last executing test programs:

1m6.749388449s ago: executing program 0 (id=791):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$inet6(0xa, 0x80002, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000f00)={'veth0_to_batadv\x00', &(0x7f0000000000)=@ethtool_perm_addr={0x4b, 0x37, "4372071e845c1497c855383000000002000000372a72ee4dfeed37968b00905020000055965737d2aaec032b9753384b00000000ef86ed"}})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='ufshcd_upiu\x00', r4, 0x0, 0x2}, 0x18)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x10000000)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
getxattr(&(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', &(0x7f0000000040)=@known='system.sockprotoname\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="871000000000000000000100000008000300000001000500060000000000050005"], 0x30}, 0x1, 0x0, 0x0, 0x94}, 0x8808)
setxattr$incfs_metadata(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0), &(0x7f00000000c0)='T', 0x1, 0x0)
getxattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000000)=@known='user.incfs.metadata\x00', 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xb}, 0x48)

1m6.624317032s ago: executing program 0 (id=793):
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10)
readv(0xffffffffffffffff, &(0x7f0000000000), 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
readahead(0xffffffffffffffff, 0x5, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000f3ff0000850000007000000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
io_setup(0x8f0, &(0x7f0000002400)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, r3, &(0x7f0000000040)="5400ffff0000", 0x6, 0x0, 0x0, 0x2}])

1m6.495390554s ago: executing program 0 (id=795):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000240)=0x1, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$inet(0x10, 0x3, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x1fff, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='batadv0\x00', 0x10)
write(r3, &(0x7f0000000140)="84650000", 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r4=>0x0})
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001200)='/proc/keys\x00', 0x0, 0x0)
read$hiddev(r5, &(0x7f00000000c0)=""/4092, 0xffc)
preadv(r5, &(0x7f0000001300)=[{&(0x7f0000000040)=""/17, 0x11}], 0x1, 0x0, 0x20)
r6 = getpid()
ioctl$BLKTRACESETUP(r5, 0xc0481273, &(0x7f0000000800)={'\x00', 0x5, 0xdfc7, 0x80000001, 0x7fffffffffffffff, 0x200, r6})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x18)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ff9000/0x4000)=nil, 0x4000, &(0x7f0000000700)='Q\x00')
io_uring_enter(0xffffffffffffffff, 0x186a, 0x642c, 0x60, 0x0, 0xffffffffffffffc4)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000004c0)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe50a10a000600014002020c600e41b0000900ac000a0502000000160012000a00ff150048035c3b61c1d67f6f94007134cf6efb8007a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000001008af26c8b7b55f4d2a6823a45", 0xd8}], 0x1}, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000740)='./file0\x00', 0x759, &(0x7f0000001340)={[{@sb={'sb', 0x3d, 0xda6}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40}}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}, 0x0}, {@data_journal}, {@journal_dev={'journal_dev', 0x3d, 0xf}}, {@i_version}, {@nobarrier}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0xb6a}}, {@data_err_ignore}], [], 0x2c}, 0x2, 0x4f9, &(0x7f0000000200)="$eJzs3ElvHFUeAPB/te04zjL2ZNYsM+mZzAgLRBw764FDgkDKBQkJhMLR2E4U4iQoNlISWcRBKEgcQPkELDckPgEnuCBAHEBcibgipAj5ksABFarqatN2ub2l7cbx7yd151XVq37v31Uv/ZZuB7BpVbOnJGJHRHwXEb21zbkZqrV/7s9Mjfw8MzWSRJo+91OS57s3MzVSz1o/b3ux0V+JqLyRxN5ysd0T165fGB4fH7tS7BiYrBSpi8Pnxs6NXRo6ceLI4Z7jx4aOtiTOrE739rx2ed/u0y/efmbkzO2Xvvgoq29aHG+Mo6Yvf96y7BI6SnuqUZ37Xjb4//KrviHsbEgnndlzpX2VYdmyuza7XF15+++Njnyrpjeefr2tlQPWVJqmaXdp7+xn2XTaKElqJ6TpzRR4CCTR7hoA7VH/oL83k41Up0bK4+CH291TkY+AsrjvF4/akc58BFvtq42Nutao/L9GxJnpX97NHrHgPAQAQGt9cipiW9HvqD9qRyrx94Z8fyrWhvoi4s8RsSsi/lL0X/4Wkef9R0T8s+GcHctYBajO2y73f77pKRKN3dWWyfp/TxRrW3P7f7M17+sotnbm8XclZ8+Pjx0q3pP+6OrOtgfLLz07rfbpU9++06z8akP/L3tk5df7gkU9fuycN0E3Ojw5/KBx1929mb+xN8rxJ9GZ1FMRuyNizypeP3vPzj/64b5mx+fEn8VZiv/t5i/euYoKzZO+H/FI7fpPx7z4o1j/S/L1yYuvDExcu/74+cb1ycHjx4aODmyN8bFDA/W7ouzLr289WyRLw4hFrn+9aazpQlp2/bcteP/Prlz2ZanZ9dqJlZdx686bTcc0q73/tyTP5+n6+uzV4cnJK4MRW5Lp8v6h38+9OtwzJ38Wf/+Bhdv/rohf3yvO2xsR2U38r4j4d0TsL+r+n4j4b0QcWCT+z5/838vNhpBLx7+2svhHV3T9myVOfhWx8KGOC599XCr4rWop/q5odv2P5Kn+Ys/o8OTWpeJarKaNiQd+AwEAAGAD2J/P0yaVg8VE046oVA4ejNg+O4MyMfnY2cuvXhqtzef2RVelPtPV2zAfOljMDWfb2VlDDdvZ8cP5vHGapmlPtp2N38d3tjd02PS2N2n/mR/KP2kBHjYrWkdr9os2YEOa3/7vLPvM1n8hA1hfLfgeDbBBaf+weS27/a/Vr+CAtlmo/d+IuN+GqgDrbKH2/0Jpz8l1qQuwvoz/YfNaffv3ZQDY6Hz+w6a0rB/JryKx6/QieZLOtSm0eaISi/8VgL6I+p56n2bxF/y+EtGaGna0NNKeOde0smCerdGKsqKyZJ7OFfwhhvVNVP4Y1agluiNiibt39ma7UU9cX+uK5Y3gg/b+7wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDgfgsAAP//RUTTKw==")
pipe2(&(0x7f0000001100)={0xffffffffffffffff, <r9=>0xffffffffffffffff}, 0x88880)
r10 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r10, 0x107, 0x12, &(0x7f0000000040)={0x2, 0x6}, 0x4)
setsockopt$packet_fanout_data(r10, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000180)=[{0x6}]}, 0x10)
close_range(r9, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000680)=@newqdisc={0x34, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r4, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}}, 0x0)

1m6.424617145s ago: executing program 0 (id=796):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001300)={&(0x7f0000000280)=ANY=[@ANYBLOB="9feb01001800000000000000300000003000000002000000000000000000001010000000000000000100008500000002000000000300000000000000000000000000000901"], 0x0, 0x4a}, 0x28)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r1)
getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000000)=0x14)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_NAN(r1, &(0x7f0000000400)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, r2, 0x2, 0x70bd25, 0x25dfdbff, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0x44000}, 0x4040)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r3, &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000080)={0x2, 0xf8, 0x40000, {r3}}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000040)='9p_protocol_dump\x00', r0}, 0x10)
pipe2$9p(&(0x7f0000000240)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
r6 = dup(r5)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000002280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6])

1m6.331881567s ago: executing program 0 (id=797):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000480)={[{@errors_remount}, {@noload}, {@nogrpid}, {@usrquota}, {@noblock_validity}, {}, {@mblk_io_submit}, {@acl}, {@resgid}, {@sysvgroups}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@acl}, {@usrjquota}], [{@obj_type={'obj_type', 0x3d, '/'}}], 0x3d}, 0x1, 0x51f, &(0x7f00000007c0)="$eJzs3UFsI1cZAOB/HDvd7KZNChygEqXQouwK1k4a2kY9lCIhOFUCyn0JiRNFceIodtpNVEFWHDgiIQRInMqFCxInTkioEheOCKkSnEGAQAi2cEACdirb4+xuMk6yG8fOJt8nTea955n3v+doxn7jp5kALqxnIuLViLiTpum1iJjIygvZErudpbXde7ffWmgtSaTp6/9IIsnKunWlbY/FlWy3SxHxlS9GfD05GLexvbM6X6tVN7N8pbm2UWls71xfWZtfri5X12dnZ16ce2nuhbnpvvRzPCJe+fxfvv+dn3zhlV9++s0/3vjb1W8kWXns68cDKh72YqfrpfZ7ce8Omw8Z7CwqtnuYGcvbYuRAya1TbhMAAL19ICI+ERHXYiJGDv86CwAAADyC0s+Ox/+S7m93B4z2KAcAAAAeIYX2HNikUM7m+45HoVAuR3sO74ficqFWbzQ/tVTfWl/szJWdjFJhaaVWnc7mCk9GKWnlZ9rpu/nn9+VnI+LJiPjexFg7X16o1xaHffEDAAAALogr+8b//57ojP8BAACAc2Zy2A0AAAAATp3xPwAAAJx/xv8AAABwrn3ptddaS9p9/vXiG9tbq/U3ri9WG6vlta2F8kJ9c6O8XK8vt+/Zt3ZUfbV6feMzsb51s9KsNpqVxvbOjbX61nrzxsp9j8AGAAAABujJj73z+yQidl8eay8to8fb9ZibAWdVcS+VZOucw/oPT3TWfx5Qo4CBGBl2A4ChKQ67AcDQlIbdAGDokiNe7zl55zfZ+uP9bQ8AANB/Ux/J//3/6OuCu4UBNA84RQ5iALh42t/zjzuT15cFOFdKZgDChXfi3/+PlKYP1CAAAKDvxttLUihnl/fGo1AolyMebz8WoJQsrdSq0xHxRET8bqL0WCs/094zOXLMAAAAAAAAAAAAAAAAAAAAAAAAAAB0pGkSKQAAAHCuRRT+mvyqcy//qYnnxvdfHxhN/jMR2SNC3/zR6z+4Od9sbs60yv+5V978YVb+/DCuYAAAAMCFUHyQjbvj9O44HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD66b3bby10l0HG/fvnImIyL34xLrXXl6IUEZf/lUTxnv2SiBjpQ/yx1p8P58VPWs3aC5kXf+ztk8ffvXVo/JjM3oW8+FdOHh4utHda559X846/QjzTXucff8WI+/IPq/f5L/bOfyM9jv/HjxnjqXd/VukZ/1bEU8X88083ftIj/rN5Ff782weKvvbVnZ1e8dO3I6ZyP3+S+2JVmmsblcb2zvWVtfnl6nJ1fXZ25sW5l+ZemJuuLK3Uqtnf3Bjf/egv7hzW/8s94k8e0f/ncuobzSn7/7s3b3+wkyzlxb/6bE78X/842+Jg/EL22ffJLN16faqb3u2k7/X0T3/79GH9X+zR/6P+/1d7VbrPtS9/60/H3BQAGIDG9s7qfK1W3TwbiZej7zW3RvhD79ejl/hveiaacbqJb/a1wjRN09YxdYJ6khjcm5Ac3tRhn5kAAIB+u/ulf9gtAQAAAAAAAAAAAAAAAAAAgItrEHca2x9zdy+V9OMW2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAffF+AAAA///0iOAC") (fail_nth: 7)
socket$nl_route(0x10, 0x3, 0x0)
unshare(0x60000480)

1m6.287114078s ago: executing program 0 (id=799):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x10050, &(0x7f0000000a80)={[{@errors_remount}, {@nouid32}, {@jqfmt_vfsv0}, {@norecovery}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
r0 = socket(0x11, 0x3, 0x4)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001280)='/proc/sysvipc/sem\x00', 0x0, 0x0)
read$hiddev(r1, &(0x7f00000000c0)=""/4092, 0xffc)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, 0x0, 0x0)

1m6.228114239s ago: executing program 32 (id=799):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file2\x00', 0x10050, &(0x7f0000000a80)={[{@errors_remount}, {@nouid32}, {@jqfmt_vfsv0}, {@norecovery}, {@norecovery}, {@dioread_lock}]}, 0x3, 0x546, &(0x7f0000000180)="$eJzs3dFrZFcZAPDv3mR2s7upmaoPtWAttrJbdSdJ47bBh6og+lRQKz4Ja0wmIWSSWZJJuwmLTfFVEES04Is++SL4BwjSF99FKNR3UVGkZvVBoe2VO3Onm0xmkhRncpfk94Oz9557Zu73nQlz5tyZu/cGcGE9GRE3ImIsIp6JiKlie1qU2OuU/HH39+8t5iWJLHvp7SSSYlt3X5eL5bXiaRMR8Y2vRnw3ORp3a2d3baHRqG8W9enWevJOlu3eXF1fWKmv1Dfm5mafm39+/tb8zFD6WY2IF77815/88JdfeeG3n33lT7f/fuN7eVr/zbJXo6cfw9TpeqX9WnSNR8TmKIKVZLzdw45bJecCAMDx8vn+hyPik+35/1SMtWdzAAAAwHmSfWEy3kkiMgAAAODcSiNiMpK0VpzvO1mcsXotIj4aV9NGc6v1meXm9sZS3hZRjUq6vNqoz8RE+9yBalSSvD5bnGPbrT/bU5+LiEcj4sdTV9r12mKzsVT2lx8AAABwQVzrOf7/91Sa1mpF417JyQEAAADDUy07AQAAAGDkHP8DAADA+VfN+tyh66h09JkAAAAAI/C1F1/MS9a9//XSyzvba82Xby7Vt9Zq69uLtcXm5p3aSrO50r5m3/pJ+2s0m3c+Fxvbd6db9a3W9NbO7u315vZG6/bqoVtgAwAAAGfo0U+88cckIvY+f6VdcpeKtkpENnbwweNlZAiMygc6p+cvo8sDOHsHP9+vlJgHcPZM6eHiqpSdAFC6k/4D0MCTd34//FwAAIDRuP6xwb//v71camrAiBW//yenugAIcK6MlZ0AUJrO73/vZR1lZwOcpcpxMwAHBXDupcP5/f+EUwkTAwoAAJRssl2StFYcB0xGmtZqEY+0bwtYSZZXG/WZiPhQRLw1Vbmc12fbz0zM5gEAAAAAAAAAAAAAAAAAAAAAAADglLIsiQwAAAA41yLSv3XvzHV96unJ3u8HLiX/mWovI+KVn73007sLrdbmbL79n+9vb71ebH+2jG8wAAAAgF7d4/TucTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADNP9/XuL97Msy/bvLZ5l3H98KSKqRfyidFrGY6K9nIhKRFz9VxLjB56XRMTYEOLvvRYRj/WLn+RpRbXI4lD8SxFpRFwZVvz4gPGjE//aEOLDRfZGPv58sd/7L40n28v+77/xovy/Bo9/6fvj39iA8e+RQTutHK4+/uavpwfGfy3i8fH+4083fpLvr0/8p07Zx+98c3d3UFv2i4jr/ca/5HCs6db6nemtnd2bq+sLK/WV+sbc3Oxz88/P35qfmV5ebdSLf/vG+NHHf/Peg9q7R/p/9Zjxt93/Aa//06fs/7tv3t3/SGe15y8Tlfh5lt14qv/f/7F88emj8buffZ8qPgfyev4apq9/q2/8J371hycG5Zb3f2lA/yd6+n+5p/83Ttn/Z77+/T+f8qEAwBnY2tldW2g06ptWDq5E9aFI4+FdyeedpaeRRBL5yluHmhbKT6yz8mrxHltodN9tQ9rz74qDo1EmX9J4BAAAjM6DSX9vS1JOQgAAAAAAAAAAAAAAAAAAAHABnXgZsEFNaUQ82PLtHxxzNbLemHvldBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Fj/CwAA//8GI9aV")
r0 = socket(0x11, 0x3, 0x4)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001280)='/proc/sysvipc/sem\x00', 0x0, 0x0)
read$hiddev(r1, &(0x7f00000000c0)=""/4092, 0xffc)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, 0x0, 0x0)

45.138658537s ago: executing program 5 (id=1039):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fsetxattr(r0, &(0x7f0000000440)=@known='system.posix_acl_access\x00', &(0x7f0000000480)='{\xaa^\x00', 0x4, 0x3)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80000)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_io_uring_setup(0x10e, &(0x7f00000000c0)={0x0, 0xf07d, 0x4, 0x40000, 0x105}, &(0x7f00000019c0)=<r5=>0x0, &(0x7f0000000240))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x40, '\x00', 0x0, @fallback=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r4, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r7=>0x0})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newtfilter={0x24, 0x11, 0x1, 0x691522eb, 0x0, {0x0, 0x0, 0x74, r7, {0x10, 0x4}, {}, {0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
write$P9_RCLUNK(r3, &(0x7f00000000c0)={0x7, 0x79, 0x1}, 0x7)
openat$cgroup_procs(r2, 0x0, 0x2, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
syz_io_uring_setup(0xd2, 0x0, 0x0, &(0x7f0000000080)=<r9=>0x0)
syz_io_uring_submit(0x0, r9, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x46, 0x0, @fd_index=0x9, 0x7, 0x0, 0x0, 0xa, 0x1, {0x1}})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b000000000000000000000000800000000000000921423f3ec822ee4115730ba1c52b9526a961e1b6537ec4becde5328f67b55ab90054a7c36de30fcc668ae575821ec0198688d9b233ffd3a4b0d1b3c0bfadc0f3f555dd851c6c4cf3c0d5b1646eb84ed4253ede92bb0ee8dca594f924fda5d8b1658fc586667c9e6b047e3fe02dfc8cc1b5b1f644f8030e3361c01693dc3fee915732142083fa844d20a01847fcf30c4ba0fb5aabff1b54689acd18a40e6124cd2484f3ffd7460cc5f558cb707b647679a5e6ba8d9c0a016fc02ff438836ed8ccfe1ecb320b54c021b710595338c83c038cef4f894452d70d50baccfbc84f59afdfbc8ecdabb8acff1c60adedaee6d5f66448811560a179", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r11, 0x2000000, 0x7, 0x0, &(0x7f0000000200)="63eced8e46dc3f", 0x0, 0x3800, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r12 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_ACCEPT={0xd, 0x30, 0x4, r1, &(0x7f0000000100), 0x0, 0x0, 0x80000, 0x1, {0x0, r12}})

44.909104751s ago: executing program 5 (id=1046):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x9, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x14}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="f5d96a7bffffa8355025ec16a1000000000000040000000710064bed1777b5e70023102740c369d7cc98f7a2087cca527a6a089acbc4a96d8f9abeb17b344a643c6a7ab370e936d856b454f6ffc2043b8b3d0c4ef8d859ba29ee09779262d60e5918cc6e0f9c833d0d4f"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000380)='ext4_update_sb\x00', 0xffffffffffffffff, 0x0, 0x700000000000}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r2 = open(&(0x7f00000016c0)='./file0\x00', 0x14d01, 0x99)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYRESHEX=r1], 0x50)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
sched_getscheduler(0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000280)=r2, 0x4)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x1b, &(0x7f0000000000)={@remote, 0x0, 0x2}, 0x20)
socket$kcm(0x10, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'syz_tun\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x1, {0x0, 0x0, 0x0, r6, {}, {}, {0xfff3, 0xd}}}, 0x24}}, 0x0)

44.839030413s ago: executing program 5 (id=1050):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x19c5498e, 0x103902)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x1, 0x81, 0x1ff, 0x801, 0x1}, 0x1c)
bind$tipc(r2, 0x0, 0x0)
openat$binfmt_format(0xffffffffffffff9c, &(0x7f00000042c0)='/proc/sys/fs/binfmt_misc/syz2\x00', 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000040)={0x0, 0x2f00, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="6800000000010104000000000000000002000000240001801400016808000100e0000001080002007f0000010c0002800500010000000000240002801400018008000100e000000108000200e00000010c0002800500010000000000080007400000000004000680"], 0x68}}, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000004300)='./file0\x00', &(0x7f0000004340), 0x400)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r4, &(0x7f0000000180)='./bus\x00', 0x24)
syz_open_dev$mouse(&(0x7f00000057c0), 0x8, 0x40202)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000005840)={{0x1, 0x1, 0x18, r1, {0xee01, 0xee00}}, './file0\x00'})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000005880), &(0x7f00000058c0)=0xc)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000005900), 0x0, 0x0)
getpgrp(0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000005940)={{{@in, @in=@empty}}, {{}, 0x0, @in6=@local}}, &(0x7f0000005a40)=0xe8)
statx(0xffffffffffffff9c, &(0x7f0000005a80)='./file0\x00', 0x800, 0x10, &(0x7f0000005ac0))
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000005bc0), &(0x7f0000005c00)=0xc)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)=ANY=[@ANYBLOB="2c0000001200970225bd7000000000000780"], 0x2c}}, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r3)
sendmsg$NL80211_CMD_REQ_SET_REG(r5, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000440)={&(0x7f00000005c0)={0x1d8, r6, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@NL80211_ATTR_REG_RULES={0x78, 0x22, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xd}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x7}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x1}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x9}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x10e5}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x9}]}, {0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0xacb8}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x460}, @NL80211_ATTR_REG_RULE_FLAGS={0x8}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x4}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x50}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x8000}, @NL80211_ATTR_REG_RULE_FLAGS={0x8}]}]}, @NL80211_ATTR_REG_RULES={0x3c, 0x22, 0x0, 0x1, [{0x2c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x4}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x7fffffff}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0xb80}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x2}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xd}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x200}]}]}, @NL80211_ATTR_REG_RULES={0x110, 0x22, 0x0, 0x1, [{0x3c, 0x0, 0x0, 0x1, [@NL80211_ATTR_REG_RULE_FLAGS={0x8}, @NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0xf}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x9}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x7}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x3ff}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x5}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x1}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0xf}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x6e2e}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x3000}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_MAX_BW={0x8, 0x4, 0x3}, @NL80211_ATTR_REG_RULE_FLAGS={0x8, 0x1, 0x6}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x1000}, @NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x5}]}, {0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x5}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x7}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x6}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xff}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_START={0x8, 0x2, 0x5}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x8001}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0xfffffeff}]}, {0x1c, 0x0, 0x0, 0x1, [@NL80211_ATTR_FREQ_RANGE_START={0x8}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8, 0x5, 0x7}, @NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN={0x8}]}, {0xc, 0x0, 0x0, 0x1, [@NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0xfffffff8}]}, {0x4}, {0x24, 0x0, 0x0, 0x1, [@NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x3}, @NL80211_ATTR_DFS_CAC_TIME={0x8, 0x7, 0x1}, @NL80211_ATTR_FREQ_RANGE_END={0x8, 0x3, 0x7}, @NL80211_ATTR_POWER_RULE_MAX_EIRP={0x8, 0x6, 0x7}]}]}]}, 0x1d8}, 0x1, 0x0, 0x0, 0x20040000}, 0x40000)
ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000001c0)={'ip6_vti0\x00', &(0x7f00000000c0)={'syztnl2\x00', <r7=>0x0, 0x4, 0x1, 0x80, 0x4, 0x50, @empty, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1, 0x7800, 0x4}})
newfstatat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, <r8=>0x0}, 0x200)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@mcast1, @in=@rand_addr=0x64010100, 0x4e21, 0x0, 0x4e24, 0x2, 0xa, 0x60, 0x0, 0x0, r7, r8}, {0x2, 0x1, 0x8, 0x8, 0xfffffffffffffff8, 0x8, 0x8, 0x800}, {0xf, 0xbb, 0x9, 0x1}, 0x401, 0x6e6bbd, 0x2, 0x0, 0x3, 0x1}, {{@in=@empty, 0x4d3, 0x6c}, 0xa, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x3506, 0x2, 0x0, 0x9, 0x7, 0x2, 0x3}}, 0xe8)
getgid()
close_range(r1, 0xffffffffffffffff, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="6000000013140100"], 0x60}, 0x1, 0x0, 0x0, 0x44}, 0x810)

44.695313785s ago: executing program 5 (id=1054):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000001380)='./file2\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYRES16=0x0, @ANYRES64=0x0, @ANYRESOCT], 0x1, 0x1256, &(0x7f0000002400)="$eJzs3E9rXFUYB+B3plNnOjV/1FptF3rQjauhycKVIEFSkAwotRFaQZiSiQ65zoTMGBgRY1duXfoZxKU7RfwC2boX3GUjrrIQrzh3apJ2qk0jmVKfZ3Nf7rm/e84hl8Ad7jl7r3350cZ6v7HeGkS5VIryZkTaT5GiHHe8sFIcb9xcWWo2l6+ldHXp+sKrKaXZF39479NvXvpxcP7db2e/q8bu/Pt7vy7+sntx99LeH9c/7PRTp5+6vUFqpVu93qB1K2untU5/o5HS21m71W+nTrff3jrSvp71NjeHqdVdm6lvbrX7/dTqDtNGe5gGvTTYGqbWB61ONzUajTRTD+7r7L9fsvr1fp5/H5HnZ+OJyPM8L0U9SvFkzMRsfB4RT8XT8UxciGfjYjwXz8el0VWnMXwAAAAAAAAAAAAAAAAAAAD4/9gfreY/WP9/Lupxfrz+fy7mJ67/PzPtQQMAAAAAAAAAAAAAAAAAAMBj5p0bN1eWms3laynVIrIvtle3V4tj0b60Hp3Ioh1XYi5+j9EeAYWivvpmc/lKGjkTETvj/M726pmI6riTv/ILo+0ExvnK6PSd/EKRT3E7O5SvRr3ovxYR7ViMubhwqP/aQX5xYr4Wr7x8aPyNmMt3InqRxdqo74P8ZwspvfFW86785dF1AAAA8DhopL/NH33/LXb5azTu117kj/H7wF3v15W4XJnu3InoDz/ZaGVZe+toUbvnzNSK6qMxjOMU5ZPEqzGp6eeIyMpHmr76KeK/GHOp9BD3+bj0j8/P6RSloqiNn+WT3DCimFDpUXh+jl3cPtHcJxfT+5/E6Tn4o9/TVDk3lREBAAAAAAAAAADwIB7ke8Df4qG/IqzEhC/LXp/OVAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgT3bgWAAAAABAmL91Gh0bAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMFQAAAD//3MPuIc=")
truncate(&(0x7f0000000000)='./file2\x00', 0x400)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r0)
sendmsg$NL80211_CMD_SET_REG(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000f40)=ANY=[@ANYBLOB="f8ac18d6256dda3f5cbbca7bf302cb4f4b00", @ANYRES16=r2, @ANYBLOB="000828bd7000fcdbdf251a00000054012280240000800800060034000000080001007f00000008000600ba00000008000600010000003400008008000500ef6e00000800020003000000080003000500000008000400faffffff080003000400000008000500660c00003c000080080004000900000008000200030000000800040040000000080002009e73fd3b0800030009000000080005000500000008000500050000000c00008008000400070000001c0000800800010003000000080003000500000008000300000000001c0000800800050009000000080005000180000008000500040000003400008008000100050000000800010004000000080005000500000008000500000000000800040024f4ffff08000600030000004400008008000100630f00000800020002000000080003000000000008000500d8f09c11080007000900000008000200050000000800020008000000080005004b000000b40022801c000080080007000f00000008000500240e00000800010000c000002400008008000700b0090000080006000900000008000100180900000800050008000000240000800800030000000000080002000100000008000500ff00000008000700eb4100004c0000800800040006d40000080004000000010008000100710700000800050070e5000008000400610a0000080002000080000008000200d08f0000080007000400000008000700070000000500920005000000070021006161000008000100440000000400cc00"], 0x238}, 0x1, 0x0, 0x0, 0x4004080}, 0x6800)
r3 = socket$inet6(0xa, 0x3, 0x7)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r4, 0x28, 0x1, &(0x7f0000000380)=0xffffffff00000041, 0x8)
bind$vsock_stream(r4, &(0x7f0000000940), 0x10)
close(0x3)
listen(r4, 0x0)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r5, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x1)
shutdown(r5, 0x1)
connect$inet6(r3, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x7}, 0x1c)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000e868495fb58d00b6ad1f50ad32d6ad25dfd73a015e0ca6a0f68a7d007dc6751dfb265a0e3ccae669e173a64bc1cfd514600650a58f145ff1205fc9ddaa275e687d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983cd44c05bd0a48dfe3e26e7a23129d6606ed28a69989d552af6d9a9df2c3af36e0360070011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a1a83109753f54b21cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b81a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a928903000000cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba739cd0c31b05c00fba8a4aee676d7caa2e53b91a68ff2e60da7b01a2e5785a238afa4aba70c08b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf78b04963d679d5a5d07e618a1ef9057fec00f9e93021f5a8d30e716de8cde9c6000000000c3b64d10f0939b42b33ab2a8717096c58bb3bb1d457d8bb96870f5a7e2ba31fd69bb80235d957eaa9a40b764e5381ffa604aaafb76a980e72b408f686b185736693089213b4e140f8f38e5589663115093889deb646122a5dc5a9e5ba4d37749a36b880110e2bf524b79bc91105f1d3f7d0de694a9417d68694f17ba5e27ea1cec518b93fadcfe0de010ae9be3273ff73c34b5695080a35bfa5c69e3b533e1b939c81b3beda037b7191cb0000000000000000000010e5d683b8938db5c305cf7e6e62a6890ba9e1f4ee64f8202b59de5036569febfaa95f4633db108b2f786333ec7bacc927f4a1785165b5d2444b4c022bb5cff472e6a0c8ee9d6d8df83b704669147b732ac508c9b9f0ca0a1ce45319d43d4643eb285835daf2065b57bebd61ad6671296c27253a5f9688d57c91ccd40ffe2dbc5dd1613a2e6f5b363cc8d205ce6ef3c3c6ded7dd3dfdb39008d8997213f68cdc971c1d6fdacb7729a5560880a77525e9cfb94ef1735dfe74e6b948697f7e3580436b532a82e315d56b17a5dba98436cc24babaae409f0aab0b40af116001bc85492455956e853ead08b5793d4ecf72378a3dfd9cc837b1c66212d9a2be8fd6341c2f837c7fe09924a51ec42912856cce3d3b2d092c80813aad03e1e63a655f4138730f302df339f30a4fbd453c9a0fba381d071ad7cb80a52bec572e29b0b9b55c235806b97e166609f8083ce776075c"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
r8 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r8)
socket$packet(0x11, 0x2, 0x300)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x100b28, 0x6, 0x0, 0x4, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x6}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000c00)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r9, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ptrace$getregset(0x4204, r8, 0x2, &(0x7f0000000740)={0x0})
sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000001940)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r7, @ANYBLOB="01dfffffff9a26000000210000000c000180080001"], 0x20}, 0x1, 0x0, 0x0, 0x4000c00}, 0x0)

44.275059944s ago: executing program 5 (id=1060):
r0 = syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x80040c, &(0x7f0000000580)={[{@orlov}, {@norecovery}]}, 0x1, 0x5e8, &(0x7f0000001200)="$eJzs3c9vFdUeAPDv3P6gpbzXQl7ee7iQJsZAorS0gCHGBWwNafBH3Lix0oJIgYbWaNGEkuDGxLgxxsSVC/G/UCJbVrpy4caVISFqWJp4zdzOlP6Y2x+X207T+XySS2fOmeGc4fLtOXPuOXMDqKzB9I9axMGImE4i+pP5xbzOyDIHF4579OdH59NXEvX6a78nkWRp+fFJ9rMvO7knIn78IYkDHavLnZm7cXl8amryerY/PHtlenhm7sbRS1fGL05enLw6+sLoqZMnTp4aOdbSdd0sSDt7+933+z8Ze/Obr/5KRr79ZSyJ0/FyduDS62iXwRhs/Jskq7P6TrW7sJJ0ZP9Plr7FSWeJFWJT8vevKyL+F/3REY/fvP74+JVSKwdsqXoSUQcqKhH/UFF5PyC/t195H1wrpVcCbIeHZxYGAFbHf+fC2GD0NMYG9j5KYumwThIRrY3MLbcvIu7fG7t94d7Y7diicTig2PytiPh/UfwnjfgfiJ4YaMR/bVn8p/2Cc9nPNP3VFstfOVQs/mH7LMR/z5rxH03i/60l8f92i+UPPt58p3dZ/Pe2ekkAAAAAAABQWXfPRMTzRZ//1xbn/0TB/J++iDjdhvIHV+yv/vy/9qANxQAFHp6JeKlw/m8tn/070JFt/asxH6AruXBpavJYRPw7Io5E1550f2SNMo5+euDLZnmD2fy//JWWfz+bC5jV40HnnuXnTIzPjj/pdQMRD29FPFU4/zdZbP+TgvY//X0wvcEyDjx751yzvPXjH9gq9a8jDhe2/4+fWpGs/XyO4UZ/YDjvFaz29Ieffdes/Fbj3yMm4Mml7f/eteN/IFn6vJ6ZzZdxfK6z3iyv1f5/d/J645Ez3VnaB+Ozs9dHIrqTsx1p6rL00c3XGXajPB7yeEnj/8gza4//FfX/eyNifsXfnfyxfE1x7r9/9/3arD76/1CeNP4nNtX+b35j9M7A983K31j7f6LR1h/JUoz/wYIv8jDtXp5eEI6dRVnbXV8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2A1qEbEvktrQ4natNjQU0RcR/4m9talrM7PPXbj23tWJNK/x/f+1/Jt++xf2k/z7/weW7I+u2D8eEfsj4vOO3sb+0PlrUxNlXzwAAAAAAAAAAAAAAAAAAADsEH1N1v+nfusou3bAlussuwJAaQri/6cy6gFsP+0/VJf4h+oS/1Bd4h+qq8X472p3PYDtp/2H6hL/UF3iHwAAAAAAdpX9h+7+nETE/Iu9jVeqO8szvwd2t1rZFQBK4xE/UF2m/kB1uccHknXye5qetN6Za5k+/wQnAwAAAAAAAAAAAEDlHD5o/T9UlfX/UF3W/0N15ev/D5VcD2D7uccHYp2V/IXr/9c9CwAAAAAAAAAAAABop5m5G5fHp6Ymr9t4Y2dUox0b6Tu7kYPr9frNxrEtlbVnB1zpjtrIp8LvlPqs2MjX+m3srNJ+JQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACv8EwAA//8IGSKz")
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESOCT=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0x2}, 0x18)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r3, &(0x7f0000004200)='t', 0x1)
sendfile(r3, r2, 0x0, 0x3ffff)
sendfile(r3, r2, 0x0, 0x7ffff000)

44.263810723s ago: executing program 5 (id=1062):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$inet6(0xa, 0x80002, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000f00)={'veth0_to_batadv\x00', &(0x7f0000000000)=@ethtool_perm_addr={0x4b, 0x37, "4372071e845c1497c855383000000002000000372a72ee4dfeed37968b00905020000055965737d2aaec032b9753384b00000000ef86ed"}})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='ufshcd_upiu\x00', r4, 0x0, 0x2}, 0x18)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000780)=@newtaction={0x18, 0x30, 0xb, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20004000}, 0x10000000)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
getxattr(&(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', &(0x7f0000000040)=@known='system.sockprotoname\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="871000000000000000000100000008000300000001000500060000000000050005"], 0x30}, 0x1, 0x0, 0x0, 0x94}, 0x8808)
setxattr$incfs_metadata(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0), &(0x7f00000000c0)='T', 0x1, 0x0)
getxattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000000)=@known='user.incfs.metadata\x00', 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
timer_create(0x0, 0x0, &(0x7f0000001240)=<r9=>0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000060a0b04200000000000000002000000540004803c0001800a0001006c696d69740000002c0002800c000240000000000000000008000540000000000c00014000000000000000010800044000000001140001800b0001007470726f78790000040002800900010073797a30000000000900020073797a32"], 0xa8}}, 0x0)
timer_gettime(r9, &(0x7f0000001280))
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000140)={0x5a, &(0x7f0000000580)=[{0x6, 0xc3, 0x2, 0xfffffffc}, {0xa04, 0x2, 0x59, 0x9}, {0x3, 0x3, 0x7, 0x80000000}, {0x8, 0x3, 0xd7, 0x9}, {0x1012, 0x0, 0x4, 0x8}, {0x8, 0x4, 0x4, 0xc4}, {0x7ff, 0x6, 0xff, 0xf12}, {0xff, 0x6, 0x18, 0x756a}, {0x4, 0xc9, 0x40, 0x3f}, {0x5, 0xc, 0x6, 0x5}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xb}, 0x48)

44.211836465s ago: executing program 33 (id=1062):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$inet6(0xa, 0x80002, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000f00)={'veth0_to_batadv\x00', &(0x7f0000000000)=@ethtool_perm_addr={0x4b, 0x37, "4372071e845c1497c855383000000002000000372a72ee4dfeed37968b00905020000055965737d2aaec032b9753384b00000000ef86ed"}})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000010000000a00000008"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='ufshcd_upiu\x00', r4, 0x0, 0x2}, 0x18)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000780)=@newtaction={0x18, 0x30, 0xb, 0x0, 0x0, {}, [{0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x20004000}, 0x10000000)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
getxattr(&(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', &(0x7f0000000040)=@known='system.sockprotoname\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$SEG6_CMD_SETHMAC(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="871000000000000000000100000008000300000001000500060000000000050005"], 0x30}, 0x1, 0x0, 0x0, 0x94}, 0x8808)
setxattr$incfs_metadata(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0), &(0x7f00000000c0)='T', 0x1, 0x0)
getxattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000000)=@known='user.incfs.metadata\x00', 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
timer_create(0x0, 0x0, &(0x7f0000001240)=<r9=>0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000060a0b04200000000000000002000000540004803c0001800a0001006c696d69740000002c0002800c000240000000000000000008000540000000000c00014000000000000000010800044000000001140001800b0001007470726f78790000040002800900010073797a30000000000900020073797a32"], 0xa8}}, 0x0)
timer_gettime(r9, &(0x7f0000001280))
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, &(0x7f0000000140)={0x5a, &(0x7f0000000580)=[{0x6, 0xc3, 0x2, 0xfffffffc}, {0xa04, 0x2, 0x59, 0x9}, {0x3, 0x3, 0x7, 0x80000000}, {0x8, 0x3, 0xd7, 0x9}, {0x1012, 0x0, 0x4, 0x8}, {0x8, 0x4, 0x4, 0xc4}, {0x7ff, 0x6, 0xff, 0xf12}, {0xff, 0x6, 0x18, 0x756a}, {0x4, 0xc9, 0x40, 0x3f}, {0x5, 0xc, 0x6, 0x5}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0xb}, 0x48)

1.50615598s ago: executing program 1 (id=1769):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020097b1af8ff00000000bfa100000000000007010000b8ffffffb702000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

1.466410571s ago: executing program 1 (id=1770):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x19c5498e, 0x103902)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x1, 0x81, 0x1ff, 0x801, 0x1}, 0x1c)
bind$tipc(r2, 0x0, 0x0)
openat$binfmt_format(0xffffffffffffff9c, &(0x7f00000042c0)='/proc/sys/fs/binfmt_misc/syz2\x00', 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, 0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000004300)='./file0\x00', &(0x7f0000004340), 0x400)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r4, &(0x7f0000000180)='./bus\x00', 0x24)
syz_open_dev$mouse(&(0x7f00000057c0), 0x8, 0x40202)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000005840)={{0x1, 0x1, 0x18, r1, {0xee01, 0xee00}}, './file0\x00'})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000005880), &(0x7f00000058c0)=0xc)
openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000005900), 0x0, 0x0)
getpgrp(0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000005940)={{{@in, @in=@empty}}, {{}, 0x0, @in6=@local}}, &(0x7f0000005a40)=0xe8)
statx(0xffffffffffffff9c, &(0x7f0000005a80)='./file0\x00', 0x800, 0x10, &(0x7f0000005ac0))

1.434633842s ago: executing program 1 (id=1771):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c3c00000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r1, 0x660c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x3, 0x140)
syz_usb_disconnect(r2)
r3 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
openat$binfmt(0xffffffffffffff9c, r3, 0x42, 0x1ff)
openat$binfmt(0xffffffffffffff9c, r3, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES16, @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000000), &(0x7f00000003c0)=r4}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = getpgrp(0x0)
r7 = syz_pidfd_open(r6, 0x0)
ioctl$FS_IOC_GETVERSION(r7, 0xff05, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='kmem_cache_free\x00', r5, 0x0, 0x7fffffffffffffff}, 0x18)
r8 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000640), 0x4040, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCGPTPEER(r8, 0x5441, 0x0)
pipe2$9p(&(0x7f0000000080), 0x84800)
r9 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000000500)={0x0, <r10=>0x0}, &(0x7f0000000540)=0xc)
quotactl$Q_GETQUOTA(0xffffffff80000700, &(0x7f00000004c0)=@sg0, r10, &(0x7f0000000580))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0))
sendmsg$nl_route_sched(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000440)=@newqdisc={0x2c, 0x24, 0xd0f, 0x70bd25, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0xa}, {0x8, 0xffff}, {0x10, 0xffff}}, [@TCA_INGRESS_BLOCK={0x8}]}, 0x2c}}, 0x20044080)
sendmsg$nl_route_sched(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=@getchain={0x24, 0x66, 0x1, 0x70bd2b, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x3, 0x9}, {0xffff, 0xa}, {0xe, 0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x45}, 0x4000)
socket$tipc(0x1e, 0x2, 0x0)
ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, &(0x7f0000000300)={0x9e, r0, 'id1\x00'})

1.389987323s ago: executing program 2 (id=1773):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
pipe2(&(0x7f00000006c0)={<r2=>0xffffffffffffffff}, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

1.374765663s ago: executing program 2 (id=1774):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x18)
epoll_create(0x3)

1.360357574s ago: executing program 2 (id=1775):
r0 = getpgrp(0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xf8}], 0x1}, 0x1f00)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r3 = syz_pidfd_open(r0, 0x0)
ioctl$FS_IOC_GETVERSION(r3, 0x80087601, &(0x7f00000170c0))

895.295783ms ago: executing program 4 (id=1778):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r1, 0x0, 0x0)
listen(r1, 0x0)
ioctl$sock_TIOCINQ(r1, 0x541b, 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, 0x0, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfd72, 0x0, 0x40f00, 0x68}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), r3)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000004840)=ANY=[@ANYBLOB="cb504ecf", @ANYRES16=r4, @ANYBLOB="3107000000000000000038000000080001007063690011000200303030303a30303a31302e300000000008007300000000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000300fcffffff"], 0x60}, 0x1, 0x2}, 0x0)
io_setup(0x8f0, &(0x7f0000002400)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, 0x0, 0x2}])
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="28000000190001002abd7000fedbdf6580209000ff110005002300000c0009000100100b", @ANYRES32=0x0, @ANYBLOB="33303c617238a5b23db4963c3493abc2cab0a5f2b0d3442d29c477149241cd61b916978ed371e02d53df8d9479dc280163dd2f0e2563e951f5c3"], 0x28}, 0x1, 0x0, 0x0, 0x24044890}, 0x4000004)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x800000, 0x6, 0x2, 0xcb, 0xffff, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[], &(0x7f0000000c00)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r7, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
kexec_load(0x4, 0xa, 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r8}, 0x18)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
pipe(&(0x7f0000000080))

757.064515ms ago: executing program 4 (id=1779):
set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x1d, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000bf46db69cca4f523c7ba0dc4d115355fed50aca5381c2c51442730c017f297d06f87ad378ca4560dba34409ca87dcd39a7d217f5699cce8aba529e83588ad9846e3ca25faa32d1023d5dbd7b52f6fad6f9b21ffd74cc1d938fb25c8c3cb54aa1d5e7966b3e42fb7c827feee85fd8"], 0x48)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1, 0x0, 0x1b, 0x3}})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x400})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
socket$inet_mptcp(0x2, 0x1, 0x106)
syz_open_dev$tty20(0xc, 0x4, 0x0)

740.084036ms ago: executing program 4 (id=1781):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
setrlimit(0x9, &(0x7f0000000000))

724.912046ms ago: executing program 4 (id=1782):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x6c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='kfree\x00', r3}, 0x10)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r1, &(0x7f0000002540)={0x0, 0x0, &(0x7f0000002500)={&(0x7f0000000000)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000000c0000000c0003800400040004000380180001801400020076657468305f746f5f626f6e64000000edf7074246d0853bcb374219f9caedbbd6255c39a6f7e44327d860e0cfe20f4b91f460fcc53ad2"], 0x38}}, 0x0)

701.894866ms ago: executing program 4 (id=1784):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
pipe2(&(0x7f00000006c0)={<r2=>0xffffffffffffffff}, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)

694.024697ms ago: executing program 1 (id=1785):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f00000006c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x800, 0xfffffffc, 0x7, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x20000000000002b8, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x8000, 0x0, 0x0, 0x41000}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r4 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
writev(r4, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}], 0x1)

624.292198ms ago: executing program 4 (id=1786):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020756c3c00000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$EXT4_IOC_ALLOC_DA_BLKS(r1, 0x660c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x3, 0x140)
syz_usb_disconnect(r2)
r3 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
openat$binfmt(0xffffffffffffff9c, r3, 0x42, 0x1ff)
openat$binfmt(0xffffffffffffff9c, r3, 0x2, 0x0)
execveat$binfmt(0xffffffffffffff9c, r3, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000000), &(0x7f00000003c0)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = getpgrp(0x0)
r6 = syz_pidfd_open(r5, 0x0)
ioctl$FS_IOC_GETVERSION(r6, 0xff05, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='kmem_cache_free\x00', r4, 0x0, 0x7fffffffffffffff}, 0x18)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000640), 0x4040, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$TIOCGPTPEER(r7, 0x5441, 0x0)
pipe2$9p(&(0x7f0000000080), 0x84800)
r8 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000500)={0x0, <r9=>0x0}, &(0x7f0000000540)=0xc)
quotactl$Q_GETQUOTA(0xffffffff80000700, &(0x7f00000004c0)=@sg0, r9, &(0x7f0000000580))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0))
sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000440)=@newqdisc={0x2c, 0x24, 0xd0f, 0x70bd25, 0x0, {0x60, 0x0, 0x0, 0x0, {0x0, 0xa}, {0x8, 0xffff}, {0x10, 0xffff}}, [@TCA_INGRESS_BLOCK={0x8}]}, 0x2c}}, 0x20044080)
sendmsg$nl_route_sched(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=@getchain={0x24, 0x66, 0x1, 0x70bd2b, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x3, 0x9}, {0xffff, 0xa}, {0xe, 0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x45}, 0x4000)
socket$tipc(0x1e, 0x2, 0x0)
ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, &(0x7f0000000300)={0x9e, r0, 'id1\x00'})

487.63838ms ago: executing program 1 (id=1788):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="f0000000100013070000000000000000ff020000000000000000000000000001fe8000000000000000000000000000bb00000000000000000a00a02000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000032000000000000000000000000000000000000010000000000000000feffffffffffffff0700000000000000000000000000000000a1ae7a01baeccc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000200000000"], 0xf0}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@ip_ttl={{0x14, 0x0, 0x2, 0x7}}], 0x18}}], 0x1, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r3, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r4 = socket$inet(0x2, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r6}, 0x10)
setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027f"], 0x57)
setsockopt$inet_mreqsrc(r2, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r7 = socket$kcm(0x2, 0xa, 0x2)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r7}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af80800000000bfa100000000000007010200f8ffffffb702000008000000b7030000000000008500000006"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
close_range(r8, 0xffffffffffffffff, 0x0)
connect$inet(r8, &(0x7f0000000040)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x34}}, 0x10)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000300)=ANY=[], 0x4e)
setsockopt$TIPC_GROUP_LEAVE(0xffffffffffffffff, 0x10f, 0x88)

437.120421ms ago: executing program 2 (id=1789):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000240)=0x1, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$inet(0x10, 0x3, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r3, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='batadv0\x00', 0x10)
write(r3, &(0x7f0000000140)="84650000", 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r4=>0x0})
r5 = socket$netlink(0x10, 0x3, 0x6)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001200)='/proc/keys\x00', 0x0, 0x0)
read$hiddev(r6, &(0x7f00000000c0)=""/4092, 0xffc)
preadv(r6, &(0x7f0000001300)=[{&(0x7f0000000040)=""/17, 0x11}], 0x1, 0x0, 0x20)
r7 = getpid()
ioctl$BLKTRACESETUP(r6, 0xc0481273, &(0x7f0000000800)={'\x00', 0x5, 0xdfc7, 0x80000001, 0x7fffffffffffffff, 0x200, r7})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x18)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ff9000/0x4000)=nil, 0x4000, &(0x7f0000000700)='Q\x00')
io_uring_enter(0xffffffffffffffff, 0x186a, 0x642c, 0x60, 0x0, 0xffffffffffffffc4)
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000004c0)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe50a10a000600014002020c600e41b0000900ac000a0502000000160012000a00ff150048035c3b61c1d67f6f94007134cf6efb8007a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000001008af26c8b7b55f4d2a6823a45", 0xd8}], 0x1}, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000740)='./file0\x00', 0x759, &(0x7f0000001340)={[{@sb={'sb', 0x3d, 0xda6}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40}}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}, 0x0}, {@data_journal}, {@journal_dev={'journal_dev', 0x3d, 0xf}}, {@i_version}, {@nobarrier}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0xb6a}}, {@data_err_ignore}], [], 0x2c}, 0x2, 0x4f9, &(0x7f0000000200)="$eJzs3ElvHFUeAPB/te04zjL2ZNYsM+mZzAgLRBw764FDgkDKBQkJhMLR2E4U4iQoNlISWcRBKEgcQPkELDckPgEnuCBAHEBcibgipAj5ksABFarqatN2ub2l7cbx7yd151XVq37v31Uv/ZZuB7BpVbOnJGJHRHwXEb21zbkZqrV/7s9Mjfw8MzWSRJo+91OS57s3MzVSz1o/b3ux0V+JqLyRxN5ysd0T165fGB4fH7tS7BiYrBSpi8Pnxs6NXRo6ceLI4Z7jx4aOtiTOrE739rx2ed/u0y/efmbkzO2Xvvgoq29aHG+Mo6Yvf96y7BI6SnuqUZ37Xjb4//KrviHsbEgnndlzpX2VYdmyuza7XF15+++Njnyrpjeefr2tlQPWVJqmaXdp7+xn2XTaKElqJ6TpzRR4CCTR7hoA7VH/oL83k41Up0bK4+CH291TkY+AsrjvF4/akc58BFvtq42Nutao/L9GxJnpX97NHrHgPAQAQGt9cipiW9HvqD9qRyrx94Z8fyrWhvoi4s8RsSsi/lL0X/4Wkef9R0T8s+GcHctYBajO2y73f77pKRKN3dWWyfp/TxRrW3P7f7M17+sotnbm8XclZ8+Pjx0q3pP+6OrOtgfLLz07rfbpU9++06z8akP/L3tk5df7gkU9fuycN0E3Ojw5/KBx1929mb+xN8rxJ9GZ1FMRuyNizypeP3vPzj/64b5mx+fEn8VZiv/t5i/euYoKzZO+H/FI7fpPx7z4o1j/S/L1yYuvDExcu/74+cb1ycHjx4aODmyN8bFDA/W7ouzLr289WyRLw4hFrn+9aazpQlp2/bcteP/Prlz2ZanZ9dqJlZdx686bTcc0q73/tyTP5+n6+uzV4cnJK4MRW5Lp8v6h38+9OtwzJ38Wf/+Bhdv/rohf3yvO2xsR2U38r4j4d0TsL+r+n4j4b0QcWCT+z5/838vNhpBLx7+2svhHV3T9myVOfhWx8KGOC599XCr4rWop/q5odv2P5Kn+Ys/o8OTWpeJarKaNiQd+AwEAAGAD2J/P0yaVg8VE046oVA4ejNg+O4MyMfnY2cuvXhqtzef2RVelPtPV2zAfOljMDWfb2VlDDdvZ8cP5vHGapmlPtp2N38d3tjd02PS2N2n/mR/KP2kBHjYrWkdr9os2YEOa3/7vLPvM1n8hA1hfLfgeDbBBaf+weS27/a/Vr+CAtlmo/d+IuN+GqgDrbKH2/0Jpz8l1qQuwvoz/YfNaffv3ZQDY6Hz+w6a0rB/JryKx6/QieZLOtSm0eaISi/8VgL6I+p56n2bxF/y+EtGaGna0NNKeOde0smCerdGKsqKyZJ7OFfwhhvVNVP4Y1agluiNiibt39ma7UU9cX+uK5Y3gg/b+7wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDgfgsAAP//RUTTKw==")
pipe2(&(0x7f0000001100)={0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x88880)
r11 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r11, 0x107, 0x12, &(0x7f0000000040)={0x2, 0x6}, 0x4)
setsockopt$packet_fanout_data(r11, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000180)=[{0x6}]}, 0x10)
close_range(r10, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000680)=@newqdisc={0x34, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r4, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}}, 0x0)

425.980802ms ago: executing program 3 (id=1790):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r1, 0x0, 0x0)
listen(r1, 0x0)
ioctl$sock_TIOCINQ(r1, 0x541b, 0x0)
bpf$MAP_LOOKUP_ELEM(0x2, 0x0, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0xfd72, 0x0, 0x40f00, 0x68}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), r3)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000004840)=ANY=[@ANYBLOB="cb504ecf", @ANYRES16=r4, @ANYBLOB="3107000000000000000038000000080001007063690011000200303030303a30303a31302e300000000008007300000000000e0001006e657464657673696d0000000f0002006e657464657673696d30000008000300fcffffff"], 0x60}, 0x1, 0x2}, 0x0)
io_setup(0x8f0, &(0x7f0000002400)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000340)=[&(0x7f0000000100)={0x2002000000, 0x4, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x0, 0x0, 0x2}])
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="28000000190001002abd7000fedbdf6580209000ff110005002300000c0009000100100b", @ANYRES32=0x0, @ANYBLOB="33303c617238a5b23db4963c3493abc2cab0a5f2b0d3442d29c477149241cd61b916978ed371e02d53df8d9479dc280163dd2f0e2563e951f5c3"], 0x28}, 0x1, 0x0, 0x0, 0x24044890}, 0x4000004)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x800000, 0x6, 0x2, 0xcb, 0xffff, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[], &(0x7f0000000c00)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r7, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
kexec_load(0x4, 0xa, 0x0, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x2c, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r8}, 0x18)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
pipe(&(0x7f0000000080))

330.842053ms ago: executing program 6 (id=1793):
set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x1d, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00'}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000bf46db69cca4f523c7ba0dc4d115355fed50aca5381c2c51442730c017f297d06f87ad378ca4560dba34409ca87dcd39a7d217f5699cce8aba529e83588ad9846e3ca25faa32d1023d5dbd7b52f6fad6f9b21ffd74cc1d938fb25c8c3cb54aa1d5e7966b3e42fb7c827feee85fd8"], 0x48)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1, 0x0, 0x1b, 0x3}})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x400})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
socket$inet_mptcp(0x2, 0x1, 0x106)
syz_open_dev$tty20(0xc, 0x4, 0x0)

330.162583ms ago: executing program 2 (id=1794):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
socket$netlink(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000080)={&(0x7f0000000180)={0x58, 0x3, 0x6, 0x101, 0x0, 0x0, {0xa, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x58}}, 0x4)
r1 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_GETDRIVER(r1, 0x41045508, &(0x7f0000000340)={0x0, "1b4add0a111c45dd8999e2bbe24024ed7cff466b647253a3fbf9cee8a497a38d5ca0dd596364e2fd78c0a7f51bdc1239f997aa7ab47b15ff200030311d5d0a8dfddc92fa6ca6964e9a8ee8ce823217f79a30778b26034479f5408fe61f2ad8fc212e0d7dde7a16110d982b2e93cad353ea323f59a4e21e5b4ae6f2c34411218d0e9a871d7f5f60426f7c6d0c1979081dd28aa92b66b59a83151b1263a42a7254e2968ced8de0a40c77d5019cdf4549f75081f58cf097bbd2a14baaf23c0cc5b3c7a4b2165d756862fa42d427854d9e2017863f77a504f1d958b2808a8c410aea209e12ea196d888cd8f96b4a5fb7652c0e74deb602a5caafd14352f06ffbb787"})

327.338693ms ago: executing program 1 (id=1795):
r0 = getpgrp(0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x22}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2, 0x0, 0x7}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
recvmsg(r3, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1, 0x0, 0x300}, 0x1f00)
sendmsg$tipc(r4, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r5 = syz_pidfd_open(r0, 0x0)
ioctl$FS_IOC_GETVERSION(r5, 0x80087601, &(0x7f00000170c0))
r6 = gettid()
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f00000002c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0)
r7 = socket$key(0xf, 0x3, 0x2)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x33, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r9, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
write$cgroup_int(r8, &(0x7f0000000000)=0xfe8e, 0x12)
sendmsg$key(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="250a0e09020000df25"], 0x10}}, 0x8894)

326.658013ms ago: executing program 6 (id=1796):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='kfree\x00'}, 0x18)
socket$packet(0x11, 0x3, 0x300)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b702000000040000850000008600000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
syz_emit_ethernet(0xad, &(0x7f00000003c0)={@random="e33110495bfd", @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb653e", 0x77, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @rand_addr=' \x01\x00', @private1, [{0x4, 0x9, "9595f429ae08a565c9a41d413270a44d2e6f790a3872d50bb14d25344dc5b3a281f175f5ee04aab21301b94d966c72c15a143c69205625466855101cf44d89d9f6ee47d77c0d4e53e34b67c542"}]}}}}}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000240)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="3902000000000000"], 0x2c}}, 0x0)

313.549803ms ago: executing program 3 (id=1797):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
pipe2(&(0x7f00000006c0)={<r1=>0xffffffffffffffff}, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

286.726944ms ago: executing program 3 (id=1798):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f00000006c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r1 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40000100, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x7}, 0x0, 0x800, 0xfffffffc, 0x7, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x20000000000002b8, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x8000, 0x0, 0x0, 0x41000}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x28, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r1}, 0x20)
r4 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
writev(r4, &(0x7f00000025c0)=[{&(0x7f0000000240)='4', 0x1}], 0x1)

256.860395ms ago: executing program 2 (id=1799):
r0 = syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x80040c, &(0x7f0000000580)={[{@orlov}, {@norecovery}]}, 0x1, 0x5e8, &(0x7f0000001200)="$eJzs3c9vFdUeAPDv3P6gpbzXQl7ee7iQJsZAorS0gCHGBWwNafBH3Lix0oJIgYbWaNGEkuDGxLgxxsSVC/G/UCJbVrpy4caVISFqWJp4zdzOlP6Y2x+X207T+XySS2fOmeGc4fLtOXPuOXMDqKzB9I9axMGImE4i+pP5xbzOyDIHF4579OdH59NXEvX6a78nkWRp+fFJ9rMvO7knIn78IYkDHavLnZm7cXl8amryerY/PHtlenhm7sbRS1fGL05enLw6+sLoqZMnTp4aOdbSdd0sSDt7+933+z8Ze/Obr/5KRr79ZSyJ0/FyduDS62iXwRhs/Jskq7P6TrW7sJJ0ZP9Plr7FSWeJFWJT8vevKyL+F/3REY/fvP74+JVSKwdsqXoSUQcqKhH/UFF5PyC/t195H1wrpVcCbIeHZxYGAFbHf+fC2GD0NMYG9j5KYumwThIRrY3MLbcvIu7fG7t94d7Y7diicTig2PytiPh/UfwnjfgfiJ4YaMR/bVn8p/2Cc9nPNP3VFstfOVQs/mH7LMR/z5rxH03i/60l8f92i+UPPt58p3dZ/Pe2ekkAAAAAAABQWXfPRMTzRZ//1xbn/0TB/J++iDjdhvIHV+yv/vy/9qANxQAFHp6JeKlw/m8tn/070JFt/asxH6AruXBpavJYRPw7Io5E1550f2SNMo5+euDLZnmD2fy//JWWfz+bC5jV40HnnuXnTIzPjj/pdQMRD29FPFU4/zdZbP+TgvY//X0wvcEyDjx751yzvPXjH9gq9a8jDhe2/4+fWpGs/XyO4UZ/YDjvFaz29Ieffdes/Fbj3yMm4Mml7f/eteN/IFn6vJ6ZzZdxfK6z3iyv1f5/d/J645Ez3VnaB+Ozs9dHIrqTsx1p6rL00c3XGXajPB7yeEnj/8gza4//FfX/eyNifsXfnfyxfE1x7r9/9/3arD76/1CeNP4nNtX+b35j9M7A983K31j7f6LR1h/JUoz/wYIv8jDtXp5eEI6dRVnbXV8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2A1qEbEvktrQ4natNjQU0RcR/4m9talrM7PPXbj23tWJNK/x/f+1/Jt++xf2k/z7/weW7I+u2D8eEfsj4vOO3sb+0PlrUxNlXzwAAAAAAAAAAAAAAAAAAADsEH1N1v+nfusou3bAlussuwJAaQri/6cy6gFsP+0/VJf4h+oS/1Bd4h+qq8X472p3PYDtp/2H6hL/UF3iHwAAAAAAdpX9h+7+nETE/Iu9jVeqO8szvwd2t1rZFQBK4xE/UF2m/kB1uccHknXye5qetN6Za5k+/wQnAwAAAAAAAAAAAEDlHD5o/T9UlfX/UF3W/0N15ev/D5VcD2D7uccHYp2V/IXr/9c9CwAAAAAAAAAAAABop5m5G5fHp6Ymr9t4Y2dUox0b6Tu7kYPr9frNxrEtlbVnB1zpjtrIp8LvlPqs2MjX+m3srNJ+JQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACv8EwAA//8IGSKz")
bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
timer_create(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESOCT=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0x2}, 0x18)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r3, &(0x7f0000004200)='t', 0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0xb, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x10)
pipe2(&(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r7, 0x0, r6, 0x0, 0x6, 0x0)
ioctl$int_in(r6, 0x5452, &(0x7f0000000100)=0x3ff)
dup3(r7, r6, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendfile(r3, r2, 0x0, 0x3ffff)
sendfile(r3, r2, 0x0, 0x7ffff000)

231.858205ms ago: executing program 3 (id=1800):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x9, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x14}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000380)='ext4_update_sb\x00', 0xffffffffffffffff, 0x0, 0x700000000000}, 0x18)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r2 = open(&(0x7f00000016c0)='./file0\x00', 0x14d01, 0x99)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYRESHEX=r1], 0x50)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000400)='inet_sock_set_state\x00'}, 0x18)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000280)=r2, 0x4)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x1b, &(0x7f0000000000)={@remote, 0x0, 0x2}, 0x20)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001900)="2e00000011008188040900000000000000a1810031000000000f000000028002002d1f00000002000000e2000000", 0x2e}], 0x1}, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'syz_tun\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x1, {0x0, 0x0, 0x0, r7, {}, {}, {0xfff3, 0xd}}}, 0x24}}, 0x0)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x24, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x0, 0x10000, 0x8, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
close_range(r4, 0xffffffffffffffff, 0x0)

227.088296ms ago: executing program 6 (id=1801):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000140)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa0000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x18)
epoll_create(0x3)

183.403476ms ago: executing program 6 (id=1802):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e088641100050000210283ac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48)

152.836097ms ago: executing program 6 (id=1803):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x11, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
setrlimit(0x9, &(0x7f0000000000))

53.871739ms ago: executing program 6 (id=1804):
r0 = getpgrp(0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xf8}], 0x1}, 0x1f00)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
r3 = syz_pidfd_open(r0, 0x0)
ioctl$FS_IOC_GETVERSION(r3, 0x80087601, &(0x7f00000170c0))

52.803899ms ago: executing program 3 (id=1805):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1e, &(0x7f0000000240)=0x1, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$inet(0x10, 0x3, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r3, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='batadv0\x00', 0x10)
write(r3, &(0x7f0000000140)="84650000", 0x4)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r4=>0x0})
r5 = socket$netlink(0x10, 0x3, 0x6)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001200)='/proc/keys\x00', 0x0, 0x0)
read$hiddev(r6, &(0x7f00000000c0)=""/4092, 0xffc)
preadv(r6, &(0x7f0000001300)=[{&(0x7f0000000040)=""/17, 0x11}], 0x1, 0x0, 0x20)
r7 = getpid()
ioctl$BLKTRACESETUP(r6, 0xc0481273, &(0x7f0000000800)={'\x00', 0x5, 0xdfc7, 0x80000001, 0x7fffffffffffffff, 0x200, r7})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x18)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ff9000/0x4000)=nil, 0x4000, &(0x7f0000000700)='Q\x00')
io_uring_enter(0xffffffffffffffff, 0x186a, 0x642c, 0x60, 0x0, 0xffffffffffffffc4)
r9 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000004c0)="d8000000180081064e81f782db4cb904021d0800fd007c05e8fe50a10a000600014002020c600e41b0000900ac000a0502000000160012000a00ff150048035c3b61c1d67f6f94007134cf6efb8007a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000001008af26c8b7b55f4d2a6823a45", 0xd8}], 0x1}, 0x0)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000740)='./file0\x00', 0x759, &(0x7f0000001340)={[{@sb={'sb', 0x3d, 0xda6}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40}}, {@errors_remount}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}, 0x0}, {@data_journal}, {@journal_dev={'journal_dev', 0x3d, 0xf}}, {@i_version}, {@nobarrier}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0xb6a}}, {@data_err_ignore}], [], 0x2c}, 0x2, 0x4f9, &(0x7f0000000200)="$eJzs3ElvHFUeAPB/te04zjL2ZNYsM+mZzAgLRBw764FDgkDKBQkJhMLR2E4U4iQoNlISWcRBKEgcQPkELDckPgEnuCBAHEBcibgipAj5ksABFarqatN2ub2l7cbx7yd151XVq37v31Uv/ZZuB7BpVbOnJGJHRHwXEb21zbkZqrV/7s9Mjfw8MzWSRJo+91OS57s3MzVSz1o/b3ux0V+JqLyRxN5ysd0T165fGB4fH7tS7BiYrBSpi8Pnxs6NXRo6ceLI4Z7jx4aOtiTOrE739rx2ed/u0y/efmbkzO2Xvvgoq29aHG+Mo6Yvf96y7BI6SnuqUZ37Xjb4//KrviHsbEgnndlzpX2VYdmyuza7XF15+++Njnyrpjeefr2tlQPWVJqmaXdp7+xn2XTaKElqJ6TpzRR4CCTR7hoA7VH/oL83k41Up0bK4+CH291TkY+AsrjvF4/akc58BFvtq42Nutao/L9GxJnpX97NHrHgPAQAQGt9cipiW9HvqD9qRyrx94Z8fyrWhvoi4s8RsSsi/lL0X/4Wkef9R0T8s+GcHctYBajO2y73f77pKRKN3dWWyfp/TxRrW3P7f7M17+sotnbm8XclZ8+Pjx0q3pP+6OrOtgfLLz07rfbpU9++06z8akP/L3tk5df7gkU9fuycN0E3Ojw5/KBx1929mb+xN8rxJ9GZ1FMRuyNizypeP3vPzj/64b5mx+fEn8VZiv/t5i/euYoKzZO+H/FI7fpPx7z4o1j/S/L1yYuvDExcu/74+cb1ycHjx4aODmyN8bFDA/W7ouzLr289WyRLw4hFrn+9aazpQlp2/bcteP/Prlz2ZanZ9dqJlZdx686bTcc0q73/tyTP5+n6+uzV4cnJK4MRW5Lp8v6h38+9OtwzJ38Wf/+Bhdv/rohf3yvO2xsR2U38r4j4d0TsL+r+n4j4b0QcWCT+z5/838vNhpBLx7+2svhHV3T9myVOfhWx8KGOC599XCr4rWop/q5odv2P5Kn+Ys/o8OTWpeJarKaNiQd+AwEAAGAD2J/P0yaVg8VE046oVA4ejNg+O4MyMfnY2cuvXhqtzef2RVelPtPV2zAfOljMDWfb2VlDDdvZ8cP5vHGapmlPtp2N38d3tjd02PS2N2n/mR/KP2kBHjYrWkdr9os2YEOa3/7vLPvM1n8hA1hfLfgeDbBBaf+weS27/a/Vr+CAtlmo/d+IuN+GqgDrbKH2/0Jpz8l1qQuwvoz/YfNaffv3ZQDY6Hz+w6a0rB/JryKx6/QieZLOtSm0eaISi/8VgL6I+p56n2bxF/y+EtGaGna0NNKeOde0smCerdGKsqKyZJ7OFfwhhvVNVP4Y1agluiNiibt39ma7UU9cX+uK5Y3gg/b+7wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDgfgsAAP//RUTTKw==")
pipe2(&(0x7f0000001100)={0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x88880)
r11 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r11, 0x107, 0x12, &(0x7f0000000040)={0x2, 0x6}, 0x4)
setsockopt$packet_fanout_data(r11, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000000180)=[{0x6}]}, 0x10)
close_range(r10, 0xffffffffffffffff, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000680)=@newqdisc={0x34, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r4, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x4}}]}, 0x34}}, 0x0)

0s ago: executing program 3 (id=1806):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="f0000000100013070000000000000000ff020000000000000000000000000001fe8000000000000000000000000000bb00000000000000000a00a02000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000032000000000000000000000000000000000000010000000000000000feffffffffffffff0700000000000000000000000000000000a1ae7a01baeccc00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000200000000"], 0xf0}}, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@ip_ttl={{0x14, 0x0, 0x2, 0x7}}], 0x18}}], 0x1, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r3 = socket$netlink(0x10, 0x3, 0x0)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r3, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r4 = socket$inet(0x2, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r6}, 0x10)
setsockopt$inet_mreqn(r4, 0x0, 0x23, &(0x7f0000000080)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r4, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027f"], 0x57)
setsockopt$inet_mreqsrc(r2, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r7 = socket$kcm(0x2, 0xa, 0x2)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080)={0x0, r7}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af80800000000bfa100000000000007010200f8ffffffb702000008000000b7030000000000008500000006"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
close_range(r8, 0xffffffffffffffff, 0x0)
connect$inet(r8, &(0x7f0000000040)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x34}}, 0x10)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000300)=ANY=[], 0x4e)
setsockopt$TIPC_GROUP_LEAVE(0xffffffffffffffff, 0x10f, 0x88)

kernel console output (not intermixed with test programs):

eback.
[  117.986417][ T6745] netlink: 'syz.3.1058': attribute type 6 has an invalid length.
[  118.015159][ T6748] netlink: 'syz.4.1059': attribute type 6 has an invalid length.
[  118.026284][ T6748] loop4: detected capacity change from 0 to 512
[  118.038487][ T6745] loop3: detected capacity change from 0 to 512
[  118.052029][ T6748] EXT4-fs (loop4): unable to read superblock
[  118.058782][ T6745] EXT4-fs (loop3): unable to read superblock
[  118.073691][ T6746] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000001)
[  118.112734][ T4705] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.174357][ T4705] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.186534][ T6756] netlink: 'syz.4.1065': attribute type 6 has an invalid length.
[  118.216429][ T6756] loop4: detected capacity change from 0 to 512
[  118.231635][ T6756] EXT4-fs (loop4): unable to read superblock
[  118.232014][ T4705] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.282085][ T4705] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.316017][ T6764] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  118.354178][ T6764] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  118.372740][ T4705] bridge_slave_1: left allmulticast mode
[  118.378492][ T4705] bridge_slave_1: left promiscuous mode
[  118.384253][ T4705] bridge0: port 2(bridge_slave_1) entered disabled state
[  118.417140][ T4705] bridge_slave_0: left allmulticast mode
[  118.422906][ T4705] bridge_slave_0: left promiscuous mode
[  118.428675][ T4705] bridge0: port 1(bridge_slave_0) entered disabled state
[  118.483880][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.522522][ T4705] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  118.533015][ T4705] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  118.542501][ T4705] bond0 (unregistering): Released all slaves
[  118.562844][ T6759] lo speed is unknown, defaulting to 1000
[  118.742202][ T6801] loop2: detected capacity change from 0 to 512
[  118.749193][ T6801] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  118.758350][ T4705] hsr_slave_0: left promiscuous mode
[  118.771379][ T4705] hsr_slave_1: left promiscuous mode
[  118.785065][ T4705] veth1_macvtap: left promiscuous mode
[  118.791535][ T4705] veth0_macvtap: left promiscuous mode
[  118.797242][ T4705] veth1_vlan: left promiscuous mode
[  118.802783][ T4705] veth0_vlan: left promiscuous mode
[  118.872301][ T4705] team0 (unregistering): Port device team_slave_1 removed
[  118.882268][ T4705] team0 (unregistering): Port device team_slave_0 removed
[  118.964221][ T6759] chnl_net:caif_netlink_parms(): no params data found
[  119.061484][ T6759] bridge0: port 1(bridge_slave_0) entered blocking state
[  119.068567][ T6759] bridge0: port 1(bridge_slave_0) entered disabled state
[  119.086030][ T6759] bridge_slave_0: entered allmulticast mode
[  119.096176][ T6759] bridge_slave_0: entered promiscuous mode
[  119.108741][ T6759] bridge0: port 2(bridge_slave_1) entered blocking state
[  119.116012][ T6759] bridge0: port 2(bridge_slave_1) entered disabled state
[  119.136462][ T6842] __nla_validate_parse: 6 callbacks suppressed
[  119.136558][ T6842] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1079'.
[  119.143360][ T6759] bridge_slave_1: entered allmulticast mode
[  119.179011][ T6759] bridge_slave_1: entered promiscuous mode
[  119.232149][ T6759] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  119.259049][ T6759] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  119.278987][ T6851] netlink: 'syz.3.1084': attribute type 6 has an invalid length.
[  119.306788][ T6853] loop2: detected capacity change from 0 to 512
[  119.317875][ T6853] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  119.329168][ T6759] team0: Port device team_slave_0 added
[  119.340437][ T6853] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1085: bg 0: block 4: invalid block bitmap
[  119.360413][ T6851] loop3: detected capacity change from 0 to 512
[  119.360800][ T6759] team0: Port device team_slave_1 added
[  119.371988][ T6851] EXT4-fs (loop3): unable to read superblock
[  119.392974][ T6853] EXT4-fs (loop2): Remounting filesystem read-only
[  119.424379][ T6759] batman_adv: batadv0: Adding interface: batadv_slave_0
[  119.431429][ T6759] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  119.457547][ T6759] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  119.469338][ T6759] batman_adv: batadv0: Adding interface: batadv_slave_1
[  119.475096][ T6853] EXT4-fs (loop2): 1 truncate cleaned up
[  119.476335][ T6759] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  119.490572][ T6853] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.507888][ T6759] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  119.586633][ T6759] hsr_slave_0: entered promiscuous mode
[  119.638324][ T6759] hsr_slave_1: entered promiscuous mode
[  119.664892][ T6858] Set syz1 is full, maxelem 65536 reached
[  119.756289][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.767996][ T6878] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  119.855502][ T6759] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  119.862544][ T6885] loop3: detected capacity change from 0 to 512
[  119.872392][ T6885] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  119.890464][ T6759] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  119.912000][ T6889] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1094'.
[  119.925931][ T6759] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  119.958636][ T6759] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  120.013594][ T6894] syz!: rxe_newlink: already configured on team_slave_0
[  120.041895][ T6759] 8021q: adding VLAN 0 to HW filter on device bond0
[  120.065573][ T6914] loop4: detected capacity change from 0 to 512
[  120.076758][ T6914] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  120.115191][ T6759] 8021q: adding VLAN 0 to HW filter on device team0
[  120.157698][ T5095] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.164827][ T5095] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.227474][ T5095] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.234636][ T5095] bridge0: port 2(bridge_slave_1) entered forwarding state
[  120.256470][ T6759] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  120.266897][ T6759] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  120.283217][ T6928] loop2: detected capacity change from 0 to 512
[  120.290668][ T6928] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  120.304977][ T6930] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  120.317227][ T6928] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1101: bg 0: block 4: invalid block bitmap
[  120.317694][ T6930] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  120.367021][ T6935] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  120.399298][ T6928] EXT4-fs (loop2): Remounting filesystem read-only
[  120.428175][ T6759] 8021q: adding VLAN 0 to HW filter on device batadv0
[  120.430570][ T6928] EXT4-fs (loop2): 1 truncate cleaned up
[  120.450818][   T29] kauditd_printk_skb: 569 callbacks suppressed
[  120.450837][   T29] audit: type=1326 audit(1757480061.544:8018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6939 comm="syz.1.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  120.487788][ T6928] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.500243][   T29] audit: type=1326 audit(1757480061.544:8019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6939 comm="syz.1.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  120.523909][   T29] audit: type=1326 audit(1757480061.544:8020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6939 comm="syz.1.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  120.547352][   T29] audit: type=1326 audit(1757480061.544:8021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6939 comm="syz.1.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  120.570913][   T29] audit: type=1326 audit(1757480061.544:8022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6939 comm="syz.1.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  120.594495][   T29] audit: type=1326 audit(1757480061.544:8023): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6939 comm="syz.1.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  120.617936][   T29] audit: type=1326 audit(1757480061.544:8024): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6939 comm="syz.1.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  120.641563][   T29] audit: type=1326 audit(1757480061.544:8025): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6939 comm="syz.1.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  120.665394][   T29] audit: type=1326 audit(1757480061.544:8026): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6939 comm="syz.1.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  120.688894][   T29] audit: type=1326 audit(1757480061.544:8027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6939 comm="syz.1.1104" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  120.714224][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.827484][ T6962] loop2: detected capacity change from 0 to 1024
[  120.842533][ T6965] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1106'.
[  120.871467][ T6962] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.916008][ T6759] veth0_vlan: entered promiscuous mode
[  120.939908][ T6969] loop3: detected capacity change from 0 to 512
[  120.954963][ T6759] veth1_vlan: entered promiscuous mode
[  120.968376][ T6971] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1109'.
[  120.998243][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.016532][ T6759] veth0_macvtap: entered promiscuous mode
[  121.025332][ T6759] veth1_macvtap: entered promiscuous mode
[  121.036605][ T6759] batman_adv: batadv0: Interface activated: batadv_slave_0
[  121.039125][ T6969] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  121.048456][ T6759] batman_adv: batadv0: Interface activated: batadv_slave_1
[  121.066119][ T6977] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  121.077069][ T6969] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  121.085443][ T6969] System zones: 0-2, 18-18, 34-34
[  121.101752][ T6969] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.116592][ T5071] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.125408][ T5071] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.137389][ T6977] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  121.149440][ T5071] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.161237][ T6969] ext4 filesystem being mounted at /209/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  121.174642][ T5071] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.192068][ T6977] loop2: detected capacity change from 0 to 1024
[  121.199486][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.207319][ T6969] netlink: 'syz.3.1108': attribute type 10 has an invalid length.
[  121.239117][ T6981] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1111'.
[  121.264269][ T6969] team0: Port device dummy0 added
[  121.281869][ T6969] netlink: 'syz.3.1108': attribute type 10 has an invalid length.
[  121.302267][ T6969] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  121.313505][ T6987] loop6: detected capacity change from 0 to 1024
[  121.320459][ T6987] EXT4-fs: Ignoring removed orlov option
[  121.342195][ T6969] team0: Failed to send options change via netlink (err -105)
[  121.342550][ T6987] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  121.362575][ T6969] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  121.408551][ T6993] rdma_op ffff888102364580 conn xmit_rdma 0000000000000000
[  121.425045][ T6969] team0: Port device dummy0 removed
[  121.433893][ T6969] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  121.486007][ T6995] netlink: 404 bytes leftover after parsing attributes in process `syz.2.1110'.
[  121.504969][ T6990] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1112'.
[  121.537297][ T6995] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.599352][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.612217][ T6995] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.647668][ T7001] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  121.662394][ T6995] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.679561][ T7002] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1113'.
[  121.721971][ T6995] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.791740][ T6995] debugfs: 'netdev@ffff888119da6550' already exists in 'ref_tracker'
[  121.857442][  T293] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  121.884389][ T7007] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  121.913792][ T7010] loop3: detected capacity change from 0 to 512
[  121.920866][ T7010] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  121.922579][  T293] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  121.935583][ T7007] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  121.947741][ T5095] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  121.961201][ T7010] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1115: bg 0: block 4: invalid block bitmap
[  121.962526][ T5095] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  121.986182][ T7010] EXT4-fs (loop3): Remounting filesystem read-only
[  121.993225][ T7010] EXT4-fs (loop3): 1 truncate cleaned up
[  121.999472][ T7010] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.035432][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.151997][ T6759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.187477][ T7019] loop6: detected capacity change from 0 to 512
[  122.196992][ T7019] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  122.215959][ T7019] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.1120: bg 0: block 4: invalid block bitmap
[  122.228857][ T7019] EXT4-fs (loop6): Remounting filesystem read-only
[  122.236722][ T7019] EXT4-fs (loop6): 1 truncate cleaned up
[  122.243051][ T7019] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.269754][ T6759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.467787][ T7034] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1126'.
[  122.558151][ T7032] Set syz1 is full, maxelem 65536 reached
[  122.665599][ T7044] random: crng reseeded on system resumption
[  122.746684][ T7042] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  123.010037][ T7048] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  124.052626][ T7052] rdma_rxe: rxe_newlink: failed to add lo
[  124.258270][ T7061] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1133'.
[  124.326472][ T7067] batadv0: entered promiscuous mode
[  124.449222][ T7076] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  124.516592][ T7078] ref_ctr increment failed for inode: 0x4b1 offset: 0xf ref_ctr_offset: 0x82 of mm: 0xffff88810a90ae00
[  124.530724][ T7080] loop4: detected capacity change from 0 to 1024
[  124.540146][ T7080] EXT4-fs (loop4): VFS: Can't find ext4 filesystem
[  124.625542][ T7094] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1147'.
[  124.634720][ T7094] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  124.642225][ T7094] batman_adv: batadv0: Removing interface: batadv_slave_0
[  124.650009][ T7094] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  124.657537][ T7094] batman_adv: batadv0: Removing interface: batadv_slave_1
[  125.308599][ T7077] uprobe: syz.3.1142:7077 failed to unregister, leaking uprobe
[  125.521499][ T7107] random: crng reseeded on system resumption
[  125.590545][ T7108] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1149'.
[  125.818432][ T7112] netlink: 'syz.3.1152': attribute type 6 has an invalid length.
[  125.879138][   T29] kauditd_printk_skb: 133 callbacks suppressed
[  125.879157][   T29] audit: type=1400 audit(1757480066.964:8161): avc:  denied  { write } for  pid=7109 comm="syz.6.1151" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[  125.886926][ T7112] loop3: detected capacity change from 0 to 512
[  125.925243][ T7116] netlink: 'syz.1.1153': attribute type 6 has an invalid length.
[  125.930549][ T7112] EXT4-fs (loop3): unable to read superblock
[  125.978402][ T7116] loop1: detected capacity change from 0 to 512
[  126.003087][ T7121] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1154'.
[  126.014397][ T7123] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1155'.
[  126.016194][ T7123] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=50093 sclass=netlink_route_socket pid=7123 comm=syz.3.1155
[  126.016412][ T7123] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1155'.
[  126.019439][ T7123] pimreg: entered allmulticast mode
[  126.028940][ T7116] EXT4-fs (loop1): unable to read superblock
[  126.062233][ T7123] pimreg: left allmulticast mode
[  126.094552][ T7125] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  126.233262][ T7128] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1157'.
[  126.256822][ T7138] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1159'.
[  126.298025][ T7141] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1160'.
[  126.308566][ T7126] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1154'.
[  126.349436][   T29] audit: type=1400 audit(1757480067.434:8162): avc:  denied  { lock } for  pid=7140 comm="syz.1.1161" path="socket:[22300]" dev="sockfs" ino=22300 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  126.352425][ T7146] loop6: detected capacity change from 0 to 128
[  126.432027][ T7146] loop9: detected capacity change from 0 to 7
[  126.441856][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[  126.442648][ T7154] loop4: detected capacity change from 0 to 512
[  126.449732][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[  126.449751][ T3296]  loop9: unable to read partition table
[  126.473582][ T7146] Buffer I/O error on dev loop9, logical block 0, async page read
[  126.477101][ T7154] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  126.481817][ T7146] Buffer I/O error on dev loop9, logical block 0, async page read
[  126.499296][ T7146]  loop9: unable to read partition table
[  126.499752][ T7156] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  126.505397][ T7146] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  126.505397][ T7146] 
) failed (rc=-5)
[  126.512842][ T7154] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1165: bg 0: block 4: invalid block bitmap
[  126.526892][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[  126.543824][ T7154] EXT4-fs (loop4): Remounting filesystem read-only
[  126.545473][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[  126.559701][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[  126.567740][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[  126.575772][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[  126.586062][ T7154] EXT4-fs (loop4): 1 truncate cleaned up
[  126.618450][ T7154] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.675246][ T7162] loop6: detected capacity change from 0 to 1024
[  126.707380][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.728261][ T7164] netlink: 'syz.1.1168': attribute type 6 has an invalid length.
[  126.746203][ T7162] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  126.757371][ T7162] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  126.767341][ T7164] loop1: detected capacity change from 0 to 512
[  126.781880][ T7166] syz!: rxe_newlink: already configured on team_slave_0
[  126.812711][ T7164] EXT4-fs (loop1): unable to read superblock
[  126.824290][ T7171] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  126.829944][ T7162] EXT4-fs (loop6): failed to open journal device unknown-block(0,0) -6
[  126.953043][ T7189] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  126.955467][   T29] audit: type=1326 audit(1757480068.044:8163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7187 comm="syz.4.1177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe9781eba9 code=0x7ffc0000
[  126.962980][ T7189] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  126.985758][   T29] audit: type=1326 audit(1757480068.044:8164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7187 comm="syz.4.1177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe9781eba9 code=0x7ffc0000
[  127.037177][ T7192] loop3: detected capacity change from 0 to 512
[  127.044786][ T7192] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  127.088074][   T29] audit: type=1326 audit(1757480068.114:8165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7187 comm="syz.4.1177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efe9781eba9 code=0x7ffc0000
[  127.111731][   T29] audit: type=1326 audit(1757480068.114:8166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7187 comm="syz.4.1177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe9781eba9 code=0x7ffc0000
[  127.135550][   T29] audit: type=1326 audit(1757480068.114:8167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7187 comm="syz.4.1177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe9781eba9 code=0x7ffc0000
[  127.159300][   T29] audit: type=1326 audit(1757480068.124:8168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7191 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ffcf9eba9 code=0x7ffc0000
[  127.182803][   T29] audit: type=1326 audit(1757480068.124:8169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7191 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ffcf9eba9 code=0x7ffc0000
[  127.184332][ T7201] netlink: 'syz.4.1182': attribute type 6 has an invalid length.
[  127.206263][   T29] audit: type=1326 audit(1757480068.124:8170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7191 comm="syz.3.1178" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ffcf9eba9 code=0x7ffc0000
[  127.260455][ T7201] loop4: detected capacity change from 0 to 512
[  127.268784][ T7201] EXT4-fs (loop4): unable to read superblock
[  127.277789][ T7199] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  127.365027][ T7213] loop6: detected capacity change from 0 to 128
[  127.387497][ T7216] loop4: detected capacity change from 0 to 512
[  127.395685][ T7216] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  127.410725][ T7213] loop9: detected capacity change from 0 to 7
[  127.417172][ T7213] Buffer I/O error on dev loop9, logical block 0, async page read
[  127.426157][ T7216] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1188: bg 0: block 4: invalid block bitmap
[  127.442533][ T7213]  loop9: unable to read partition table
[  127.448212][ T7213] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  127.448212][ T7213] 
) failed (rc=-5)
[  127.485057][ T7216] EXT4-fs (loop4): Remounting filesystem read-only
[  127.495963][ T7216] EXT4-fs (loop4): 1 truncate cleaned up
[  127.503513][ T7216] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.537147][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.588522][ T7226] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  127.595533][ T7227] loop3: detected capacity change from 0 to 512
[  127.602748][ T7227] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  127.645681][ T7233] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  127.671512][ T7233] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  127.685540][ T7233] loop1: detected capacity change from 0 to 1024
[  127.804365][ T7248] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  127.843437][ T7251] loop2: detected capacity change from 0 to 128
[  127.864502][ T7251] loop9: detected capacity change from 0 to 7
[  127.870922][ T7251]  loop9: unable to read partition table
[  127.876877][ T7251] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  127.876877][ T7251] 
) failed (rc=-5)
[  127.909239][ T7254] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.972144][ T7254] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.031752][ T7254] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.092278][ T7254] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.192699][ T4705] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.206491][ T7261] loop6: detected capacity change from 0 to 512
[  128.226307][ T4705] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.253212][ T7261] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  128.287264][ T4705] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.317324][ T4705] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.348418][ T7272] loop6: detected capacity change from 0 to 1024
[  128.349979][ T7274] netlink: 'syz.2.1213': attribute type 6 has an invalid length.
[  128.357279][ T7272] EXT4-fs: Ignoring removed orlov option
[  128.371291][ T7272] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.373949][ T7274] loop2: detected capacity change from 0 to 512
[  128.402008][ T6759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.411446][ T7274] EXT4-fs (loop2): unable to read superblock
[  128.561478][ T7295] pimreg: entered allmulticast mode
[  128.574711][ T7293] pimreg: left allmulticast mode
[  128.603284][ T7298] netlink: 'syz.6.1223': attribute type 6 has an invalid length.
[  128.621099][ T7298] loop6: detected capacity change from 0 to 512
[  128.640718][ T7298] EXT4-fs (loop6): unable to read superblock
[  128.697032][ T7306] loop6: detected capacity change from 0 to 512
[  128.708634][ T7306] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  128.887322][ T7327] loop2: detected capacity change from 0 to 128
[  128.901554][ T7327] loop9: detected capacity change from 0 to 7
[  128.909722][ T3296]  loop9: unable to read partition table
[  128.931034][ T7327]  loop9: unable to read partition table
[  128.936811][ T7327] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  128.936811][ T7327] 
) failed (rc=-5)
[  128.953641][ T7331] loop3: detected capacity change from 0 to 128
[  128.968465][ T7331] loop9: detected capacity change from 0 to 7
[  128.976640][ T7331]  loop9: unable to read partition table
[  128.986607][ T7331] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  128.986607][ T7331] 
) failed (rc=-5)
[  129.052208][ T7343] netlink: 'syz.2.1240': attribute type 13 has an invalid length.
[  129.060197][ T7343] netlink: 'syz.2.1240': attribute type 17 has an invalid length.
[  129.115370][ T7343] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  129.131171][ T1035] lo speed is unknown, defaulting to 1000
[  129.150175][ T7353] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  129.205762][ T7357] loop3: detected capacity change from 0 to 128
[  129.216853][ T7357] loop9: detected capacity change from 0 to 7
[  129.223249][ T7357]  loop9: unable to read partition table
[  129.229896][ T7357] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  129.229896][ T7357] 
) failed (rc=-5)
[  129.277302][ T7359] loop2: detected capacity change from 0 to 1024
[  129.284684][ T7359] EXT4-fs: Ignoring removed orlov option
[  129.298367][ T7363] loop6: detected capacity change from 0 to 512
[  129.307337][ T7363] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  129.307946][ T7359] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.341342][ T7363] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  129.349393][ T7363] System zones: 0-2, 18-18, 34-34
[  129.355743][ T7363] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  129.368444][ T7363] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  129.401698][ T6759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.451502][ T7376] __nla_validate_parse: 7 callbacks suppressed
[  129.451524][ T7376] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1253'.
[  129.604771][ T7393] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  129.728396][ T7399] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1262'.
[  129.846063][ T7408] lo speed is unknown, defaulting to 1000
[  129.953455][ T7412] FAULT_INJECTION: forcing a failure.
[  129.953455][ T7412] name failslab, interval 1, probability 0, space 0, times 0
[  129.966302][ T7412] CPU: 0 UID: 0 PID: 7412 Comm: syz.3.1264 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  129.966328][ T7412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  129.966346][ T7412] Call Trace:
[  129.966353][ T7412]  <TASK>
[  129.966361][ T7412]  __dump_stack+0x1d/0x30
[  129.966429][ T7412]  dump_stack_lvl+0xe8/0x140
[  129.966459][ T7412]  dump_stack+0x15/0x1b
[  129.966476][ T7412]  should_fail_ex+0x265/0x280
[  129.966500][ T7412]  should_failslab+0x8c/0xb0
[  129.966579][ T7412]  kmem_cache_alloc_node_noprof+0x57/0x320
[  129.966604][ T7412]  ? dup_task_struct+0x70/0x6a0
[  129.966711][ T7412]  dup_task_struct+0x70/0x6a0
[  129.966742][ T7412]  ? path_openat+0x1bf8/0x2170
[  129.966764][ T7412]  copy_process+0x399/0x2000
[  129.966788][ T7412]  ? copy_clone_args_from_user+0x3ce/0x490
[  129.966816][ T7412]  kernel_clone+0x16c/0x5c0
[  129.966927][ T7412]  __se_sys_clone3+0x1c2/0x200
[  129.966990][ T7412]  __x64_sys_clone3+0x31/0x40
[  129.967015][ T7412]  x64_sys_call+0x1fc9/0x2ff0
[  129.967080][ T7412]  do_syscall_64+0xd2/0x200
[  129.967111][ T7412]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  129.967268][ T7412]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  129.967297][ T7412]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.967318][ T7412] RIP: 0033:0x7f3ffcf9eba9
[  129.967344][ T7412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.967365][ T7412] RSP: 002b:00007f3ffb9bcf08 EFLAGS: 00000246 ORIG_RAX: 00000000000001b3
[  129.967439][ T7412] RAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f3ffcf9eba9
[  129.967454][ T7412] RDX: 00007f3ffb9bcf20 RSI: 0000000000000058 RDI: 00007f3ffb9bcf20
[  129.967467][ T7412] RBP: 00007f3ffb9bd090 R08: 0000000000000000 R09: 0000000000000058
[  129.967481][ T7412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.967493][ T7412] R13: 00007f3ffd1e6218 R14: 00007f3ffd1e6180 R15: 00007fffbfe18c38
[  129.967509][ T7412]  </TASK>
[  130.199604][ T7411] loop4: detected capacity change from 0 to 8192
[  130.218239][ T7411] msdos: Unknown parameter 'A'
[  130.354416][ T7442] loop3: detected capacity change from 0 to 128
[  130.389980][ T7442] loop9: detected capacity change from 0 to 7
[  130.401670][ T7442]  loop9: unable to read partition table
[  130.414699][ T7442] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  130.414699][ T7442] 
) failed (rc=-5)
[  130.477226][ T7453] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1274'.
[  130.762978][ T7486] loop1: detected capacity change from 0 to 512
[  130.783557][ T7486] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.837391][ T7498] FAULT_INJECTION: forcing a failure.
[  130.837391][ T7498] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  130.850759][ T7498] CPU: 1 UID: 0 PID: 7498 Comm: syz.6.1281 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  130.850792][ T7498] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  130.850806][ T7498] Call Trace:
[  130.850814][ T7498]  <TASK>
[  130.850824][ T7498]  __dump_stack+0x1d/0x30
[  130.850849][ T7498]  dump_stack_lvl+0xe8/0x140
[  130.850874][ T7498]  dump_stack+0x15/0x1b
[  130.850893][ T7498]  should_fail_ex+0x265/0x280
[  130.850992][ T7498]  should_fail+0xb/0x20
[  130.851075][ T7498]  should_fail_usercopy+0x1a/0x20
[  130.851100][ T7498]  _copy_to_user+0x20/0xa0
[  130.851195][ T7498]  simple_read_from_buffer+0xb5/0x130
[  130.851293][ T7498]  proc_fail_nth_read+0x10e/0x150
[  130.851407][ T7498]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  130.851435][ T7498]  vfs_read+0x1a5/0x770
[  130.851454][ T7498]  ? __rcu_read_unlock+0x4f/0x70
[  130.851474][ T7498]  ? __fget_files+0x184/0x1c0
[  130.851580][ T7498]  ksys_read+0xda/0x1a0
[  130.851620][ T7498]  __x64_sys_read+0x40/0x50
[  130.851640][ T7498]  x64_sys_call+0x27bc/0x2ff0
[  130.851659][ T7498]  do_syscall_64+0xd2/0x200
[  130.851691][ T7498]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  130.851742][ T7498]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  130.851775][ T7498]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.851800][ T7498] RIP: 0033:0x7fca22a9d5bc
[  130.851877][ T7498] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  130.851896][ T7498] RSP: 002b:00007fca21507030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  130.851915][ T7498] RAX: ffffffffffffffda RBX: 00007fca22ce5fa0 RCX: 00007fca22a9d5bc
[  130.851926][ T7498] RDX: 000000000000000f RSI: 00007fca215070a0 RDI: 0000000000000005
[  130.851938][ T7498] RBP: 00007fca21507090 R08: 0000000000000000 R09: 0000000000000000
[  130.851949][ T7498] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  130.852028][ T7498] R13: 00007fca22ce6038 R14: 00007fca22ce5fa0 R15: 00007fff5e1eee48
[  130.852048][ T7498]  </TASK>
[  131.021606][   T29] kauditd_printk_skb: 567 callbacks suppressed
[  131.021622][   T29] audit: type=1326 audit(1757480072.114:8738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7485 comm="syz.1.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  131.103338][   T29] audit: type=1326 audit(1757480072.184:8739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7485 comm="syz.1.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  131.127009][   T29] audit: type=1326 audit(1757480072.184:8740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7485 comm="syz.1.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  131.150546][   T29] audit: type=1326 audit(1757480072.184:8741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7485 comm="syz.1.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  131.174063][   T29] audit: type=1326 audit(1757480072.184:8742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7485 comm="syz.1.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  131.197574][   T29] audit: type=1326 audit(1757480072.184:8743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7485 comm="syz.1.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  131.221182][   T29] audit: type=1326 audit(1757480072.184:8744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7485 comm="syz.1.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  131.244615][   T29] audit: type=1326 audit(1757480072.184:8745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7485 comm="syz.1.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  131.268093][   T29] audit: type=1326 audit(1757480072.184:8746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7485 comm="syz.1.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  131.291717][   T29] audit: type=1326 audit(1757480072.184:8747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7485 comm="syz.1.1280" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  131.368802][ T7512] loop3: detected capacity change from 0 to 512
[  131.376767][ T7510] lo speed is unknown, defaulting to 1000
[  131.394745][ T7512] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.456054][ T7514] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  131.801005][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.851384][ T7530] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  131.900269][ T7530] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  131.945681][ T7530] loop1: detected capacity change from 0 to 1024
[  132.166097][ T7535] netlink: 404 bytes leftover after parsing attributes in process `syz.1.1289'.
[  132.180657][ T7535] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.442583][ T7535] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.473249][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.512687][ T7535] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.562889][ T7535] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  132.706486][ T7545] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1292'.
[  132.754805][ T7545] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1292'.
[  132.760595][ T7560] bridge: RTM_NEWNEIGH with invalid ether address
[  132.835620][ T5095] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  132.847118][ T5083] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  132.951856][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.960920][ T5083] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  132.969610][ T5083] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  133.121195][ T7575] random: crng reseeded on system resumption
[  133.269043][ T7577] loop3: detected capacity change from 0 to 512
[  133.327912][ T7577] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  133.374507][ T7579] loop6: detected capacity change from 0 to 512
[  133.386771][ T7579] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.454403][ T7577] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1300: bg 0: block 4: invalid block bitmap
[  133.586074][ T7584] syzkaller0: entered allmulticast mode
[  133.670256][ T7577] EXT4-fs (loop3): Remounting filesystem read-only
[  133.767121][ T7585] syzkaller0 (unregistering): left allmulticast mode
[  133.771714][ T7577] EXT4-fs (loop3): 1 truncate cleaned up
[  133.787824][ T7577] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.826626][ T7587] syz!: rxe_newlink: already configured on team_slave_0
[  133.841083][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.036658][ T7600] loop4: detected capacity change from 0 to 1024
[  134.090547][ T7600] EXT4-fs (loop4): VFS: Can't find ext4 filesystem
[  134.138965][ T7597] Set syz1 is full, maxelem 65536 reached
[  134.229411][ T7612] loop3: detected capacity change from 0 to 164
[  134.289250][ T7617] loop3: detected capacity change from 0 to 1024
[  134.323532][ T7621] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  134.324865][ T6759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.341982][ T7617] EXT4-fs: Ignoring removed nobh option
[  134.342773][ T7623] syzkaller0: entered allmulticast mode
[  134.347599][ T7617] EXT4-fs: Ignoring removed bh option
[  134.376348][ T7623] syzkaller0 (unregistering): left allmulticast mode
[  134.385478][ T7617] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.403573][ T7625] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  134.707121][ T7643] loop4: detected capacity change from 0 to 128
[  134.725152][ T7643] loop9: detected capacity change from 0 to 7
[  134.731683][ T7643] buffer_io_error: 48 callbacks suppressed
[  134.731699][ T7643] Buffer I/O error on dev loop9, logical block 0, async page read
[  134.787745][ T7643] Buffer I/O error on dev loop9, logical block 0, async page read
[  134.796085][ T7643]  loop9: unable to read partition table
[  134.800882][ T7644] s
z1: rxe_newlink: already configured on lo
[  134.953547][ T7643] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  134.953547][ T7643] 
) failed (rc=-5)
[  134.969833][ T3287] Buffer I/O error on dev loop9, logical block 0, async page read
[  135.027363][ T3287] Buffer I/O error on dev loop9, logical block 0, async page read
[  135.175108][ T3287] Buffer I/O error on dev loop9, logical block 0, async page read
[  135.228775][ T3287] Buffer I/O error on dev loop9, logical block 0, async page read
[  135.259848][ T3287] Buffer I/O error on dev loop9, logical block 0, async page read
[  135.951173][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.983242][ T7639] Set syz1 is full, maxelem 65536 reached
[  135.992713][ T7670] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  136.038947][   T29] kauditd_printk_skb: 355 callbacks suppressed
[  136.038964][   T29] audit: type=1326 audit(1757480077.124:9103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7674 comm="syz.1.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  136.069116][   T29] audit: type=1326 audit(1757480077.134:9104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7674 comm="syz.1.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  136.092891][   T29] audit: type=1326 audit(1757480077.134:9105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7674 comm="syz.1.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  136.116437][   T29] audit: type=1326 audit(1757480077.134:9106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7674 comm="syz.1.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  136.139893][   T29] audit: type=1326 audit(1757480077.134:9107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7674 comm="syz.1.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  136.163721][   T29] audit: type=1326 audit(1757480077.134:9108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7674 comm="syz.1.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  136.187349][   T29] audit: type=1326 audit(1757480077.134:9109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7674 comm="syz.1.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  136.210908][   T29] audit: type=1326 audit(1757480077.134:9110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7674 comm="syz.1.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  136.234462][   T29] audit: type=1326 audit(1757480077.134:9111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7674 comm="syz.1.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  136.258306][   T29] audit: type=1326 audit(1757480077.134:9112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7674 comm="syz.1.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  136.298936][ T7680] loop6: detected capacity change from 0 to 512
[  136.329257][ T7680] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  136.356566][ T7680] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.1336: bg 0: block 4: invalid block bitmap
[  136.381471][ T7680] EXT4-fs (loop6): Remounting filesystem read-only
[  136.388259][ T7680] EXT4-fs (loop6): 1 truncate cleaned up
[  136.394968][ T7680] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.421545][ T6759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.505599][ T7689] netlink: 'syz.6.1339': attribute type 6 has an invalid length.
[  136.516948][ T7689] loop6: detected capacity change from 0 to 512
[  136.525077][ T7689] EXT4-fs (loop6): unable to read superblock
[  136.549900][ T7694] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1340'.
[  136.563709][ T7697] loop3: detected capacity change from 0 to 512
[  136.567848][ T7695] lo speed is unknown, defaulting to 1000
[  136.572361][ T7697] ext4: Unknown parameter 'euid<00000000000000000000'
[  136.643971][ T7703] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1344'.
[  136.646884][ T7687] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  136.672414][ T7705] loop6: detected capacity change from 0 to 1024
[  136.723100][ T7705] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.787557][ T7711] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=7711 comm=syz.1.1346
[  137.328498][ T7732] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  137.477770][ T7737] netlink: 'syz.4.1353': attribute type 6 has an invalid length.
[  137.499473][ T7737] loop4: detected capacity change from 0 to 512
[  137.506590][ T7737] EXT4-fs (loop4): unable to read superblock
[  137.618241][ T7744] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1356'.
[  137.665066][ T7750] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1358'.
[  137.801454][ T7764] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  137.844466][ T7754] loop3: detected capacity change from 0 to 512
[  137.852453][ T7754] EXT4-fs (loop3): Number of reserved GDT blocks insanely large: 2048
[  137.880549][ T7764] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  137.905027][ T7768] rdma_rxe: rxe_newlink: failed to add lo
[  138.084186][ T7764] loop2: detected capacity change from 0 to 1024
[  138.114106][ T7774] loop1: detected capacity change from 0 to 2048
[  138.165491][ T7774] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.228748][ T7774] ext4 filesystem being mounted at /249/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.252450][ T7754] loop3: detected capacity change from 0 to 512
[  138.297583][ T7754] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.338485][ T7754] ext4 filesystem being mounted at /272/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.361709][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.404341][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.489220][ T7781] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1366'.
[  138.513203][ T7787] loop3: detected capacity change from 0 to 512
[  138.529573][ T7787] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  138.568580][ T7789] syzkaller0: entered allmulticast mode
[  138.577291][ T7789] syzkaller0 (unregistering): left allmulticast mode
[  138.659231][ T7792] netlink: 404 bytes leftover after parsing attributes in process `syz.2.1364'.
[  138.681587][ T7792] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.694342][ T6759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.747404][ T7797] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1372'.
[  138.838591][ T7801] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1374'.
[  138.871196][ T7792] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.906499][ T7805] lo speed is unknown, defaulting to 1000
[  138.922452][ T7792] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.941420][ T7806] netlink: 10 bytes leftover after parsing attributes in process `syz.1.1375'.
[  138.960150][ T7808] netlink: 256 bytes leftover after parsing attributes in process `syz.6.1376'.
[  138.971992][ T7792] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.043944][  T293] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  139.056285][  T293] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  139.064806][  T293] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  139.095456][  T293] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  139.129544][ T7816] netlink: 'syz.6.1379': attribute type 6 has an invalid length.
[  139.140593][ T7816] loop6: detected capacity change from 0 to 512
[  139.147677][ T7816] EXT4-fs (loop6): unable to read superblock
[  139.360474][ T7826] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  139.514083][ T7836] loop3: detected capacity change from 0 to 512
[  139.522183][ T7836] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  139.534301][ T7836] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.1387: bg 0: block 4: invalid block bitmap
[  139.546851][ T7836] EXT4-fs (loop3): Remounting filesystem read-only
[  139.553558][ T7836] EXT4-fs (loop3): 1 truncate cleaned up
[  139.559640][ T7836] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.582882][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.669676][ T7844] netlink: 'syz.6.1391': attribute type 6 has an invalid length.
[  139.683806][ T7844] loop6: detected capacity change from 0 to 512
[  139.698496][ T7844] EXT4-fs (loop6): unable to read superblock
[  139.799152][ T7865] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.847669][ T7871] FAULT_INJECTION: forcing a failure.
[  139.847669][ T7871] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  139.860876][ T7871] CPU: 1 UID: 0 PID: 7871 Comm: syz.6.1399 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  139.860906][ T7871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  139.860917][ T7871] Call Trace:
[  139.860924][ T7871]  <TASK>
[  139.860931][ T7871]  __dump_stack+0x1d/0x30
[  139.860962][ T7871]  dump_stack_lvl+0xe8/0x140
[  139.860988][ T7871]  dump_stack+0x15/0x1b
[  139.861004][ T7871]  should_fail_ex+0x265/0x280
[  139.861025][ T7871]  should_fail+0xb/0x20
[  139.861105][ T7871]  should_fail_usercopy+0x1a/0x20
[  139.861195][ T7871]  _copy_to_user+0x20/0xa0
[  139.861221][ T7871]  simple_read_from_buffer+0xb5/0x130
[  139.861240][ T7871]  proc_fail_nth_read+0x10e/0x150
[  139.861340][ T7871]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  139.861361][ T7871]  vfs_read+0x1a5/0x770
[  139.861429][ T7871]  ? _raw_spin_unlock+0x26/0x50
[  139.861454][ T7871]  ? finish_task_switch+0xad/0x2b0
[  139.861471][ T7871]  ? xfd_validate_state+0x45/0xf0
[  139.861499][ T7871]  ksys_read+0xda/0x1a0
[  139.861518][ T7871]  __x64_sys_read+0x40/0x50
[  139.861613][ T7871]  x64_sys_call+0x27bc/0x2ff0
[  139.861631][ T7871]  do_syscall_64+0xd2/0x200
[  139.861675][ T7871]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  139.861696][ T7871]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  139.861719][ T7871]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.861738][ T7871] RIP: 0033:0x7fca22a9d5bc
[  139.861752][ T7871] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  139.861778][ T7871] RSP: 002b:00007fca21507030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  139.861796][ T7871] RAX: ffffffffffffffda RBX: 00007fca22ce5fa0 RCX: 00007fca22a9d5bc
[  139.861807][ T7871] RDX: 000000000000000f RSI: 00007fca215070a0 RDI: 0000000000000005
[  139.861897][ T7871] RBP: 00007fca21507090 R08: 0000000000000000 R09: 0000000000000000
[  139.861908][ T7871] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  139.861918][ T7871] R13: 00007fca22ce6038 R14: 00007fca22ce5fa0 R15: 00007fff5e1eee48
[  139.861933][ T7871]  </TASK>
[  139.870344][ T7873] loop1: detected capacity change from 0 to 512
[  140.084373][ T7865] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.086556][ T7873] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  140.142284][ T7879] loop1: detected capacity change from 0 to 512
[  140.154379][ T7865] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.170843][ T7879] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.181061][ T7882] FAULT_INJECTION: forcing a failure.
[  140.181061][ T7882] name failslab, interval 1, probability 0, space 0, times 0
[  140.195854][ T7882] CPU: 1 UID: 0 PID: 7882 Comm: syz.6.1403 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  140.195886][ T7882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  140.195899][ T7882] Call Trace:
[  140.195906][ T7882]  <TASK>
[  140.195915][ T7882]  __dump_stack+0x1d/0x30
[  140.195939][ T7882]  dump_stack_lvl+0xe8/0x140
[  140.195974][ T7882]  dump_stack+0x15/0x1b
[  140.195993][ T7882]  should_fail_ex+0x265/0x280
[  140.196015][ T7882]  ? xfrm_policy_inexact_insert_node+0x62f/0x6d0
[  140.196044][ T7882]  should_failslab+0x8c/0xb0
[  140.196065][ T7882]  __kmalloc_cache_noprof+0x4c/0x320
[  140.196097][ T7882]  xfrm_policy_inexact_insert_node+0x62f/0x6d0
[  140.196131][ T7882]  ? __kmalloc_cache_noprof+0x189/0x320
[  140.196161][ T7882]  ? xfrm_policy_inexact_alloc_bin+0x8ca/0x9d0
[  140.196193][ T7882]  xfrm_policy_inexact_alloc_chain+0x3ef/0x670
[  140.196227][ T7882]  xfrm_policy_insert+0xef/0x790
[  140.196254][ T7882]  xfrm_add_policy+0x1aa/0x450
[  140.196282][ T7882]  xfrm_user_rcv_msg+0x566/0x660
[  140.196307][ T7882]  ? __kfree_skb+0x109/0x150
[  140.196330][ T7882]  ? nlmon_xmit+0x4f/0x60
[  140.196357][ T7882]  ? consume_skb+0x49/0x150
[  140.196389][ T7882]  netlink_rcv_skb+0x123/0x220
[  140.196410][ T7882]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  140.196438][ T7882]  xfrm_netlink_rcv+0x48/0x60
[  140.196464][ T7882]  netlink_unicast+0x5bd/0x690
[  140.196489][ T7882]  netlink_sendmsg+0x58b/0x6b0
[  140.196514][ T7882]  ? __pfx_netlink_sendmsg+0x10/0x10
[  140.196536][ T7882]  __sock_sendmsg+0x142/0x180
[  140.196562][ T7882]  ____sys_sendmsg+0x31e/0x4e0
[  140.196588][ T7882]  ___sys_sendmsg+0x17b/0x1d0
[  140.196619][ T7882]  __x64_sys_sendmsg+0xd4/0x160
[  140.196644][ T7882]  x64_sys_call+0x191e/0x2ff0
[  140.196667][ T7882]  do_syscall_64+0xd2/0x200
[  140.196698][ T7882]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  140.196722][ T7882]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  140.196749][ T7882]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  140.196768][ T7882] RIP: 0033:0x7fca22a9eba9
[  140.196782][ T7882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  140.196798][ T7882] RSP: 002b:00007fca21507038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  140.196819][ T7882] RAX: ffffffffffffffda RBX: 00007fca22ce5fa0 RCX: 00007fca22a9eba9
[  140.196833][ T7882] RDX: 0000000020004040 RSI: 0000200000000480 RDI: 0000000000000003
[  140.196846][ T7882] RBP: 00007fca21507090 R08: 0000000000000000 R09: 0000000000000000
[  140.196858][ T7882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  140.196869][ T7882] R13: 00007fca22ce6038 R14: 00007fca22ce5fa0 R15: 00007fff5e1eee48
[  140.196888][ T7882]  </TASK>
[  140.487014][ T7865] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.519224][ T5083] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  140.531943][ T7886] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  140.540433][ T5083] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  140.549157][ T5083] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  140.557917][ T5083] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  140.590645][ T7889] netlink: 'syz.3.1406': attribute type 6 has an invalid length.
[  140.602225][ T7889] loop3: detected capacity change from 0 to 512
[  140.627063][ T7889] EXT4-fs (loop3): unable to read superblock
[  140.783207][ T7904] netlink: 'syz.4.1412': attribute type 6 has an invalid length.
[  140.794865][ T7904] loop4: detected capacity change from 0 to 512
[  140.810733][ T7904] EXT4-fs (loop4): unable to read superblock
[  140.862059][ T7908] syzkaller0: entered allmulticast mode
[  140.887183][ T7908] syzkaller0 (unregistering): left allmulticast mode
[  141.050291][   T29] kauditd_printk_skb: 588 callbacks suppressed
[  141.050313][   T29] audit: type=1400 audit(1757480082.114:9699): avc:  denied  { execmem } for  pid=7920 comm="syz.2.1420" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[  141.075792][   T29] audit: type=1400 audit(1757480082.114:9700): avc:  denied  { read write } for  pid=7924 comm="syz.4.1422" name="virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  141.099573][   T29] audit: type=1400 audit(1757480082.114:9701): avc:  denied  { open } for  pid=7924 comm="syz.4.1422" path="/dev/virtual_nci" dev="devtmpfs" ino=132 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[  141.234284][ T7935] random: crng reseeded on system resumption
[  141.307656][   T29] audit: type=1400 audit(1757480082.324:9702): avc:  denied  { append } for  pid=7920 comm="syz.2.1420" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  141.331129][   T29] audit: type=1400 audit(1757480082.324:9703): avc:  denied  { open } for  pid=7920 comm="syz.2.1420" path="/dev/snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  141.354761][   T29] audit: type=1400 audit(1757480082.334:9704): avc:  denied  { ioctl } for  pid=7920 comm="syz.2.1420" path="/dev/snapshot" dev="devtmpfs" ino=90 ioctlcmd=0x330f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  141.379753][   T29] audit: type=1326 audit(1757480082.384:9705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7936 comm="syz.4.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe9781eba9 code=0x7ffc0000
[  141.403323][   T29] audit: type=1326 audit(1757480082.394:9706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7936 comm="syz.4.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe9781eba9 code=0x7ffc0000
[  141.426772][   T29] audit: type=1326 audit(1757480082.394:9707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7936 comm="syz.4.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efe9781eba9 code=0x7ffc0000
[  141.450255][   T29] audit: type=1326 audit(1757480082.394:9708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7936 comm="syz.4.1425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe9781eba9 code=0x7ffc0000
[  141.570844][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.585169][ T7939] __nla_validate_parse: 7 callbacks suppressed
[  141.585185][ T7939] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1426'.
[  141.627914][ T7947] loop6: detected capacity change from 0 to 512
[  141.637261][ T7951] loop2: detected capacity change from 0 to 128
[  141.654669][ T7951] loop9: detected capacity change from 0 to 7
[  141.662045][ T7951] Buffer I/O error on dev loop9, logical block 0, async page read
[  141.678549][ T7947] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.1430: bg 0: block 16: invalid block bitmap
[  141.691130][ T7951] Buffer I/O error on dev loop9, logical block 0, async page read
[  141.699207][ T7951]  loop9: unable to read partition table
[  141.705005][ T7947] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  141.714183][ T7947] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.1430: invalid indirect mapped block 5 (level 0)
[  141.727781][ T7947] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.1430: invalid indirect mapped block 4294967295 (level 1)
[  141.727795][ T7951] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  141.727795][ T7951] 
) failed (rc=-5)
[  141.755520][ T7947] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.1430: invalid indirect mapped block 4294967295 (level 2)
[  141.770218][ T7947] EXT4-fs (loop6): 1 truncate cleaned up
[  141.775310][ T7958] netlink: 16186 bytes leftover after parsing attributes in process `syz.4.1433'.
[  141.776303][ T7947] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  141.889756][ T6759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.890293][ T7974] netlink: 100 bytes leftover after parsing attributes in process `syz.2.1439'.
[  141.943975][ T7978] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  142.020769][ T7987] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1445'.
[  142.095391][ T7992] loop6: detected capacity change from 0 to 128
[  142.129088][ T7992] loop9: detected capacity change from 0 to 7
[  142.137262][ T7992] Buffer I/O error on dev loop9, logical block 0, async page read
[  142.145420][ T7994] loop3: detected capacity change from 0 to 2048
[  142.145784][ T7992] Buffer I/O error on dev loop9, logical block 0, async page read
[  142.159832][ T7992]  loop9: unable to read partition table
[  142.165792][ T7992] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  142.165792][ T7992] 
) failed (rc=-5)
[  142.183203][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[  142.191958][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[  142.200947][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[  142.209589][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[  142.218691][ T3296] Buffer I/O error on dev loop9, logical block 0, async page read
[  142.232641][ T7998] random: crng reseeded on system resumption
[  142.403175][ T7994] EXT4-fs (loop3): failed to initialize system zone (-117)
[  142.424840][ T7994] EXT4-fs (loop3): mount failed
[  142.476348][ T8002] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1450'.
[  142.600381][ T8007] loop4: detected capacity change from 0 to 512
[  142.607629][ T8007] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  142.625101][ T8007] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1452: bg 0: block 4: invalid block bitmap
[  142.641705][ T8010] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1453'.
[  142.651186][ T8007] EXT4-fs (loop4): Remounting filesystem read-only
[  142.657829][ T8007] EXT4-fs (loop4): 1 truncate cleaned up
[  142.695096][ T8007] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.724027][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.818075][ T8022] syzkaller0: entered allmulticast mode
[  142.835856][ T8022] syzkaller0 (unregistering): left allmulticast mode
[  142.851865][ T8029] loop6: detected capacity change from 0 to 1024
[  142.863535][ T8029] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[  142.965297][ T8042] loop1: detected capacity change from 0 to 512
[  143.001767][ T8042] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.019009][ T8042] ext4 filesystem being mounted at /264/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  143.034028][ T8050] loop4: detected capacity change from 0 to 512
[  143.042913][ T8050] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  143.072381][ T8057] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1469'.
[  143.089955][ T8050] EXT4-fs (loop4): 1 truncate cleaned up
[  143.105439][ T8059] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1471'.
[  143.106700][ T8050] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.141380][ T8062] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  143.162256][ T8046] lo speed is unknown, defaulting to 1000
[  143.258350][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.275002][ T8067] netlink: 'syz.6.1474': attribute type 6 has an invalid length.
[  143.290853][ T8067] loop6: detected capacity change from 0 to 512
[  143.298000][ T8067] EXT4-fs (loop6): unable to read superblock
[  143.448327][ T8064] Set syz1 is full, maxelem 65536 reached
[  143.466486][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.468428][ T8075] FAULT_INJECTION: forcing a failure.
[  143.468428][ T8075] name failslab, interval 1, probability 0, space 0, times 0
[  143.488254][ T8075] CPU: 1 UID: 0 PID: 8075 Comm: syz.4.1477 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  143.488322][ T8075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  143.488336][ T8075] Call Trace:
[  143.488344][ T8075]  <TASK>
[  143.488352][ T8075]  __dump_stack+0x1d/0x30
[  143.488380][ T8075]  dump_stack_lvl+0xe8/0x140
[  143.488399][ T8075]  dump_stack+0x15/0x1b
[  143.488417][ T8075]  should_fail_ex+0x265/0x280
[  143.488457][ T8075]  should_failslab+0x8c/0xb0
[  143.488484][ T8075]  __kmalloc_noprof+0xa5/0x3e0
[  143.488512][ T8075]  ? bitmap_zalloc+0x29/0x40
[  143.488568][ T8075]  bitmap_zalloc+0x29/0x40
[  143.488590][ T8075]  io_alloc_file_tables+0x47/0x90
[  143.488613][ T8075]  io_sqe_files_register+0x13c/0x4f0
[  143.488652][ T8075]  ? get_pid_task+0x96/0xd0
[  143.488676][ T8075]  io_register_rsrc+0x1d1/0x1e0
[  143.488779][ T8075]  __se_sys_io_uring_register+0x9c6/0xeb0
[  143.488839][ T8075]  ? __bpf_trace_sys_enter+0x10/0x30
[  143.488903][ T8075]  ? trace_sys_enter+0xd0/0xf0
[  143.488926][ T8075]  __x64_sys_io_uring_register+0x55/0x70
[  143.488957][ T8075]  x64_sys_call+0x18a3/0x2ff0
[  143.488980][ T8075]  do_syscall_64+0xd2/0x200
[  143.489135][ T8075]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  143.489168][ T8075]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  143.489197][ T8075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.489238][ T8075] RIP: 0033:0x7efe9781eba9
[  143.489319][ T8075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  143.489338][ T8075] RSP: 002b:00007efe9627f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ab
[  143.489358][ T8075] RAX: ffffffffffffffda RBX: 00007efe97a65fa0 RCX: 00007efe9781eba9
[  143.489386][ T8075] RDX: 0000200000000180 RSI: 000000000000000d RDI: 0000000000000006
[  143.489399][ T8075] RBP: 00007efe9627f090 R08: 0000000000000000 R09: 0000000000000000
[  143.489412][ T8075] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000001
[  143.489425][ T8075] R13: 00007efe97a66038 R14: 00007efe97a65fa0 R15: 00007ffc88203668
[  143.489443][ T8075]  </TASK>
[  143.733877][ T8077] syzkaller0: entered allmulticast mode
[  143.763694][ T8077] syzkaller0 (unregistering): left allmulticast mode
[  143.775665][ T8081] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  143.784437][ T8081] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  143.814044][ T8081] loop1: detected capacity change from 0 to 1024
[  143.900298][ T8091] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1482'.
[  143.934242][ T8093] loop2: detected capacity change from 0 to 512
[  143.942492][ T8096] netlink: 'syz.4.1486': attribute type 6 has an invalid length.
[  143.942576][ T8093] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  143.973458][ T8098] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1485'.
[  143.994353][ T8096] loop4: detected capacity change from 0 to 512
[  144.001672][ T8096] EXT4-fs (loop4): unable to read superblock
[  144.040037][ T8099] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.062649][ T8103] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=8103 comm=syz.4.1487
[  144.124863][ T8102] bridge0: port 3(batadv0) entered blocking state
[  144.131611][ T8102] bridge0: port 3(batadv0) entered disabled state
[  144.180029][ T8102] batadv0: entered allmulticast mode
[  144.191389][ T8102] batadv0: entered promiscuous mode
[  144.198303][ T8099] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.262548][ T8099] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.322228][ T8099] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  144.406194][ T5083] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  144.419224][ T5083] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  144.430251][ T5071] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  144.441001][   T41] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  144.450782][ T8114] syz!: rxe_newlink: already configured on team_slave_0
[  144.547982][ T8119] loop3: detected capacity change from 0 to 512
[  144.581381][ T8119] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.612436][ T8116] Set syz1 is full, maxelem 65536 reached
[  144.620633][   T41] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  144.629925][   T41] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  144.700447][ T8130] netlink: 'syz.2.1497': attribute type 6 has an invalid length.
[  144.712501][ T8130] loop2: detected capacity change from 0 to 512
[  144.719407][ T8130] EXT4-fs (loop2): unable to read superblock
[  144.864557][ T8139] loop6: detected capacity change from 0 to 1024
[  144.884684][ T8139] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[  145.102259][ T8143] loop2: detected capacity change from 0 to 512
[  145.119088][ T8143] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  145.152531][ T8143] EXT4-fs (loop2): 1 truncate cleaned up
[  145.160604][ T8150] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  145.167810][ T8143] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  145.182109][ T8150] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  145.190928][ T8150] loop6: detected capacity change from 0 to 1024
[  145.276078][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.312819][ T8152] syz!: rxe_newlink: already configured on team_slave_0
[  145.353066][ T8154] loop4: detected capacity change from 0 to 512
[  145.372447][ T8154] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  145.530816][ T8158] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.664615][ T8158] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.727082][ T8158] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.804142][ T8157] Set syz1 is full, maxelem 65536 reached
[  145.810988][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.835515][ T8158] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  145.877095][  T293] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  145.896232][ T5083] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  145.912422][ T8168] netlink: 'syz.4.1514': attribute type 6 has an invalid length.
[  145.927891][ T8168] loop4: detected capacity change from 0 to 512
[  145.934621][ T5083] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  145.949148][ T8168] EXT4-fs (loop4): unable to read superblock
[  145.955849][ T5083] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  145.975054][ T8172] netlink: 'syz.3.1512': attribute type 2 has an invalid length.
[  145.982971][ T8172] netlink: 'syz.3.1512': attribute type 1 has an invalid length.
[  146.003869][ T8174] netlink: 'syz.4.1516': attribute type 6 has an invalid length.
[  146.017890][ T8174] loop4: detected capacity change from 0 to 512
[  146.025602][ T8174] EXT4-fs (loop4): unable to read superblock
[  146.085621][ T8180] syzkaller0: entered allmulticast mode
[  146.093985][ T8180] syzkaller0 (unregistering): left allmulticast mode
[  146.111332][ T8182] netlink: 'syz.2.1519': attribute type 6 has an invalid length.
[  146.135529][ T8182] loop2: detected capacity change from 0 to 512
[  146.146962][ T8182] EXT4-fs (loop2): unable to read superblock
[  146.220739][   T29] kauditd_printk_skb: 613 callbacks suppressed
[  146.220756][   T29] audit: type=1400 audit(1757480087.314:10322): avc:  denied  { setopt } for  pid=8164 comm="syz.3.1512" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  146.251481][   T29] audit: type=1326 audit(1757480087.344:10323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8183 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d39d2eba9 code=0x7ffc0000
[  146.317187][ T8184] loop2: detected capacity change from 0 to 512
[  146.319438][ T8184] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  146.323893][   T29] audit: type=1326 audit(1757480087.344:10324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8183 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8d39d2eba9 code=0x7ffc0000
[  146.356028][   T29] audit: type=1326 audit(1757480087.344:10325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8183 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d39d2eba9 code=0x7ffc0000
[  146.356058][   T29] audit: type=1326 audit(1757480087.344:10326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8183 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8d39d2eba9 code=0x7ffc0000
[  146.356091][   T29] audit: type=1326 audit(1757480087.384:10327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8183 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d39d2eba9 code=0x7ffc0000
[  146.356135][   T29] audit: type=1326 audit(1757480087.384:10328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8183 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d39d2eba9 code=0x7ffc0000
[  146.356182][   T29] audit: type=1326 audit(1757480087.404:10329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8183 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8d39d2eba9 code=0x7ffc0000
[  146.356286][   T29] audit: type=1326 audit(1757480087.404:10330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8183 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8d39d2eba9 code=0x7ffc0000
[  146.356308][   T29] audit: type=1326 audit(1757480087.404:10331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8183 comm="syz.2.1520" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f8d39d2eba9 code=0x7ffc0000
[  146.505864][ T8189] batadv0 (unregistering): left allmulticast mode
[  146.505886][ T8189] batadv0 (unregistering): left promiscuous mode
[  146.506005][ T8189] bridge0: port 3(batadv0) entered disabled state
[  146.712766][ T8194] Set syz1 is full, maxelem 65536 reached
[  146.908327][ T8210] loop4: detected capacity change from 0 to 128
[  146.938528][ T8212] __nla_validate_parse: 9 callbacks suppressed
[  146.938544][ T8212] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1533'.
[  146.938556][ T8212] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1533'.
[  146.939582][ T8210] loop9: detected capacity change from 0 to 7
[  146.939689][ T8210] Buffer I/O error on dev loop9, logical block 0, async page read
[  146.939760][ T8210] Buffer I/O error on dev loop9, logical block 0, async page read
[  146.939777][ T8210]  loop9: unable to read partition table
[  146.939793][ T8210] loop_reread_partitions: partition scan of loop9 (�被x������ڬ��dG�����ݡ�����
[  146.939793][ T8210] 
) failed (rc=-5)
[  146.994750][ T8212] 9pnet: Could not find request transport: t
[  147.059037][ T8220] bridge0: entered promiscuous mode
[  147.065810][ T8220] bridge0: port 3(macsec1) entered blocking state
[  147.072323][ T8220] bridge0: port 3(macsec1) entered disabled state
[  147.079044][ T8220] macsec1: entered allmulticast mode
[  147.079099][ T8215] loop4: detected capacity change from 0 to 512
[  147.084578][ T8220] bridge0: entered allmulticast mode
[  147.096493][ T8220] macsec1: left allmulticast mode
[  147.101629][ T8220] bridge0: left allmulticast mode
[  147.108226][ T8215] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  147.139012][ T8220] bridge0: left promiscuous mode
[  147.174246][ T8224] lo speed is unknown, defaulting to 1000
[  147.198246][ T8228] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1540'.
[  147.221472][ T8229] 9pnet_fd: Insufficient options for proto=fd
[  147.338286][ T8235] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1543'.
[  147.401420][ T8240] netlink: 'syz.4.1544': attribute type 6 has an invalid length.
[  147.413922][ T8240] loop4: detected capacity change from 0 to 512
[  147.421109][ T8240] EXT4-fs (loop4): unable to read superblock
[  147.452242][ T8244] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1546'.
[  147.487608][ T8246] netlink: 'syz.4.1547': attribute type 6 has an invalid length.
[  147.531873][ T8246] loop4: detected capacity change from 0 to 512
[  147.540783][ T8246] EXT4-fs (loop4): unable to read superblock
[  147.593218][ T8253] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1549'.
[  147.677958][ T8265] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1554'.
[  147.720853][ T8271] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1556'.
[  147.776203][ T8275] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1557'.
[  147.812908][ T8280] loop3: detected capacity change from 0 to 512
[  147.819978][ T8280] EXT4-fs (loop3): unable to read superblock
[  147.854290][ T8278] lo speed is unknown, defaulting to 1000
[  147.858370][ T8285] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1560'.
[  147.902007][ T8283] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  147.946260][ T8291] loop2: detected capacity change from 0 to 512
[  147.953936][ T8293] loop3: detected capacity change from 0 to 512
[  147.960882][ T8293] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  147.974828][ T8291] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.059582][ T8298] loop3: detected capacity change from 0 to 512
[  148.099064][ T8298] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.180758][ T8311] loop1: detected capacity change from 0 to 512
[  148.190710][ T8311] EXT4-fs (loop1): unable to read superblock
[  148.348888][ T8317] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  148.382273][ T8317] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  148.441956][ T8317] loop1: detected capacity change from 0 to 1024
[  148.681923][ T8326] loop4: detected capacity change from 0 to 512
[  148.697751][ T8324] loop6: detected capacity change from 0 to 512
[  148.731160][ T8327] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.771593][ T8326] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  148.792126][ T8327] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.813260][ T8324] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  148.852451][ T8327] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.892721][ T8327] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  149.029896][ T4705] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  149.084596][ T8326] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1575: bg 0: block 4: invalid block bitmap
[  149.086209][  T293] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  149.113310][  T293] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  149.121667][  T293] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  149.131087][ T8326] EXT4-fs (loop4): Remounting filesystem read-only
[  149.150422][ T8326] EXT4-fs (loop4): 1 truncate cleaned up
[  149.166687][ T8326] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.229386][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.311002][ T8333] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  149.321390][ T3310] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.340928][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.450843][ T8349] validate_nla: 2 callbacks suppressed
[  149.450859][ T8349] netlink: 'syz.4.1584': attribute type 6 has an invalid length.
[  149.469873][ T8349] loop4: detected capacity change from 0 to 512
[  149.477052][ T8349] EXT4-fs (loop4): unable to read superblock
[  149.529337][ T8355] netlink: 'syz.2.1587': attribute type 6 has an invalid length.
[  149.561915][ T8355] loop2: detected capacity change from 0 to 512
[  149.576802][ T8355] EXT4-fs (loop2): unable to read superblock
[  149.645934][ T8370] syz!: rxe_newlink: already configured on team_slave_0
[  149.862265][ T8381] netlink: 'syz.4.1599': attribute type 6 has an invalid length.
[  149.875768][ T8381] loop4: detected capacity change from 0 to 512
[  149.884530][ T8381] EXT4-fs (loop4): unable to read superblock
[  149.946766][ T8391] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[  149.953343][ T8391] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  149.960993][ T8391] vhci_hcd vhci_hcd.0: Device attached
[  150.134390][ T8410] loop2: detected capacity change from 0 to 512
[  150.141228][ T8410] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  150.152616][ T8410] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1611: bg 0: block 4: invalid block bitmap
[  150.165443][ T8410] EXT4-fs (loop2): Remounting filesystem read-only
[  150.172354][ T8410] EXT4-fs (loop2): 1 truncate cleaned up
[  150.178470][ T8410] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.202066][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.211152][   T10] usb 9-1: new low-speed USB device number 2 using vhci_hcd
[  150.234863][ T8413] netlink: 'syz.2.1612': attribute type 6 has an invalid length.
[  150.245691][ T8413] loop2: detected capacity change from 0 to 512
[  150.257987][ T8413] EXT4-fs (loop2): unable to read superblock
[  150.355601][ T8422] loop3: detected capacity change from 0 to 128
[  150.385556][ T8422] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  150.393473][ T8422] FAT-fs (loop3): Filesystem has been set read-only
[  150.408474][ T8422] syz.3.1616: attempt to access beyond end of device
[  150.408474][ T8422] loop3: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  150.423536][ T8422] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  150.431501][ T8422] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  150.440034][ T8422] syz.3.1616: attempt to access beyond end of device
[  150.440034][ T8422] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  150.453713][ T8422] syz.3.1616: attempt to access beyond end of device
[  150.453713][ T8422] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  150.468222][ T8422] syz.3.1616: attempt to access beyond end of device
[  150.468222][ T8422] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  150.482255][ T8422] syz.3.1616: attempt to access beyond end of device
[  150.482255][ T8422] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  150.504332][ T8422] syz.3.1616: attempt to access beyond end of device
[  150.504332][ T8422] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  150.535719][ T8436] netlink: 'syz.6.1621': attribute type 6 has an invalid length.
[  150.539142][ T8422] syz.3.1616: attempt to access beyond end of device
[  150.539142][ T8422] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  150.547230][ T8436] loop6: detected capacity change from 0 to 512
[  150.557834][ T8422] syz.3.1616: attempt to access beyond end of device
[  150.557834][ T8422] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  150.564292][ T8436] EXT4-fs (loop6): unable to read superblock
[  150.581903][ T8422] syz.3.1616: attempt to access beyond end of device
[  150.581903][ T8422] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  150.596476][ T8422] syz.3.1616: attempt to access beyond end of device
[  150.596476][ T8422] loop3: rw=0, sector=2065, nr_sectors = 8 limit=128
[  150.694348][ T8444] netlink: 'syz.6.1625': attribute type 6 has an invalid length.
[  150.705633][ T8444] loop6: detected capacity change from 0 to 512
[  150.712730][ T8444] EXT4-fs (loop6): unable to read superblock
[  150.749913][ T8446] loop6: detected capacity change from 0 to 512
[  150.760610][ T8446] EXT4-fs (loop6): orphan cleanup on readonly fs
[  150.768995][ T8446] EXT4-fs error (device loop6): ext4_quota_enable:7128: comm syz.6.1626: inode #218103808: comm syz.6.1626: iget: illegal inode #
[  150.782937][ T8392] vhci_hcd: connection reset by peer
[  150.788615][ T5095] vhci_hcd: stop threads
[  150.792962][ T5095] vhci_hcd: release socket
[  150.793827][ T8446] EXT4-fs error (device loop6): ext4_quota_enable:7131: comm syz.6.1626: Bad quota inode: 218103808, type: 2
[  150.797422][ T5095] vhci_hcd: disconnect device
[  150.819392][ T8446] EXT4-fs warning (device loop6): ext4_enable_quotas:7172: Failed to enable quota tracking (type=2, err=-117, ino=218103808). Please run e2fsck to fix.
[  150.835506][ T8446] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  150.843357][ T8446] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  150.869417][ T8446] macvtap0: refused to change device tx_queue_len
[  150.876673][ T8446] EXT4-fs error (device loop6): ext4_lookup:1791: inode #2: comm syz.6.1626: deleted inode referenced: 12
[  150.890658][ T8446] EXT4-fs error (device loop6): ext4_lookup:1791: inode #2: comm syz.6.1626: deleted inode referenced: 12
[  150.905634][ T8446] EXT4-fs error (device loop6): ext4_lookup:1791: inode #2: comm syz.6.1626: deleted inode referenced: 12
[  150.918048][ T8446] C: renamed from team_slave_0 (while UP)
[  150.925717][ T8446] netlink: 'syz.6.1626': attribute type 3 has an invalid length.
[  150.933512][ T8446] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  150.951289][ T8446] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  150.970508][ T8446] EXT4-fs error (device loop6): ext4_quota_enable:7128: comm syz.6.1626: inode #218103808: comm syz.6.1626: iget: illegal inode #
[  150.984550][ T8446] EXT4-fs error (device loop6): ext4_quota_enable:7131: comm syz.6.1626: Bad quota inode: 218103808, type: 2
[  150.996639][ T8446] EXT4-fs warning (device loop6): ext4_enable_quotas:7172: Failed to enable quota tracking (type=2, err=-117, ino=218103808). Please run e2fsck to fix.
[  151.033953][ T6759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.231987][   T29] kauditd_printk_skb: 1167 callbacks suppressed
[  151.232005][   T29] audit: type=1400 audit(1757480092.324:11499): avc:  denied  { tracepoint } for  pid=8457 comm="syz.3.1630" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=perf_event permissive=1
[  151.309699][   T29] audit: type=1326 audit(1757480092.394:11500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8465 comm="syz.3.1632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ffcf9eba9 code=0x7ffc0000
[  151.333390][   T29] audit: type=1326 audit(1757480092.394:11501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8465 comm="syz.3.1632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ffcf9eba9 code=0x7ffc0000
[  151.363625][ T8470] FAULT_INJECTION: forcing a failure.
[  151.363625][ T8470] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  151.376923][ T8470] CPU: 1 UID: 0 PID: 8470 Comm: syz.4.1634 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  151.376951][ T8470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  151.376961][ T8470] Call Trace:
[  151.376967][ T8470]  <TASK>
[  151.376977][ T8470]  __dump_stack+0x1d/0x30
[  151.377070][ T8470]  dump_stack_lvl+0xe8/0x140
[  151.377087][ T8470]  dump_stack+0x15/0x1b
[  151.377102][ T8470]  should_fail_ex+0x265/0x280
[  151.377153][ T8470]  should_fail+0xb/0x20
[  151.377170][ T8470]  should_fail_usercopy+0x1a/0x20
[  151.377191][ T8470]  _copy_to_user+0x20/0xa0
[  151.377218][ T8470]  simple_read_from_buffer+0xb5/0x130
[  151.377309][ T8470]  proc_fail_nth_read+0x10e/0x150
[  151.377332][ T8470]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  151.377359][ T8470]  vfs_read+0x1a5/0x770
[  151.377435][ T8470]  ? __rcu_read_unlock+0x4f/0x70
[  151.377488][ T8470]  ? __fget_files+0x184/0x1c0
[  151.377513][ T8470]  ksys_read+0xda/0x1a0
[  151.377536][ T8470]  __x64_sys_read+0x40/0x50
[  151.377561][ T8470]  x64_sys_call+0x27bc/0x2ff0
[  151.377579][ T8470]  do_syscall_64+0xd2/0x200
[  151.377666][ T8470]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  151.377692][ T8470]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  151.377719][ T8470]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.377739][ T8470] RIP: 0033:0x7efe9781d5bc
[  151.377781][ T8470] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  151.377802][ T8470] RSP: 002b:00007efe9627f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  151.377862][ T8470] RAX: ffffffffffffffda RBX: 00007efe97a65fa0 RCX: 00007efe9781d5bc
[  151.377875][ T8470] RDX: 000000000000000f RSI: 00007efe9627f0a0 RDI: 0000000000000004
[  151.377887][ T8470] RBP: 00007efe9627f090 R08: 0000000000000000 R09: 0000000000000000
[  151.377900][ T8470] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  151.377967][ T8470] R13: 00007efe97a66038 R14: 00007efe97a65fa0 R15: 00007ffc88203668
[  151.378012][ T8470]  </TASK>
[  151.586132][   T29] audit: type=1400 audit(1757480092.454:11502): avc:  denied  { read write } for  pid=8469 comm="syz.4.1634" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  151.611067][   T29] audit: type=1400 audit(1757480092.454:11503): avc:  denied  { open } for  pid=8469 comm="syz.4.1634" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  151.635845][   T29] audit: type=1326 audit(1757480092.474:11504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8465 comm="syz.3.1632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ffcf9eba9 code=0x7ffc0000
[  151.659353][   T29] audit: type=1326 audit(1757480092.474:11505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8465 comm="syz.3.1632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ffcf9eba9 code=0x7ffc0000
[  151.660416][ T8472] netlink: 'syz.3.1636': attribute type 6 has an invalid length.
[  151.683583][   T29] audit: type=1326 audit(1757480092.474:11506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8465 comm="syz.3.1632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ffcf9eba9 code=0x7ffc0000
[  151.715110][   T29] audit: type=1326 audit(1757480092.474:11507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8465 comm="syz.3.1632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3ffcf9eba9 code=0x7ffc0000
[  151.721191][ T8472] loop3: detected capacity change from 0 to 512
[  151.738693][   T29] audit: type=1326 audit(1757480092.474:11508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8465 comm="syz.3.1632" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ffcf9eba9 code=0x7ffc0000
[  151.786880][ T8477] loop1: detected capacity change from 0 to 1024
[  151.795662][ T8472] EXT4-fs (loop3): unable to read superblock
[  151.798536][ T8477] EXT4-fs (loop1): VFS: Can't find ext4 filesystem
[  151.960517][ T8500] __nla_validate_parse: 15 callbacks suppressed
[  151.960535][ T8500] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1643'.
[  152.177012][ T8509] rdma_rxe: rxe_newlink: failed to add lo
[  152.437791][ T8515] loop6: detected capacity change from 0 to 1024
[  152.450215][ T8518] netlink: 'syz.2.1652': attribute type 6 has an invalid length.
[  152.470429][ T8515] EXT4-fs (loop6): VFS: Can't find ext4 filesystem
[  152.497316][ T8518] loop2: detected capacity change from 0 to 512
[  152.580230][ T8518] EXT4-fs (loop2): unable to read superblock
[  152.653127][ T8516] Set syz1 is full, maxelem 65536 reached
[  152.664975][ T8522] FAULT_INJECTION: forcing a failure.
[  152.664975][ T8522] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  152.678324][ T8522] CPU: 1 UID: 0 PID: 8522 Comm: syz.6.1654 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  152.678354][ T8522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  152.678391][ T8522] Call Trace:
[  152.678398][ T8522]  <TASK>
[  152.678406][ T8522]  __dump_stack+0x1d/0x30
[  152.678430][ T8522]  dump_stack_lvl+0xe8/0x140
[  152.678447][ T8522]  dump_stack+0x15/0x1b
[  152.678462][ T8522]  should_fail_ex+0x265/0x280
[  152.678538][ T8522]  should_fail+0xb/0x20
[  152.678631][ T8522]  should_fail_usercopy+0x1a/0x20
[  152.678655][ T8522]  _copy_from_user+0x1c/0xb0
[  152.678719][ T8522]  tcp_v6_parse_md5_keys+0x9a/0x450
[  152.678758][ T8522]  do_tcp_setsockopt+0xf24/0x1670
[  152.678832][ T8522]  ? selinux_socket_setsockopt+0x1ad/0x1e0
[  152.678866][ T8522]  tcp_setsockopt+0x51/0xb0
[  152.678891][ T8522]  sock_common_setsockopt+0x69/0x80
[  152.678952][ T8522]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  152.679007][ T8522]  __sys_setsockopt+0x181/0x200
[  152.679105][ T8522]  __x64_sys_setsockopt+0x64/0x80
[  152.679130][ T8522]  x64_sys_call+0x20ec/0x2ff0
[  152.679149][ T8522]  do_syscall_64+0xd2/0x200
[  152.679175][ T8522]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  152.679222][ T8522]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  152.679303][ T8522]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.679322][ T8522] RIP: 0033:0x7fca22a9eba9
[  152.679337][ T8522] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.679353][ T8522] RSP: 002b:00007fca21507038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  152.679376][ T8522] RAX: ffffffffffffffda RBX: 00007fca22ce5fa0 RCX: 00007fca22a9eba9
[  152.679391][ T8522] RDX: 000000000000000e RSI: 0000000000000006 RDI: 0000000000000003
[  152.679472][ T8522] RBP: 00007fca21507090 R08: 00000000000000d8 R09: 0000000000000000
[  152.679534][ T8522] R10: 0000200000000300 R11: 0000000000000246 R12: 0000000000000001
[  152.679547][ T8522] R13: 00007fca22ce6038 R14: 00007fca22ce5fa0 R15: 00007fff5e1eee48
[  152.679565][ T8522]  </TASK>
[  152.908694][ T8526] batadv0: entered promiscuous mode
[  152.929763][ T8530] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1658'.
[  153.046867][ T8543] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1663'.
[  153.066597][ T3542] IPVS: starting estimator thread 0...
[  153.072453][ T8536] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  153.107753][ T8549] loop3: detected capacity change from 0 to 1024
[  153.124051][ T8549] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  153.170292][ T8547] IPVS: using max 2736 ests per chain, 136800 per kthread
[  153.219324][ T8562] netlink: 'syz.6.1669': attribute type 6 has an invalid length.
[  153.230461][ T8562] loop6: detected capacity change from 0 to 512
[  153.268780][ T8562] EXT4-fs (loop6): unable to read superblock
[  153.418866][ T8567] pim6reg: entered allmulticast mode
[  153.424816][ T8567] pim6reg: left allmulticast mode
[  153.478108][ T8567] pimreg: entered allmulticast mode
[  153.484042][ T8567] pimreg: left allmulticast mode
[  153.535793][ T8579] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1671'.
[  153.603663][ T8584] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1678'.
[  153.624268][ T8588] loop6: detected capacity change from 0 to 512
[  153.631804][ T8588] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  153.646617][ T8582] FAULT_INJECTION: forcing a failure.
[  153.646617][ T8582] name failslab, interval 1, probability 0, space 0, times 0
[  153.663385][ T8582] CPU: 0 UID: 0 PID: 8582 Comm: syz.4.1672 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  153.663479][ T8582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  153.663491][ T8582] Call Trace:
[  153.663498][ T8582]  <TASK>
[  153.663570][ T8582]  __dump_stack+0x1d/0x30
[  153.663640][ T8582]  dump_stack_lvl+0xe8/0x140
[  153.663660][ T8582]  dump_stack+0x15/0x1b
[  153.663677][ T8582]  should_fail_ex+0x265/0x280
[  153.663704][ T8582]  should_failslab+0x8c/0xb0
[  153.663727][ T8582]  kmem_cache_alloc_node_noprof+0x57/0x320
[  153.663783][ T8582]  ? __alloc_skb+0x101/0x320
[  153.663804][ T8582]  __alloc_skb+0x101/0x320
[  153.663823][ T8582]  netlink_alloc_large_skb+0xba/0xf0
[  153.663844][ T8582]  netlink_sendmsg+0x3cf/0x6b0
[  153.663914][ T8582]  ? __pfx_netlink_sendmsg+0x10/0x10
[  153.664011][ T8582]  __sock_sendmsg+0x142/0x180
[  153.664089][ T8582]  ____sys_sendmsg+0x31e/0x4e0
[  153.664115][ T8582]  ___sys_sendmsg+0x17b/0x1d0
[  153.664136][ T8582]  ? prepare_signal+0x596/0x670
[  153.664241][ T8582]  __x64_sys_sendmsg+0xd4/0x160
[  153.664266][ T8582]  x64_sys_call+0x191e/0x2ff0
[  153.664364][ T8582]  do_syscall_64+0xd2/0x200
[  153.664396][ T8582]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  153.664427][ T8582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  153.664493][ T8582] RIP: 0033:0x7efe9781eba9
[  153.664509][ T8582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  153.664525][ T8582] RSP: 002b:00007efe9625e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  153.664545][ T8582] RAX: ffffffffffffffda RBX: 00007efe97a66090 RCX: 00007efe9781eba9
[  153.664615][ T8582] RDX: 0000000000008000 RSI: 0000200000000780 RDI: 0000000000000004
[  153.664738][ T8582] RBP: 00007efe9625e090 R08: 0000000000000000 R09: 0000000000000000
[  153.664750][ T8582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  153.664762][ T8582] R13: 00007efe97a66128 R14: 00007efe97a66090 R15: 00007ffc88203668
[  153.664779][ T8582]  </TASK>
[  153.667063][ T8588] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.1679: bg 0: block 4: invalid block bitmap
[  153.879918][ T8588] EXT4-fs (loop6): Remounting filesystem read-only
[  153.886796][ T8588] EXT4-fs (loop6): 1 truncate cleaned up
[  153.893173][ T8588] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.918256][ T6759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.011934][ T8599] syz!: rxe_newlink: already configured on team_slave_0
[  154.219022][ T8601] loop6: detected capacity change from 0 to 512
[  154.226018][ T8601] EXT4-fs (loop6): unable to read superblock
[  154.286759][ T8608] netlink: 256 bytes leftover after parsing attributes in process `syz.6.1686'.
[  154.315200][ T8613] loop4: detected capacity change from 0 to 1024
[  154.322273][ T8605] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1685'.
[  154.336032][ T8613] EXT4-fs: Ignoring removed orlov option
[  154.352319][ T8613] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.376300][ T8620] loop2: detected capacity change from 0 to 512
[  154.384608][ T8620] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  154.402596][ T8620] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.415215][ T8620] ext4 filesystem being mounted at /384/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  154.503809][ T8628] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1691'.
[  154.565460][ T8620] veth0: entered promiscuous mode
[  154.570786][ T8631] loop3: detected capacity change from 0 to 1024
[  154.577806][ T8633] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1693'.
[  154.587859][ T8619] veth0: left promiscuous mode
[  154.594711][ T8631] EXT4-fs (loop3): VFS: Can't find ext4 filesystem
[  154.708675][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.769012][ T8640] validate_nla: 1 callbacks suppressed
[  154.769028][ T8640] netlink: 'syz.3.1695': attribute type 6 has an invalid length.
[  154.788529][ T8643] netlink: 'syz.2.1696': attribute type 4 has an invalid length.
[  154.796803][ T8640] loop3: detected capacity change from 0 to 512
[  154.811288][ T8640] EXT4-fs (loop3): unable to read superblock
[  154.823342][ T3385] lo speed is unknown, defaulting to 1000
[  154.829210][ T3385] s
z1: Port: 1 Link DOWN
[  154.838926][ T8643] netlink: 'syz.2.1696': attribute type 4 has an invalid length.
[  154.850260][ T3395] lo speed is unknown, defaulting to 1000
[  154.872384][ T3395] lo speed is unknown, defaulting to 1000
[  154.878287][ T3395] s
z1: Port: 1 Link ACTIVE
[  154.922530][ T2957] lo speed is unknown, defaulting to 1000
[  154.994180][ T8657] loop6: detected capacity change from 0 to 512
[  155.006384][ T8658] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  155.018568][ T8662] loop1: detected capacity change from 0 to 512
[  155.029455][ T8662] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  155.030034][ T8657] EXT4-fs (loop6): orphan cleanup on readonly fs
[  155.039591][ T8658] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  155.054270][ T8657] EXT4-fs error (device loop6): ext4_quota_enable:7128: comm syz.6.1703: inode #218103808: comm syz.6.1703: iget: illegal inode #
[  155.068966][ T8657] EXT4-fs error (device loop6): ext4_quota_enable:7131: comm syz.6.1703: Bad quota inode: 218103808, type: 2
[  155.084824][ T8665] loop2: detected capacity change from 0 to 512
[  155.090716][ T8658] loop3: detected capacity change from 0 to 1024
[  155.102408][ T8657] EXT4-fs warning (device loop6): ext4_enable_quotas:7172: Failed to enable quota tracking (type=2, err=-117, ino=218103808). Please run e2fsck to fix.
[  155.117997][ T8662] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1706: bg 0: block 4: invalid block bitmap
[  155.162945][ T8657] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  155.206317][ T8662] EXT4-fs (loop1): Remounting filesystem read-only
[  155.215244][ T8662] EXT4-fs (loop1): 1 truncate cleaned up
[  155.217875][ T8657] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  155.222343][ T8662] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.240164][   T10] usb 9-1: enqueue for inactive port 0
[  155.251387][   T10] usb 9-1: enqueue for inactive port 0
[  155.261224][ T8657] macvtap0: refused to change device tx_queue_len
[  155.268162][ T8657] EXT4-fs error (device loop6): ext4_lookup:1791: inode #2: comm syz.6.1703: deleted inode referenced: 12
[  155.277069][ T8665] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.282813][ T8657] EXT4-fs error (device loop6): ext4_lookup:1791: inode #2: comm syz.6.1703: deleted inode referenced: 12
[  155.303651][ T3302] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.307675][ T8657] EXT4-fs error (device loop6): ext4_lookup:1791: inode #2: comm syz.6.1703: deleted inode referenced: 12
[  155.339823][ T8657] netlink: 'syz.6.1703': attribute type 3 has an invalid length.
[  155.347668][ T8657] netlink: 140 bytes leftover after parsing attributes in process `syz.6.1703'.
[  155.356760][ T8657] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  155.374703][   T10] vhci_hcd: vhci_device speed not set
[  155.387005][ T8669] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.463113][ T8669] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.477778][ T8671] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  155.522407][ T8669] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.572791][ T8669] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.666368][ T5093] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  155.675857][ T5093] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  155.684291][ T8671] EXT4-fs error (device loop6): ext4_quota_enable:7128: comm syz.6.1703: inode #218103808: comm syz.6.1703: iget: illegal inode #
[  155.698595][ T5093] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  155.725008][ T8671] EXT4-fs error (device loop6): ext4_quota_enable:7131: comm syz.6.1703: Bad quota inode: 218103808, type: 2
[  155.741742][ T5093] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  155.785585][ T8671] EXT4-fs warning (device loop6): ext4_enable_quotas:7172: Failed to enable quota tracking (type=2, err=-117, ino=218103808). Please run e2fsck to fix.
[  155.908554][ T6759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.934320][ T8676] netlink: 'syz.6.1709': attribute type 6 has an invalid length.
[  155.945584][ T8676] loop6: detected capacity change from 0 to 512
[  155.972331][ T8676] EXT4-fs (loop6): unable to read superblock
[  156.070015][ T8680] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  156.078223][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.191537][ T8692] loop1: detected capacity change from 0 to 512
[  156.196058][ T8695] loop2: detected capacity change from 0 to 1024
[  156.201453][ T8692] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  156.205654][ T8695] EXT4-fs (loop2): VFS: Can't find ext4 filesystem
[  156.244800][   T29] kauditd_printk_skb: 518 callbacks suppressed
[  156.244819][   T29] audit: type=1326 audit(1757480097.334:12027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8690 comm="syz.1.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  156.281798][   T29] audit: type=1326 audit(1757480097.334:12028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8690 comm="syz.1.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  156.305338][   T29] audit: type=1326 audit(1757480097.334:12029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8690 comm="syz.1.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  156.329126][   T29] audit: type=1326 audit(1757480097.354:12030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8690 comm="syz.1.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  156.337288][ T8702] loop2: detected capacity change from 0 to 512
[  156.352752][   T29] audit: type=1326 audit(1757480097.354:12031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8690 comm="syz.1.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  156.360998][ T8702] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  156.382923][   T29] audit: type=1326 audit(1757480097.354:12032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8690 comm="syz.1.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  156.416589][   T29] audit: type=1326 audit(1757480097.354:12033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8690 comm="syz.1.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  156.440188][   T29] audit: type=1326 audit(1757480097.354:12034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8690 comm="syz.1.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  156.463624][   T29] audit: type=1326 audit(1757480097.354:12035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8690 comm="syz.1.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  156.487231][   T29] audit: type=1326 audit(1757480097.354:12036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8690 comm="syz.1.1716" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c005ceba9 code=0x7ffc0000
[  156.512164][ T8702] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.1718: bg 0: block 4: invalid block bitmap
[  156.524783][ T8702] EXT4-fs (loop2): Remounting filesystem read-only
[  156.531482][ T8702] EXT4-fs (loop2): 1 truncate cleaned up
[  156.537664][ T8702] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  156.562663][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  156.605246][ T8708] loop2: detected capacity change from 0 to 512
[  156.612319][ T8708] SELinux: security_context_str_to_sid (unconfined_u) failed with errno=-22
[  156.649009][ T8710] loop2: detected capacity change from 0 to 512
[  156.659314][ T8710] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.322496][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.377092][ T8733] loop4: detected capacity change from 0 to 512
[  157.387006][ T8733] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  157.416702][ T8733] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.1732: bg 0: block 4: invalid block bitmap
[  157.431656][ T8733] EXT4-fs (loop4): Remounting filesystem read-only
[  157.438431][ T8733] EXT4-fs (loop4): 1 truncate cleaned up
[  157.444980][ T8733] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  157.470108][ T3303] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.542667][ T8736] random: crng reseeded on system resumption
[  157.767670][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.799886][ T8743] netlink: 'syz.4.1735': attribute type 13 has an invalid length.
[  158.086301][ T8748] netlink: 'syz.2.1737': attribute type 6 has an invalid length.
[  158.152033][ T8750] loop2: detected capacity change from 0 to 512
[  158.177222][ T8750] EXT4-fs (loop2): unable to read superblock
[  158.240555][ T8743] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.247766][ T8743] bridge0: port 1(bridge_slave_0) entered disabled state
[  158.336449][ T8757] loop6: detected capacity change from 0 to 512
[  158.353649][ T8757] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  158.411878][ T8760] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  158.684403][ T8751] Set syz1 is full, maxelem 65536 reached
[  158.734586][ T5083] netdevsim netdevsim4 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  158.744152][ T5083] netdevsim netdevsim4 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  158.778752][ T5083] netdevsim netdevsim4 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  158.793474][ T5083] netdevsim netdevsim4 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  158.897305][ T8774] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  158.917207][ T8774] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  158.944373][ T8776] syzkaller0: entered allmulticast mode
[  158.947301][ T8779] __nla_validate_parse: 4 callbacks suppressed
[  158.947318][ T8779] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1745'.
[  158.954933][ T8774] loop3: detected capacity change from 0 to 1024
[  158.979829][ T8776] syzkaller0 (unregistering): left allmulticast mode
[  158.992002][ T8782] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1750'.
[  159.219023][ T8786] netlink: 404 bytes leftover after parsing attributes in process `syz.3.1748'.
[  159.327574][ T8788] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.393068][ T8788] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.452226][ T8788] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.622824][ T8788] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.635711][ T8797] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  159.704078][ T8801] random: crng reseeded on system resumption
[  159.746496][ T6759] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.915019][ T8805] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  160.229200][ T8813] netlink: 'syz.1.1760': attribute type 4 has an invalid length.
[  160.243472][ T8813] netlink: 'syz.1.1760': attribute type 4 has an invalid length.
[  160.296557][ T8818] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1761'.
[  160.319370][ T8820] random: crng reseeded on system resumption
[  160.521760][ T5083] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  160.547662][ T5083] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  160.556097][ T5083] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  160.617831][ T8830] loop4: detected capacity change from 0 to 512
[  160.624761][ T5083] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  160.633979][ T8830] EXT4-fs: Ignoring removed orlov option
[  160.639809][ T8830] EXT4-fs: Ignoring removed i_version option
[  160.763278][ T8830] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  160.861382][ T8830] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  160.875615][ T8830] ext4 filesystem being mounted at /363/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  160.904348][ T8830] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #2: comm syz.4.1764: corrupted inode contents
[  160.937465][ T8830] EXT4-fs (loop4): Remounting filesystem read-only
[  161.393261][ T5093] __quota_error: 433 callbacks suppressed
[  161.393274][ T5093] Quota error (device loop4): dquot_write_dquot: Can't write quota structure (error -30). Quota may get out of sync!
[  161.442428][ T8859] netlink: 'syz.4.1777': attribute type 4 has an invalid length.
[  161.451868][ T8859] netlink: 'syz.4.1777': attribute type 4 has an invalid length.
[  161.674381][   T29] audit: type=1326 audit(1757480102.764:12470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8871 comm="syz.4.1784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe9781eba9 code=0x7ffc0000
[  161.698005][   T29] audit: type=1326 audit(1757480102.764:12471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8871 comm="syz.4.1784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe9781eba9 code=0x7ffc0000
[  161.721718][   T29] audit: type=1326 audit(1757480102.764:12472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8871 comm="syz.4.1784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efe9781eba9 code=0x7ffc0000
[  161.748732][   T29] audit: type=1326 audit(1757480102.764:12473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8871 comm="syz.4.1784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe9781eba9 code=0x7ffc0000
[  161.772344][   T29] audit: type=1326 audit(1757480102.764:12474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8871 comm="syz.4.1784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe9781eba9 code=0x7ffc0000
[  161.796115][   T29] audit: type=1326 audit(1757480102.764:12475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8871 comm="syz.4.1784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efe9781eba9 code=0x7ffc0000
[  161.819701][   T29] audit: type=1326 audit(1757480102.764:12476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8871 comm="syz.4.1784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe9781eba9 code=0x7ffc0000
[  161.843329][   T29] audit: type=1326 audit(1757480102.784:12477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8871 comm="syz.4.1784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efe9781eba9 code=0x7ffc0000
[  161.867558][   T29] audit: type=1326 audit(1757480102.784:12478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8871 comm="syz.4.1784" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe9781eba9 code=0x7ffc0000
[  161.899563][ T8882] netlink: 'syz.1.1788': attribute type 4 has an invalid length.
[  161.943154][ T8882] netlink: 'syz.1.1788': attribute type 4 has an invalid length.
[  161.965874][ T8884] netlink: 'syz.2.1789': attribute type 6 has an invalid length.
[  161.989548][ T8884] loop2: detected capacity change from 0 to 512
[  161.999888][ T8884] EXT4-fs (loop2): unable to read superblock
[  162.061600][ T8898] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1796'.
[  162.122481][ T8905] loop2: detected capacity change from 0 to 1024
[  162.148343][ T8905] EXT4-fs: Ignoring removed orlov option
[  162.222353][ T8905] EXT4-fs mount: 1 callbacks suppressed
[  162.222444][ T8905] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.246410][ T8918] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  162.256450][ T8919] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1800'.
[  162.323335][ T8924] netlink: 'syz.3.1805': attribute type 6 has an invalid length.
[  162.334391][ T8924] loop3: detected capacity change from 0 to 512
[  162.341825][ T8924] EXT4-fs (loop3): unable to read superblock
[  162.371397][ T8929] netlink: 'syz.3.1806': attribute type 4 has an invalid length.
[  162.383598][ T8929] netlink: 'syz.3.1806': attribute type 4 has an invalid length.
[  162.430616][ T8930] ==================================================================
[  162.438761][ T8930] BUG: KCSAN: data-race in filemap_read / filemap_read
[  162.446068][ T8930] 
[  162.448414][ T8930] write to 0xffff8881184f6ee8 of 8 bytes by task 8927 on cpu 0:
[  162.456056][ T8930]  filemap_read+0x974/0xa00
[  162.460582][ T8930]  generic_file_read_iter+0x79/0x330
[  162.465874][ T8930]  ext4_file_read_iter+0x1cc/0x290
[  162.471017][ T8930]  copy_splice_read+0x43f/0x660
[  162.475888][ T8930]  splice_direct_to_actor+0x290/0x680
[  162.481272][ T8930]  do_splice_direct+0xda/0x150
[  162.486046][ T8930]  do_sendfile+0x380/0x650
[  162.490663][ T8930]  __x64_sys_sendfile64+0x105/0x150
[  162.495961][ T8930]  x64_sys_call+0x2bb0/0x2ff0
[  162.500656][ T8930]  do_syscall_64+0xd2/0x200
[  162.505180][ T8930]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.511095][ T8930] 
[  162.513533][ T8930] read to 0xffff8881184f6ee8 of 8 bytes by task 8930 on cpu 1:
[  162.521100][ T8930]  filemap_read+0x6f/0xa00
[  162.525631][ T8930]  generic_file_read_iter+0x79/0x330
[  162.530943][ T8930]  ext4_file_read_iter+0x1cc/0x290
[  162.536085][ T8930]  copy_splice_read+0x43f/0x660
[  162.540959][ T8930]  splice_direct_to_actor+0x290/0x680
[  162.546351][ T8930]  do_splice_direct+0xda/0x150
[  162.551131][ T8930]  do_sendfile+0x380/0x650
[  162.555593][ T8930]  __x64_sys_sendfile64+0x105/0x150
[  162.560811][ T8930]  x64_sys_call+0x2bb0/0x2ff0
[  162.565588][ T8930]  do_syscall_64+0xd2/0x200
[  162.570151][ T8930]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  162.576056][ T8930] 
[  162.578373][ T8930] value changed: 0x000000000000015f -> 0x0000000000000160
[  162.585481][ T8930] 
[  162.587814][ T8930] Reported by Kernel Concurrency Sanitizer on:
[  162.593954][ T8930] CPU: 1 UID: 0 PID: 8930 Comm: syz.2.1799 Not tainted syzkaller #0 PREEMPT(voluntary) 
[  162.603758][ T8930] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  162.613870][ T8930] ==================================================================
[  165.121643][ T3307] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.