc5963709957b709c476f6377c4028e8d9d487134c5a906bf3599745b578cce4b2882236e6aa191abbdd3f248709e5e3a0393a708b092ea6a9911dc268d8c3429944da28406f555bbe9c37c25b5d10f3cf1ab566d1103878c1ad2c6073501f8d7db03a918e6cf2b98e92e45fb0758e63a1f985e39ae8c817ee3162437710276644e906c2462dff017b6b9ace41aa64d978b2653a907b4498110fe492f57b00"/199, @ANYRES32=r0, @ANYRES32=0x0, @ANYRES8=r0], &(0x7f0000000080)='syzkaller\x00', 0x204000, 0x0, 0x0, 0x0, 0x61, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000002400)=ANY=[@ANYBLOB="0600000004000000080000004000000042000000", @ANYRES32=0x1, @ANYBLOB="000000fdff0000000000000000000000000000004d290e1b43f626a7b2c42589cd3d1ccd7c863a9f1736de98203c1ddf6d53f3c7428c7ddf90f51f8c8cfd4fa9c5468bfeafe227b90fe8b021e20adbf809084f51a15a09f59b62e7fbff2ada7a8c9a93c7c2660ca4692d18297511bf84676e671ccbda4774ea2a95d5c46a67da0e09509f531beb616a9ea2efa65a7af4763e4a5bd955a0b2ae9e22d93b0ea76580e2640a67d4", @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
r3 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x454)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000002040)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x2, 0x0, 0x4, 0x4, {0xa, 0x4e22, 0x10, @loopback, 0xfffffff7}}}, 0x32)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000001f80)='./file0\x00', 0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="63727517a13e12de66742c626c6f636b3d3078303030303030303030303030a2791a349175c9a37369876e3d3078303030303030303030303030303030362c636865636b3d73656c6178656c2c757466382c6372756674417569643d", @ANYRES8=r0, @ANYRES16=r2, @ANYRES8=r0, @ANYRES32=r3, @ANYRES16=r2], 0x0, 0x658, &(0x7f0000002600)="$eJzs3c1u29gZxvGHsvwRFwiKthgEQSY5k3SAGE0VSZ44MNJFWYqyOZVEgaRbGygwSCf2IIicaZMUaLxJvekHML2B7mbTRS+iN9C76LJA0e6K6aIsSIq2bFGW7MhOZub/MxJRPK94XvLIekGLHwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALKcRrVas9TyOhubZjSnEfjtE9qzpc1qKZtYGtuvZCX/tLCgK9msK985bH4n+e+mrmXPrmkheVjQ3jfe+eaDb5dL+etPSOgsdNoFPn+59+Rhr7f9bMqJvAVUmiBoze14oe+17TXXeKFvVldWqnfXm6Fpei033Aojt22cwC1FfmBuO0umtrq6bNzKlr/RWWvYLTefef/79Wp1xXw43x/+ux9WQmfda7W8zloakzQnMffNZz/LQly7bczO49728rgkk6DaJEH1cUH1ar1eq9XrtZV7q/fuV6vloRnVYzQUMfU3Lb5kpvfhDbymUlL//25JLS2oow1tyhT+OGookK/2iPa+vP6/f9c9sd/B+p9X+SuHzVeV1v/r2bPro+r/iFyMTPqCohZrxPyz/TzXS+3piR6qp5629WziV17qr2lh643pZXi+P2tSWfIUypentmytyZXpzzFa1YpWVNVHWldToYya8tSSq1BbChXJVTsdk0CubEXyFcjothwtyaimVa1qWUauKtqSrw11tKaGbP0njuMdPU63+/IJOSoPqk0SVB8dot8kA1ZQ/3/+KhtL6v/XmQZq+4lxwNsi7u//n9KN88kGAAAAAACcByv967uVfnf/rqRYTa/lVt90WgAAAAAAYIrSb/6vJQ+zydS7skbs/8cXnxsAAAAAAJgOKz3HzpK0mB7Ubx2eCTXJQQAzF5AiAAAAAAB4Ten3/9fnpDi99toNWafa/wcAAAAAAF8Cvx+4xn45v8ZunH+tX5IUduetv/5rXsGstd/d/K61ayct9m4/ZugIgKh51brcv1Bv+jAnKX3muNeswxsDWOm/hezJP3fGXevfCo4lMDeT//liXAIr5f4zfab3spj3+v0+2ispbcl6WWx6Lbfi+K0HNdn25VLkbka/evr411JwsJ47j3vblY8/7T1Kc9lPZu3vJnm8OpJOaVwuL9LrLaTnXBSt8SU18y7/0GkvWmm/1Xz9Z2TvlgY7mmz9f6ubWczNxexxcS8fgXT9F5L1r1XSITtc+/TqENZhFrXja140EIVZqCwlWdzKYm7dvpU95Pn1s/jejFSvDI9BkGexZEn1wSyObIv//bQgC+vfQ9tiTBbJtliuzPaXVJBFeveBkVlMNiIA8KbsHFahV/oiLrjG/vG6e5ZPufHV/YcHvaTfQ7z4U5ydcDiTFIx4fmwvC2lduZ3FzCn9YC1fLfhEr/brysKoT/Tqmatb1tdfDu+B1E97KIv/xnH8oJb2+8djVfXz5AWfj+w3bNVnkk1498XuL9IL4Cc+2f5k+2m9vrxS/aBavVfXbLoa/QdqDwCgwPh77IyNsD7I9qq/iOP4H+9nsUcq3rcODimo6GN9qp4e6U5+C4EbxUtdHDgM4c7wXmsSm95B52hsTXdG7tWltXQgtn4Qm+/iHd8DPIxdPvdxAADgIt0cU4cnqf938v3u21cL97uP1vLjdwgeFVu74C0BAMDXhxsYazH6nRUEXvej2upqzY7WXRP4zo9N4DXWXON1Ijdw1u3Ommu6gR/5jt8y3UDzXsMNTbjR7fpBZJp+YLp+6G2md343/Vu/h27b7kSeE3Zbrh26xvE7ke1EpuGFjulu/KjlhetukL447LqO1/QcO/L8jgn9jcBxK8aErjsQ6DXcTuQ1vWSyY7qB17aDLfMTv7XRdk3DDZ3A60Z+tsC8L6/T9IN2utiK4lPf6BAAgK+i5y/3njzs9bafnTCxr4E5+bGBxcFzRQt80+sIAACOokoDAAAAAAAAAAAAAAAAAAAAAPD2m+T8v1NNzKqgSTqY88vLEy3H0rQTGzUx198Sg02lsy/wb0Nz5pXPuXTQpIJO9yfpoixpihtB2UR5+pv3klT0Tji3iR/sZFu0KEblXm9bo05anT8Yi/L0fx2Siad/HtEUx3F88svnNfRePR4zW/ybkrxRns29xhBc/GcRgIv1/wAAAP//K0o7Mw==")
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r2, 0x80047210, &(0x7f0000000140))
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
socket$inet_sctp(0x2, 0x5, 0x84)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r5, &(0x7f0000003580)=""/4082, 0xff2)
write$binfmt_elf32(r3, &(0x7f0000000040)=ANY=[@ANYBLOB="7f454c46000000000000000000000000030006000000000000000000380000000000000000191bda0000200001000000000280000000000003"], 0x69)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000940)={&(0x7f0000000900)={0x2, 0x4e21, @rand_addr=0x64010101}, 0x10, &(0x7f0000000980)=[{&(0x7f0000000340)=""/227, 0xe3}, {&(0x7f00000006c0)=""/111, 0x6f}, {&(0x7f0000000740)=""/244, 0xf4}, {&(0x7f0000000840)=""/173, 0xad}], 0x4, &(0x7f0000002600), 0x0, 0x20006050}, 0x40400)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x21, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
connect$inet(r7, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_MD5SIG(r7, 0x6, 0xe, &(0x7f0000000440)={@in={{0x2, 0x0, @local}}, 0x0, 0x0, 0xf, 0xfeff, "a69e87ad90ffb6b4b8ef2c88bd9316809d2c5e674fdae02795585a9392d651e2003294cc11be2b39bb2445999a58f0b90e69473ae585be8587529a0247ea14f5475bd7b699075f8172e05c49eb78bedd"}, 0xd8)
sendto$inet(r7, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000000)=ANY=[@ANYBLOB="e90c630faca20180c20000000800450000240000e000031190780000000000000000000000000010908144dca30080000000"], 0x0)
syz_mount_image$ext4(&(0x7f0000002300)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x2842c10, &(0x7f0000002340)={[], [{@flag='dirsync'}]}, 0x1, 0x797, &(0x7f0000002dc0)="$eJzs3c9rHFUcAPDvbJKmSavJQdB6CggaKN2YElsFDxUPIlgo6Nk2bLahZpMt2U1pQsAWEbwIKh4EvfTsj3rz6o+r/hcepKVqWqx40JXZH+222U03bXY3kM8HJvvezGze+86bH2/3DTsB7FkT6Z9MxKGI+CiJGKvPTyJiqJoajDhRW+/2xnounZKoVN78I6muc2tjPRdN70kdqGeeiogf3484nNlcbml1bWG2UMgv1/NT5cXzU6XVtSPnFmfn8/P5pWPTMzNHj79w/NjOxfrXL2sHr3/82nPfnPjnvSevfvhTEifiYH1Zcxw7ZSIm6ttkKN2E93h1pwvrs6TfFeChpIfmQO0oj0MxFgPVVBsjvawZANAt70ZEBQDYYxLXfwDYYxrfA9zaWM81pv5+I9FbN16JiP21+Bvjm7Ulg/Uxu/3VcdDRW8k9IyNJRIzvQPkTEfHFd29/lU5RbwdjaUAvXLocEWfGJzaf/5NN9yxs1/NbLawMV18m7pu9164/0E/fp/2fF1v1/zJ3+j/Rov8z3OLYfRgPPv4z13agmLbS/t/LTfe23W6Kv258oJ57rNrnG0rOnivk03Pb4xExGUPDaX66umrrntvkzX9vtiu/uf/35yfvfJmWn77eXSNzbXD43vfMzZZnHzXuhhuXI54ebBV/cqf9kzb931MdlvH6Sx983m5ZGn8ab2PaHH93Va5EPNuy/e+2ZbLl/YlT1d1hqrFTtPDtr5+Ntiu/uf3TKS2/8VmgF9L2H906/vGk+X7NUmf/t/mWz5+vjP3QvOxSU/rB8bfe//clb1XT++rzLs6Wy8vTEfuSNzbPP3r3vY18Y/00/slnWh//tWJb7//pZ8IznW2KGLz++9cx3HrZbmj/uW21//YTV28vDLQrv7P2n6mmJutzOjn/dVrBR9l2AAAAAAAAAAAAAAAAAAAAAAAAANCpTEQcjCSTvZPOZLLZ2jO8n4jRTKFYKh8+W1xZmovqs7LHYyjT+KnLsabfQ52u/x5+I3/0vvzlenmfDo9U89lcsTDX59gBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOFAm+f/p34b7nftAICu2d/vCgAAPef6DwB7z/au/yNdqwcA0DsdXP8rlUrlv0ql0ovqAAA90PHn/zPdrQcA0DvG/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiyUydPplPl7431XJqfu7C6slC8cGQuX1rILq7ksrni8vnsfLE4X8hnc8XFtv/oUu2lUCyen4mllYtT5XypPFVaXTu9WFxZKp8+tzg7nz+dH+pZZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQudLq2sJsoZBfltgyMbI7qrFrEoOxK6oh0bVE81lipH8nKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBd7v8AAAD//xLiM14=")
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r6, 0x81f8943c, &(0x7f00000004c0))

9m58.183868552s ago: executing program 3 (id=537):
sendto$inet(0xffffffffffffffff, &(0x7f00000003c0)="c5c11368d83baf7a426efb692d5076c29801dd5cda7e8a5493bdc30b8f8bd4852a0ae9ca2f3bd037feee7f389bceeeac8dc0511bb1627c365b32aa9a98c3a1aaf3840c", 0x43, 0x20040001, &(0x7f00000002c0)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x24}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000072000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000200000000000000001809"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
rt_sigpending(0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0x58, 0x2, 0x6, 0x5, 0x0, 0x0, {0x3}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x4}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}]}, 0x58}}, 0x8800)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'netdevsim0\x00'})
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000100)={'team0\x00', <r6=>0x0})
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r7, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
accept$phonet_pipe(0xffffffffffffffff, &(0x7f0000000300), &(0x7f0000000440)=0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f0000000100)='lp\x00', 0x3)
r8 = socket$nl_route(0x10, 0x3, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000580)=ANY=[@ANYBLOB='-cpu +new +memory -net_prio +blkio '], 0x23)
sendmsg$nl_route_sched(r8, &(0x7f0000006280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000014c0)=@newtaction={0x88, 0x30, 0xb, 0x0, 0x0, {0x0, 0x0, 0x6a00}, [{0x74, 0x1, [@m_mirred={0x70, 0x1, 0x0, 0x0, {{0xb}, {0x44, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0xffffffff, 0x6, 0x10000000, 0x0, 0xffe0000}}}, @TCA_MIRRED_PARMS={0x20, 0x2, {{0x6, 0xff, 0x4, 0x6, 0x2}, 0x4, r6}}]}, {0x4, 0xa}, {0xc}, {0xc}}}]}]}, 0x88}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@dellink={0x20, 0x11, 0x101, 0x0, 0x0, {0x0, 0x0, 0x0, r6, 0x1}}, 0x20}, 0x1, 0x0, 0x0, 0x80d5}, 0x0)

9m53.597241205s ago: executing program 3 (id=581):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000bea0000ffffffff01"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kfree\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7d2})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000300)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0xd1af, 0xf09}}}]}, 0x38}}, 0x810)

9m53.481394675s ago: executing program 3 (id=583):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1600000000000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0f3453aa00000000000000000000000000000000000000000400000000000000"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000000)=0x28, 0x4)
setsockopt$inet6_udp_int(r3, 0x11, 0x65, &(0x7f0000000040)=0x7ff, 0x4)
sendto$inet6(r3, 0x0, 0x0, 0x400ad00, &(0x7f0000000080)={0xa, 0x4e1e, 0x0, @dev, 0x3}, 0x1c)
sendto$inet6(r3, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000340)={[{@nogrpid}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@jqfmt_vfsv0}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
creat(&(0x7f0000000140)='./file2\x00', 0x1ad)
unlink(&(0x7f0000000180)='./file1\x00')
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
r6 = dup(r5)
write$P9_RLERRORu(r6, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$binfmt_elf64(r6, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])

9m52.928174538s ago: executing program 3 (id=592):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x9, 0x3, 0x8, 0x4, 0x2, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, &(0x7f0000001680)=ANY=[@ANYBLOB="18080000000400000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a0000000000008500000006000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

9m52.57251132s ago: executing program 3 (id=602):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, &(0x7f0000001680)=ANY=[@ANYBLOB="18080000000400000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

9m52.55937872s ago: executing program 33 (id=602):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7}}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, &(0x7f0000001680)=ANY=[@ANYBLOB="18080000000400000000000000000000851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

8m47.640166324s ago: executing program 2 (id=1481):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x8}, 0x10000, 0xc8, 0xfff, 0x0, 0x0, 0x0, 0x400}, 0xffffffffffffffff, 0x8, 0xffffffffffffffff, 0xa)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
recvmsg$unix(r3, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r5=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce8102030400fef2000e40000200875a65969ff57b00ff020000000000000000000000000001"], 0xfdef)

8m47.591396664s ago: executing program 2 (id=1483):
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
fcntl$dupfd(r0, 0x0, r0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r1, &(0x7f0000002800)=[{&(0x7f0000002500)='\f7', 0x2}], 0x1)
write$cgroup_pid(r1, &(0x7f00000031c0), 0x12)
r2 = socket(0x11, 0x800000003, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
syz_usb_connect(0x2, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r5=>0x0})
setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000280)={r5, 0x11, 0x6}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$nl_route_sched(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@getchain={0x2c, 0x11, 0x839, 0x0, 0x25dfdbfb, {}, [{0x8, 0xb, 0x4}]}, 0x2c}}, 0x4000)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000600))
dup(0xffffffffffffffff)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x20000023896)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB='\x00'/16], 0x48)

8m46.920880827s ago: executing program 2 (id=1499):
r0 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$packet(0x11, 0x2, 0x300)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='signal_generate\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3, 0x0, 0x8000000000000000}, 0x18)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'vxcan1\x00'})
sendmsg$ETHTOOL_MSG_PAUSE_SET(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000080)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="0100000010651fbe34"], 0x20}}, 0x0)

8m46.732339339s ago: executing program 2 (id=1501):
r0 = syz_open_dev$sg(0x0, 0x0, 0x0)
fcntl$dupfd(r0, 0x0, r0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = openat$selinux_enforce(0xffffffffffffff9c, 0x0, 0x1, 0x0)
writev(r1, &(0x7f0000002800)=[{&(0x7f0000002500)='\f7', 0x2}], 0x1)
write$cgroup_pid(r1, &(0x7f00000031c0), 0x12)
r2 = socket(0x11, 0x800000003, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
syz_usb_connect(0x2, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r5=>0x0})
setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000280)={r5, 0x11, 0x6}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$nl_route_sched(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@getchain={0x2c, 0x11, 0x839, 0x0, 0x25dfdbfb, {}, [{0x8, 0xb, 0x4}]}, 0x2c}}, 0x4000)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000600))
dup(0xffffffffffffffff)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r7, r8, 0x0, 0x20000023896)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB='\x00'/16], 0x48)

8m45.935890703s ago: executing program 2 (id=1516):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
lsetxattr$security_capability(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0, 0x0)

8m45.856668903s ago: executing program 2 (id=1521):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b', 0x1}, {&(0x7f0000000180)="0d0068fa8058", 0x6}], 0x2, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008", @ANYRESOCT], 0x40}, 0x20000000)

8m27.643614147s ago: executing program 34 (id=1521):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0xffff, @multicast2}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b', 0x1}, {&(0x7f0000000180)="0d0068fa8058", 0x6}], 0x2, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008", @ANYRESOCT], 0x40}, 0x20000000)

5m5.739219424s ago: executing program 6 (id=4996):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000280)={0x0, 0xfe, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="58000000020605000000000000000000000000000900020073797a3100000000050005000a000000050001000600000013000300686173683a6e65742c696661636500000c0007800800124005000000050004"], 0x58}}, 0x0)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
writev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000900)="580000001400192340834b80040d8c560a066e0202ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000200060c10000000010000000000", 0x58}], 0x1)

5m4.63447462s ago: executing program 6 (id=5004):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x36, &(0x7f0000000080)={@random="9de05b7bd0c8", @random="2b89a1b7a248", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xfffffffffffffeb5, 0x4, 0x0, 0xfd, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @timestamp={0xd, 0x0, 0x0, 0x1, 0x0, 0x2, 0x80, 0x5}}}}}, 0x0)
syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000300)='./file1\x00', 0x0, &(0x7f0000001000)=ANY=[@ANYRES16=0x0, @ANYBLOB="5df049e7c8fb4977eb885edfaf66b1bbdfa4f8b352df455d6fb7d69d490db6a85f6671040c16e22d769bbad51f865f49094613f7c4572d008311fc7c6596fe3e8d315e45ad342f2a054f70eac0e46c703017033489750102c2f4872e0d60af224c98d13b3edf114d046e23ff412edfae9f3518ef6a28a37a7823e1355dc335", @ANYBLOB="d0f840cc8c1c1e310d6e393531bdcbb4adb9bec0f219963d340de5fac104e89fef4ae6c9a02d4bd8bf2e9f2f733bfb4b5045b2472c9f55f1c1c3e60e717b034250633ba6d3abdfc29926321ccd43a34040f4c7f7ebaba751f610dbed1b20b1900c707d9325fe69a61237d31512e0b4644c76e89ec3a5c3db005794aa9b7a810117c82e43c66757d0f9398274c1f1473f4fd0b85144d6bd41996e7c28725e421b75a4d806e1e1ada5f717e8e7aed946a8e44d3124641ec785bfe07fbbdf8de2011588af5bbedba7034ff9e2164ab2be5224acb0fb4b35105620111e6b22ba02775f4a848f762c165c702b8cddb4ecc1278604b55f81be43b56429da93a8982182387d8c658b971e619cd6b69299c8bddb23c94de26c54a68e4ab113a3492e700ae9efae2f7885ea863281b43c5443a44e9098640b2a8a7267b2edb0e56df7effd0d762a0e87b5e357b8d7c0b88b4ca1859c00d1dd061b2b73bdbeae7be52456452e47819047d79893c4bb669d6982565eac923631257858ede56727a44b1a33217a1fef8cb9c71b36031d7bfe4b67ad76a23368c4a519ceb9d765d5407cf49f1474d46c2bb3b61362927e52462549f6ca3e18525997c01673d2007c942274c355ad425fad20ea555fddbb8abb1975ade23695820472e53fcefe594ada89271a46bd1d2051c7302b35cc348fe629d69c027da005305d2b12f3b2a75904f1fa0c6974f60d70d899f9df3cbd7a838708086ce054490b82014206eae26a31f46189f3b2222ad6d2c1a52e16c4103edc282afb2b92461f8cb87a21bdc0da13b6666210026c0cb1fa5ceca44341aa3d522c94992c1b1c909c3c9e46c034a3160f9d1e727dddcc5df9244d38e2f6f4e038b1d803ffed0773a9de14cca0aab627a2512245a9925cd65f7151181c85969ae0476683672c661b2b0fb9dcf9ea2bec7a4ea9fed9deda3c7085db68df0982a2841f34df083ccb57d65a0809736d6b6d67d6d9033abbab7758006629aba6168f74d7d810cb95e12352e3c555b7716526369b77c5aa65d8496ccab5380780cd0ccbd0666916756e64278471c5a3495d02446cf112a755a6e7120ad1090a9b8e07de37a3f0b7a61a718e9f1fb9bfbb7859106a091ef48faf08e6290491ffccf9b4e3b3b3aea0621e750be318c540353032f9df9f8a45af22bc4ca214eb4c499e8f00778de914b8cb8d703d1150ce1dd453d573afcc17b981a728bb9e3a1d76c73ddecc78423ccabf39b2a0b398eaf69a3e0ea8bcc2f3ad1d80f99464474e54e70a6b46a0b3de0d9d8661d1d80305cc6a0391cf4573f9913beed00f6771b4baa3b6391cd446feabbbe0589cf899268e8468c7db65632789cc132e6feeccc4da0ad4f0bd35859571edd1f0b1ed4c91d34b61a9a7f95330bb219aeb6d19c9723370b18de31119f913297e623b838c9edcc14a006ae5db3d82a0221b3be70343f58f824b3b37302af9af3da8297ea409872fb07ca28d503317533a5ce3fffd744a7792cfbd4c40b3779422ed26f803ea4aa682dcfef970cbc0b3e5a63618e5fad01b5a0996e11d2a4be07fe85e96c692a64d8f890ce101df2228a327691d4d0d48a05c5bdee08f2060c504a86ac2881d87a7bb9e68c02a6466a092fb57ceca5dfa34766638a3e75539cda93874b5220828689d70cd56a31febbf98e24d751c44b00abc302569728e1622d72a6e5627a558d0b254588e5123cb08b505a5d4db901a6ebd19a0de64502ffd75f1433b8e777a01ad261303de17f2484c4241ca0ad1276d2ba90f2b608097d64da9a44a13b49e1feaff37e1ebf8d34f9a033ea36396207f466a354aed1709da777d23445a70ae62f659243e72ecd671083e0f532a4a1f16a48854b258e6143ba61e2139b76eda70ad2d4783f6a58cc000eca35eff84b856725342670fe63a24db6a17fbbb2e58d25fc6fba88872d133f38ab967a16221ad2bc72cfd98a7fa93b7434723dc0986a2b1c665fdd41ed069ac2dadfcc154163c8b6e5216608d82dcac75141c0fff8d2d2d5505c2e99777f6194c4d5f026ba6b86914fdb76b5bea792fd5f49d43391903e030e0f2802c10bd4b93c9a9749e6c95ae7ecc9aca1ce305ba55b93dbfd12a587c65d563d2116daff60a568b89e35e846cf3c6c6e1ecb578a91d1b44cfd63c2bfffbee8225f2bb85a75d1015ffcd57555907d47ee096b3b4a736fcd7c9f11b894721cf987177e31c08e66bf009357b8353b48eaad4e3d9a761b92c5be4fd9581c04c81a8e31308ae261437ebabeadf8bfe903e617c0acf0a223c702ffddc450257dd381ea592875d4016521b3fb1beda1e9bfd2cd382220fdb1c085e712891d22acd547c31b0fb34f09a434498268018716f12a5b14cb3f256d226b0e70cfb99188967c3e121416882e38df917df1ae737c43722ed3578f6de77e214f2a8b9364176f5ff968d848ea099f341ab8cda755ebe107012e0f11465b65552c7fb452834163ff7ff31bd75001224839aba06a1bfb509bdb80bde17e86abf7893b24cfcf53a4a6ae5cdab4d5bf79237897fe1f85c256460113c1593b016b438bb579d09a9b19525a2ac9e69ba4d0bd767e45fd8a3e80033e8a174590d4c21f967843628aa66b76dc2c62c25eaa283362d0c6bc12bcf78e2287aea5558ca5f4b9f4a0aca8b357229594f596a0d60dfd3c51e5c8c6c8c282635ae6cfeda635bad8bee13b53443d96f18a9f32a4dea7033a9913e365a7f80ad6245eba25212d4fbb373972d45b9f2094b3d0db3def93025349f636eec5af177a91c461cd39ade48276fb17aad326cc095be686b8098df83761356e5fe6d748ea790213bd2e7bdd04a312e8c3bc3bce58fe24a9d4213b217a7dd37d196862ca084820d69ea152f338227e734f7c478f2542f02f76335c9c2e43a6ab511f2f1b6c5d046db234f94d671a282c2283d18e48c22f9602679bf28d627ed4c88764c604285b159bf738acaa9923ddc3d784bd24556506a6363d7abddc609a31c702c9959773fd64206e6530d69386bbc19529dd5e30091b368df5e18f69f64d160b453bf0d0301a00a38a9c4e1a7a3ae3b249a9d19cb75e5465364e206716769c3edad53f15054e4794654303f13fe82dc2764c06af411b68afd7fe692fe95be841a6e131b4830ef4e292e027aa1ba4b2579960a3079863325b51ef9e54acf15aa5f3f42b8cd448889f650ac08e680b352eaa53ea3c511d6152c55f6ca49a0fb4e696d3142d4a06f68c39a24a2764f5bfe4a0ec2c6ea904c780e46139d0f1ef82ee76527cd26e06f454abc6b9e71ab2c06f28843495ee67516913f624c17e18139ad2ac57e375f177ccc86241b502263c86d4b92fffbb16be3f72585af33fc92473603de246d39d423dc6a5e29c3fede67da126705c59bcdd53d70d3ee629491207a64daea77b0a768a09ab6b6004915678556ff5e76bd4eace1a08d24b94a8bae6f0d3b1172d9c2073fbae8192f1bcd2130af737f173af668b073619b003ecefabe4fdfabc04cdc15d59dcaf05c8acb31ad73bd6d855590cf22ef4c5e070d46734bae45772f54e98ed2400c0d9a7e12ee1977e835e21a2ef8bca0e2eb3e400034ff4deb29451823aa11dfc88ef88f59ed57b5aa3ef6b39aa08ef839871163aa4c76f42b08e2be2a2bc036b6c517bc5164ee7d239039a7784ec9c0d0c1846f19a0949919658530ce32e6dc7191d853a53d1e3c0d0f1b7972c99373645bede7a88f68f2cda068e6c69b177a4c6ce32ac10a398b33e01cd06e9ee5c1a4c8dfd4f1cf1da0e2ade1e9ea62acaf1256b18ad1a9040786d34b9d2a679076c2a30288bf62c7c8dcb0b83531d9778b32ca01f7c3d681b4638c7bd63d99b21d81f2bc4c8cfabb8927b2565a40ddbbbddd9907bc5821989333df3c74b5bb74ee9469542dea7f846d80c16f265fc978e7d0f301b5496b0ee8c711ec159a3cf3b5477d740442009c6d693989c694754deddff6eac11d2798c0b8df3bfba3212af771c723b613735b6bd0f26ee601c3ce9072db425c8824e38025a58e16e3df49ba1c01952d67b0a43035f0d4c1316f9f75c9b64237c10446d33ddf765b46fa87dda7bb32d3a10faa507ee1b08be23564b716dbab48e5f39e2ab8b830b55ed5e12a175c8bdc58a86f61585ac18b16b85a515f15740cdae35861ea419456007ca20ffb2a3732c47fd3ca85bd326219f7edb49213c566502dad59c7d862241928fefc3a66c6943ef9da5fd8d1c550fa1904104744f09bb3670c228fed4d23307e4d8eac3f2e98ddd385727eaa90e4dc56562aa494b26a9570d684ccf77ebdd24169050b893d8d63b87849f93aeaae1cdaf7dcce7799422572b00fec8074802f44e9ae89e035b8bbdb77786b792c171179bef4e8ce52eee7c1e719d95548ffb524b21aef79e889d0d4d229f754f977a4b62055c8b77fa71b81278d65180b03baee0f816007f7436cc15131fc82f79a0657da506b9f4a8bc0f9c4558f74954a2b712d9d3f273e56955be7ca339b765be01f0b98f02f19dc40472693f291013ad9df792a13e3858ead6f7d71c66f726388e65813a0d37ddd6fe2bbe0d9a137a42cad6a521080fa6ef6b91f7bf930be29bf31a24b691e90879e78850d40f5a234efe0daa8d92718e26bd007efcf70d63886dc2e60e55dca0041e1db0b46ca48bb4b6dcd19cda71c72cc5c38b334852daf9649cc9cd00d800164e46ddcd575112748cff778ce8bc3263ce0fcd7c242dbb55dea02c648909c8dd9546faa58a8eee2d28567525e3dfc3d6e6c2f67da487ba8c92d0b820ef12e32f4debc9a3be46a93b4976c68d33dbbc1a8b7ee91c6efdf9f7808dbef774bc8146a05810a11377e9bbb304e4c178f565eff1c659447fe5a970dfa02a0788183c77a79dc0c6fc1b1593a29da2799855c808de5775b83c65333a9785542e1551b4692f342ba503dcbb85e10c400ced2a71fec19323ac28a2c19da9065802dbcc8df6194e4d8332ae51cffa15cbaa7f4fae9300edadd680180b8ed49313abe4e33f3c5c331f23064c7d6b528eb298a1c8f8e7f14ac61c9782c61b23921602c930e6d9f7ab6008b97a946d89546070397a2bffb3e4445ad9bc50b414ce03ebdbf26768d49038bc510660b34ab79ae05762879615fc6ed55e88cca3829af0ce611a791ae45f0fb5f58054ee93333170c4c7e92ea6c28b6d52593866dac733adf6c80e13458c7db123a6f0ee462b764cfac0384efe17ded833e4e8f147a25361a6a7e3d1fe6353eea90fe10bbc014f11a610a549b4da3d461683956105b7fa3df192c7702b572dd748ec90e21b9fab64ad8988707e4253f3d48d8d1103860309f195e6819b16ec2ae57d4588b082ea4a76c135e3b495f1774a985c63c0a394ce9c0d13b3156a1cc6f693b5a986674441e44dce0634335f861a2c74fbd0e3c8cfd08fafe713bf58602001d590f1c8b32e026020426bff5b03149c169777ae0af26931e4137804c843b50cfb5eb1cf5b965d5a192479538d3fc9b49ece7620b5e0cd076695b3c6a0db79da4d83806437db4038374eee6f825808c089c98b6d004248c4de2775748fd2be64ddb55652541c6a292bcc23030891eedefcdf9e628fff46c3addd85f8cd595712021157ccd837316a7eda94e4e10866638c73ec64223e24993fe3358e8deb8cbfceeed7cc352e09adbd52ff04638cd532e4217fca9720113ec038c89ee3677bbe494025f8478bff5775d847f46b6c009eee2528da9a6262b338dd81855ced92603c0f01632d2d145415e21a8b22592c39ce5d3eea9559a398a6ed4a6fe8536", @ANYRES32=0x0, @ANYRES8], 0x5, 0x7e1, &(0x7f00000004c0)="$eJzs3U1oHOf5APBnFNmRlf/fhLS4xjjOxEnBBkdZyY6CyCHZrEbyJKtdsbsKNqUkppaDsZyEuIFahzq+tLS0hJ56THLopT2VXloKLbTQ9lRor70FAj0kLS300BJQmZmVJVlf/pA/SH8/Yc07M+/M+7zvrufZkTQzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABE0pis1UaTaOatuVPp5hqTnfbMFuuX9/frNZMt2o1Iin8xNBT7q0X7v7iyel/x7XAcrOYOxlAxGYrFh/Y9/NwXBgeWt98ioJ02uNHCS5cXL5xZWJh/+y4Gcgd895drZn80HDc4stNZK++285n6dJbm3XY6MT5ee/rkVDedyptZ93S3l82kjU5W77U76ZHG0XR0YuJ4mo2cbs+1pifrzSwdrBY++9RYrTaevjQym9U73Xbr6ZdGuo2TebOZt6bLDYvVRZ1nizfiy3kv7WX1mTQ9d35h/vjakPasC7KoNLpmyWdLq+cOPvnwx+989M/z82PbdXesNjY2Ojo2NjqeREStNriy4JmJZ56t1QZr14l1Ne7qm5b70A4fweHWDfTzfzQjj1bMxalIN/xqxGR0oh0zsfIGXr2+bzn/f/npv/1xq3bfW5X/qyw/cHD/yuoDUeb/Q9Xcoc3yf9X27gc3iflOfa30/1JcjsW4EGdiIRZiPt6+I+0lO7evgZ2NbDqyaEUe3WhHHjNRL5ek/SVpTMR4jEctXo2TMRXdSGMq8mhGFt04Hd3oRVa+oxrRiSzq0Yt2dCKNI9GIo5HGaEzERByPNLIYidPRjrloxXRMRr3cy7k4X4778evi2vfN137x+p8+fr98tZYrjW41xO9GlJX+sUWldclc/uemRcRvd+rwDbdlaTn/AwAAAJ9bSfnT9+L8f1c8Wpam8mb2lW22Giy+vXt3IgQAAABuV/mb/4PFZFdRejSS4vy/trbST3bdm+AAAACAHZGU19glETEcj1Wl5culavc6NgAAAGBnlL//P1RMhiOulAuc/wMAAMDnzCs/6xeuv8f+R8v32B2YfTD51d+j09mVnPjg1JPJxXpRr37xgWq7/uSVa3vsTR1Ion9DwXJf44OLDxXzg43sYLJ889zPHqymn5bfDwxe23xtHC/sqZYmSVIEcHV20wBiTQB7+724FkA5F9+Lx6s6j5+tpmeX11S9HZ7Km9lIo918bjTq9b0DvexU7503zn8jyu5/pzWzN4lz5xfmR7725sLZMparxV6uXuz3d919FLeIZak/AvHo+rsbF7vaVV6I0W93uGq3trr/A5f2FoWBm2jzW3H4/8o6h4erusNr+z9UtDk6slnvh6v+ja7r+eD6N1YVxen+3HVRPFEtfeLIE9VkgyjGtoqiGIux1VH0B+HmxmLDKOLhiHj/8Sun/vW7dpId3y6K47cZBcC9cq6860+Rhap0VGWh/yxVivzf6ezaHWvyTrXBjR7lkrKVbZ7kc+PZ/d9LWxzRj1R1jlSfJwYPbJBXahsc0d86/9bv+0f0Ez/+4QdfPfSHn95yXh9arrJnufDIbx4aiDKKPf0oFvtrOruS71/LJFVW/bBY/uGm7XabY0kxhA98/eJbse/S5cWnzl888/r86/NvjI0dH6+dqNWeSZL+i7dUfmKQewDYwOE4VCXyTZ+xs8lTeMoPAFXuPrHVWfUDkTxy7U8Kipz4ZizE2ThWXm0QEY9t3O7wqj9DOBaH+8FufNY6vOoJL8e2ObfcHdGvO7Zt3eFVj5dZ8aUf3MnXAwDuhsPb5OFN8/+qc/dj25x3r83lR6u6R5cj2DyXR8Tzd3c0AOB/Q9b5NBnufTvpdPLZV0cnJkbrvZNZ2mk3Xk47+eR0luatXtaJwXprOktnO+1eu9FuFoVX8smsm3bnZmfbnV461e6ks+1ufqp88nvaf/R7N5upt3p5ozvbzOrdLG20W716o5dO5t1GOjv3YjPvnsw65cbd2ayRT+WNei9vt9Jue67TyEbStJtlqyrmk1mrl0/lRbGVznbymXrnakQ052aydDLrNjr5bK9d7XC5rbw11e7MlLv96957PdoAcH+4dHnxwpmFhfm3b63wlxupvHnrQ24sDAD3wEqW/uT/r1/nh+8AAAAAAAAAAAAAAHB/uM3r/9YX9uzsDoe2qrN0JWL9qmRpaekmmtgT29TZ3R+qHR6ou1K4uiP7GYiNxvn+KSSbr3rt+ecvbLb5i1f2n7yxJrb9nzIYEf1LXd/9ZPfP36tWvXBL3Rm4+a3+HBG30NZSskWde3tcAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICN/DcAAP//jRtoaA==")
r0 = socket(0x10, 0x803, 0x7)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000008000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @remote}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=""/23, 0x17}, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0)
socket$packet(0x11, 0x3, 0x300)
r1 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r1, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0x0, 0xac14140c}}, 0x80, &(0x7f00000000c0), 0x0, 0x0, 0x0, 0x900}, 0x60)

5m4.422614551s ago: executing program 6 (id=5007):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x8, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
gettid()
syz_usb_connect$cdc_ncm(0x0, 0x74, &(0x7f0000000040)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0xff, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x62, 0x2, 0x1, 0x9, 0x10, 0x10, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0xb, 0x24, 0x6, 0x0, 0x1, "b4bbcca043f3"}, {0x5, 0x24, 0x0, 0x200}, {0xd, 0x24, 0xf, 0x1, 0x7, 0x1, 0x4, 0x7}, {0x6, 0x24, 0x1a, 0x4, 0x22}}, {{0x9, 0x5, 0x81, 0x3, 0x8, 0x5, 0x6, 0x7}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x8, 0xf7, 0x8, 0xfe}}, {{0x9, 0x5, 0x3, 0x2, 0x440, 0x7f, 0x9, 0x3}}}}}}}]}}, &(0x7f0000000280)={0xa, &(0x7f00000000c0)={0xa, 0x6, 0x300, 0x0, 0x23, 0xce, 0x20, 0xa6}, 0x184, &(0x7f0000000740)={0x5, 0xf, 0x184, 0x4, [@generic={0xa7, 0x10, 0xa, "38f645fc414a12d2843b0ab5467204f1f7579bb9d275f1a973e1ffda1d948501ee8f669d78cb2f6b2e15547e4591d5ee61e7bbbd2647624d5518f8dcb4613ffc2c2712debe8b1d891cb566b23a63c316763fbb039a1d1dfa0ea0aad2492d5cf9bccc302c2ec56fdded8d6876be53310c18e2819edb5afd946e3f296d4111745bd6af6469f82a2953f06a6ae50ecd4978423f443c427c09760af614bcbb9778da2896c056"}, @ss_container_id={0x14, 0x10, 0x4, 0x1, "8a5aafa49e7bd9f097fbc8ea748fb8b2"}, @generic={0xa8, 0x10, 0x3, "ed08d04b14ced4cd9c39979ae08e229fe7b5ed2a89eab3823ea6a9be251a3e38977f1779f8ec2614990adf6c5f59f245c3506eb7b01c25f5f60d4eca69a174db33e359a4c7d4817a68e5d7b918c3904c11f12bf4e4afc5ad71f2b8d8cc34208ca5c4edeaa243be6076627ff99997dc7c781cda80300e1f3d9e44b5b039c83c9be19dc4b4a327be7be5efd5f5f5c73b886c0ce75dda57a34ee7c08b11c213b4fecbc21b17f1"}, @ssp_cap={0x1c, 0x10, 0xa, 0xf, 0x4, 0x6, 0x7700, 0x9, [0xc00f, 0x3f00, 0xc000, 0xffff00]}]}, 0x4, [{0x4, &(0x7f0000000100)=@lang_id={0x4, 0x3, 0x280a}}, {0x0, 0x0}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x340a}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0xc1a}}]})

5m3.811878364s ago: executing program 6 (id=5016):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x418484, &(0x7f0000000440), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
setxattr$trusted_overlay_upper(&(0x7f00000003c0)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000400)=ANY=[], 0x835, 0x0)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x5c, 0x3, 0x6, 0x101, 0x0, 0x0, {0x7, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x5}, 0x8000)

5m3.655195235s ago: executing program 6 (id=5020):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b000000000000000000faff0500000000000000", @ANYRES32, @ANYBLOB="0500"/20, @ANYRES32=0x0, @ANYRES32], 0x50)
fcntl$dupfd(r0, 0x0, r0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
writev(r1, &(0x7f0000002800)=[{&(0x7f0000002500)='\f7', 0x2}], 0x1)
write$cgroup_pid(r1, &(0x7f00000031c0), 0x12)
r2 = socket(0x11, 0x800000003, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
syz_usb_connect(0x2, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r5=>0x0})
setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000280)={r5, 0x11, 0x6}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@getchain={0x2c, 0x11, 0x839, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r8}, [{0x8, 0xb, 0x4}]}, 0x2c}}, 0x4000)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000600))
dup(0xffffffffffffffff)
r9 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r10 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r9, r10, 0x0, 0x20000023896)
r11 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETSF(r11, 0x5404, &(0x7f0000000000)={0xb29, 0x0, 0xfffffffe, 0x0, 0x0, "7a58beca39ed2d5a99bbc4bff0ebd3e9bd5a8e"})
r12 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYRES32, @ANYBLOB='\x00'/16], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32=r12, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)

5m3.355874377s ago: executing program 6 (id=5023):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) (async)
r2 = syz_open_procfs(0x0, 0x0) (async)
syz_emit_ethernet(0x2e, &(0x7f0000000780)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaa000a541b6375e08d1800ed0020e858d52e0000119078400000000000000044040a8000804e2100089078"], 0x0)
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x414080, 0x0) (async)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r2, 0x89f8, &(0x7f0000000400)={'gretap0\x00', &(0x7f0000000240)={'ip_vti0\x00', <r4=>0x0, 0x10, 0x8017, 0x80, 0x5, {{0x8, 0x4, 0x0, 0x1, 0x20, 0x66, 0x0, 0x5, 0x29, 0x0, @local, @private=0xa010101, {[@timestamp_addr={0x44, 0xc, 0xe3, 0x1, 0x9, [{@remote}]}]}}}}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x28, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2ccc, 0x0, 0x0, 0x0, 0x200}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @alu={0x4, 0x0, 0xc, 0x6, 0xb, 0xffffffffffffffff, 0x10}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @alu={0x7, 0x1, 0x8, 0xa, 0x1, 0x156, 0x10}, @alu={0x4, 0xced8fd7d6b0aecc1, 0xc, 0x8, 0x7, 0xe, 0xfffffffffffffff0}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @alu={0x4, 0x1, 0x1, 0x3, 0xb, 0xfffffffffffffffe, 0xfffffffffffffffc}, @ldst={0x2, 0x2, 0x0, 0x5, 0xb, 0xfffffffffffffff4, 0xffffffffffffffff}, @jmp={0x5, 0x1, 0xd, 0x6, 0x1, 0x0, 0xfffffffffffffff0}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x46, 0x24, &(0x7f00000001c0)=""/36, 0x100, 0x0, '\x00', r4, 0x0, r2, 0x8, &(0x7f0000000440)={0x6, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000004c0)=[r0, r2, r0, r0], &(0x7f0000000500)=[{0x0, 0x5, 0xe}], 0x10, 0x101, @void, @value}, 0x94) (async)
unshare(0x20000400) (async)
r5 = syz_open_procfs(0x0, &(0x7f0000000380)='net/ip6_mr_vif\x00')
preadv(r5, &(0x7f0000000640)=[{&(0x7f0000005400)=""/4098, 0x1002}], 0x1, 0x3, 0x0) (async)
r6 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_ENCAP(r6, 0x113, 0x1, 0x0, 0x0) (async)
r7 = socket$nl_route(0x10, 0x3, 0x0) (async)
r8 = inotify_init1(0x0)
inotify_add_watch(r8, &(0x7f0000000040)='.\x00', 0xc2000484) (async)
ioctl$int_in(r8, 0x5421, &(0x7f0000000680)=0x3) (async)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) (async)
lsetxattr$trusted_overlay_redirect(&(0x7f0000000140)='./file1\x00', &(0x7f0000000180), 0x0, 0x0, 0x0) (async)
readv(r8, &(0x7f0000000340)=[{&(0x7f0000000080)=""/50, 0x32}], 0x1) (async)
r9 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000140)={'ipvlan0\x00', <r10=>0x0}) (async)
r11 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r12=>0x0})
r13 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r12, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$nl_route(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="2c00000010000100"/20, @ANYRES32=r10, @ANYBLOB="00000000000000000c002b8008000100", @ANYRES32=r13], 0x2c}}, 0x0) (async)
r14 = syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT") (async)
r15 = open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r14, 0xc020662a, &(0x7f00000002c0)={0x8001, 0x7, 0x0, 0x63e7, 0x5, 0x0, [{0x1, 0xfff, 0x2}, {0x8, 0x8, 0x3, '\x00', 0x2100}, {0x1, 0x8000, 0x101, '\x00', 0x3400}, {0x2, 0x7, 0x80000000, '\x00', 0x100}, {0x99, 0x4, 0x8, '\x00', 0x200a}]})
sendfile(r15, r15, 0x0, 0x7f06)

5m3.295496857s ago: executing program 35 (id=5023):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18) (async)
r2 = syz_open_procfs(0x0, 0x0) (async)
syz_emit_ethernet(0x2e, &(0x7f0000000780)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaa000a541b6375e08d1800ed0020e858d52e0000119078400000000000000044040a8000804e2100089078"], 0x0)
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000000), 0x414080, 0x0) (async)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r2, 0x89f8, &(0x7f0000000400)={'gretap0\x00', &(0x7f0000000240)={'ip_vti0\x00', <r4=>0x0, 0x10, 0x8017, 0x80, 0x5, {{0x8, 0x4, 0x0, 0x1, 0x20, 0x66, 0x0, 0x5, 0x29, 0x0, @local, @private=0xa010101, {[@timestamp_addr={0x44, 0xc, 0xe3, 0x1, 0x9, [{@remote}]}]}}}}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x28, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x2ccc, 0x0, 0x0, 0x0, 0x200}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}}, @alu={0x4, 0x0, 0xc, 0x6, 0xb, 0xffffffffffffffff, 0x10}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @alu={0x7, 0x1, 0x8, 0xa, 0x1, 0x156, 0x10}, @alu={0x4, 0xced8fd7d6b0aecc1, 0xc, 0x8, 0x7, 0xe, 0xfffffffffffffff0}, @tail_call={{0x18, 0x2, 0x1, 0x0, r0}}, @alu={0x4, 0x1, 0x1, 0x3, 0xb, 0xfffffffffffffffe, 0xfffffffffffffffc}, @ldst={0x2, 0x2, 0x0, 0x5, 0xb, 0xfffffffffffffff4, 0xffffffffffffffff}, @jmp={0x5, 0x1, 0xd, 0x6, 0x1, 0x0, 0xfffffffffffffff0}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x46, 0x24, &(0x7f00000001c0)=""/36, 0x100, 0x0, '\x00', r4, 0x0, r2, 0x8, &(0x7f0000000440)={0x6, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000004c0)=[r0, r2, r0, r0], &(0x7f0000000500)=[{0x0, 0x5, 0xe}], 0x10, 0x101, @void, @value}, 0x94) (async)
unshare(0x20000400) (async)
r5 = syz_open_procfs(0x0, &(0x7f0000000380)='net/ip6_mr_vif\x00')
preadv(r5, &(0x7f0000000640)=[{&(0x7f0000005400)=""/4098, 0x1002}], 0x1, 0x3, 0x0) (async)
r6 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_ENCAP(r6, 0x113, 0x1, 0x0, 0x0) (async)
r7 = socket$nl_route(0x10, 0x3, 0x0) (async)
r8 = inotify_init1(0x0)
inotify_add_watch(r8, &(0x7f0000000040)='.\x00', 0xc2000484) (async)
ioctl$int_in(r8, 0x5421, &(0x7f0000000680)=0x3) (async)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0) (async)
lsetxattr$trusted_overlay_redirect(&(0x7f0000000140)='./file1\x00', &(0x7f0000000180), 0x0, 0x0, 0x0) (async)
readv(r8, &(0x7f0000000340)=[{&(0x7f0000000080)=""/50, 0x32}], 0x1) (async)
r9 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000140)={'ipvlan0\x00', <r10=>0x0}) (async)
r11 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000200)={'netdevsim0\x00', <r12=>0x0})
r13 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r12, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$nl_route(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="2c00000010000100"/20, @ANYRES32=r10, @ANYBLOB="00000000000000000c002b8008000100", @ANYRES32=r13], 0x2c}}, 0x0) (async)
r14 = syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT") (async)
r15 = open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(r14, 0xc020662a, &(0x7f00000002c0)={0x8001, 0x7, 0x0, 0x63e7, 0x5, 0x0, [{0x1, 0xfff, 0x2}, {0x8, 0x8, 0x3, '\x00', 0x2100}, {0x1, 0x8000, 0x101, '\x00', 0x3400}, {0x2, 0x7, 0x80000000, '\x00', 0x100}, {0x99, 0x4, 0x8, '\x00', 0x200a}]})
sendfile(r15, r15, 0x0, 0x7f06)

4m49.888955096s ago: executing program 0 (id=5219):
r0 = getpid()
setreuid(0xee00, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = syz_pidfd_open(r0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
setns(r2, 0x24020000)
syz_clone3(&(0x7f00000008c0)={0x14840000, 0x0, 0x0, 0x0, {0xfe}, 0x0, 0x0, 0x0, &(0x7f00000002c0)=[r0], 0x1}, 0x58)

4m49.744988027s ago: executing program 0 (id=5220):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r2, 0x89f1, &(0x7f0000001040)={'gre0\x00', &(0x7f0000000100)={'syztnl2\x00', 0x0, 0x2f00, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x2f, 0x0, @empty, @multicast1}}}})

4m49.638896907s ago: executing program 0 (id=5223):
r0 = socket(0x10, 0x3, 0x6)
sendmsg$IPCTNL_MSG_EXP_DELETE(r0, &(0x7f0000001f00)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000001e40)={0x9c, 0x2, 0x2, 0x101, 0x0, 0x0, {0x1, 0x0, 0x4}, [@CTA_EXPECT_MASTER={0x88, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x29}}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x2e}}, {0x14, 0x4, @empty}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}}, {0x14, 0x4, @private2}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}]}]}, 0x9c}, 0x1, 0x0, 0x0, 0x81}, 0x20000000)

4m49.511767548s ago: executing program 0 (id=5229):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1, 0x0, 0xe}, 0x18)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, 0x0)
write$tun(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000bbbbbbbbbbbbaaaaaaaaaabb88a80065000001119078ac14142964010102b8711000"/55], 0x36)

4m49.394994828s ago: executing program 0 (id=5231):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
r1 = syz_open_dev$loop(&(0x7f00000005c0), 0x10000, 0x10d480)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYRES32=r0], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffffd3, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x3}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0)='rpc_pipefs\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000380)='kmem_cache_free\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x4, &(0x7f0000000480)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}, {0x3, 0x0, 0xa}, {0x7, 0x6, 0xfa, 0x9}, {0x4, 0x8, 0x3, 0x7f}]})
pipe(0x0)
vmsplice(0xffffffffffffffff, 0x0, 0x0, 0xc)
semop(0x0, &(0x7f00000002c0)=[{0x2, 0x85, 0x1000}, {0x0, 0x8698, 0x1000}], 0x2)
semctl$GETALL(0x0, 0x0, 0xd, &(0x7f00000003c0)=""/68)
semctl$SETALL(0x0, 0x0, 0x11, &(0x7f0000000440)=[0x5e83, 0x2, 0x0])
syz_mount_image$msdos(&(0x7f0000000100), &(0x7f0000000080)='./file1\x00', 0x8, &(0x7f0000000140)=ANY=[@ANYBLOB='dots,dots,dots,nodots,dots,nodots,dots,quiet,nodots,dots,showexec,dots,dots,umask=00000000000000000077777,nfs,dots,tz,errors=continue,nodots,check\x00\x00\x00\x00\x00\x00\x00\x00dots,dots,\x00\x00\x00\x00\x00'], 0xfd, 0x1bf, &(0x7f0000000680)="$eJzs3TGL02AYB/Cn9bzmnG4TRCHg4nSon+BEThADgtJBJ4XT5SqCt0SX9mP4Af0A0qmLRGrSxkaHWmxS6++39En/edvnHZp26ZNXN99dnL+/fPvl+udIkl70T+M0Zr04jn4sTAIA2CezooivRanrXgCAdqzx/f+t5ZYAgC17/uLlkwdZdvYsTZOI6SQf5sPyscwfPc7O7qY/HNerpnk+vLLM76XN3w7z/Gpcq/L75fp0NT+MO7fLfJ49fJo18kGcb3frAAAAAAAAAAAAAAAAAAAAAADQmVuRLvx2vs/JSTM/qvLy6Kf5QI35PQdx46A6rMcDFeM2NgUAAAAAAAAAAAAAAAAAAAD/mMuPny5ej0ZvPtTFICJWn/mTole98IbL2y76sRNtKP5qke5GG6MNPwWHEbGtxmZFUax1cn2NGHR1cQIAAAAAAAAAAAAAAAAAgP9M/affX7Oki4YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAP1/f83KMYRscbJyzc76nSrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7LHvAQAA///DgjXa")
write$binfmt_misc(r2, &(0x7f0000001000), 0xe09)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x7, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c559265406c09306003d8002000", [0x0, 0x2]}})

4m47.604964147s ago: executing program 0 (id=5243):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000040))
write$binfmt_script(r3, &(0x7f0000000000), 0x4)
splice(r2, 0x0, r1, 0x0, 0x100000004, 0x0)

4m31.780423189s ago: executing program 36 (id=5243):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
pipe(&(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000040))
write$binfmt_script(r3, &(0x7f0000000000), 0x4)
splice(r2, 0x0, r1, 0x0, 0x100000004, 0x0)

2.886781946s ago: executing program 5 (id=9912):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv4_newaddr={0x48, 0x14, 0x509, 0x0, 0x25dfdbfd, {0x2, 0x1f, 0x0, 0xcb}, [@IFA_LOCAL={0x8, 0x2, @private=0xa010101}, @IFA_FLAGS={0x8, 0x8, 0x10}, @IFA_RT_PRIORITY={0x8, 0x9, 0x6}, @IFA_RT_PRIORITY={0x8, 0x9, 0x10000009}, @IFA_ADDRESS={0x8, 0x1, @local}, @IFA_RT_PRIORITY={0x8, 0x9, 0x103}]}, 0x48}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x70}}, 0x0)

2.839754376s ago: executing program 5 (id=9914):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r0)
sendmsg$NFC_CMD_DEP_LINK_UP(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002abd7000fbdbdf250400000005000a000000000008000100", @ANYRES32=0x0, @ANYBLOB="f4bd8f99fc2d19c79828e88e273659cd1e0523b1d6fbea95698e7facf7fdaa722145914c69c6c11991d301f54ed7a9a570075a0101a0a90a5de4838d6f90294807e5fd0c979dac4457679da450cf032a97cafcd162384ef5f8b35aa51c47bbe32dd56d92052aac41cfd907d12d6bddf062b2ce9d58e6e8a4fc044b0d56513c203d3b44d57a05"], 0x24}, 0x1, 0x0, 0x0, 0x44000}, 0x40)

2.802396386s ago: executing program 5 (id=9915):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r1)
sendmsg$NL80211_CMD_GET_WIPHY(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000e80)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01030000000000000000010000"], 0x30}}, 0x0)

2.735176246s ago: executing program 5 (id=9917):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0xc2)
r1 = inotify_init1(0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000000)='./file3\x00', 0xb00002d6)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000014c0)=ANY=[@ANYBLOB="1600000000000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB="000000000008000000007d45f6fb20000000000077e20a8b5aff9f2fe36bcd117dee09575e43108d98e57a270f0000000000000087919c840593ee4204", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000340)={[{@nogrpid}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@jqfmt_vfsv0}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
creat(&(0x7f0000000140)='./file2\x00', 0x1ad)
unlink(&(0x7f0000000180)='./file1\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
pread64(r4, &(0x7f00000001c0)=""/200, 0xc8, 0x0)
lseek(r4, 0x7, 0x3)
readv(r4, 0x0, 0x0)
read(r1, 0x0, 0x10)
mkdir(&(0x7f0000000300)='./file0/file0\x00', 0x8)
pipe2$9p(&(0x7f0000000140)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r6, &(0x7f0000000300)=ANY=[], 0xfddf)
readv(r5, &(0x7f0000000100)=[{&(0x7f0000000340)=""/4096, 0x1000}], 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)

2.669404186s ago: executing program 8 (id=9919):
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x7fff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYRES16=r1, @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
write$P9_RVERSION(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r1)
write$P9_RLERRORu(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff)
set_mempolicy(0x3, &(0x7f00000000c0)=0x5, 0xa)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x4, 0x0, @fd_index=0x8, 0x10, 0x20000000, 0x20007, 0x0, 0x1, {0x1}})
fcntl$dupfd(r5, 0x0, 0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}})

2.650322757s ago: executing program 9 (id=9920):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="3d6d2cfb73cb34", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000300)={0x53, 0x0, 0x6, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000140)="5def12c9e843", 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(r1, 0x5421, &(0x7f0000000100)=0x100000001)
setsockopt$inet_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000380)=0x1, 0x4)
connect$inet(r1, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
close(r1)

2.516035517s ago: executing program 9 (id=9921):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000008500000023000000850000000800000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000001c0)='siox_set_data\x00', r0, 0x0, 0x200000000203}, 0x18)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000021000000000000000000000000000000000000000000000000ffffffff0000000000000000100000000000000000000000000000000000000000000000000000000400000000000000ffffffff0000000000000000000000000000000000000000000000000040000000000000000000000000000000000000ffffffff020000000300000000000000ffff0000000000000000000000000000000062726983676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d8010000d801000010020000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e3000e575dd73000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a8000000736e61740000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000edffffff0000000000"]}, 0x3c0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000180), &(0x7f00000003c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_read_part_table(0x5c9, &(0x7f0000000880)="$eJzs0jFoW0cYAOD/vaKoHYJFCLjQpRCTSUmKOiRQiVKMIrzYIaQhQ+dCMhQSyODBSFUyp8nULSGJDcaL6dBOhi7GMhgb5MnIq+dCvWkwr8h6XmxTCsZ13XzfoNP999/9d/wvONfS+CPLsiQisuJB7Md8JeLxF3+/+9uF+u2Jz+98c/deRBKPImLy2qPfBitJnnFw6i/5fCqfTxQr3bdr47sLpfUrm52x92lEYRC/EBGtwf7W7MjRekl8dfIn8z+yWFsZefb8SePFdO3hVmNmp5DHX918V23eH60+SIfzpfS43dkx39jJ6u+N3prbyKb+fH3xeqHT7VdW87xyctJK/Bct7mUDn2aD/n89s/PmcrvX7k9enX96o3ypt9x8ud/338/6mgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAdgsbYy8uz5k8aL6drDrcbMzpffX6t/9lP9h1c331Wb90erD9Jh3lL679Qf696a28g+jtcXrxc6F/qV1TyvnJxOfc7W4f6/udzutfuTV+ef3ihf6i03XyY/Pz7rOwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA50v99nZE3L0XkcR3ETGelmYH8awYUdo+mj9VHI4TxUr37dr47kJp/cpmZ+z9nTy+lEa04pP9/7/u/04fOuGj4dCKiPT03sU/81cAAAD//xmKiIU=")

2.251740979s ago: executing program 1 (id=9928):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000200), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x1, 0x2, 0x5, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x800000000003}, 0x100000, 0x5dd8, 0x3, 0x0, 0x0, 0x8, 0xfffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)

2.251050029s ago: executing program 9 (id=9929):
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000006c0)={'batadv0\x00', <r0=>0x0})
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x142}, 0x1c)
r1 = syz_open_procfs(0x0, &(0x7f0000000800)='ns\x00')
r2 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@bloom_filter={0x1e, 0x80, 0x4, 0x401, 0x8400, r1, 0xffffffff, '\x00', r0, 0xffffffffffffffff, 0x0, 0x2, 0x4, 0x2000000000000f, @value=r2, @void, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000880)={0x3, 0xc, &(0x7f0000000940)=ANY=[@ANYRESHEX, @ANYRESOCT=r3, @ANYRESHEX], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_RX_RING(r4, 0x11b, 0x2, &(0x7f0000000040)=0x1000000, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r4, 0x11b, 0x6, &(0x7f0000000000), 0x4)
creat(&(0x7f0000000000)='./bus\x00', 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000001c0)='sched_switch\x00', r5}, 0x10)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000980)=ANY=[@ANYBLOB="1800000004000000410000000000000001000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="1f400000010000ffffb803707fd877bb582ee5a0e7ec074fec26a4371b2b2af4580000000000003b1fcdb9eea9cdfdee7beca4a548333a"], 0x48)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
bpf$MAP_CREATE(0x0, 0x0, 0xffffffffffffff5d)
socket$kcm(0xa, 0x922000000003, 0x11)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1000416, &(0x7f0000000500)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c646973636172640061727365743d63703835322c757466383d202c6e6f6e756d7461696c3d302c6e6f6e75617461696c3d302c7574663c3d302c696f6368619615f9a9d8bc34fd234143727365743d69736f383835392d322c756e695f786c6174653d312c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c757466383d312c756e695f786c6174653d302c756e695f786c6174653d302c73686f72746e616d653d6d697865642c726f6469722c756e695f786c"], 0x1, 0x364, &(0x7f0000000180)="$eJzs3U9oI1UYAPAvnTTpLuj2JgpC9CZo2XrTiy3SBbEXleCfgxjcrkpahRaL7WHbelA8Ch715E1BDx7EowiKePPg1RVkVTxoTy64+GQymWTapN12sUrx94OmL++9b75vJkMyDcnrc3PRvTgZl3Z3r8bUVC3qcw/PxbVaTEcWpe0Y1RjTBwCcDtdSit9T4YghtRMuCQA4Yb3X/xciohXTRc/rXx42P3n1B4BTr//3/5nD5kwdNPDKiZQEAJywkff/794z3Oj91Mu79cqnAgCA0+qJp595dH4x4vFWaypi5c319no7HhyOz1+Kl2I5luJ8nIvrEcWFQn5T691eeGRx4Xyr1dqKn6ajHRET/cB2caUwn/XimzE7GBlcbaSUsgufLC7MtnoiYnurlz9WauvtyTjbz//92VgaXnhMl0VESn/0t9XfQHuljN+K2Bm+b5HXPxPn4tvnB5tJqfwE4+LC5dmJ/p1h/Hq7GRcHR+HAd0AAAAAAAAAAAAAAAAAAAAAAAOCmzLQGpgfr56T8d7FSzszMmPHe+jhFfH99oJ1ifaDUTJHSb6/d134riz3rA+1fn2fdQoIAAAAAAAAAAAAAAAAAAAAwsLbRiM7y8tLq2sZmt9rYWl3bmIiIvOflrz/64kyMzrlBo16kaEYMUrT6aTe7nZSVk1MWMRqe5cnLng8+HVRcndMc7MXYMprjh3Yjb9xy14/vDofuzMot/zWcnMX4HcwqZTy0L+nKrUVJxzlQg8b91Z7maPYrKaVKzxvV8MvPjm4wahH14z9wm92JOHhOyhtfXX3x9vLodz5PhXvuPffklXfe/6XbWc4zR+8RbKyuXU/dTq2cfLzDkh/qsqcWRaNWPRPqh4Xv7O3pZN/9+tQdb39ztOyp2vNqfj7vm5MVu/Px/vBG0cjLzBuN4dlyZhg+2d+J5aXJMSf/jRo38Zje9t5nH6b0w89HTlHIq58Yedqo/XPPQAAAAAAAAAAAAAAAAAAAQKnyXfG+/pd9Jw+LeuCxk68MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP49w///X2nsbMe+nqM0/twaE9VcWl2LaPzXuwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/c3wEAAP//r4hbpw==")
r6 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r7 = fcntl$dupfd(r6, 0x0, r6)
ioctl$SG_GET_REQUEST_TABLE(r7, 0x2286, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000001440)={'pim6reg1\x00', 0x2})
ioctl$TUNGETVNETHDRSZ(r8, 0x800454d7, &(0x7f0000000600))
ioctl$TUNSETOFFLOAD(r8, 0x400454c9, 0x9)
bpf$ENABLE_STATS(0x20, &(0x7f0000000080), 0x4)
ioctl$TUNSETLINK(r8, 0x400454cd, 0x339)

2.218279069s ago: executing program 8 (id=9931):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$l2tp6(0xa, 0x2, 0x73)
socket$l2tp6(0xa, 0x2, 0x73)
r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, 0x0, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
writev(r1, &(0x7f00000025c0), 0x0)
syz_open_dev$sg(0x0, 0x0, 0x22840)
perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x6}, 0x40c}, 0x0, 0x0, 0xffffffffffffffff, 0xa)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x6a, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000780)=ANY=[@ANYBLOB="ac00000002060500000000000000000000000000120003006269746d61703a69702c6d616300000005000400000000000900020073797a3100000000600007800c00018008000140ac1414bb080008000000000008000640fffff53905000300b2000000060005404e2000000500070016000000060005404e2100001800018014000240fe8000000000000000000000000000380800064000000001050005000000000005000100060000002a6d1ce19068de749c962dac0bcda90012e8bbdfebc2284fad933d6da56516f5d2ea04b2e05a42b1140a99a1b28bccfa40c4b0e40300694cb6f201d5848761ae6a3b20064417e2b18d66fa68619874478729cb11845381065c865b527ced6b66052c53eadb1581f2bf89a0189ced2dfc2d9121e55a738ed2da4591c69e2337ac2a91190dea7c50b258b5309da08efd45a20cd516ebcdf22002b95edcda392fb24c4339f8fdb2ab3e966b9cf5bfdbd34b7bff321b80ecc4ddb0f29df33c69b2dc5607c5a79696125475cc5b4efcc2b4a70d56554c5bd65dece1b1bc87b1400a3d8ffccb22ca10eece968dd90a91fd9fa532f62362111e212c6bd6525d555494ed3f31af34fa884375cd16dd039386f67822be"], 0xac}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x40082, 0x0)
ioctl$PPPIOCNEWUNIT(r3, 0xc004743e, &(0x7f0000000140))
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000f6000000006debff00850000007b00"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0900000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000015000000000000000000"], 0x50)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0x17, &(0x7f00000006c0)=ANY=[@ANYBLOB, @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYBLOB="0000000000000000b70200000000000085000000a000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020000000000008500000017000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r6, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
io_cancel(0x0, 0x0, 0x0)
ioctl$PPPIOCSNPMODE(r3, 0x4008744b, &(0x7f0000000540)={0x281})
bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0b00000007000000080000000800000005000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000000000000000ad01b15072590bd4cde20de586c2b970cfbe1f3241ece2513530cb77e77fb367240ba872f0c913ef7cc0f2952c629b652c4c9ad5c88e7d51fd922d2d4c72802a75fa6a183f266f793fe16f01000000000000003f7985aeb316696da9274f17d045bcd64880a86d9f56842a28032fbc9cb5cf5ceb5d7a742bb51fd6727ba28c06c6be225c8eca06c94c6978e00a951bf2a8382cec4e2dcc2b69cfaa91c0ef9921d876985ea37085025ab06628f536a305ad9ebf3800c0628f4d87e93072756208ad33566afa51992aa09a0d0da1542e12748515389ecff04e83a329b5091af96f1cb435056448067855f6d4b9698e9a6fc519bb3b68db2457fadc5dc44aecd8905362510b66acdef9f8d2562f8499ce1ea180fc1ac61479803001ab6885c6", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
sendmsg$NFT_MSG_GETOBJ(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000150a0102"], 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x24040808)

2.200263999s ago: executing program 1 (id=9932):
syz_open_dev$usbfs(&(0x7f0000000000), 0x80100000201, 0x4082)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
gettid()
r0 = socket$nl_generic(0x10, 0x3, 0x10)
fcntl$getownex(r0, 0x10, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000004c0)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000200"/16], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37438e486dd63"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x3f, &(0x7f0000000000)='%', 0x0, 0x140, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.833829211s ago: executing program 5 (id=9934):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={0x0, r1, 0x0, 0x80000000000}, 0x18)
r2 = socket$inet6(0x10, 0x2, 0x6)
sendto$inet6(r2, &(0x7f00000002c0)="1c0000001200050f0c1000000049b23e9b200a0008000ac000000001", 0x1c, 0x0, 0x0, 0x0)

1.548992252s ago: executing program 5 (id=9935):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000096905e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x20040}, 0x0)
r1 = socket(0x1d, 0x2, 0x6)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000080)={'vxcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000380)={0x1d, r2, 0x3}, 0x18)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
sendmsg$can_j1939(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)="8ee779dc44c58b4a", 0x8}, 0x1, 0x0, 0x0, 0x4008000}, 0x20000004)
sendmmsg$inet6(r1, &(0x7f0000006640)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000006c0)="74887a93c8b50ed2", 0x8}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="160000000000000004000000ffff000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000080000000000000025c3ce06"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001280)=[r3], 0x0, 0x10, 0x0, @void, @value}, 0x80)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=ANY=[@ANYBLOB="0c00000004000000040000000700000000000000", @ANYRES32=r3, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000000000000e84278e7331aff7f9b21a7810000000000000000000000abae87478d4f48d50196a209afffffffffffffffffb848da12f2c23f8ca8225469c39ed16ef8abbbf67e7bb7b5a0ebdc887915bb1e3238b7512162869500"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)="54e94436ee8bd72ed88c0de2e2b78409e6dff52d46083d5dd0ee07272de792139a10a7ac1f74d4117534", &(0x7f0000001280), 0x2, r4}, 0x38)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="b4964b2fb8bd429355051a521feda3c023fead587b6584b7cefc995ef423864557f0eaf8296fc3633b02520b7a35654c4cbb81a4f04fec48293c8be0cfb3acb4e6ce9bba0143e7878266c82e7e0877a07288e562daaf094a93197d0d3072fc9c5ff215ec", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e000000000000000400000004"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00'}, 0x10)
request_key(0x0, 0x0, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
recvmsg(r6, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r7, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
setsockopt$sock_attach_bpf(r6, 0x1, 0x43, &(0x7f0000000540), 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.255570614s ago: executing program 1 (id=9936):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000080)={0x4, &(0x7f0000000040)=[{0xb481, 0x7f, 0x3, 0x2}, {0x20, 0x5, 0x2, 0xfffffffe}, {0x1, 0xe, 0x9, 0x101}, {0x3, 0x81, 0x6, 0xd}]})
r0 = socket$pptp(0x18, 0x1, 0x2)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000040)={'geneve0\x00', &(0x7f0000000180)=@ethtool_drvinfo={0x3, "3b296e12d542bdfb7cec880a02de9e1d7300", "aa01954b50e1a7d200008f5a3995fa1e7569d25aed9768cf0c2def7d5500", "31cb053e0c8f3e81062f62e0f874b078cef598cf374e31fb58665661e850abd6", "fd1508ebd0c5b39be0c0a8f4394f9dfb56ceccf9f6f1fdfdc100", "78a85ce08babb5877c9ab49084d318f3ce181dd78515c054b784f51f55030e7f", "510f13cf0000000000010001", 0xfffffffd, 0x3ffffff, 0x120000, 0x1}})
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000001c0)={0x5, &(0x7f0000000180)=[{0x7, 0x80, 0x9}, {0x1, 0xd, 0x0, 0x8}, {0x0, 0x20, 0x7, 0x1675}, {0x8fe8, 0x70, 0x2, 0x4}, {0x5, 0x0, 0xfc, 0x4}]}, 0x10)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="00000000004ffa239db17f9620a5000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r2, <r3=>0xffffffffffffffff}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x3, 0xffffffffffffffff, 0x0)
socketpair(0x2, 0x3, 0x1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0xc, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$autofs(0xffffffffffffff9c, 0x0, 0x408600, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r5, 0xc0189379, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000040000000000000000000700000a20000000000a05000000000000000000070000000900010073797a300000000064000000020a010000000000000000000000000000000700546b4802432b8b2ba7"], 0xd0}}, 0x0)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r7)
sendmsg$NLBL_CIPSOV4_C_ADD(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000012c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010029bd7000fbdbdf250100000008000100030000001c0004800500160001000000040003000100000005000300020000000800020003"], 0x40}}, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000a7ff850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r10 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x161281, 0x0)
write$binfmt_aout(r10, &(0x7f0000000380)=ANY=[], 0xff2e)
ioctl$TCSETS(r10, 0x40045431, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x0, 0x0, "a05c7b5d00008023e9c5bcf5ff7700"})
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xff, 0x0, "f957c9c46b9ca1d1"})

1.061227965s ago: executing program 8 (id=9938):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)

995.869565ms ago: executing program 8 (id=9939):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv4_newaddr={0x40, 0x14, 0x509, 0x0, 0x25dfdbfd, {0x2, 0x1f, 0x0, 0xcb, r2}, [@IFA_LOCAL={0x8, 0x2, @private=0xa010101}, @IFA_FLAGS={0x8, 0x8, 0x10}, @IFA_RT_PRIORITY={0x8, 0x9, 0x6}, @IFA_RT_PRIORITY={0x8, 0x9, 0x10000009}, @IFA_RT_PRIORITY={0x8, 0x9, 0x103}]}, 0x40}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x70}}, 0x0)

659.478037ms ago: executing program 8 (id=9940):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000008500000023000000850000000800000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1, <r2=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000001c0)='siox_set_data\x00', r0, 0x0, 0x200000000203}, 0x18)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000021000000000000000000000000000000000000000000000000ffffffff0000000000000000100000000000000000000000000000000000000000000000000000000400000000000000ffffffff0000000000000000000000000000000000000000000000000040000000000000000000000000000000000000ffffffff020000000300000000000000ffff0000000000000000000000000000000062726983676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d8010000d801000010020000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e3000e575dd73000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a8000000736e61740000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000edffffff0000000000"]}, 0x3c0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, &(0x7f0000000180), &(0x7f00000003c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_read_part_table(0x5c9, &(0x7f0000000880)="$eJzs0jFoW0cYAOD/vaKoHYJFCLjQpRCTSUmKOiRQiVKMIrzYIaQhQ+dCMhQSyODBSFUyp8nULSGJDcaL6dBOhi7GMhgb5MnIq+dCvWkwr8h6XmxTCsZ13XzfoNP999/9d/wvONfS+CPLsiQisuJB7Md8JeLxF3+/+9uF+u2Jz+98c/deRBKPImLy2qPfBitJnnFw6i/5fCqfTxQr3bdr47sLpfUrm52x92lEYRC/EBGtwf7W7MjRekl8dfIn8z+yWFsZefb8SePFdO3hVmNmp5DHX918V23eH60+SIfzpfS43dkx39jJ6u+N3prbyKb+fH3xeqHT7VdW87xyctJK/Bct7mUDn2aD/n89s/PmcrvX7k9enX96o3ypt9x8ud/338/6mgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwAdgsbYy8uz5k8aL6drDrcbMzpffX6t/9lP9h1c331Wb90erD9Jh3lL679Qf696a28g+jtcXrxc6F/qV1TyvnJxOfc7W4f6/udzutfuTV+ef3ihf6i03XyY/Pz7rOwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA50v99nZE3L0XkcR3ETGelmYH8awYUdo+mj9VHI4TxUr37dr47kJp/cpmZ+z9nTy+lEa04pP9/7/u/04fOuGj4dCKiPT03sU/81cAAAD//xmKiIU=")

658.323957ms ago: executing program 7 (id=9941):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
sendmsg$NL80211_CMD_GET_WIPHY(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000e80)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01030000000000000000010000"], 0x30}}, 0x0)

571.100437ms ago: executing program 7 (id=9942):
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x7fff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYRES16=r1, @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
write$P9_RVERSION(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r1)
write$P9_RLERRORu(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="8b"], 0x53)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
syz_genetlink_get_family_id$fou(0x0, 0xffffffffffffffff)
set_mempolicy(0x3, &(0x7f00000000c0)=0x5, 0xa)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_READ_FIXED={0x4, 0x4, 0x0, @fd_index=0x8, 0x10, 0x20000000, 0x20007, 0x0, 0x1, {0x1}})
fcntl$dupfd(r5, 0x0, 0xffffffffffffffff)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}})

532.935388ms ago: executing program 9 (id=9943):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000800)=ANY=[@ANYBLOB="60000000100005ff01000000fcdbdf", @ANYRES32=0x0, @ANYBLOB="0180000000000000340012800b00010065727370616e00002400028004001200080014000e000000068002000800000004105200060010004e2300000a0001"], 0x60}}, 0x0)

416.479228ms ago: executing program 8 (id=9944):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0xc2)
r1 = inotify_init1(0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000000)='./file3\x00', 0xb00002d6)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000014c0)=ANY=[@ANYBLOB="1600000000000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB="000000000008000000007d45f6fb20000000000077e20a8b5aff9f2fe36bcd117dee09575e43108d98e57a270f0000000000000087919c840593ee4204", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000340)={[{@nogrpid}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@jqfmt_vfsv0}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
creat(&(0x7f0000000140)='./file2\x00', 0x1ad)
unlink(&(0x7f0000000180)='./file1\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
pread64(r4, &(0x7f00000001c0)=""/200, 0xc8, 0x0)
lseek(r4, 0x7, 0x3)
readv(r4, 0x0, 0x0)
read(r1, 0x0, 0x10)
mkdir(&(0x7f0000000300)='./file0/file0\x00', 0x8)
pipe2$9p(&(0x7f0000000140)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000001380), 0x0, &(0x7f00000013c0)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[{@cache_loose}, {@version_L}, {@msize={'msize', 0x3d, 0x2}}, {@loose}, {@debug={'debug', 0x3d, 0x3}}, {@fscache}, {@version_9p2000}, {@afid={'afid', 0x3d, 0x7f}}, {@version_L}], [], 0x6b}})
readv(r5, &(0x7f0000000100)=[{&(0x7f0000000340)=""/4096, 0x1000}], 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)

409.271478ms ago: executing program 9 (id=9945):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="780100003c000701fcffffff00000003047c000004003680600101"], 0x178}, 0x1, 0x0, 0x0, 0x4c040}, 0xc000)

379.353628ms ago: executing program 7 (id=9946):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000280)={@local, @multicast, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, "6410a6", 0x0, 0x0, 0x0, @ipv4, @local}}}}, 0x0)

321.024819ms ago: executing program 1 (id=9947):
syz_emit_ethernet(0x3a, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x8902, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x18, 0x0, @wg=@data}}}}}, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000680)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
getsockopt$kcm_KCM_RECV_DISABLE(0xffffffffffffffff, 0x6, 0xb, 0x0, 0x20000000)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000008c0)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
getsockopt$sock_buf(r4, 0x1, 0x1c, 0x0, &(0x7f0000000040))
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r3, 0x8982, &(0x7f0000000400)={0x0, 'batadv0\x00', {0x8}})
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)}, 0x0)

319.564729ms ago: executing program 7 (id=9948):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f00000000c0)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r2, 0x0, 0xffffffffffffff7c, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @loopback}, 0x10)

282.941789ms ago: executing program 1 (id=9949):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/11], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
r2 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="364000002600913e"], 0xfe33)

282.399659ms ago: executing program 7 (id=9950):
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
pipe2$9p(&(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x7fff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYRES16=r1, @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
write$P9_RVERSION(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r4 = dup(r1)
write$RDMA_USER_CM_CMD_SET_OPTION(r4, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x19, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}})

245.652309ms ago: executing program 9 (id=9951):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0xc2)
r1 = inotify_init1(0x0)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000000)='./file3\x00', 0xb00002d6)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000014c0)=ANY=[@ANYBLOB="1600000000000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB="000000000008000000007d45f6fb20000000000077e20a8b5aff9f2fe36bcd117dee09575e43108d98e57a270f0000000000000087919c840593ee4204", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000340)={[{@nogrpid}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@jqfmt_vfsv0}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
creat(&(0x7f0000000140)='./file2\x00', 0x1ad)
unlink(&(0x7f0000000180)='./file1\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
pread64(r4, &(0x7f00000001c0)=""/200, 0xc8, 0x0)
lseek(r4, 0x7, 0x3)
readv(r4, 0x0, 0x0)
read(r1, 0x0, 0x10)
mkdir(&(0x7f0000000300)='./file0/file0\x00', 0x8)
pipe2$9p(&(0x7f0000000140)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r6, &(0x7f0000000300)=ANY=[], 0xfddf)
readv(r5, &(0x7f0000000100)=[{&(0x7f0000000340)=""/4096, 0x1000}], 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)

192.996909ms ago: executing program 1 (id=9952):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r0)
sendmsg$NFC_CMD_DEP_LINK_UP(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002abd7000fbdbdf250400000005000a000000000008000100", @ANYRES32=0x0, @ANYBLOB="f4bd8f99fc2d19c79828e88e273659cd1e0523b1d6fbea95698e7facf7fdaa722145914c69c6c11991d301f54ed7a9a570075a0101a0a90a5de4838d6f90294807e5fd0c979dac4457679da450cf032a97cafcd162384ef5f8b35aa51c47bbe32dd56d92052aac41cfd907d12d6bddf062b2ce9d58e6e8a4fc044b0d56513c203d3b44d57a05"], 0x24}, 0x1, 0x0, 0x0, 0x44000}, 0x40)

0s ago: executing program 7 (id=9953):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x70}}, 0x0)

kernel console output (not intermixed with test programs):

 strongly recommended to keep mac addresses unique to avoid problems!
[  626.045045][T30856] batman_adv: batadv0: Interface activated: batadv_slave_1
[  626.046818][T28831] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  626.079039][T30856] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  626.088024][T30856] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  626.096874][T30856] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  626.105638][T30856] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  626.170283][T31055] netlink: 'syz.7.9141': attribute type 10 has an invalid length.
[  626.330503][T31067] loop7: detected capacity change from 0 to 128
[  626.340170][T31067] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  626.428848][T31067] ext4 filesystem being mounted at /116/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  626.530482][T28831] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  626.563761][T31088] __nla_validate_parse: 5 callbacks suppressed
[  626.563780][T31088] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9147'.
[  626.642236][T31099] netlink: 12 bytes leftover after parsing attributes in process `syz.9.9149'.
[  626.744539][T31094] netlink: 28 bytes leftover after parsing attributes in process `syz.7.9148'.
[  627.031183][T31128] syz.5.9159[31128] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  627.031255][T31128] syz.5.9159[31128] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  627.046015][T31128] syz.5.9159[31128] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  627.075943][T31130] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9158'.
[  627.096375][T31130] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9158'.
[  627.116758][T31131] netlink: 8 bytes leftover after parsing attributes in process `syz.9.9157'.
[  627.125693][T31131] netlink: 4 bytes leftover after parsing attributes in process `syz.9.9157'.
[  627.371992][T31136] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.9161'.
[  627.924419][T31148] netlink: 'syz.9.9165': attribute type 10 has an invalid length.
[  628.119389][T31144] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9164'.
[  628.283825][T31158] FAULT_INJECTION: forcing a failure.
[  628.283825][T31158] name failslab, interval 1, probability 0, space 0, times 0
[  628.296663][T31158] CPU: 1 UID: 0 PID: 31158 Comm: syz.9.9169 Not tainted 6.12.0-syzkaller-11677-g2ba9f676d0a2 #0
[  628.307144][T31158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  628.317245][T31158] Call Trace:
[  628.320527][T31158]  <TASK>
[  628.323461][T31158]  dump_stack_lvl+0xf2/0x150
[  628.328098][T31158]  dump_stack+0x15/0x20
[  628.332402][T31158]  should_fail_ex+0x223/0x230
[  628.337195][T31158]  ? selinux_bpf_prog_load+0x35/0xe0
[  628.342546][T31158]  should_failslab+0x8f/0xb0
[  628.347155][T31158]  __kmalloc_cache_noprof+0x4e/0x320
[  628.352590][T31158]  selinux_bpf_prog_load+0x35/0xe0
[  628.357723][T31158]  security_bpf_prog_load+0x47/0x80
[  628.362954][T31158]  bpf_prog_load+0xe81/0x1070
[  628.367652][T31158]  ? __rcu_read_unlock+0x4e/0x70
[  628.372647][T31158]  __sys_bpf+0x463/0x7a0
[  628.376910][T31158]  __x64_sys_bpf+0x43/0x50
[  628.381336][T31158]  x64_sys_call+0x2914/0x2dc0
[  628.386037][T31158]  do_syscall_64+0xc9/0x1c0
[  628.390646][T31158]  ? clear_bhb_loop+0x55/0xb0
[  628.395392][T31158]  ? clear_bhb_loop+0x55/0xb0
[  628.400152][T31158]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  628.406183][T31158] RIP: 0033:0x7fc044b00849
[  628.410604][T31158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  628.430312][T31158] RSP: 002b:00007fc043177058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  628.438734][T31158] RAX: ffffffffffffffda RBX: 00007fc044cc5fa0 RCX: 00007fc044b00849
[  628.446719][T31158] RDX: 0000000000000094 RSI: 0000000020000340 RDI: 0000000000000005
[  628.454701][T31158] RBP: 00007fc0431770a0 R08: 0000000000000000 R09: 0000000000000000
[  628.462678][T31158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  628.470710][T31158] R13: 0000000000000000 R14: 00007fc044cc5fa0 R15: 00007ffd8bfbc3f8
[  628.478737][T31158]  </TASK>
[  628.482097][   T29] kauditd_printk_skb: 2357 callbacks suppressed
[  628.482110][   T29] audit: type=1326 audit(1733001078.376:86795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30945 comm="syz.8.9116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7a87f377e7 code=0x7ffc0000
[  628.512205][   T29] audit: type=1326 audit(1733001078.376:86796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30945 comm="syz.8.9116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a87edc189 code=0x7ffc0000
[  628.536123][   T29] audit: type=1326 audit(1733001078.376:86797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30945 comm="syz.8.9116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7a87f377e7 code=0x7ffc0000
[  628.559655][   T29] audit: type=1326 audit(1733001078.376:86798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30945 comm="syz.8.9116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a87edc189 code=0x7ffc0000
[  628.583420][   T29] audit: type=1326 audit(1733001078.376:86799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30945 comm="syz.8.9116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7a87f377e7 code=0x7ffc0000
[  628.607191][   T29] audit: type=1326 audit(1733001078.376:86800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30945 comm="syz.8.9116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a87edc189 code=0x7ffc0000
[  628.630870][   T29] audit: type=1326 audit(1733001078.376:86801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30945 comm="syz.8.9116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7a87f377e7 code=0x7ffc0000
[  628.651733][T31154] loop7: detected capacity change from 0 to 2048
[  628.654463][   T29] audit: type=1326 audit(1733001078.376:86802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30945 comm="syz.8.9116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a87edc189 code=0x7ffc0000
[  628.684378][   T29] audit: type=1326 audit(1733001078.376:86803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30945 comm="syz.8.9116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7a87f377e7 code=0x7ffc0000
[  628.708138][   T29] audit: type=1326 audit(1733001078.376:86804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30945 comm="syz.8.9116" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a87edc189 code=0x7ffc0000
[  629.073270][T31178] syz.8.9176[31178] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  629.073391][T31178] syz.8.9176[31178] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  629.092154][T31179] loop1: detected capacity change from 0 to 256
[  629.140934][T31179] FAT-fs (loop1): Directory bread(block 64) failed
[  629.142553][T31178] syz.8.9176[31178] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  629.157816][T31179] FAT-fs (loop1): Directory bread(block 65) failed
[  629.201127][T31182] loop7: detected capacity change from 0 to 1024
[  629.214187][T31179] FAT-fs (loop1): Directory bread(block 66) failed
[  629.235487][T31179] FAT-fs (loop1): Directory bread(block 67) failed
[  629.244210][T31182] EXT4-fs: Ignoring removed nobh option
[  629.249928][T31182] EXT4-fs: Ignoring removed orlov option
[  629.265948][T31179] FAT-fs (loop1): Directory bread(block 68) failed
[  629.286598][T31179] FAT-fs (loop1): Directory bread(block 69) failed
[  629.310011][T31179] FAT-fs (loop1): Directory bread(block 70) failed
[  629.327580][T31182] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  629.342158][T31179] FAT-fs (loop1): Directory bread(block 71) failed
[  629.375694][T31188] loop8: detected capacity change from 0 to 256
[  629.383298][T31179] FAT-fs (loop1): Directory bread(block 72) failed
[  629.416871][T31179] FAT-fs (loop1): Directory bread(block 73) failed
[  629.506573][T31188] FAT-fs (loop8): Directory bread(block 64) failed
[  629.513310][T31188] FAT-fs (loop8): Directory bread(block 65) failed
[  629.520089][T31188] FAT-fs (loop8): Directory bread(block 66) failed
[  629.526808][T31188] FAT-fs (loop8): Directory bread(block 67) failed
[  629.531850][T31179] program +}[@ is using a deprecated SCSI ioctl, please convert it to SG_IO
[  629.538810][T31188] FAT-fs (loop8): Directory bread(block 68) failed
[  629.548757][T31188] FAT-fs (loop8): Directory bread(block 69) failed
[  629.555491][T31188] FAT-fs (loop8): Directory bread(block 70) failed
[  629.562391][T31188] FAT-fs (loop8): Directory bread(block 71) failed
[  629.568945][T31188] FAT-fs (loop8): Directory bread(block 72) failed
[  629.576003][T31188] FAT-fs (loop8): Directory bread(block 73) failed
[  629.604265][T28831] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  629.633117][T31179] Process accounting resumed
[  629.645987][T31179] bio_check_eod: 10301 callbacks suppressed
[  629.646004][T31179] +}[@: attempt to access beyond end of device
[  629.646004][T31179] loop1: rw=0, sector=1768, nr_sectors = 4 limit=256
[  629.647341][T31192] lo speed is unknown, defaulting to 1000
[  629.675805][T30856] syz-executor: attempt to access beyond end of device
[  629.675805][T30856] loop1: rw=0, sector=1768, nr_sectors = 4 limit=256
[  629.726879][T31184] pim6reg1: tun_chr_ioctl cmd 1074025677
[  629.741126][T31184] pim6reg1: linktype set to 825
[  629.872346][T31202] loop7: detected capacity change from 0 to 2048
[  629.941829][T31208] loop8: detected capacity change from 0 to 512
[  630.012967][T31208] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  630.051553][T31208] EXT4-fs warning (device loop8): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  630.225741][T31219] netlink: 'syz.8.9191': attribute type 1 has an invalid length.
[  630.225984][T31215] loop7: detected capacity change from 0 to 1024
[  630.269921][T31215] EXT4-fs: Ignoring removed mblk_io_submit option
[  630.293718][T31215] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  630.369215][T31227] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9193'.
[  630.616314][T28831] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  630.833086][T31244] netlink: 'syz.8.9200': attribute type 6 has an invalid length.
[  631.017207][T31254] loop7: detected capacity change from 0 to 1024
[  631.060161][T31254] EXT4-fs: Ignoring removed nobh option
[  631.065805][T31254] EXT4-fs: Ignoring removed orlov option
[  631.075763][T31259] loop9: detected capacity change from 0 to 512
[  631.110417][T31259] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  631.121445][T31260] lo speed is unknown, defaulting to 1000
[  631.152053][T31259] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c019, mo2=0002]
[  631.159371][T31254] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  631.180577][T31259] System zones: 1-12
[  631.198286][T31259] EXT4-fs (loop9): 1 truncate cleaned up
[  631.239156][T31259] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  631.418715][T28536] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  631.431994][T31273] netlink: 'syz.5.9207': attribute type 10 has an invalid length.
[  631.487992][T31276] syz.9.9208[31276] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  631.488069][T31276] syz.9.9208[31276] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  631.538299][T31276] syz.9.9208[31276] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  631.920709][T28831] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  631.998104][T31288] __nla_validate_parse: 2 callbacks suppressed
[  631.998147][T31288] netlink: 8 bytes leftover after parsing attributes in process `syz.9.9210'.
[  632.072582][T31304] netlink: 'syz.7.9214': attribute type 1 has an invalid length.
[  632.511779][T31314] syz.8.9218[31314] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  632.513570][T31314] syz.8.9218[31314] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  632.569718][T31314] syz.8.9218[31314] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  632.761439][T31323] syz.7.9220[31323] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  632.814997][T31324] loop8: detected capacity change from 0 to 512
[  632.938874][T31331] 9pnet_fd: Insufficient options for proto=fd
[  632.958013][T31324] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  633.024699][T31339] netlink: 'syz.9.9228': attribute type 6 has an invalid length.
[  633.025514][T31324] EXT4-fs warning (device loop8): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  633.145881][T31345] loop8: detected capacity change from 0 to 512
[  633.165314][T31345] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  633.175262][T31345] EXT4-fs (loop8): invalid inodes per group: 262176
[  633.175262][T31345] 
[  633.404096][T31352] netlink: 'syz.7.9230': attribute type 10 has an invalid length.
[  633.496649][   T29] kauditd_printk_skb: 3413 callbacks suppressed
[  633.496667][   T29] audit: type=1326 audit(1733001083.612:90216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31197 comm="syz.1.9182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbd3f3477e7 code=0x7ffc0000
[  633.526583][   T29] audit: type=1326 audit(1733001083.612:90217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31197 comm="syz.1.9182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbd3f2ec189 code=0x7ffc0000
[  633.550126][   T29] audit: type=1326 audit(1733001083.612:90218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31197 comm="syz.1.9182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbd3f3477e7 code=0x7ffc0000
[  633.574000][   T29] audit: type=1326 audit(1733001083.612:90219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31197 comm="syz.1.9182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbd3f2ec189 code=0x7ffc0000
[  633.597607][   T29] audit: type=1326 audit(1733001083.612:90220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31197 comm="syz.1.9182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbd3f3477e7 code=0x7ffc0000
[  633.621174][   T29] audit: type=1326 audit(1733001083.612:90221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31197 comm="syz.1.9182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbd3f2ec189 code=0x7ffc0000
[  633.644750][   T29] audit: type=1326 audit(1733001083.612:90222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31197 comm="syz.1.9182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbd3f3477e7 code=0x7ffc0000
[  633.668280][   T29] audit: type=1326 audit(1733001083.612:90223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31197 comm="syz.1.9182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbd3f2ec189 code=0x7ffc0000
[  633.691926][   T29] audit: type=1326 audit(1733001083.612:90224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31197 comm="syz.1.9182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fbd3f3477e7 code=0x7ffc0000
[  633.715546][   T29] audit: type=1326 audit(1733001083.612:90225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31197 comm="syz.1.9182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fbd3f2ec189 code=0x7ffc0000
[  633.887367][T31360] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9233'.
[  634.182648][T31370] loop8: detected capacity change from 0 to 256
[  634.205328][T31361] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9232'.
[  634.219228][T31370] FAT-fs (loop8): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  634.320061][T31375] bpf_get_probe_write_proto: 2 callbacks suppressed
[  634.320082][T31375] syz.8.9237[31375] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  634.343109][T31375] syz.8.9237[31375] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  634.390567][T31378] binfmt_misc: register: failed to install interpreter file ./file0
[  634.440076][T31375] syz.8.9237[31375] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  634.658665][T31377] FAULT_INJECTION: forcing a failure.
[  634.658665][T31377] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  634.683203][T31377] CPU: 0 UID: 0 PID: 31377 Comm: syz.5.9238 Not tainted 6.12.0-syzkaller-11677-g2ba9f676d0a2 #0
[  634.693657][T31377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  634.703758][T31377] Call Trace:
[  634.707054][T31377]  <TASK>
[  634.709998][T31377]  dump_stack_lvl+0xf2/0x150
[  634.714687][T31377]  dump_stack+0x15/0x20
[  634.718898][T31377]  should_fail_ex+0x223/0x230
[  634.723628][T31377]  should_fail+0xb/0x10
[  634.727818][T31377]  should_fail_usercopy+0x1a/0x20
[  634.732906][T31377]  _copy_to_user+0x20/0xa0
[  634.737346][T31377]  simple_read_from_buffer+0xa0/0x110
[  634.742799][T31377]  proc_fail_nth_read+0xf9/0x140
[  634.747774][T31377]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  634.753534][T31377]  vfs_read+0x1a2/0x700
[  634.757725][T31377]  ? __rcu_read_unlock+0x4e/0x70
[  634.762751][T31377]  ? __fget_files+0x17c/0x1c0
[  634.767454][T31377]  ksys_read+0xe8/0x1b0
[  634.771662][T31377]  __x64_sys_read+0x42/0x50
[  634.776229][T31377]  x64_sys_call+0x2874/0x2dc0
[  634.780936][T31377]  do_syscall_64+0xc9/0x1c0
[  634.785556][T31377]  ? clear_bhb_loop+0x55/0xb0
[  634.790284][T31377]  ? clear_bhb_loop+0x55/0xb0
[  634.794993][T31377]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  634.800929][T31377] RIP: 0033:0x7f2c90a5f25c
[  634.805431][T31377] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[  634.825181][T31377] RSP: 002b:00007f2c8f0d7050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  634.833631][T31377] RAX: ffffffffffffffda RBX: 00007f2c90c25fa0 RCX: 00007f2c90a5f25c
[  634.841672][T31377] RDX: 000000000000000f RSI: 00007f2c8f0d70b0 RDI: 0000000000000004
[  634.849703][T31377] RBP: 00007f2c8f0d70a0 R08: 0000000000000000 R09: 0000000000000000
[  634.857686][T31377] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  634.865677][T31377] R13: 0000000000000000 R14: 00007f2c90c25fa0 R15: 00007ffe65c47208
[  634.873677][T31377]  </TASK>
[  634.886521][T31380] loop8: detected capacity change from 0 to 8192
[  634.980873][T31392] syz.7.9242[31392] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  634.980960][T31392] syz.7.9242[31392] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  635.028789][T31392] syz.7.9242[31392] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  635.107484][T31400] loop8: detected capacity change from 0 to 1024
[  635.163147][T31392] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9242'.
[  635.181650][T31404] syz.1.9249[31404] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  635.181782][T31404] syz.1.9249[31404] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  635.205635][T31400] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  635.224577][T31407] binfmt_misc: register: failed to install interpreter file ./file0
[  635.268491][T31404] syz.1.9249[31404] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  635.318960][T27333] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  635.403419][T31413] loop1: detected capacity change from 0 to 512
[  635.468503][T31413] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  635.495628][T31420] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9254'.
[  635.499232][T31422] loop8: detected capacity change from 0 to 512
[  635.504598][T31420] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9254'.
[  635.540207][T31422] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  635.563005][T31413] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  635.600826][T31422] EXT4-fs warning (device loop8): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  635.636964][T31424] netlink: 12 bytes leftover after parsing attributes in process `syz.7.9256'.
[  635.719200][T31424] loop7: detected capacity change from 0 to 164
[  635.747436][T31433] syz.1.9260[31433] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  635.750727][T31433] binfmt_misc: register: failed to install interpreter file ./file0
[  635.792719][T31424] syz.7.9256: attempt to access beyond end of device
[  635.792719][T31424] loop7: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  635.839858][T31435] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  635.859374][T31424] syz.7.9256: attempt to access beyond end of device
[  635.859374][T31424] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  635.873073][T31444] syz.7.9256: attempt to access beyond end of device
[  635.873073][T31444] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  635.890893][T31442] loop8: detected capacity change from 0 to 2048
[  635.901427][T31444] syz.7.9256: attempt to access beyond end of device
[  635.901427][T31444] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  635.992750][T31453] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9266'.
[  636.004403][T31424] syz.7.9256: attempt to access beyond end of device
[  636.004403][T31424] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  636.018015][T31444] syz.7.9256: attempt to access beyond end of device
[  636.018015][T31444] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  636.038784][T31444] syz.7.9256: attempt to access beyond end of device
[  636.038784][T31444] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  636.073097][T31424] syz.7.9256: attempt to access beyond end of device
[  636.073097][T31424] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  636.154762][T31424] syz.7.9256: attempt to access beyond end of device
[  636.154762][T31424] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  636.199293][T31424] syz.7.9256: attempt to access beyond end of device
[  636.199293][T31424] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  636.603819][T31484] loop1: detected capacity change from 0 to 512
[  636.622904][T31484] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  636.639661][T31484] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  636.770259][T31489] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9281'.
[  637.129136][T31495] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9283'.
[  637.138198][T31495] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9283'.
[  637.406275][T31498] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9284'.
[  637.415297][T31498] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9284'.
[  637.670127][T31507] FAULT_INJECTION: forcing a failure.
[  637.670127][T31507] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  637.683263][T31507] CPU: 0 UID: 0 PID: 31507 Comm: syz.9.9288 Not tainted 6.12.0-syzkaller-11677-g2ba9f676d0a2 #0
[  637.693690][T31507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  637.703767][T31507] Call Trace:
[  637.707055][T31507]  <TASK>
[  637.709990][T31507]  dump_stack_lvl+0xf2/0x150
[  637.714703][T31507]  dump_stack+0x15/0x20
[  637.718942][T31507]  should_fail_ex+0x223/0x230
[  637.723637][T31507]  should_fail+0xb/0x10
[  637.727864][T31507]  should_fail_usercopy+0x1a/0x20
[  637.732908][T31507]  _copy_from_iter+0xd5/0xd00
[  637.737670][T31507]  ? kmalloc_reserve+0x16e/0x190
[  637.742667][T31507]  ? __build_skb_around+0x196/0x1f0
[  637.747990][T31507]  ? __alloc_skb+0x21f/0x310
[  637.752598][T31507]  ? __virt_addr_valid+0x1ed/0x250
[  637.757725][T31507]  ? __check_object_size+0x364/0x520
[  637.763176][T31507]  netlink_sendmsg+0x460/0x6e0
[  637.767956][T31507]  ? __pfx_netlink_sendmsg+0x10/0x10
[  637.773250][T31507]  __sock_sendmsg+0x140/0x180
[  637.778017][T31507]  ____sys_sendmsg+0x312/0x410
[  637.782812][T31507]  __sys_sendmsg+0x19d/0x230
[  637.787420][T31507]  __x64_sys_sendmsg+0x46/0x50
[  637.792214][T31507]  x64_sys_call+0x2734/0x2dc0
[  637.796909][T31507]  do_syscall_64+0xc9/0x1c0
[  637.801496][T31507]  ? clear_bhb_loop+0x55/0xb0
[  637.806266][T31507]  ? clear_bhb_loop+0x55/0xb0
[  637.810957][T31507]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  637.816887][T31507] RIP: 0033:0x7fc044b00849
[  637.821347][T31507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  637.840964][T31507] RSP: 002b:00007fc043177058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  637.849441][T31507] RAX: ffffffffffffffda RBX: 00007fc044cc5fa0 RCX: 00007fc044b00849
[  637.857419][T31507] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[  637.865482][T31507] RBP: 00007fc0431770a0 R08: 0000000000000000 R09: 0000000000000000
[  637.873459][T31507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  637.881441][T31507] R13: 0000000000000000 R14: 00007fc044cc5fa0 R15: 00007ffd8bfbc3f8
[  637.889444][T31507]  </TASK>
[  638.046856][T31510] netlink: 'syz.8.9290': attribute type 1 has an invalid length.
[  638.055757][T31510] netlink: 'syz.8.9290': attribute type 1 has an invalid length.
[  638.064236][T31510] netlink: 'syz.8.9290': attribute type 1 has an invalid length.
[  638.116703][T19404] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  638.137856][T31520] netlink: 8 bytes leftover after parsing attributes in process `syz.9.9291'.
[  638.146786][T31520] netlink: 4 bytes leftover after parsing attributes in process `syz.9.9291'.
[  638.171714][T19404] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  638.192448][T19404] bond0 (unregistering): Released all slaves
[  638.207143][T19404] bond1 (unregistering): Released all slaves
[  638.235112][T19404] bond2 (unregistering): Released all slaves
[  638.254005][T19404] bond3 (unregistering): Released all slaves
[  638.280098][T19404] bond4 (unregistering): Released all slaves
[  638.306249][T19404] bond5 (unregistering): Released all slaves
[  638.336554][T19404] bond6 (unregistering): Released all slaves
[  638.360125][T19404] bond7 (unregistering): Released all slaves
[  638.383070][T19404] bond8 (unregistering): Released all slaves
[  638.492712][T19404] hsr_slave_0: left promiscuous mode
[  638.528755][T19404] hsr_slave_1: left promiscuous mode
[  638.596382][T19404] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  638.604071][T19404] batman_adv: batadv0: Removing interface: batadv_slave_0
[  638.618531][T19404] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  638.626181][T19404] batman_adv: batadv0: Removing interface: batadv_slave_1
[  638.636488][T19404] dummy0: left promiscuous mode
[  638.641462][T19404] veth1_macvtap: left promiscuous mode
[  638.647046][T19404] veth0_macvtap: left promiscuous mode
[  638.652551][T19404] veth1_vlan: left promiscuous mode
[  638.657910][T19404] veth0_vlan: left promiscuous mode
[  638.739425][T31531] loop7: detected capacity change from 0 to 512
[  638.759126][T31531] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  638.775390][T31531] EXT4-fs warning (device loop7): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  638.921057][T31523] pim6reg1: tun_chr_ioctl cmd 1074025677
[  638.927037][T31523] pim6reg1: linktype set to 825
[  638.940213][T31535] bond1: entered promiscuous mode
[  638.945345][T31535] bond1: entered allmulticast mode
[  638.953355][T31535] 8021q: adding VLAN 0 to HW filter on device bond1
[  638.980484][T31535] bond1 (unregistering): Released all slaves
[  639.007904][T31538] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9298'.
[  639.030755][T31543] netlink: 8 bytes leftover after parsing attributes in process `syz.7.9299'.
[  639.039798][T31543] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9299'.
[  639.069795][T31545] FAULT_INJECTION: forcing a failure.
[  639.069795][T31545] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  639.083535][T31545] CPU: 0 UID: 0 PID: 31545 Comm: syz.9.9300 Not tainted 6.12.0-syzkaller-11677-g2ba9f676d0a2 #0
[  639.093976][T31545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  639.104053][T31545] Call Trace:
[  639.107374][T31545]  <TASK>
[  639.110321][T31545]  dump_stack_lvl+0xf2/0x150
[  639.114999][T31545]  dump_stack+0x15/0x20
[  639.119187][T31545]  should_fail_ex+0x223/0x230
[  639.123966][T31545]  should_fail+0xb/0x10
[  639.128230][T31545]  should_fail_usercopy+0x1a/0x20
[  639.133327][T31545]  _copy_from_user+0x1e/0xb0
[  639.138006][T31545]  get_sg_io_hdr+0xbc/0x390
[  639.142543][T31545]  ? path_openat+0x1a5a/0x1fa0
[  639.147472][T31545]  sg_new_write+0xca/0x8e0
[  639.151975][T31545]  sg_ioctl+0xe22/0x1870
[  639.156242][T31545]  ? __fget_files+0x17c/0x1c0
[  639.160936][T31545]  ? __pfx_sg_ioctl+0x10/0x10
[  639.165648][T31545]  __se_sys_ioctl+0xc9/0x140
[  639.170271][T31545]  __x64_sys_ioctl+0x43/0x50
[  639.175029][T31545]  x64_sys_call+0x1690/0x2dc0
[  639.179741][T31545]  do_syscall_64+0xc9/0x1c0
[  639.184336][T31545]  ? clear_bhb_loop+0x55/0xb0
[  639.189081][T31545]  ? clear_bhb_loop+0x55/0xb0
[  639.193790][T31545]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  639.199746][T31545] RIP: 0033:0x7fc044b00849
[  639.204233][T31545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  639.224033][T31545] RSP: 002b:00007fc043177058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  639.232496][T31545] RAX: ffffffffffffffda RBX: 00007fc044cc5fa0 RCX: 00007fc044b00849
[  639.240577][T31545] RDX: 0000000020000040 RSI: 0000000000002285 RDI: 0000000000000004
[  639.248571][T31545] RBP: 00007fc0431770a0 R08: 0000000000000000 R09: 0000000000000000
[  639.256568][T31545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  639.264597][T31545] R13: 0000000000000000 R14: 00007fc044cc5fa0 R15: 00007ffd8bfbc3f8
[  639.272606][T31545]  </TASK>
[  639.443845][T31558] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9304'.
[  639.460517][   T29] kauditd_printk_skb: 1376 callbacks suppressed
[  639.460532][   T29] audit: type=1326 audit(1733001089.588:91602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31556 comm="syz.9.9305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc044b00849 code=0x7ffc0000
[  639.525120][T31560] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  639.545693][   T29] audit: type=1326 audit(1733001089.618:91603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31556 comm="syz.9.9305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc044b00849 code=0x7ffc0000
[  639.569563][   T29] audit: type=1326 audit(1733001089.628:91604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31556 comm="syz.9.9305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc044b00849 code=0x7ffc0000
[  639.593260][   T29] audit: type=1326 audit(1733001089.628:91605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31556 comm="syz.9.9305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc044b00849 code=0x7ffc0000
[  639.617048][   T29] audit: type=1326 audit(1733001089.628:91606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31556 comm="syz.9.9305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc044b00849 code=0x7ffc0000
[  639.640699][   T29] audit: type=1326 audit(1733001089.628:91607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31556 comm="syz.9.9305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc044b00849 code=0x7ffc0000
[  639.664322][   T29] audit: type=1326 audit(1733001089.628:91608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31556 comm="syz.9.9305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc044b00849 code=0x7ffc0000
[  639.687961][   T29] audit: type=1326 audit(1733001089.628:91609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31556 comm="syz.9.9305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fc044b00849 code=0x7ffc0000
[  639.711991][   T29] audit: type=1326 audit(1733001089.628:91610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31556 comm="syz.9.9305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc044b00849 code=0x7ffc0000
[  639.735864][   T29] audit: type=1326 audit(1733001089.628:91611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31556 comm="syz.9.9305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc044b00849 code=0x7ffc0000
[  639.972078][T31585] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=25939 sclass=netlink_audit_socket pid=31585 comm=syz.9.9316
[  640.143576][T31598] loop9: detected capacity change from 0 to 1024
[  640.174085][T31598] EXT4-fs (loop9): orphan cleanup on readonly fs
[  640.202023][T31598] EXT4-fs (loop9): 1 truncate cleaned up
[  640.236522][T31598] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  640.269147][T31607] FAULT_INJECTION: forcing a failure.
[  640.269147][T31607] name failslab, interval 1, probability 0, space 0, times 0
[  640.281853][T31607] CPU: 0 UID: 0 PID: 31607 Comm: syz.5.9325 Not tainted 6.12.0-syzkaller-11677-g2ba9f676d0a2 #0
[  640.292361][T31607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  640.302441][T31607] Call Trace:
[  640.305809][T31607]  <TASK>
[  640.308748][T31607]  dump_stack_lvl+0xf2/0x150
[  640.313381][T31607]  dump_stack+0x15/0x20
[  640.317593][T31607]  should_fail_ex+0x223/0x230
[  640.322378][T31607]  should_failslab+0x8f/0xb0
[  640.327008][T31607]  kmem_cache_alloc_noprof+0x52/0x320
[  640.332414][T31607]  ? skb_clone+0x154/0x1f0
[  640.336860][T31607]  skb_clone+0x154/0x1f0
[  640.341197][T31607]  __netlink_deliver_tap+0x2bd/0x4f0
[  640.346517][T31607]  netlink_unicast+0x64a/0x670
[  640.351332][T31607]  netlink_sendmsg+0x5cc/0x6e0
[  640.356176][T31607]  ? __pfx_netlink_sendmsg+0x10/0x10
[  640.361556][T31607]  __sock_sendmsg+0x140/0x180
[  640.366264][T31607]  ____sys_sendmsg+0x312/0x410
[  640.371044][T31607]  __sys_sendmsg+0x19d/0x230
[  640.375772][T31607]  __x64_sys_sendmsg+0x46/0x50
[  640.380574][T31607]  x64_sys_call+0x2734/0x2dc0
[  640.385299][T31607]  do_syscall_64+0xc9/0x1c0
[  640.389822][T31607]  ? clear_bhb_loop+0x55/0xb0
[  640.394542][T31607]  ? clear_bhb_loop+0x55/0xb0
[  640.399328][T31607]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  640.405237][T31607] RIP: 0033:0x7f2c90a60849
[  640.409659][T31607] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  640.429275][T31607] RSP: 002b:00007f2c8f0d7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  640.437757][T31607] RAX: ffffffffffffffda RBX: 00007f2c90c25fa0 RCX: 00007f2c90a60849
[  640.445848][T31607] RDX: 0000000004000054 RSI: 0000000020000480 RDI: 0000000000000003
[  640.453927][T31607] RBP: 00007f2c8f0d70a0 R08: 0000000000000000 R09: 0000000000000000
[  640.461900][T31607] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  640.469912][T31607] R13: 0000000000000000 R14: 00007f2c90c25fa0 R15: 00007ffe65c47208
[  640.477896][T31607]  </TASK>
[  640.545839][T31607] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  640.584424][T28536] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  640.630385][T31613] loop9: detected capacity change from 0 to 1024
[  640.637465][T31613] EXT4-fs: Ignoring removed nobh option
[  640.643185][T31613] EXT4-fs: Ignoring removed orlov option
[  640.652860][T31613] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  640.877111][T31649] netlink: 'syz.7.9336': attribute type 6 has an invalid length.
[  640.924333][T31653] bpf_get_probe_write_proto: 5 callbacks suppressed
[  640.924353][T31653] syz.5.9337[31653] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  640.950709][T31653] syz.5.9337[31653] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  640.974811][T31653] syz.5.9337[31653] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  641.501025][T28536] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  641.539667][T31694] netlink: 'syz.8.9348': attribute type 10 has an invalid length.
[  641.646539][T31698] syz.8.9349[31698] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  641.646661][T31698] syz.8.9349[31698] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  641.675483][T31700] netlink: 'syz.9.9350': attribute type 10 has an invalid length.
[  641.704322][T31698] syz.8.9349[31698] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  641.828275][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  641.847197][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  641.854820][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  641.893572][T31711] netlink: 'syz.1.9354': attribute type 1 has an invalid length.
[  641.997658][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.005158][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.012691][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.020216][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.027638][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.035042][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.042523][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.049926][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.057423][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.064847][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.072287][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.079766][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.087196][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.094625][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.102118][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.109543][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.128837][T31716] syz.1.9356[31716] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  642.128906][T31716] syz.1.9356[31716] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  642.144796][T31716] syz.1.9356[31716] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  642.162368][T31716] __nla_validate_parse: 12 callbacks suppressed
[  642.162388][T31716] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9356'.
[  642.289336][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.296887][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.304318][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.311798][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.319228][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.326692][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.334119][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.341610][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.349730][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.357180][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.363194][T31724] loop7: detected capacity change from 0 to 1024
[  642.364576][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.371408][T31724] EXT4-fs: Ignoring removed nobh option
[  642.378414][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.383980][T31724] EXT4-fs: Ignoring removed orlov option
[  642.397300][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.404762][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.412377][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.419941][   T24] hid-generic 0000:0003:0000.0005: unknown main item tag 0x0
[  642.438736][T31724] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  642.485286][   T24] hid-generic 0000:0003:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  642.582990][T31731] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  642.603611][T31738] netlink: 'syz.8.9362': attribute type 1 has an invalid length.
[  642.683011][T31731] loop1: detected capacity change from 0 to 2048
[  642.728220][T31746] FAULT_INJECTION: forcing a failure.
[  642.728220][T31746] name failslab, interval 1, probability 0, space 0, times 0
[  642.740904][T31746] CPU: 0 UID: 0 PID: 31746 Comm: syz.8.9363 Not tainted 6.12.0-syzkaller-11677-g2ba9f676d0a2 #0
[  642.751395][T31746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  642.761460][T31746] Call Trace:
[  642.764799][T31746]  <TASK>
[  642.767752][T31746]  dump_stack_lvl+0xf2/0x150
[  642.772375][T31746]  dump_stack+0x15/0x20
[  642.776558][T31746]  should_fail_ex+0x223/0x230
[  642.781309][T31746]  should_failslab+0x8f/0xb0
[  642.785929][T31746]  kmem_cache_alloc_noprof+0x52/0x320
[  642.791328][T31746]  ? __anon_vma_prepare+0x73/0x310
[  642.796584][T31746]  ? __alloc_pages_noprof+0x1bc/0x340
[  642.801975][T31746]  __anon_vma_prepare+0x73/0x310
[  642.807010][T31746]  ? do_wp_page+0x100e/0x2340
[  642.811771][T31746]  do_wp_page+0x1016/0x2340
[  642.816299][T31746]  ? __rcu_read_lock+0x36/0x50
[  642.821086][T31746]  handle_mm_fault+0xc63/0x2ac0
[  642.825985][T31746]  exc_page_fault+0x3b9/0x650
[  642.830829][T31746]  asm_exc_page_fault+0x26/0x30
[  642.835718][T31746] RIP: 0033:0x7f7a87e018e3
[  642.840155][T31746] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  642.859817][T31746] RSP: 002b:00007f7a865b64c0 EFLAGS: 00010206
[  642.865907][T31746] RAX: 00000000000001bf RBX: 00007f7a865b6560 RCX: 00007f7a7e197000
[  642.873952][T31746] RDX: 00007f7a865b6700 RSI: 000000000000002b RDI: 00007f7a865b6600
[  642.881936][T31746] RBP: 00000000000000bc R08: 0000000000000008 R09: 00000000000000b7
[  642.889920][T31746] R10: 00000000000000c2 R11: 00007f7a865b6560 R12: 0000000000000001
[  642.897899][T31746] R13: 00007f7a87fc8320 R14: 00000000000000ff R15: 00007f7a865b6600
[  642.905898][T31746]  </TASK>
[  642.910466][T31746] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  642.941599][T31757] loop1: detected capacity change from 0 to 2048
[  642.990703][T31746] loop8: detected capacity change from 0 to 1764
[  643.060400][T31757] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  643.338399][T31769] syz.8.9367[31769] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  643.372016][T31769] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9367'.
[  643.690042][T28831] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  643.704214][T31776] x_tables: duplicate underflow at hook 2
[  643.749377][T31776] netlink: 20 bytes leftover after parsing attributes in process `syz.8.9368'.
[  643.844540][T31749] netlink: 8 bytes leftover after parsing attributes in process `syz.9.9364'.
[  643.907666][T30856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  643.988620][T31786] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  644.028592][T31793] loop7: detected capacity change from 0 to 1024
[  644.038209][T31789] loop8: detected capacity change from 0 to 2048
[  644.043017][T31796] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9373'.
[  644.061156][T31793] EXT4-fs: Ignoring removed nobh option
[  644.067060][T31793] EXT4-fs: Ignoring removed orlov option
[  644.081638][T31792] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  644.114819][T31800] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  644.129678][T31793] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  644.171604][T31806] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9377'.
[  644.202168][T31800] loop9: detected capacity change from 0 to 2048
[  644.358976][T31818] loop1: detected capacity change from 0 to 512
[  644.389932][T31818] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  644.430278][T31818] EXT4-fs (loop1): 1 truncate cleaned up
[  644.445429][T31822] bio_check_eod: 4640 callbacks suppressed
[  644.445506][T31822] syz.5.9383: attempt to access beyond end of device
[  644.445506][T31822] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  644.452131][T31818] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  644.529790][   T29] kauditd_printk_skb: 136 callbacks suppressed
[  644.529805][   T29] audit: type=1400 audit(1733001094.670:91748): avc:  denied  { lock } for  pid=31816 comm="syz.1.9380" path="socket:[93884]" dev="sockfs" ino=93884 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  644.579481][T30856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  644.604008][   T29] audit: type=1326 audit(1733001094.740:91749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31840 comm="syz.8.9387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a87f40849 code=0x7ffc0000
[  644.627824][   T29] audit: type=1326 audit(1733001094.740:91750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31840 comm="syz.8.9387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7a87f40849 code=0x7ffc0000
[  644.651722][   T29] audit: type=1326 audit(1733001094.740:91751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31840 comm="syz.8.9387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a87f40849 code=0x7ffc0000
[  644.675496][   T29] audit: type=1326 audit(1733001094.740:91752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31840 comm="syz.8.9387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7a87f40849 code=0x7ffc0000
[  644.699186][   T29] audit: type=1326 audit(1733001094.740:91753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31840 comm="syz.8.9387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a87f40849 code=0x7ffc0000
[  644.722819][   T29] audit: type=1326 audit(1733001094.750:91754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31840 comm="syz.8.9387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f7a87f40849 code=0x7ffc0000
[  644.746575][   T29] audit: type=1326 audit(1733001094.750:91755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31840 comm="syz.8.9387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a87f40849 code=0x7ffc0000
[  644.770181][   T29] audit: type=1326 audit(1733001094.750:91756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31840 comm="syz.8.9387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f7a87f40849 code=0x7ffc0000
[  644.793956][   T29] audit: type=1326 audit(1733001094.750:91757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31840 comm="syz.8.9387" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a87f40849 code=0x7ffc0000
[  644.871510][T31843] loop1: detected capacity change from 0 to 256
[  644.879422][T31849] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9388'.
[  644.888435][T31849] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9388'.
[  644.904013][T28831] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  644.969749][T31837] netlink: 8 bytes leftover after parsing attributes in process `syz.9.9386'.
[  644.978616][T31858] loop7: detected capacity change from 0 to 1024
[  644.978991][T31858] EXT4-fs: Ignoring removed nobh option
[  644.990723][T31858] EXT4-fs: Ignoring removed orlov option
[  645.002777][T31843] FAT-fs (loop1): Directory bread(block 64) failed
[  645.030589][T31843] FAT-fs (loop1): Directory bread(block 65) failed
[  645.044031][T31858] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  645.068506][T31843] FAT-fs (loop1): Directory bread(block 66) failed
[  645.108120][T31843] FAT-fs (loop1): Directory bread(block 67) failed
[  645.114840][T31843] FAT-fs (loop1): Directory bread(block 68) failed
[  645.121480][T31843] FAT-fs (loop1): Directory bread(block 69) failed
[  645.128052][T31843] FAT-fs (loop1): Directory bread(block 70) failed
[  645.135036][T31843] FAT-fs (loop1): Directory bread(block 71) failed
[  645.141823][T31843] FAT-fs (loop1): Directory bread(block 72) failed
[  645.148872][T31843] FAT-fs (loop1): Directory bread(block 73) failed
[  645.162995][T31864] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  645.189159][T31867] loop8: detected capacity change from 0 to 2048
[  645.234470][T31843] pim6reg1: tun_chr_ioctl cmd 1074025677
[  645.254208][T31843] pim6reg1: linktype set to 825
[  645.462117][T31893] netlink: 'syz.8.9394': attribute type 10 has an invalid length.
[  645.527079][T31900] netlink: 'syz.9.9397': attribute type 10 has an invalid length.
[  645.603000][T31907] loop8: detected capacity change from 0 to 1024
[  645.627904][T31907] EXT4-fs: Ignoring removed nobh option
[  645.633560][T31907] EXT4-fs: Ignoring removed orlov option
[  645.695845][T31923] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9405'.
[  645.700505][T31907] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  645.875948][T28831] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  646.026554][T31966] netlink: 'syz.7.9417': attribute type 1 has an invalid length.
[  646.127203][T31955] pim6reg1: tun_chr_ioctl cmd 1074025677
[  646.170940][T31955] pim6reg1: linktype set to 825
[  646.214232][T31984] loop9: detected capacity change from 0 to 512
[  646.254532][T31984] EXT4-fs: inline encryption not supported
[  646.315627][T31984] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  646.339774][T31984] ext4 filesystem being mounted at /201/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  646.381782][T31984] EXT4-fs error (device loop9): ext4_do_update_inode:5153: inode #2: comm syz.9.9421: corrupted inode contents
[  646.427723][T31984] EXT4-fs error (device loop9): ext4_dirty_inode:6041: inode #2: comm syz.9.9421: mark_inode_dirty error
[  646.452245][T27333] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  646.466944][T31984] EXT4-fs error (device loop9): ext4_do_update_inode:5153: inode #2: comm syz.9.9421: corrupted inode contents
[  646.505526][T31998] EXT4-fs error (device loop9): ext4_do_update_inode:5153: inode #2: comm syz.9.9421: corrupted inode contents
[  646.552992][T32005] netlink: 'syz.7.9429': attribute type 1 has an invalid length.
[  646.566387][T31998] EXT4-fs error (device loop9): ext4_dirty_inode:6041: inode #2: comm syz.9.9421: mark_inode_dirty error
[  646.607356][T32009] loop1: detected capacity change from 0 to 512
[  646.617756][T32009] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  646.632639][T31998] EXT4-fs error (device loop9): ext4_do_update_inode:5153: inode #2: comm syz.9.9421: corrupted inode contents
[  646.663783][T32009] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  646.684540][T31998] EXT4-fs error (device loop9): __ext4_ext_dirty:207: inode #2: comm syz.9.9421: mark_inode_dirty error
[  646.731638][T31998] EXT4-fs error (device loop9): ext4_do_update_inode:5153: inode #2: comm syz.9.9421: corrupted inode contents
[  646.781811][T32022] netlink: 'syz.8.9433': attribute type 10 has an invalid length.
[  646.791799][T31998] EXT4-fs error (device loop9): ext4_dirty_inode:6041: inode #2: comm syz.9.9421: mark_inode_dirty error
[  646.821503][T32021] loop1: detected capacity change from 0 to 512
[  646.838527][T32021] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  646.862984][T32021] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  646.870505][T32030] loop8: detected capacity change from 0 to 512
[  646.883682][T32030] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  646.896794][T28536] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  646.909484][T32030] EXT4-fs warning (device loop8): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  646.958602][T32033] bpf_get_probe_write_proto: 17 callbacks suppressed
[  646.958624][T32033] syz.9.9438[32033] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  646.980673][T32033] syz.9.9438[32033] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  646.994322][T32036] loop1: detected capacity change from 0 to 1024
[  647.008677][T32033] syz.9.9438[32033] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  647.030915][T32038] netlink: 'syz.8.9440': attribute type 6 has an invalid length.
[  647.200869][T32049] __nla_validate_parse: 7 callbacks suppressed
[  647.200887][T32049] netlink: 8 bytes leftover after parsing attributes in process `syz.9.9441'.
[  647.216255][T32049] netlink: 4 bytes leftover after parsing attributes in process `syz.9.9441'.
[  647.259431][T32052] loop8: detected capacity change from 0 to 512
[  647.279349][T32052] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  647.303592][T32052] EXT4-fs warning (device loop8): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  647.471501][T32061] syz.8.9444: attempt to access beyond end of device
[  647.471501][T32061] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  647.724583][T32082] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9447'.
[  647.874255][T32089] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  647.939428][T32093] loop1: detected capacity change from 0 to 4096
[  647.972390][T32093] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  648.160870][T32110] syz.5.9456: attempt to access beyond end of device
[  648.160870][T32110] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  648.176365][T32108] loop9: detected capacity change from 0 to 2048
[  648.186063][T32112] netlink: 8 bytes leftover after parsing attributes in process `syz.8.9457'.
[  648.203649][T30856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  648.224321][T32108] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  648.323075][T32120] loop8: detected capacity change from 0 to 1024
[  648.330548][T32120] EXT4-fs: Ignoring removed nobh option
[  648.336376][T32120] EXT4-fs: Ignoring removed orlov option
[  648.365913][T32120] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  648.387710][T32125] loop1: detected capacity change from 0 to 512
[  648.406928][T32125] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  648.419729][T32128] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9461'.
[  648.429879][T32125] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  648.507627][T32134] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9463'.
[  648.591387][T32142] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9462'.
[  648.600437][T32142] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9462'.
[  648.682379][T32149] loop1: detected capacity change from 0 to 2048
[  648.707586][T32143] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  649.017484][T28536] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  649.104011][T32175] loop1: detected capacity change from 0 to 256
[  649.186798][T27333] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  649.301839][T32175] FAT-fs (loop1): Directory bread(block 64) failed
[  649.308650][T32175] FAT-fs (loop1): Directory bread(block 65) failed
[  649.334432][T32175] FAT-fs (loop1): Directory bread(block 66) failed
[  649.357612][T32175] FAT-fs (loop1): Directory bread(block 67) failed
[  649.393813][T32175] FAT-fs (loop1): Directory bread(block 68) failed
[  649.403489][T32192] netlink: 12 bytes leftover after parsing attributes in process `syz.9.9473'.
[  649.419543][T32175] FAT-fs (loop1): Directory bread(block 69) failed
[  649.426242][T32189] netlink: 28 bytes leftover after parsing attributes in process `syz.8.9472'.
[  649.428909][T32175] FAT-fs (loop1): Directory bread(block 70) failed
[  649.482439][T32175] FAT-fs (loop1): Directory bread(block 71) failed
[  649.502353][T32175] FAT-fs (loop1): Directory bread(block 72) failed
[  649.521104][   T29] kauditd_printk_skb: 3602 callbacks suppressed
[  649.521121][   T29] audit: type=1326 audit(1733001099.682:95360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32027 comm="syz.7.9436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f46d3b177e7 code=0x7ffc0000
[  649.556362][T32175] FAT-fs (loop1): Directory bread(block 73) failed
[  649.589902][   T29] audit: type=1326 audit(1733001099.682:95361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32027 comm="syz.7.9436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f46d3abc189 code=0x7ffc0000
[  649.613588][   T29] audit: type=1326 audit(1733001099.682:95362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32027 comm="syz.7.9436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f46d3b177e7 code=0x7ffc0000
[  649.637235][   T29] audit: type=1326 audit(1733001099.682:95363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32027 comm="syz.7.9436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f46d3abc189 code=0x7ffc0000
[  649.660762][   T29] audit: type=1326 audit(1733001099.682:95364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32027 comm="syz.7.9436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f46d3b177e7 code=0x7ffc0000
[  649.684303][   T29] audit: type=1326 audit(1733001099.682:95365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32027 comm="syz.7.9436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f46d3abc189 code=0x7ffc0000
[  649.707943][   T29] audit: type=1326 audit(1733001099.682:95366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32027 comm="syz.7.9436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f46d3b177e7 code=0x7ffc0000
[  649.731454][   T29] audit: type=1326 audit(1733001099.682:95367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32027 comm="syz.7.9436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f46d3abc189 code=0x7ffc0000
[  649.755428][   T29] audit: type=1326 audit(1733001099.682:95368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32027 comm="syz.7.9436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f46d3b177e7 code=0x7ffc0000
[  649.778994][   T29] audit: type=1326 audit(1733001099.682:95369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32027 comm="syz.7.9436" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f46d3abc189 code=0x7ffc0000
[  649.817615][T32203] loop8: detected capacity change from 0 to 1024
[  649.834576][T32203] EXT4-fs: Ignoring removed nobh option
[  649.840362][T32203] EXT4-fs: Ignoring removed nomblk_io_submit option
[  649.864693][T32203] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  649.873265][T32166] pim6reg1: tun_chr_ioctl cmd 1074025677
[  649.881378][T32166] pim6reg1: linktype set to 825
[  649.927032][T32203] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  649.952257][T32203] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  649.979906][T32203] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  650.011780][T32203] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  650.042520][T32203] EXT4-fs (loop8): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  650.122630][T27333] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  650.245645][T32226] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  650.265259][T32233] loop9: detected capacity change from 0 to 2048
[  650.275003][T32235] loop8: detected capacity change from 0 to 2048
[  650.287400][T32237] FAULT_INJECTION: forcing a failure.
[  650.287400][T32237] name failslab, interval 1, probability 0, space 0, times 0
[  650.300273][T32237] CPU: 0 UID: 0 PID: 32237 Comm: syz.7.9490 Not tainted 6.12.0-syzkaller-11677-g2ba9f676d0a2 #0
[  650.310782][T32237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  650.320865][T32237] Call Trace:
[  650.324167][T32237]  <TASK>
[  650.327126][T32237]  dump_stack_lvl+0xf2/0x150
[  650.331877][T32237]  dump_stack+0x15/0x20
[  650.336066][T32237]  should_fail_ex+0x223/0x230
[  650.340818][T32237]  should_failslab+0x8f/0xb0
[  650.345512][T32237]  kmem_cache_alloc_node_noprof+0x59/0x320
[  650.351385][T32237]  ? __alloc_skb+0x10b/0x310
[  650.356029][T32237]  __alloc_skb+0x10b/0x310
[  650.360500][T32237]  netlink_alloc_large_skb+0xad/0xe0
[  650.365815][T32237]  netlink_sendmsg+0x3b4/0x6e0
[  650.370611][T32237]  ? __pfx_netlink_sendmsg+0x10/0x10
[  650.376004][T32237]  __sock_sendmsg+0x140/0x180
[  650.380743][T32237]  ____sys_sendmsg+0x312/0x410
[  650.385538][T32237]  __sys_sendmsg+0x19d/0x230
[  650.390253][T32237]  __x64_sys_sendmsg+0x46/0x50
[  650.395052][T32237]  x64_sys_call+0x2734/0x2dc0
[  650.399776][T32237]  do_syscall_64+0xc9/0x1c0
[  650.404313][T32237]  ? clear_bhb_loop+0x55/0xb0
[  650.409103][T32237]  ? clear_bhb_loop+0x55/0xb0
[  650.413856][T32237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  650.419838][T32237] RIP: 0033:0x7f46d3b20849
[  650.424267][T32237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  650.444009][T32237] RSP: 002b:00007f46d2197058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  650.452444][T32237] RAX: ffffffffffffffda RBX: 00007f46d3ce5fa0 RCX: 00007f46d3b20849
[  650.460481][T32237] RDX: 0000000000000000 RSI: 00000000200012c0 RDI: 0000000000000003
[  650.468475][T32237] RBP: 00007f46d21970a0 R08: 0000000000000000 R09: 0000000000000000
[  650.476456][T32237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  650.484445][T32237] R13: 0000000000000000 R14: 00007f46d3ce5fa0 R15: 00007ffdec9fd588
[  650.492441][T32237]  </TASK>
[  650.525367][T32233] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  650.566978][T32233] ip6tnl1: entered allmulticast mode
[  650.626633][T28536] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  650.911099][T32267] syz.9.9503: attempt to access beyond end of device
[  650.911099][T32267] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  651.216477][T32302] tmpfs: Unknown parameter '¡…xɶ|’§j+;†œ|x³)‰þ@Í‘7¦×ïš}u½1_FJÞX`‚µë¸go€¨�¹“^Çt;:‹QÙ´X_»”æ HË	e4ÆCèJýð¹ZëXr¯©×QðšCbûcƒª'
[  651.250925][T32304] loop9: detected capacity change from 0 to 512
[  651.279750][T32304] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  651.347645][T32304] EXT4-fs (loop9): 1 truncate cleaned up
[  651.353900][T32304] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  651.423940][T32304] EXT4-fs error (device loop9): ext4_xattr_inode_iget:440: comm syz.9.9519: inode #1073372648: comm syz.9.9519: iget: illegal inode #
[  651.439026][T32304] EXT4-fs error (device loop9): ext4_xattr_inode_iget:445: comm syz.9.9519: error while reading EA inode 1073372648 err=-117
[  651.469390][T32304] EXT4-fs error (device loop9): ext4_xattr_delete_inode:2977: inode #15: comm syz.9.9519: corrupted xattr block 33: invalid header
[  651.483255][T32304] EXT4-fs warning (device loop9): ext4_evict_inode:276: xattr delete (err -117)
[  651.671637][T32326] loop8: detected capacity change from 0 to 512
[  651.683067][T32326] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  651.692477][T32326] EXT4-fs warning (device loop8): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  651.704167][T32332] syz.7.9527: attempt to access beyond end of device
[  651.704167][T32332] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  651.812086][T32343] syz.1.9532[32343] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  651.812160][T32343] syz.1.9532[32343] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  651.839104][T32337] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  651.877997][T32343] syz.1.9532[32343] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  651.929166][T32346] loop8: detected capacity change from 0 to 2048
[  652.191854][T28536] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  652.227969][T32368] vhci_hcd: invalid port number 255
[  652.233213][T32368] vhci_hcd: default hub control req: 0400 v0000 i00ff l0
[  652.252503][T32370] loop9: detected capacity change from 0 to 1024
[  652.265658][T32361] netlink: 'syz.7.9539': attribute type 29 has an invalid length.
[  652.275078][T32361] __nla_validate_parse: 13 callbacks suppressed
[  652.275097][T32361] netlink: 88 bytes leftover after parsing attributes in process `syz.7.9539'.
[  652.276482][T32350] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9535'.
[  652.299754][T32370] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  652.354373][T32375] syz.9.9545[32375] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  652.354515][T32375] syz.9.9545[32375] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  652.389737][T32375] syz.9.9545[32375] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  652.410677][T32379] netlink: 'syz.7.9547': attribute type 10 has an invalid length.
[  652.449816][T32375] netlink: 4 bytes leftover after parsing attributes in process `syz.9.9545'.
[  652.566570][T32388] loop7: detected capacity change from 0 to 1024
[  652.587526][T32388] SELinux: security_context_str_to_sid (root) failed with errno=-22
[  652.610462][T32388] FAULT_INJECTION: forcing a failure.
[  652.610462][T32388] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  652.623656][T32388] CPU: 0 UID: 0 PID: 32388 Comm: syz.7.9551 Not tainted 6.12.0-syzkaller-11677-g2ba9f676d0a2 #0
[  652.634107][T32388] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  652.644215][T32388] Call Trace:
[  652.647589][T32388]  <TASK>
[  652.650544][T32388]  dump_stack_lvl+0xf2/0x150
[  652.655185][T32388]  dump_stack+0x15/0x20
[  652.659488][T32388]  should_fail_ex+0x223/0x230
[  652.664232][T32388]  should_fail+0xb/0x10
[  652.668504][T32388]  should_fail_usercopy+0x1a/0x20
[  652.673556][T32388]  strncpy_from_user+0x25/0x210
[  652.678436][T32388]  ? kmem_cache_alloc_noprof+0x18e/0x320
[  652.684200][T32388]  ? getname_flags+0x81/0x3b0
[  652.688897][T32388]  getname_flags+0xb0/0x3b0
[  652.693483][T32388]  user_path_at+0x26/0x120
[  652.697934][T32388]  do_utimes+0xc7/0x1f0
[  652.702108][T32388]  __x64_sys_utimensat+0xc6/0x170
[  652.707172][T32388]  ? fpregs_assert_state_consistent+0x83/0xa0
[  652.713346][T32388]  x64_sys_call+0x272a/0x2dc0
[  652.718042][T32388]  do_syscall_64+0xc9/0x1c0
[  652.722574][T32388]  ? clear_bhb_loop+0x55/0xb0
[  652.727272][T32388]  ? clear_bhb_loop+0x55/0xb0
[  652.732031][T32388]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.737975][T32388] RIP: 0033:0x7f46d3b20849
[  652.742403][T32388] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  652.762085][T32388] RSP: 002b:00007f46d2197058 EFLAGS: 00000246 ORIG_RAX: 0000000000000118
[  652.770506][T32388] RAX: ffffffffffffffda RBX: 00007f46d3ce5fa0 RCX: 00007f46d3b20849
[  652.778510][T32388] RDX: 0000000020000140 RSI: 0000000020000100 RDI: ffffffffffffffff
[  652.786525][T32388] RBP: 00007f46d21970a0 R08: 0000000000000000 R09: 0000000000000000
[  652.794564][T32388] R10: 0000000000000100 R11: 0000000000000246 R12: 0000000000000001
[  652.802541][T32388] R13: 0000000000000000 R14: 00007f46d3ce5fa0 R15: 00007ffdec9fd588
[  652.810523][T32388]  </TASK>
[  652.854580][T32396] netlink: 20 bytes leftover after parsing attributes in process `syz.5.9554'.
[  652.969411][T32409] SELinux: syz.8.9559 (32409) set checkreqprot to 1. This is no longer supported.
[  653.024305][T32410] loop8: detected capacity change from 0 to 512
[  653.080347][T32419] netlink: 'syz.7.9562': attribute type 10 has an invalid length.
[  653.101245][T32423] netlink: 'syz.1.9564': attribute type 1 has an invalid length.
[  653.126288][T32420] pim6reg1: tun_chr_ioctl cmd 1074025677
[  653.132448][T32420] pim6reg1: linktype set to 825
[  653.138187][T32410] EXT4-fs: Ignoring removed nomblk_io_submit option
[  653.210044][T32428] netlink: 16402 bytes leftover after parsing attributes in process `syz.7.9566'.
[  653.237840][  T120] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  653.270525][T32410] EXT4-fs (loop8): orphan cleanup on readonly fs
[  653.293051][T32435] syz.7.9569[32435] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  653.293123][T32435] syz.7.9569[32435] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  653.293181][T32410] EXT4-fs error (device loop8): ext4_validate_block_bitmap:441: comm syz.8.9559: bg 0: block 248: padding at end of block bitmap is not set
[  653.304995][T32435] syz.7.9569[32435] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  653.316687][T32410] EXT4-fs (loop8): Remounting filesystem read-only
[  653.348913][T32410] EXT4-fs (loop8): 1 truncate cleaned up
[  653.357181][T32410] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  653.369809][T32410] SELinux: (dev loop8, type ext4) getxattr errno 5
[  653.376808][T32410] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  653.394778][T32435] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9569'.
[  653.465900][  T120] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  653.535582][  T120] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  653.605714][  T120] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  653.642176][T32454] loop1: detected capacity change from 0 to 128
[  653.648792][T32454] EXT4-fs: Ignoring removed nobh option
[  653.669775][T32454] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  653.758762][T32454] ext4 filesystem being mounted at /90/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  653.874447][T32471] loop7: detected capacity change from 0 to 512
[  653.914772][T32471] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  653.924826][T30856] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  653.955592][T32471] EXT4-fs (loop7): invalid journal inode
[  654.006884][T32481] syz.1.9587[32481] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  654.007085][T32481] syz.1.9587[32481] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  654.057290][T32481] syz.1.9587[32481] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  654.094313][  T120] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  654.127524][  T120] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  654.141843][  T120] bond0 (unregistering): Released all slaves
[  654.157008][  T120] bond1 (unregistering): Released all slaves
[  654.166155][  T120] bond2 (unregistering): Released all slaves
[  654.181081][  T120] bond3 (unregistering): Released all slaves
[  654.189376][T32487] syz.5.9589[32487] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  654.192216][  T120] bond4 (unregistering): Released all slaves
[  654.215618][  T120] bond5 (unregistering): Released all slaves
[  654.225799][  T120] bond6 (unregistering): Released all slaves
[  654.237558][  T120] bond7 (unregistering): Released all slaves
[  654.249013][  T120] bond8 (unregistering): Released all slaves
[  654.262224][  T120] bond9 (unregistering): Released all slaves
[  654.273289][  T120] bond10 (unregistering): Released all slaves
[  654.287010][T32471] lo speed is unknown, defaulting to 1000
[  654.295774][T32481] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9587'.
[  654.309415][T32487] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9589'.
[  654.398184][  T120] hsr_slave_0: left promiscuous mode
[  654.412398][T32490] loop1: detected capacity change from 0 to 1024
[  654.433075][  T120] hsr_slave_1: left promiscuous mode
[  654.446387][  T120] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  654.453956][  T120] batman_adv: batadv0: Removing interface: batadv_slave_0
[  654.470158][  T120] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  654.477656][  T120] batman_adv: batadv0: Removing interface: batadv_slave_1
[  654.498867][T32490] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  654.521675][T32509] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9596'.
[  654.546977][  T120] dummy0: left promiscuous mode
[  654.552004][  T120] veth1_vlan: left promiscuous mode
[  654.557336][  T120] veth0_vlan: left promiscuous mode
[  654.603879][T32511] netlink: 12 bytes leftover after parsing attributes in process `syz.8.9598'.
[  654.616490][T30856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  654.827826][T32520] bond2: entered promiscuous mode
[  654.833118][T32520] bond2: entered allmulticast mode
[  654.842455][T32520] 8021q: adding VLAN 0 to HW filter on device bond2
[  654.866412][T32520] bond2 (unregistering): Released all slaves
[  654.944894][T32531] syz.5.9605: attempt to access beyond end of device
[  654.944894][T32531] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  655.070090][T32471] ------------[ cut here ]------------
[  655.075599][T32471] WARNING: CPU: 1 PID: 32471 at net/ipv6/ip6mr.c:419 ip6mr_rules_exit+0x18c/0x210
[  655.084896][T32471] Modules linked in:
[  655.088837][T32471] CPU: 1 UID: 0 PID: 32471 Comm: syz.7.9583 Not tainted 6.12.0-syzkaller-11677-g2ba9f676d0a2 #0
[  655.099331][T32471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  655.109450][T32471] RIP: 0010:ip6mr_rules_exit+0x18c/0x210
[  655.115161][T32471] Code: 00 31 f6 31 d2 e8 e4 3c 34 fd 48 89 df e8 0c 32 d3 fc 4d 39 fd 74 18 e8 a2 81 a4 fc 4c 89 eb e9 f7 fe ff ff e8 95 81 a4 fc 90 <0f> 0b 90 eb b5 e8 8a 81 a4 fc 48 8b 2c 24 eb 05 e8 7f 81 a4 fc 48
[  655.134859][T32471] RSP: 0018:ffffc9000231bb40 EFLAGS: 00010246
[  655.140990][T32471] RAX: ffffffff848c08db RBX: ffff888121ce5000 RCX: 0000000000080000
[  655.143378][   T29] kauditd_printk_skb: 320 callbacks suppressed
[  655.143447][   T29] audit: type=1326 audit(1733001105.284:95688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32536 comm="syz.5.9608" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2c90a60849 code=0x0
[  655.149041][T32471] RDX: ffffc9000cfd2000 RSI: 000000000007ffff RDI: 0000000000080000
[  655.149059][T32471] RBP: 0000000000000001 R08: 000188810cb656df R09: 0000000000000000
[  655.149072][T32471] R10: 0001ffffffffffff R11: 0001888121ce5008 R12: ffff88810cb64d00
[  655.149088][T32471] R13: ffff88810cb656c8 R14: dead000000000122 R15: ffff88810cb656c8
[  655.210756][T32471] FS:  00007f46d21976c0(0000) GS:ffff888237d00000(0000) knlGS:0000000000000000
[  655.219783][T32471] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  655.226509][T32471] CR2: 00007fc043176fb8 CR3: 0000000116146000 CR4: 00000000003506f0
[  655.234509][T32471] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  655.242580][T32471] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
[  655.250578][T32471] Call Trace:
[  655.253855][T32471]  <TASK>
[  655.256825][T32471]  ? __warn+0x141/0x350
[  655.261106][T32471]  ? report_bug+0x315/0x420
[  655.265674][T32471]  ? ip6mr_rules_exit+0x18c/0x210
[  655.270852][T32471]  ? handle_bug+0x60/0x90
[  655.275261][T32471]  ? exc_invalid_op+0x1a/0x50
[  655.279992][T32471]  ? asm_exc_invalid_op+0x1a/0x20
[  655.285138][T32471]  ? ip6mr_rules_exit+0x18b/0x210
[  655.290260][T32471]  ? ip6mr_rules_exit+0x18c/0x210
[  655.295299][T32471]  ip6mr_net_exit_batch+0x2d/0x60
[  655.300397][T32471]  ? __pfx_ip6mr_net_exit_batch+0x10/0x10
[  655.306171][T32471]  setup_net+0x474/0x600
[  655.310496][T32471]  copy_net_ns+0x290/0x430
[  655.314944][T32471]  create_new_namespaces+0x228/0x430
[  655.320294][T32471]  copy_namespaces+0x1ad/0x210
[  655.325142][T32471]  copy_process+0xd82/0x1f90
[  655.329771][T32471]  kernel_clone+0x167/0x5e0
[  655.334440][T32471]  ? do_futex+0x276/0x370
[  655.338824][T32471]  __x64_sys_clone+0xe8/0x120
[  655.343596][T32471]  x64_sys_call+0x2d7e/0x2dc0
[  655.348343][T32471]  do_syscall_64+0xc9/0x1c0
[  655.352931][T32471]  ? clear_bhb_loop+0x55/0xb0
[  655.357829][T32471]  ? clear_bhb_loop+0x55/0xb0
[  655.362530][T32471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  655.368514][T32471] RIP: 0033:0x7f46d3b20849
[  655.372935][T32471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  655.392683][T32471] RSP: 002b:00007f46d2197008 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  655.401195][T32471] RAX: ffffffffffffffda RBX: 00007f46d3ce5fa0 RCX: 00007f46d3b20849
[  655.409371][T32471] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000640c7000
[  655.417505][T32471] RBP: 00007f46d3b93986 R08: 0000000000000000 R09: 0000000000000000
[  655.425496][T32471] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  655.433504][T32471] R13: 0000000000000000 R14: 00007f46d3ce5fa0 R15: 00007ffdec9fd588
[  655.441542][T32471]  </TASK>
[  655.444601][T32471] ---[ end trace 0000000000000000 ]---
[  655.450411][T32544] FAULT_INJECTION: forcing a failure.
[  655.450411][T32544] name failslab, interval 1, probability 0, space 0, times 0
[  655.463188][T32544] CPU: 0 UID: 0 PID: 32544 Comm: syz.9.9611 Tainted: G        W          6.12.0-syzkaller-11677-g2ba9f676d0a2 #0
[  655.475215][T32544] Tainted: [W]=WARN
[  655.479038][T32544] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  655.489115][T32544] Call Trace:
[  655.492458][T32544]  <TASK>
[  655.495450][T32544]  dump_stack_lvl+0xf2/0x150
[  655.500084][T32544]  dump_stack+0x15/0x20
[  655.504326][T32544]  should_fail_ex+0x223/0x230
[  655.509048][T32544]  should_failslab+0x8f/0xb0
[  655.513715][T32544]  kmem_cache_alloc_noprof+0x52/0x320
[  655.519166][T32544]  ? radix_tree_node_alloc+0x8b/0x1e0
[  655.524580][T32544]  radix_tree_node_alloc+0x8b/0x1e0
[  655.529905][T32544]  idr_get_free+0x1f5/0x550
[  655.534454][T32544]  idr_alloc_u32+0xcb/0x180
[  655.539052][T32544]  tcf_idr_check_alloc+0x171/0x270
[  655.544301][T32544]  tcf_ct_init+0x233/0xe60
[  655.548766][T32544]  ? sanitize_ptr_alu+0x1eb/0x570
[  655.553823][T32544]  ? __nla_validate_parse+0x1796/0x1e30
[  655.559485][T32544]  tcf_action_init_1+0x339/0x490
[  655.564521][T32544]  tcf_action_init+0x1cc/0x610
[  655.569396][T32544]  ? is_reg64+0xda/0x290
[  655.573763][T32544]  tc_ctl_action+0x292/0x840
[  655.578498][T32544]  ? __pfx_tc_ctl_action+0x10/0x10
[  655.583646][T32544]  rtnetlink_rcv_msg+0x6aa/0x710
[  655.588655][T32544]  ? ref_tracker_free+0x3a5/0x410
[  655.593703][T32544]  ? __dev_queue_xmit+0x186/0x2090
[  655.598855][T32544]  netlink_rcv_skb+0x12c/0x230
[  655.603651][T32544]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  655.609214][T32544]  rtnetlink_rcv+0x1c/0x30
[  655.613650][T32544]  netlink_unicast+0x599/0x670
[  655.618526][T32544]  netlink_sendmsg+0x5cc/0x6e0
[  655.623354][T32544]  ? __pfx_netlink_sendmsg+0x10/0x10
[  655.628754][T32544]  __sock_sendmsg+0x140/0x180
[  655.633553][T32544]  ____sys_sendmsg+0x312/0x410
[  655.638365][T32544]  __sys_sendmsg+0x19d/0x230
[  655.643006][T32544]  __x64_sys_sendmsg+0x46/0x50
[  655.647835][T32544]  x64_sys_call+0x2734/0x2dc0
[  655.652557][T32544]  do_syscall_64+0xc9/0x1c0
[  655.657199][T32544]  ? clear_bhb_loop+0x55/0xb0
[  655.661917][T32544]  ? clear_bhb_loop+0x55/0xb0
[  655.666629][T32544]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  655.672622][T32544] RIP: 0033:0x7fc044b00849
[  655.677094][T32544] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  655.696752][T32544] RSP: 002b:00007fc043177058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  655.705232][T32544] RAX: ffffffffffffffda RBX: 00007fc044cc5fa0 RCX: 00007fc044b00849
[  655.713329][T32544] RDX: 0000000010000000 RSI: 0000000020000080 RDI: 0000000000000003
[  655.721532][T32544] RBP: 00007fc0431770a0 R08: 0000000000000000 R09: 0000000000000000
[  655.729530][T32544] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  655.737570][T32544] R13: 0000000000000000 R14: 00007fc044cc5fa0 R15: 00007ffd8bfbc3f8
[  655.745564][T32544]  </TASK>
[  655.753930][T32471] ------------[ cut here ]------------
[  655.759535][T32471] WARNING: CPU: 0 PID: 32471 at net/ipv4/ipmr.c:440 ipmr_rules_exit+0x18c/0x210
[  655.768702][T32471] Modules linked in:
[  655.772620][T32471] CPU: 0 UID: 0 PID: 32471 Comm: syz.7.9583 Tainted: G        W          6.12.0-syzkaller-11677-g2ba9f676d0a2 #0
[  655.784623][T32471] Tainted: [W]=WARN
[  655.788466][T32471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  655.798640][T32471] RIP: 0010:ipmr_rules_exit+0x18c/0x210
[  655.804218][T32471] Code: 00 31 f6 31 d2 e8 a4 51 4d fd 48 89 df e8 cc 46 ec fc 4d 39 fd 74 18 e8 62 96 bd fc 4c 89 eb e9 f7 fe ff ff e8 55 96 bd fc 90 <0f> 0b 90 eb b5 e8 4a 96 bd fc 48 8b 2c 24 eb 05 e8 3f 96 bd fc 48
[  655.823884][T32471] RSP: 0018:ffffc9000231bb40 EFLAGS: 00010246
[  655.830010][T32471] RAX: ffffffff8472f41b RBX: ffff888121ce4000 RCX: 0000000000080000
[  655.838019][T32471] RDX: ffffc9000cfd2000 RSI: 000000000007ffff RDI: 0000000000080000
[  655.846151][T32471] RBP: 0000000000000001 R08: 000188810cb6533f R09: 0000000000000000
[  655.854147][T32471] R10: 0001ffffffffffff R11: 0001888121ce4008 R12: ffff88810cb64d00
[  655.862189][T32471] R13: ffff88810cb65328 R14: dead000000000122 R15: ffff88810cb65328
[  655.870213][T32471] FS:  00007f46d21976c0(0000) GS:ffff888237c00000(0000) knlGS:0000000000000000
[  655.879290][T32471] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  655.885903][T32471] CR2: 0000001b30617ff8 CR3: 0000000116146000 CR4: 00000000003506f0
[  655.894112][T32471] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  655.902179][T32471] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
[  655.910235][T32471] Call Trace:
[  655.913538][T32471]  <TASK>
[  655.916521][T32471]  ? __warn+0x141/0x350
[  655.920758][T32471]  ? report_bug+0x315/0x420
[  655.925292][T32471]  ? ipmr_rules_exit+0x18c/0x210
[  655.930371][T32471]  ? handle_bug+0x60/0x90
[  655.934740][T32471]  ? exc_invalid_op+0x1a/0x50
[  655.939615][T32471]  ? asm_exc_invalid_op+0x1a/0x20
[  655.944725][T32471]  ? ipmr_rules_exit+0x18b/0x210
[  655.949858][T32471]  ? ipmr_rules_exit+0x18c/0x210
[  655.954832][T32471]  ipmr_net_exit_batch+0x2d/0x60
[  655.959826][T32471]  ? __pfx_ipmr_net_exit_batch+0x10/0x10
[  655.965540][T32471]  setup_net+0x474/0x600
[  655.969852][T32471]  copy_net_ns+0x290/0x430
[  655.974378][T32471]  create_new_namespaces+0x228/0x430
[  655.979720][T32471]  copy_namespaces+0x1ad/0x210
[  655.984515][T32471]  copy_process+0xd82/0x1f90
[  655.989179][T32471]  kernel_clone+0x167/0x5e0
[  655.993792][T32471]  ? do_futex+0x276/0x370
[  655.998176][T32471]  __x64_sys_clone+0xe8/0x120
[  656.003006][T32471]  x64_sys_call+0x2d7e/0x2dc0
[  656.007741][T32471]  do_syscall_64+0xc9/0x1c0
[  656.012272][T32471]  ? clear_bhb_loop+0x55/0xb0
[  656.017006][T32471]  ? clear_bhb_loop+0x55/0xb0
[  656.021803][T32471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  656.027739][T32471] RIP: 0033:0x7f46d3b20849
[  656.032164][T32471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  656.051968][T32471] RSP: 002b:00007f46d2197008 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  656.060500][T32471] RAX: ffffffffffffffda RBX: 00007f46d3ce5fa0 RCX: 00007f46d3b20849
[  656.068676][T32471] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000640c7000
[  656.076748][T32471] RBP: 00007f46d3b93986 R08: 0000000000000000 R09: 0000000000000000
[  656.084734][T32471] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  656.092750][T32471] R13: 0000000000000000 R14: 00007f46d3ce5fa0 R15: 00007ffdec9fd588
[  656.100798][T32471]  </TASK>
[  656.103830][T32471] ---[ end trace 0000000000000000 ]---
[  656.195587][T32561] FAULT_INJECTION: forcing a failure.
[  656.195587][T32561] name failslab, interval 1, probability 0, space 0, times 0
[  656.208391][T32561] CPU: 1 UID: 0 PID: 32561 Comm: syz.5.9618 Tainted: G        W          6.12.0-syzkaller-11677-g2ba9f676d0a2 #0
[  656.220329][T32561] Tainted: [W]=WARN
[  656.224139][T32561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  656.234212][T32561] Call Trace:
[  656.237502][T32561]  <TASK>
[  656.240441][T32561]  dump_stack_lvl+0xf2/0x150
[  656.245058][T32561]  dump_stack+0x15/0x20
[  656.249232][T32561]  should_fail_ex+0x223/0x230
[  656.253960][T32561]  should_failslab+0x8f/0xb0
[  656.258560][T32561]  kmem_cache_alloc_node_noprof+0x59/0x320
[  656.264486][T32561]  ? __alloc_skb+0x10b/0x310
[  656.269121][T32561]  __alloc_skb+0x10b/0x310
[  656.273607][T32561]  netlink_alloc_large_skb+0xad/0xe0
[  656.278962][T32561]  netlink_sendmsg+0x3b4/0x6e0
[  656.283795][T32561]  ? __pfx_netlink_sendmsg+0x10/0x10
[  656.289184][T32561]  __sock_sendmsg+0x140/0x180
[  656.293904][T32561]  ____sys_sendmsg+0x312/0x410
[  656.298685][T32561]  __sys_sendmsg+0x19d/0x230
[  656.303298][T32561]  __x64_sys_sendmsg+0x46/0x50
[  656.308330][T32561]  x64_sys_call+0x2734/0x2dc0
[  656.313029][T32561]  do_syscall_64+0xc9/0x1c0
[  656.317561][T32561]  ? clear_bhb_loop+0x55/0xb0
[  656.322288][T32561]  ? clear_bhb_loop+0x55/0xb0
[  656.326990][T32561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  656.332953][T32561] RIP: 0033:0x7f2c90a60849
[  656.337385][T32561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  656.357009][T32561] RSP: 002b:00007f2c8f0d7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  656.365521][T32561] RAX: ffffffffffffffda RBX: 00007f2c90c25fa0 RCX: 00007f2c90a60849
[  656.373616][T32561] RDX: 0000000000000000 RSI: 0000000020000480 RDI: 0000000000000003
[  656.381640][T32561] RBP: 00007f2c8f0d70a0 R08: 0000000000000000 R09: 0000000000000000
[  656.389675][T32561] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  656.397668][T32561] R13: 0000000000000000 R14: 00007f2c90c25fa0 R15: 00007ffe65c47208
[  656.405661][T32561]  </TASK>
[  656.438701][T32562] syz.8.9619: attempt to access beyond end of device
[  656.438701][T32562] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  656.444743][T32567] loop9: detected capacity change from 0 to 1024
[  656.495720][T32567] EXT4-fs: Ignoring removed nobh option
[  656.501418][T32567] EXT4-fs: Ignoring removed orlov option
[  656.548642][T32576] loop1: detected capacity change from 0 to 512
[  656.574961][T32567] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  656.599834][T32576] EXT4-fs (loop1): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  656.635757][T30856] EXT4-fs (loop1): unmounting filesystem 00800000-0000-0000-0000-000000000000.
[  656.704890][   T29] audit: type=1326 audit(1733001106.867:95689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32566 comm="syz.9.9620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc044b00849 code=0x7ffc0000
[  656.728646][   T29] audit: type=1326 audit(1733001106.867:95690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32566 comm="syz.9.9620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7fc044b00849 code=0x7ffc0000
[  656.752333][   T29] audit: type=1326 audit(1733001106.867:95691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32566 comm="syz.9.9620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc044b00849 code=0x7ffc0000
[  656.775957][   T29] audit: type=1326 audit(1733001106.867:95692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32566 comm="syz.9.9620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc044b00849 code=0x7ffc0000
[  656.799509][   T29] audit: type=1326 audit(1733001106.867:95693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32566 comm="syz.9.9620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc044b00849 code=0x7ffc0000
[  656.823129][   T29] audit: type=1326 audit(1733001106.867:95694): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32566 comm="syz.9.9620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fc044b00849 code=0x7ffc0000
[  656.846723][   T29] audit: type=1326 audit(1733001106.867:95695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32566 comm="syz.9.9620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc044b00849 code=0x7ffc0000
[  656.870464][   T29] audit: type=1326 audit(1733001106.867:95696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32566 comm="syz.9.9620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc044b00849 code=0x7ffc0000
[  656.894042][   T29] audit: type=1326 audit(1733001106.867:95697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32566 comm="syz.9.9620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc044b00849 code=0x7ffc0000
[  657.022653][T32603] syz.1.9634: attempt to access beyond end of device
[  657.022653][T32603] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  657.027809][T32606] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  657.176292][T32623] loop1: detected capacity change from 0 to 512
[  657.187588][T32623] EXT4-fs: inline encryption not supported
[  657.228035][T32623] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  657.253015][T32623] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  657.276255][T32623] EXT4-fs error (device loop1): ext4_do_update_inode:5153: inode #2: comm syz.1.9636: corrupted inode contents
[  657.289095][T32623] EXT4-fs error (device loop1): ext4_dirty_inode:6041: inode #2: comm syz.1.9636: mark_inode_dirty error
[  657.315407][T32623] EXT4-fs error (device loop1): ext4_do_update_inode:5153: inode #2: comm syz.1.9636: corrupted inode contents
[  657.335449][T32637] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  657.362950][T28536] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  657.382892][T32623] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #2: comm syz.1.9636: mark_inode_dirty error
[  657.448922][T32647] bpf_get_probe_write_proto: 11 callbacks suppressed
[  657.448957][T32647] syz.7.9642[32647] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  657.471444][T32647] syz.7.9642[32647] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  657.492164][T32650] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  657.535133][T32647] syz.7.9642[32647] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  657.541150][T32647] __nla_validate_parse: 10 callbacks suppressed
[  657.541168][T32647] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9642'.
[  657.668919][T32665] netlink: 8 bytes leftover after parsing attributes in process `syz.9.9646'.
[  657.693615][T32668] syz.7.9648[32668] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  657.693752][T32668] syz.7.9648[32668] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  657.721255][T32671] syz.5.9649[32671] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  657.729251][T32668] syz.7.9648[32668] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  657.748669][T32671] syz.5.9649[32671] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  657.768188][T32673] syz.9.9650[32673] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  657.781518][T32671] syz.5.9649[32671] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  657.799964][T32673] netlink: 28 bytes leftover after parsing attributes in process `syz.9.9650'.
[  657.828125][T32671] netlink: 28 bytes leftover after parsing attributes in process `syz.5.9649'.
[  657.850213][T32668] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9648'.
[  657.909980][T32679] netlink: 24 bytes leftover after parsing attributes in process `syz.8.9653'.
[  658.015114][T30856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  658.079543][T32693] loop9: detected capacity change from 0 to 512
[  658.090452][T32695] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9657'.
[  658.099561][T32695] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9657'.
[  658.111708][T32691] netlink: 4 bytes leftover after parsing attributes in process `syz.7.9656'.
[  658.124310][T32693] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  658.134322][T32697] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9659'.
[  658.151440][T32691] 9pnet_fd: Insufficient options for proto=fd
[  658.171957][T32693] EXT4-fs (loop9): 1 truncate cleaned up
[  658.191422][T32693] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  658.326763][T32693] EXT4-fs error (device loop9): ext4_xattr_inode_iget:440: comm syz.9.9658: inode #1073372648: comm syz.9.9658: iget: illegal inode #
[  658.406753][T32693] EXT4-fs error (device loop9): ext4_xattr_inode_iget:445: comm syz.9.9658: error while reading EA inode 1073372648 err=-117
[  658.511364][T32693] EXT4-fs error (device loop9): ext4_xattr_delete_inode:2977: inode #15: comm syz.9.9658: corrupted xattr block 33: invalid header
[  658.584840][T32693] EXT4-fs warning (device loop9): ext4_evict_inode:276: xattr delete (err -117)
[  658.809247][T32760] netlink: 'syz.5.9675': attribute type 10 has an invalid length.
[  658.919858][T32764] loop8: detected capacity change from 0 to 1024
[  658.943086][T28536] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  658.959459][  T301] loop7: detected capacity change from 0 to 512
[  658.976404][  T301] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  658.996335][T32764] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  659.020731][  T301] EXT4-fs warning (device loop7): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  659.058715][T27333] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  659.097416][  T314] 9pnet_fd: Insufficient options for proto=fd
[  659.124139][  T316] loop9: detected capacity change from 0 to 1024
[  659.245379][  T327] loop1: detected capacity change from 0 to 1024
[  659.279130][  T327] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  659.290250][  T327] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (30349!=20869)
[  659.330802][  T327] EXT4-fs (loop1): invalid journal inode
[  659.566862][  T367] syz.1.9699: attempt to access beyond end of device
[  659.566862][  T367] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  659.568489][  T355] loop7: detected capacity change from 0 to 256
[  659.596599][  T355] FAT-fs (loop7): Directory bread(block 64) failed
[  659.603287][  T355] FAT-fs (loop7): Directory bread(block 65) failed
[  659.614423][  T355] FAT-fs (loop7): Directory bread(block 66) failed
[  659.621143][  T355] FAT-fs (loop7): Directory bread(block 67) failed
[  659.627764][  T355] FAT-fs (loop7): Directory bread(block 68) failed
[  659.634350][  T355] FAT-fs (loop7): Directory bread(block 69) failed
[  659.641073][  T355] FAT-fs (loop7): Directory bread(block 70) failed
[  659.647611][  T355] FAT-fs (loop7): Directory bread(block 71) failed
[  659.654235][  T355] FAT-fs (loop7): Directory bread(block 72) failed
[  659.660993][  T355] FAT-fs (loop7): Directory bread(block 73) failed
[  659.696873][  T355] pim6reg1: tun_chr_ioctl cmd 1074025677
[  659.702827][  T355] pim6reg1: linktype set to 825
[  659.702976][  T379] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  660.118852][  T421] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  660.208416][  T428] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  660.253539][  T428] loop9: detected capacity change from 0 to 2048
[  660.284829][   T29] kauditd_printk_skb: 269 callbacks suppressed
[  660.284844][   T29] audit: type=1400 audit(1733001110.464:95967): avc:  denied  { sys_module } for  pid=437 comm="syz.5.9719" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  660.327839][  T438] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=8 sclass=netlink_route_socket pid=438 comm=syz.5.9719
[  660.343296][  T438] netlink: 'syz.5.9719': attribute type 10 has an invalid length.
[  660.366295][   T29] audit: type=1400 audit(1733001110.524:95968): avc:  denied  { setopt } for  pid=437 comm="syz.5.9719" lport=1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  660.392039][  T441] loop7: detected capacity change from 0 to 256
[  660.424043][  T438] bridge0: port 3(bond0) entered disabled state
[  660.426604][   T29] audit: type=1400 audit(1733001110.574:95969): avc:  denied  { block_suspend } for  pid=437 comm="syz.5.9719" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  660.430480][  T438] bridge0: port 2(bridge_slave_1) entered disabled state
[  660.452036][   T29] audit: type=1326 audit(1733001110.584:95970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=437 comm="syz.5.9719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c90a60849 code=0x7ffc0000
[  660.459128][  T438] bridge0: port 1(bridge_slave_0) entered disabled state
[  660.482434][   T29] audit: type=1326 audit(1733001110.584:95971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=437 comm="syz.5.9719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c90a60849 code=0x7ffc0000
[  660.512936][   T29] audit: type=1326 audit(1733001110.604:95972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=437 comm="syz.5.9719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c90a60849 code=0x7ffc0000
[  660.536411][   T29] audit: type=1326 audit(1733001110.604:95973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=437 comm="syz.5.9719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c90a60849 code=0x7ffc0000
[  660.559923][   T29] audit: type=1326 audit(1733001110.604:95974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=437 comm="syz.5.9719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c90a60849 code=0x7ffc0000
[  660.583417][   T29] audit: type=1326 audit(1733001110.604:95975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=437 comm="syz.5.9719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2c90a60849 code=0x7ffc0000
[  660.606262][  T438] bridge0: port 3(bond0) entered blocking state
[  660.606815][   T29] audit: type=1326 audit(1733001110.604:95976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=437 comm="syz.5.9719" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2c90a60849 code=0x7ffc0000
[  660.613079][  T438] bridge0: port 3(bond0) entered forwarding state
[  660.643122][  T438] bridge0: port 2(bridge_slave_1) entered blocking state
[  660.650248][  T438] bridge0: port 2(bridge_slave_1) entered forwarding state
[  660.657649][  T438] bridge0: port 1(bridge_slave_0) entered blocking state
[  660.664717][  T438] bridge0: port 1(bridge_slave_0) entered forwarding state
[  660.697753][  T438] bridge0: port 3(bond0) entered disabled state
[  660.704142][  T438] bridge0: port 2(bridge_slave_1) entered disabled state
[  660.711256][  T438] bridge0: port 1(bridge_slave_0) entered disabled state
[  660.772431][  T441] FAT-fs (loop7): Directory bread(block 64) failed
[  660.784316][  T441] FAT-fs (loop7): Directory bread(block 65) failed
[  660.799196][  T447] loop9: detected capacity change from 0 to 512
[  660.811161][  T441] FAT-fs (loop7): Directory bread(block 66) failed
[  660.824682][  T447] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  660.836345][  T441] FAT-fs (loop7): Directory bread(block 67) failed
[  660.843032][  T441] FAT-fs (loop7): Directory bread(block 68) failed
[  660.849665][  T441] FAT-fs (loop7): Directory bread(block 69) failed
[  660.874726][  T447] EXT4-fs (loop9): 1 truncate cleaned up
[  660.880876][  T447] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  660.904934][  T441] FAT-fs (loop7): Directory bread(block 70) failed
[  660.925953][  T441] FAT-fs (loop7): Directory bread(block 71) failed
[  660.953026][  T447] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  660.976271][  T441] FAT-fs (loop7): Directory bread(block 72) failed
[  660.982952][  T441] FAT-fs (loop7): Directory bread(block 73) failed
[  661.045532][  T471] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  661.091455][  T477] loop8: detected capacity change from 0 to 2048
[  661.194357][  T431] pim6reg1: tun_chr_ioctl cmd 1074025677
[  661.212717][  T431] pim6reg1: linktype set to 825
[  661.382918][  T504] netlink: 'syz.5.9743': attribute type 1 has an invalid length.
[  661.528463][  T515] syz.7.9746: attempt to access beyond end of device
[  661.528463][  T515] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  661.597821][  T522] xt_hashlimit: max too large, truncated to 1048576
[  661.645783][  T522] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  661.905660][  T543] loop1: detected capacity change from 0 to 512
[  661.930543][  T543] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  661.957695][  T543] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  662.030499][  T553] loop7: detected capacity change from 0 to 256
[  662.161177][  T553] FAT-fs (loop7): Directory bread(block 64) failed
[  662.181382][  T553] FAT-fs (loop7): Directory bread(block 65) failed
[  662.221392][  T553] FAT-fs (loop7): Directory bread(block 66) failed
[  662.270637][  T553] FAT-fs (loop7): Directory bread(block 67) failed
[  662.292565][  T565] netlink: 'syz.8.9768': attribute type 3 has an invalid length.
[  662.305574][  T575] netlink: 'syz.9.9771': attribute type 10 has an invalid length.
[  662.317886][  T553] FAT-fs (loop7): Directory bread(block 68) failed
[  662.375911][  T553] FAT-fs (loop7): Directory bread(block 69) failed
[  662.422992][  T553] FAT-fs (loop7): Directory bread(block 70) failed
[  662.460608][  T553] FAT-fs (loop7): Directory bread(block 71) failed
[  662.491685][  T584] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  662.492750][  T553] FAT-fs (loop7): Directory bread(block 72) failed
[  662.524006][  T593] loop1: detected capacity change from 0 to 2048
[  662.528406][  T553] FAT-fs (loop7): Directory bread(block 73) failed
[  662.597778][  T539] pim6reg1: tun_chr_ioctl cmd 1074025677
[  662.603688][  T539] pim6reg1: linktype set to 825
[  662.621507][  T592] __nla_validate_parse: 40 callbacks suppressed
[  662.621635][  T592] netlink: 8 bytes leftover after parsing attributes in process `syz.9.9777'.
[  662.708635][  T601] bpf_get_probe_write_proto: 50 callbacks suppressed
[  662.708688][  T601] syz.1.9780[601] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  662.731537][  T604] syz.5.9782[604] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  662.762311][  T603] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9780'.
[  662.812380][  T604] syz.5.9782[604] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  662.812451][  T604] syz.5.9782[604] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  662.812757][  T601] syz.1.9780[601] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  662.876831][  T607] netlink: 4 bytes leftover after parsing attributes in process `syz.5.9782'.
[  662.900521][  T601] syz.1.9780[601] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  662.997312][  T612] netlink: 12 bytes leftover after parsing attributes in process `syz.7.9784'.
[  663.029650][  T613] netlink: 'syz.8.9785': attribute type 1 has an invalid length.
[  663.048491][  T615] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9786'.
[  663.066024][  T617] syz.5.9787[617] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  663.066110][  T617] syz.5.9787[617] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  663.108815][  T617] syz.5.9787[617] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  663.131835][  T624] syz.8.9790[624] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  663.140436][  T623] loop7: detected capacity change from 0 to 1024
[  663.172572][  T617] netlink: 28 bytes leftover after parsing attributes in process `syz.5.9787'.
[  663.207518][  T624] netlink: 4 bytes leftover after parsing attributes in process `syz.8.9790'.
[  663.234469][  T623] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  663.278345][T28831] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  663.303703][  T642] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9797'.
[  663.395337][  T653] netlink: 12 bytes leftover after parsing attributes in process `syz.8.9800'.
[  663.411840][  T652] pim6reg1: tun_chr_ioctl cmd 1074025677
[  663.435512][  T652] pim6reg1: linktype set to 825
[  663.441462][  T657] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9801'.
[  663.605414][  T669] netlink: 'syz.7.9805': attribute type 10 has an invalid length.
[  663.696608][  T674] loop8: detected capacity change from 0 to 128
[  663.709985][  T674] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  663.722875][  T674] ext4 filesystem being mounted at /377/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  663.896308][  T687] loop1: detected capacity change from 0 to 1024
[  663.917471][T27333] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  663.952175][  T687] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  664.017134][T30856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  664.107299][  T705] IPv6: Can't replace route, no match found
[  664.165665][  T711] loop7: detected capacity change from 0 to 512
[  664.207148][  T711] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  664.309617][  T724] loop1: detected capacity change from 0 to 2048
[  664.338764][  T711] EXT4-fs (loop7): 1 truncate cleaned up
[  664.350717][  T720] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  664.350855][  T711] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  664.413766][  T726] loop9: detected capacity change from 0 to 1024
[  664.463311][  T726] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  664.559715][T28536] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  664.566469][  T732] loop1: detected capacity change from 0 to 512
[  664.590292][  T711] EXT4-fs error (device loop7): ext4_xattr_inode_iget:440: comm syz.7.9819: inode #1073372648: comm syz.7.9819: iget: illegal inode #
[  664.605721][  T711] EXT4-fs error (device loop7): ext4_xattr_inode_iget:445: comm syz.7.9819: error while reading EA inode 1073372648 err=-117
[  664.606401][  T732] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  664.667606][  T711] EXT4-fs error (device loop7): ext4_xattr_delete_inode:2977: inode #15: comm syz.7.9819: corrupted xattr block 33: invalid header
[  664.684124][  T711] EXT4-fs warning (device loop7): ext4_evict_inode:276: xattr delete (err -117)
[  664.711183][  T738] loop9: detected capacity change from 0 to 512
[  664.723482][  T738] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  664.748017][  T738] EXT4-fs (loop9): 1 truncate cleaned up
[  664.754968][  T738] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  664.855281][  T738] EXT4-fs error (device loop9): ext4_xattr_inode_iget:440: comm syz.9.9832: inode #1073372648: comm syz.9.9832: iget: illegal inode #
[  665.158405][  T738] EXT4-fs error (device loop9): ext4_xattr_inode_iget:445: comm syz.9.9832: error while reading EA inode 1073372648 err=-117
[  665.173220][  T738] EXT4-fs error (device loop9): ext4_xattr_delete_inode:2977: inode #15: comm syz.9.9832: corrupted xattr block 33: invalid header
[  665.176192][  T743] block device autoloading is deprecated and will be removed.
[  665.196641][  T738] EXT4-fs warning (device loop9): ext4_evict_inode:276: xattr delete (err -117)
[  665.312987][   T29] kauditd_printk_skb: 353 callbacks suppressed
[  665.313004][   T29] audit: type=1326 audit(1733001115.504:96330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=748 comm="syz.8.9835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a87f40849 code=0x7ffc0000
[  665.342793][   T29] audit: type=1326 audit(1733001115.504:96331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=748 comm="syz.8.9835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7a87f40849 code=0x7ffc0000
[  665.366252][   T29] audit: type=1326 audit(1733001115.504:96332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=748 comm="syz.8.9835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a87f40849 code=0x7ffc0000
[  665.389691][   T29] audit: type=1326 audit(1733001115.504:96333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=748 comm="syz.8.9835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7a87f40849 code=0x7ffc0000
[  665.413163][   T29] audit: type=1326 audit(1733001115.504:96334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=748 comm="syz.8.9835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a87f40849 code=0x7ffc0000
[  665.462523][   T29] audit: type=1326 audit(1733001115.554:96335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=748 comm="syz.8.9835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a87f40849 code=0x7ffc0000
[  665.486077][   T29] audit: type=1326 audit(1733001115.554:96336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=748 comm="syz.8.9835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f7a87f40849 code=0x7ffc0000
[  665.509604][   T29] audit: type=1326 audit(1733001115.554:96337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=748 comm="syz.8.9835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a87f40849 code=0x7ffc0000
[  665.533056][   T29] audit: type=1326 audit(1733001115.554:96338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=748 comm="syz.8.9835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a87f40849 code=0x7ffc0000
[  665.556556][   T29] audit: type=1326 audit(1733001115.554:96339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=748 comm="syz.8.9835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f7a87f40849 code=0x7ffc0000
[  665.580787][T30856] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  665.617589][T28536] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  665.676467][T28831] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  665.738186][  T762] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  665.784389][  T762] loop9: detected capacity change from 0 to 2048
[  665.913769][  T781] netlink: 'syz.1.9847': attribute type 1 has an invalid length.
[  666.056000][  T806] loop8: detected capacity change from 0 to 1024
[  666.075067][  T806] EXT4-fs: Ignoring removed nobh option
[  666.080806][  T806] EXT4-fs: Ignoring removed orlov option
[  666.131626][  T805] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  666.147107][  T806] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  666.196048][  T819] loop7: detected capacity change from 0 to 2048
[  666.264519][  T838] netlink: 'syz.9.9866': attribute type 1 has an invalid length.
[  666.374691][  T852] netlink: 'syz.5.9870': attribute type 1 has an invalid length.
[  666.780421][T27333] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  667.092435][  T938] loop8: detected capacity change from 0 to 512
[  667.120824][  T938] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  667.153044][  T941] netlink: 'syz.1.9902': attribute type 3 has an invalid length.
[  667.160989][  T938] EXT4-fs warning (device loop8): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  667.627521][  T978] syz.7.9918: attempt to access beyond end of device
[  667.627521][  T978] loop0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  667.797393][  T980] bpf_get_probe_write_proto: 47 callbacks suppressed
[  667.797412][  T980] syz.8.9919[980] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  667.858079][  T980] syz.8.9919[980] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  667.889865][  T994] loop9: detected capacity change from 0 to 2048
[  667.900541][  T997] __nla_validate_parse: 22 callbacks suppressed
[  667.900561][  T997] netlink: 16402 bytes leftover after parsing attributes in process `syz.7.9924'.
[  667.933637][  T980] syz.8.9919[980] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  667.939314][  T986] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  668.022165][ T1003] netlink: 28 bytes leftover after parsing attributes in process `syz.7.9927'.
[  668.076545][ T1009] netlink: 64 bytes leftover after parsing attributes in process `syz.7.9930'.
[  668.237971][ T1019] loop7: detected capacity change from 0 to 128
[  668.258029][ T1017] loop9: detected capacity change from 0 to 256
[  668.269463][ T1019] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  668.294050][ T1019] ext4 filesystem being mounted at /249/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  668.571825][ T1023] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9934'.
[  668.688904][ T1017] FAT-fs (loop9): Directory bread(block 64) failed
[  668.730395][ T1017] FAT-fs (loop9): Directory bread(block 65) failed
[  668.799861][ T1017] FAT-fs (loop9): Directory bread(block 66) failed
[  668.823935][  T120] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  668.831757][ T1017] FAT-fs (loop9): Directory bread(block 67) failed
[  668.854788][ T1017] FAT-fs (loop9): Directory bread(block 68) failed
[  668.857358][  T120] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  668.886173][ T1017] FAT-fs (loop9): Directory bread(block 69) failed
[  668.925196][  T120] bond0 (unregistering): Released all slaves
[  668.935902][ T1017] FAT-fs (loop9): Directory bread(block 70) failed
[  668.953751][ T1017] FAT-fs (loop9): Directory bread(block 71) failed
[  668.960329][ T1017] FAT-fs (loop9): Directory bread(block 72) failed
[  668.968016][  T120] bond1 (unregistering): Released all slaves
[  668.976803][  T120] bond2 (unregistering): Released all slaves
[  668.985562][  T120] bond3 (unregistering): Released all slaves
[  668.994043][  T120] bond4 (unregistering): Released all slaves
[  669.005708][  T120] bond5 (unregistering): Released all slaves
[  669.011838][ T1017] FAT-fs (loop9): Directory bread(block 73) failed
[  669.014583][  T120] bond6 (unregistering): Released all slaves
[  669.027738][  T120] bond7 (unregistering): Released all slaves
[  669.036807][  T120] bond8 (unregistering): Released all slaves
[  669.062831][ T1011] netlink: 8 bytes leftover after parsing attributes in process `syz.8.9931'.
[  669.080898][ T1031] netlink: 80 bytes leftover after parsing attributes in process `syz.1.9936'.
[  669.108886][T28831] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  669.119612][ T1031] netlink: 'syz.1.9936': attribute type 3 has an invalid length.
[  669.162487][  T120] hsr_slave_0: left promiscuous mode
[  669.193696][  T120] hsr_slave_1: left promiscuous mode
[  669.229486][  T120] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  669.237051][  T120] batman_adv: batadv0: Removing interface: batadv_slave_0
[  669.251714][  T120] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  669.259249][  T120] batman_adv: batadv0: Removing interface: batadv_slave_1
[  669.270150][  T120] dummy0: left promiscuous mode
[  669.275083][  T120] veth1_macvtap: left promiscuous mode
[  669.280649][  T120] veth1_vlan: left promiscuous mode
[  669.285943][  T120] veth0_vlan: left promiscuous mode
[  669.566940][ T1039] pim6reg1: tun_chr_ioctl cmd 1074025677
[  669.590805][ T1039] pim6reg1: linktype set to 825
[  669.596307][   T24] lo speed is unknown, defaulting to 1000
[  669.659877][ T1044] netlink: 28 bytes leftover after parsing attributes in process `syz.7.9941'.
[  669.739814][ T1043] x_tables: eb_tables: snat.0 target: invalid size 16 (kernel) != (user) 0
[  669.764260][ T1048] loop8: detected capacity change from 0 to 2048
[  669.775583][ T1049] syz.7.9942[1049] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  669.775654][ T1049] syz.7.9942[1049] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  669.788231][ T1051] netlink: 64 bytes leftover after parsing attributes in process `syz.9.9943'.
[  669.818825][ T1049] syz.7.9942[1049] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  669.925603][ T1053] netlink: 'syz.9.9945': attribute type 1 has an invalid length.
[  669.933401][ T1056] loop8: detected capacity change from 0 to 512
[  669.977502][ T1056] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  670.022112][ T1056] EXT4-fs (loop8): 1 truncate cleaned up
[  670.029989][ T1065] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.9949'.
[  670.060153][ T1068] loop9: detected capacity change from 0 to 512
[  670.060206][ T1056] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  670.086639][ T1068] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  670.108941][ T1068] EXT4-fs (loop9): 1 truncate cleaned up
[  670.115286][ T1068] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  670.117180][ T1056] EXT4-fs error (device loop8): ext4_xattr_inode_iget:440: comm syz.8.9944: inode #1073372648: comm syz.8.9944: iget: illegal inode #
[  670.155007][ T1056] EXT4-fs error (device loop8): ext4_xattr_inode_iget:445: comm syz.8.9944: error while reading EA inode 1073372648 err=-117
[  670.167520][ T1068] EXT4-fs error (device loop9): ext4_xattr_inode_iget:440: comm syz.9.9951: inode #1073372648: comm syz.9.9951: iget: illegal inode #
[  670.293765][ T1073] ==================================================================
[  670.301884][ T1073] BUG: KCSAN: data-race in vmalloc_info_show / vmalloc_info_show
[  670.309637][ T1073] 
[  670.311967][ T1073] read-write to 0xffff888101005f20 of 4 bytes by task 1072 on cpu 1:
[  670.320041][ T1073]  vmalloc_info_show+0x470/0x770
[  670.325079][ T1073]  seq_read_iter+0x2d1/0x930
[  670.329682][ T1073]  proc_reg_read_iter+0x118/0x190
[  670.334718][ T1073]  vfs_read+0x5dc/0x700
[  670.338880][ T1073]  __x64_sys_pread64+0xf6/0x150
[  670.343727][ T1073]  x64_sys_call+0x26ee/0x2dc0
[  670.348415][ T1073]  do_syscall_64+0xc9/0x1c0
[  670.352937][ T1073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  670.358830][ T1073] 
[  670.361149][ T1073] read-write to 0xffff888101005f20 of 4 bytes by task 1073 on cpu 0:
[  670.369219][ T1073]  vmalloc_info_show+0x470/0x770
[  670.374180][ T1073]  seq_read_iter+0x2d1/0x930
[  670.378776][ T1073]  proc_reg_read_iter+0x118/0x190
[  670.383805][ T1073]  vfs_read+0x5dc/0x700
[  670.387980][ T1073]  __x64_sys_pread64+0xf6/0x150
[  670.392919][ T1073]  x64_sys_call+0x26ee/0x2dc0
[  670.397603][ T1073]  do_syscall_64+0xc9/0x1c0
[  670.402121][ T1073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  670.408031][ T1073] 
[  670.410348][ T1073] value changed: 0x000000ab -> 0x00000004
[  670.416060][ T1073] 
[  670.418458][ T1073] Reported by Kernel Concurrency Sanitizer on:
[  670.424599][ T1073] CPU: 0 UID: 0 PID: 1073 Comm: syz.9.9951 Tainted: G        W          6.12.0-syzkaller-11677-g2ba9f676d0a2 #0
[  670.436401][ T1073] Tainted: [W]=WARN
[  670.440200][ T1073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  670.450260][ T1073] ==================================================================
[  670.467080][ T1073] ==================================================================
[  670.475197][ T1073] BUG: KCSAN: data-race in vmalloc_info_show / vmalloc_info_show
[  670.482951][ T1073] 
[  670.485283][ T1073] read to 0xffff888101005f20 of 4 bytes by task 1072 on cpu 1:
[  670.492832][ T1073]  vmalloc_info_show+0x544/0x770
[  670.497802][ T1073]  seq_read_iter+0x2d1/0x930
[  670.502515][ T1073]  proc_reg_read_iter+0x118/0x190
[  670.507561][ T1073]  vfs_read+0x5dc/0x700
[  670.511735][ T1073]  __x64_sys_pread64+0xf6/0x150
[  670.516784][ T1073]  x64_sys_call+0x26ee/0x2dc0
[  670.521476][ T1073]  do_syscall_64+0xc9/0x1c0
[  670.525995][ T1073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  670.531897][ T1073] 
[  670.534219][ T1073] read-write to 0xffff888101005f20 of 4 bytes by task 1073 on cpu 0:
[  670.542288][ T1073]  vmalloc_info_show+0x470/0x770
[  670.547226][ T1073]  seq_read_iter+0x2d1/0x930
[  670.551824][ T1073]  proc_reg_read_iter+0x118/0x190
[  670.556862][ T1073]  vfs_read+0x5dc/0x700
[  670.561028][ T1073]  __x64_sys_pread64+0xf6/0x150
[  670.565905][ T1073]  x64_sys_call+0x26ee/0x2dc0
[  670.570589][ T1073]  do_syscall_64+0xc9/0x1c0
[  670.575124][ T1073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  670.581024][ T1073] 
[  670.583344][ T1073] value changed: 0x00000002 -> 0x00000004
[  670.589063][ T1073] 
[  670.591389][ T1073] Reported by Kernel Concurrency Sanitizer on:
[  670.597535][ T1073] CPU: 0 UID: 0 PID: 1073 Comm: syz.9.9951 Tainted: G        W          6.12.0-syzkaller-11677-g2ba9f676d0a2 #0
[  670.609343][ T1073] Tainted: [W]=WARN
[  670.613149][ T1073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  670.623309][ T1073] ==================================================================
[  670.654001][ T1068] EXT4-fs error (device loop9): ext4_xattr_inode_iget:445: comm syz.9.9951: error while reading EA inode 1073372648 err=-117
[  670.667026][   T29] kauditd_printk_skb: 1067 callbacks suppressed
[  670.667040][   T29] audit: type=1326 audit(1733001120.863:97407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1026 comm="syz.5.9935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2c90a577e7 code=0x7ffc0000
[  670.696896][   T29] audit: type=1326 audit(1733001120.863:97408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1026 comm="syz.5.9935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2c909fc189 code=0x7ffc0000
[  670.720318][   T29] audit: type=1326 audit(1733001120.863:97409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1026 comm="syz.5.9935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2c90a577e7 code=0x7ffc0000
[  670.743779][   T29] audit: type=1326 audit(1733001120.863:97410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1026 comm="syz.5.9935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2c909fc189 code=0x7ffc0000
[  670.767250][   T29] audit: type=1326 audit(1733001120.863:97411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1026 comm="syz.5.9935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2c90a577e7 code=0x7ffc0000
[  670.790692][   T29] audit: type=1326 audit(1733001120.863:97412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1026 comm="syz.5.9935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2c909fc189 code=0x7ffc0000
[  670.814114][   T29] audit: type=1326 audit(1733001120.863:97413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1026 comm="syz.5.9935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2c90a577e7 code=0x7ffc0000
[  670.837579][   T29] audit: type=1326 audit(1733001120.863:97414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1026 comm="syz.5.9935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2c909fc189 code=0x7ffc0000
[  670.861005][   T29] audit: type=1326 audit(1733001120.863:97415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1026 comm="syz.5.9935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f2c90a577e7 code=0x7ffc0000
[  670.884460][   T29] audit: type=1326 audit(1733001120.863:97416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1026 comm="syz.5.9935" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2c909fc189 code=0x7ffc0000
[  670.949087][ T1056] EXT4-fs error (device loop8): ext4_xattr_delete_inode:2977: inode #15: comm syz.8.9944: corrupted xattr block 33: invalid header
[  670.965598][ T1068] EXT4-fs error (device loop9): ext4_xattr_delete_inode:2977: inode #15: comm syz.9.9951: corrupted xattr block 33: invalid header
[  671.008115][ T1056] EXT4-fs warning (device loop8): ext4_evict_inode:276: xattr delete (err -117)
[  671.067951][ T1068] EXT4-fs warning (device loop9): ext4_evict_inode:276: xattr delete (err -117)
[  671.245387][T28536] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  671.273427][T27333] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.