last executing test programs:

43.762176587s ago: executing program 4 (id=9):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000dc0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xf, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x26, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdc9, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r2}, 0x18)
ioprio_set$pid(0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000340)='kmem_cache_free\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f00000000c0)='./file0\x00', 0x1000000, &(0x7f00000003c0)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c756e695f786c6174653d312c636865636b3d7374726963742c646f733178666c6f7070792c757466383d312c757466383d312c757466383d302c696f636861727365743d6370313235de26302c696f636861727365743d69736f383835392d342c696f636861727365743d64656661756c742c73686f72746e616d653d6d69786564", @ANYRES8=0x0], 0xfe, 0x19c, &(0x7f0000000200)="$eJzs281qE1EYBuA3tdW2LtKFK3Ex4MZVaHsFFqkgBgSlCwVBsQ1IRwIWArqw2bnwJrwct3olLrsQRppp7Q+piNoMJM+zyQfnvMl3DiSZMzAvbr3Z3e7v9Z73vmSx1crc3arKQSsrmcuxYQCAaXJQVfleVVV1bZilz6mqqumOAIDL5v8fAGbPk6fPHm50u5uPi2IxKT8OtgZb9Ws9vtHL65TZyWra+ZHDC4QjdX3/QXdztRhZyady/yi/P9i6cja/lnZWxufX6nxxNr+Q5dP59bRzY3x+fWz+au7cPpXvpJ1vr9JPme0cZk/yH9aK4t6j7rn89dE8AAAAmAad4pex5/dO56LxOr/R+uP7A+fO1/O5Od/s2gFgVu29e7/7six33jZWJBn+Zs7X5brRyTVW/GX8eEub3Mx/K5by/995Ic2va3qK/txlf8RiklHR4I8SMBEn3/6mOwEAAAAAAAAAAAAAAC4yiUeXml4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALPnZwAAAP//RL2Oaw==")
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)

43.005864482s ago: executing program 4 (id=14):
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
r0 = add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000180)={'fscrypt:', @desc2}, &(0x7f0000000340)={0x0, "69dcaf20127e9a854528f45826cb35be51ca73845d177dd8dba7221daeccfda56b75cfe286fdd14cb5b11b1cab614fec2236da7d88ea0f0700", 0x3f}, 0x48, 0xfffffffffffffffe)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x45, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
openat$nvram(0xffffffffffffff9c, &(0x7f00000002c0), 0x88002, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0\x00', 0x1000000, &(0x7f0000000440)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72742e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000caa314acf7"], 0x1, 0x2cb, &(0x7f0000000cc0)="$eJzs3c9rE1sUwPHTpm3SljZ58HjwHjw94EY3QxsXLjVIC2JAqU1RF8LUTjRkTMpMqEREsxG3/hGuKu7cCerSTTfiQvfuiiC66UIcyUymJm1a0+ZHY/v9QHtPcu7hnrbTclJIsn71yZ181jWyZkkGYyqDIhXZEElUo5qB2jroxyNSryKnxr99/P/KtesXU+n0zJzqbGr+dFJVJ4+/Cre+mHwZlbXEjfUvyU9r/6z9u/5j/nbO1ZyrhWJJTV0sFkvmom3pUs7NG6qXbct0Lc0VXMtpyGft4vJyWc3C0sTYsmO5rpqFsuatspaKWnLKat4ycwU1DEMnxuRoG2phT2Z1bs5M7Zj2Ih3tCF032uxOx0lVmiczqz3oCQAA9Jnd5/9ggN95/k8vBOsO8//d+8Nn3pTGF4L5//lTkdbmf5HG+f9DW/P/QE+/oX2u0nDrN/M/DgXHSZljtd/fRsz/AAAAAAAAAAAAAAAAAAAAAAD8CTY8L+55Xjxcw4+oiMREJLx90H2iO/b58z97QO2iw+qeuBcTsR+vZEYlWIN8Kis5scWSKYnLd/96qAni2QvpmSn1JeS1/XAlU62srhGJhvWhRLP6Y39NB/XaWD8stWfwBecnJS5/Nz8/2bR+RE6eqOvfkLi8uylFsWXJv66ffa1+rtY/mFY9fym9pX7U3wcAAAAAwGFg6KZtj9/9vL8hJtvzQf0e/j+w5fH1kPzXyktUAgAAAACAtrnle3nTti1nH0FURNoo30PgDXT9iM4FEemLNrYE50SkD9roVRATkeAe3U/5583ylqq8FvYMiUi7X1esh5fWQf9lAgAAANBpv4b+PRS9f9TFjgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOHpafT2wcP+2VJjYpbzuuIi83Xx7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODI+RkAAP//KGghCg==")
r2 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='timer_start\x00', r4}, 0x10)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000940))
mkdirat(r2, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r6 = socket$inet_mptcp(0x2, 0x1, 0x106)
recvmmsg(r6, &(0x7f0000005c80), 0x400030f, 0x0, 0x0)
listen(r6, 0xd3)
sendmsg$inet(r6, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0xf3b04ff45d9e12fb)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r5}, 0x18)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x4004014)
sendmsg$NFT_BATCH(r7, &(0x7f0000000d80)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d00)=ANY=[@ANYBLOB="140000001000010000000000000000000220000a3c000000120a09080000000000000000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a"], 0x64}, 0x1, 0x0, 0x0, 0x5}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
set_mempolicy(0x3, &(0x7f0000000000)=0x4000000ffb, 0x8)
r8 = socket$caif_stream(0x25, 0x1, 0x0)
sendmmsg$inet(r8, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}, 0x1000000}], 0x1, 0x0)

42.808913826s ago: executing program 4 (id=16):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, 0x0, 0x0)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
lchown(&(0x7f0000000700)='./file0\x00', 0x0, 0x0)

42.629695009s ago: executing program 4 (id=19):
r0 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/fs/binfmt_misc/syz3\x00', 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x808003, &(0x7f0000000000), 0x3, 0x4fc, &(0x7f0000001500)="$eJzs3c9vG1kdAPDvOHFIdlOSBQ7LSuxGiFV3BbWTDbuNOLRFQnCqBJR7CIkTRXHiKHbaJqpQKs4ICSFAcIETFyT+ACTUPwEhVYJ7hRCogrYcOBSMxh63wdhJqtpx6nw+0uu8efPj+32uPPabmXgCOLdmIuJaRIxExPsRMZW157ISB82Srvf40Z3ltCRRr9/4exJJ1tbaV5JNX882G4+Ib34t4jtJ0mw4pLq3v7FULpd2svlibXO7WN3bv7S+ubRWWittzc/PfbRweeHDhdme9fXKV/7y4x/86qtXfveFWw8W//bed9N8J7Nlh/vRS83XJN94LVpGI2KnH8EGYCTrT/4kKyf9zwcAgKOl3/E/ERGfjYgnPxt0NgAAAEA/1K9OxtMkog4AAAAMrVzjHtgkV8juBZiMXK5QaN7D+6m4GuVKtfb51cru1krzXtnpyOdW18ul2exe4enIJ+n8XKP+fP6Dtvn5iHgjIn40NdGYLyxXyiuDPvkBAAAA50Q6zp/MNevp5J9TzfE/AAAAMGSmB50AAAAA0HfG/wAAADD8/n/8P9OcJKOnnwwAAADQa1+/fj0t9dbzr1du7u1uVG5eWilVNwqbu8uF5crOdmGtUllr/Gbf5nH7K1cq21+Mrd3bxVqpWitW9/YXNyu7W7XFxnO9F0snek40AAAA0FNvvHPvT0lEHHxpolFSY9kyY3UYbrkXWz3pVx7A6RsZdALAwLjBF84v73/guIH9+CnlAQAA9M/FTz+7/j8Rh67/X3jg+j8Muxe8/g8MEdf/4fxqu/73ixNt9LTen2SAU2WMDxx3HqDr9f/f9z4XAACgPyYbJckVsjHAZORyhULEhcZjAfLJ6nq5NBsRH4+IP07lP5bOzw06aQAAAAAAAAAAAAAAAAAAAAAAAAB4xdTrSdQBAACAoRaR+2sSEUmMR0x9brL9/MBY8q+pxjQibv38xk9uL9VqO3Np+z+etdd+mrV/MIgzGAAAAEC71ji9NY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF56/OjOcqscan6333EffjkipjvFH43xxnQ88hHx2pMkRg9tl0TESA/iH9yNiDc7xU/StGI6y6I9fi4iJgYc//UexIfz7F56/LnW6f2Xi5nGtPP7bzQrL+vhTLfjX+7Z8W+ky/HvwjH7Hsumb93/TbFr/LsRb412Pv604o+95PH329/a3++2rP7LiIsdP3+S/4lVrG1uF6t7+5fWN5fWSmulrfn5uY8WLi98uDBbXF0vl7J/O8b44Wd++5+j+v9al/jTWf+T9v4nzZzq9c77fKdt/t/3bz/6ZKcVk4iH38/qHf7/3+wWP3vt380+B9LlF1v1g2b9sLd//Ye3j+r/Spf+jx8RP217r9tO27z/je/9uVnLn3ALAKCfqnv7G0vlcmnnVa+knTkDafSwMnM20hj2SmsUdVbyOSuVwR6XAACA3nv+pX/QmQAAAAAAAAAAAAAAAAAAAMD51fr7/9ZvOffj58QOxxtvVZLk1PsKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCU/wYAAP//VsvQDw==")
r1 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d)
write$binfmt_register(r1, &(0x7f0000000000)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x7, 0x3a, 'M', 0x3a, 'M', 0x3a, './file2', 0x3a, [0x46]}, 0x2a)
r2 = syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1b, 0x10, &(0x7f0000000400)=ANY=[@ANYRESDEC=r2, @ANYRESHEX=r5, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='kmem_cache_free\x00', r6, 0x0, 0x100000000}, 0x18)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4)
fcntl$getown(r0, 0x9)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
r8 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x29, &(0x7f0000001500)=[{&(0x7f0000001580)="d80000001a0081044e81f782db4cb9040a1d08007b490d4f1e81f8d815000100ff05142603600e12080005007a010401a80016002000034004000000035c0461c9d67f6f940071342e875fab7cb6cec6cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b141993c034e653fe8efe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9ee5350db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e", 0xd8}], 0x1}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r7, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000380)={<r9=>0xffffffffffffffff}, 0x2, 0x9}}, 0x20)
mount(&(0x7f0000000180)=@loop={'/dev/loop', 0x0}, &(0x7f00000001c0)='./file2\x00', &(0x7f0000000280)='exofs\x00', 0x4, &(0x7f0000000300)='/proc/sys/fs/binfmt_misc/syz3\x00')
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=ANY=[@ANYBLOB="18009500"/24], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r10}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, &(0x7f00000002c0)}, 0x20)
creat(&(0x7f0000000340)='./file0\x00', 0x100)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB], 0xfe1b)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010077228a18000000000000000c0000000c00000004000000ea77ea9d000000000000000000"], 0x0, 0x28}, 0x28)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="0000186df4b1768c36153d42", @ANYRES32, @ANYBLOB="1c00000000000300000000000000010045"], 0x0}, 0x90)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000080)={'sit0\x00'})
socketpair(0x1, 0x0, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_SET_FILTER(r11, 0x89f1, &(0x7f0000000080))
write$RDMA_USER_CM_CMD_RESOLVE_IP(r7, &(0x7f0000000200)={0x3, 0x40, 0xfa00, {{0xa, 0xfffe, 0x0, @empty, 0x4}, {0xa, 0x0, 0x0, @loopback, 0x7}, r9, 0x400}}, 0x48)
write$RDMA_USER_CM_CMD_JOIN_MCAST(r7, &(0x7f0000000d40)={0x16, 0x98, 0xfa00, {0x0, 0x2, r9, 0x30, 0x1, @ib={0x1b, 0x8000, 0xfff, {"3f8c0d6cf777eaa6ace6d3ec00ed4771"}, 0x500e, 0x0, 0x5}}}, 0xa0)

42.262789586s ago: executing program 4 (id=24):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffa, 0x10000}, 0x28)
sched_setaffinity(0x0, 0x0, 0x0)
socket$inet6(0xa, 0x80001, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
syz_io_uring_setup(0xbc3, &(0x7f0000000100)={0x0, 0x3bdb, 0x86931191b2792b24, 0x200002, 0x1b1}, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xffffffff, 0x0, 0x0, 0x1, 0x0, 0x0, 0xa}, &(0x7f0000000000)={0x1f, 0x8000000000000000, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x64000600)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ANNOUNCE(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x14, r2, 0x1, 0x70bd2d, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x40040}, 0x4030)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1e00000dd9ed04da3111fe050000002054000000290e0097b057313f5da65a747e65", @ANYRES32=r3, @ANYBLOB="e100"/20, @ANYRES32=0x0, @ANYRES32=r3, @ANYBLOB="0100000004000000020000000500"/28], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r4}, &(0x7f0000000a00), &(0x7f0000000a40)=r3}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r4}, &(0x7f0000000880), &(0x7f00000008c0)=r3}, 0x20)
add_key$keyring(&(0x7f00000000c0), 0x0, 0x0, 0x0, 0xffffffffffffffff)
keyctl$join(0x1, &(0x7f00000001c0)={'syz', 0x3})
sendmsg$FOU_CMD_DEL(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, 0x0}, 0x40080)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYRES8=r0, @ANYRES32, @ANYBLOB="00000000000100006608000000000000180000000000000000000000000000009500000000000000360a020000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000a80)='kfree\x00', r6, 0x0, 0xfffffffffffffffd}, 0x18)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000340)={'bridge0\x00', &(0x7f0000000400)=@ethtool_sset_info={0x37, 0x1000, 0x80000000}})
sendmsg$NFT_BATCH(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a01000000000000000000010000000900010073797a30000000000900020073797a30000000002c00038008000140000000000800024000000000180003801400010076657468305f746f5f687372000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010076657468305f746f5f68737200000000140001"], 0xfc}}, 0x0)

41.837692945s ago: executing program 4 (id=32):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r2)
sendmsg$NFC_CMD_DEP_LINK_UP(r2, &(0x7f0000000600)={0x0, 0xffffffffffffff24, &(0x7f00000005c0)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd7000fbdbdf250400000005000a0000000000080001"], 0x3c}, 0x1, 0x0, 0x0, 0x26040041}, 0x40)

41.786795355s ago: executing program 32 (id=32):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000000), r2)
sendmsg$NFC_CMD_DEP_LINK_UP(r2, &(0x7f0000000600)={0x0, 0xffffffffffffff24, &(0x7f00000005c0)={&(0x7f0000000700)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002abd7000fbdbdf250400000005000a0000000000080001"], 0x3c}, 0x1, 0x0, 0x0, 0x26040041}, 0x40)

34.539638107s ago: executing program 1 (id=103):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x2}, 0x18)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f0000000400)={{0x1, 0x1, 0x18, r0, {0x4}}, './file0\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f00000000c0)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="05a300000000000000000d00000008000300", @ANYRES32=r2], 0x1c}}, 0x0)

34.168588374s ago: executing program 1 (id=107):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
fcntl$dupfd(r0, 0x406, 0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$tipc(0x1e, 0x5, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x45, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x104020, 0x7, 0x2, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={0xffffffffffffffff, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)
ioperm(0x3c, 0x1, 0x8)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x5}, 0x50)
setsockopt$XDP_UMEM_FILL_RING(0xffffffffffffffff, 0x11b, 0x5, &(0x7f0000000140)=0x100, 0x4)
ftruncate(r1, 0x2000009)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000400)="ba", 0xfdef}], 0x1, 0xe7b, 0x0, 0x1)

32.928351538s ago: executing program 1 (id=120):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000001c0)='inet_sk_error_report\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000570000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r1, &(0x7f0000000480)={0x0, 0x300, &(0x7f0000000440)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0900000000000000000002000000140001800500020001"], 0x28}, 0x1, 0x0, 0x0, 0x1}, 0x0)

32.599317465s ago: executing program 1 (id=123):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x8205, &(0x7f0000001340)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x15}}, {@stripe}, {@grpid}, {@errors_remount}, {@data_err_ignore}, {@noblock_validity}, {@minixdf}, {@min_batch_time={'min_batch_time', 0x3d, 0x13}}]}, 0x1, 0x60a, &(0x7f0000001c40)="$eJzs3c9rHNcdAPDvzEqqZKuVXYqpTUsFPdhQrB+uqduebF/qg6GG+lBCDhaW5AivbGHJEDuGyJBDAgmEkGsIvuQfyD2YXHMLgSS3nANOCA45JMEbZnbHXla78lrR/pDn84FZvXkzu+999+lp3uzo7QRQWtPZQxpxOCIuJRFTTdsmo75xurHfw+/uXM6WJGq1/32bRNLIK/Z/1Pi5P3tIIsYj4tOzEb+vbC13/dbtqwvVWt2rEbMbq2uz67duH19ZXbiydGXp2vyJf548Nfev+ZPzuxJnEde58//901uvvfSP5c+qx5M4HRdHX1mMljh2y3RMx6NGiM35IxFxKku0eV/2miKEZMD1YGcqjd/H0Yg4FFNRydfqpmLlzYFWDuipWiWiBpRUov9DSRXjgOLcvhfnwcPswZn6CdDW+Efqn43EeH5utO9h0nRmVD/fPbAL5Wdl/HznyHvZEh0+hxjZhXI62bwbEX9sF3+S1+1A/ilOFn8aadPzsvRcRIw13ot0h+VPt6z3+/fvWeJvbocs3tONn1n+2R2WP+j4ASin+2caB/LNbO3J8S8bGRbjn2gz/plsc+zaiUEf/zqP/4rj/Xj+GXnaMg7LxjwX2r/kaGvGV2+ce6dT+c3jv2zJyi/Ggv3w4G7EkZb4X88Hc8nj9k/atH+2y6Uuy/jP59+c67Rt0PHX7kUcbXv+8+SKVpaa3VhdK/Jark/OLq9Ul+bqj23L+OiTFz/oVP6g48/aPzrEv137Z3lrXZbx4YV7q522TT41/vTrseRinhpr5Ly8sLFxYz5iLDnf2KUp/8T2dSn2KV4ji//YX9v3/23izxt6s8v41/5/9WE9tfUqadftv+WvSu5Rrcs6dJLFv7jD9n+7yzJ+eOHmn1uyJorEdvFPbH2ppNv3HAAAAAAAAMooza/BJunM43SazszU5/D+Ifal1evrG39bvn7z2mLEsfz/IUfT4kr3VH09ydbnG/8PW6yfaFn/e0QcjIh3KxP5+szl69XFQQcPAAAAAAAAAAAAAAAAAAAAQ2J/Y/5/cZ/q7yv1+f9d2TjU49oBPdfLG8wBw03/h/LK+/9O7+AK7GmO/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMBz6eBf7n+ZRMTmvyfyJTPW2DY60JoBvfbsfXy6J/UA+q/S16cBw+TxpX/T/6F0uhr//9j4csDeVwcYgKRdZj44qG3f+e+3fSYAAAAAAAAAAAAA0ANHD5v/D2WVxseDrgIwIL9iIr/vAIA9zlf/Q3k5xweeNot/vNMG8/8BAAAAAAAAAAAAoG8m8yVJZxq3AJ2MNJ2ZifhtRByI0WR5pbo0FxG/i4gvKqO/ydbnB11pAAAAAAAAAAAAAAAAAAAAeM6s37p9daFaXbrRnPhpS87znSjugjos9WlORNL/QiciYhhi701ipCknidjMWn4oKnZjPYaiGmlejQH/YQIAAAAAAAAAAAAAAAAAgBJqmnvc3pH3+1wjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOi/J/f/33kiecrrDDpGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBv+iUAAP//q+Q5KA==")
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
rt_sigaction(0x12, &(0x7f0000000400)={&(0x7f0000000500)="2437460f1c2bdfd565a2f100c0460f38e7418f69d8909ca3000810ffa5c43b3bc4e211acf066650f9e54a73413bb559a00000f75bed5370b1c2665d2950e000000dbf5", 0xc000006, 0x0, {[0xe]}}, 0x0, 0x8, &(0x7f0000000580))
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00')
preadv(r1, &(0x7f0000000340)=[{&(0x7f0000000180)=""/109, 0x6d}], 0x1, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$ARCH_SHSTK_STATUS(0x1e, r0, 0x0, 0x5005)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)

32.403464038s ago: executing program 1 (id=125):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x200000a, 0x13, r1, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)={0x60, 0x2, 0x6, 0x301, 0x0, 0x0, {0x0, 0x0, 0x6}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0xff}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x60}, 0x1, 0x0, 0x0, 0x2}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r2}, &(0x7f00000005c0), &(0x7f0000000600)}, 0x2f)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000200)='sched_switch\x00', r4}, 0x18)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000700000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x64, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r5, 0x0, 0x2}, 0x18)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\b\x00\n\x00', @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0)

31.736851351s ago: executing program 1 (id=133):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x0, &(0x7f0000000040)})
syz_open_dev$usbfs(0x0, 0x3, 0x2581)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000080)='westwood\x00', 0x9)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0)
unshare(0x26020480)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f0000000b00)={0xa, 0xfdfe, 0x100007, @remote, 0xa}, 0x1c)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000040000004500"], 0x50)
connect$pppl2tp(r2, &(0x7f0000000300)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8, 0x0, 0x2, 0x0, {0xa, 0x0, 0xf9d, @private2={0xfc, 0x2, '\x00', 0x1}}}}, 0x32)
writev(r2, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x2300, 0x0)
ioctl$PPPIOCATTCHAN(r4, 0x40047438, &(0x7f0000000040)=0x1)
read$qrtrtun(r1, 0x0, 0xeffd)

31.736578251s ago: executing program 33 (id=133):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x0, &(0x7f0000000040)})
syz_open_dev$usbfs(0x0, 0x3, 0x2581)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000080)='westwood\x00', 0x9)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0)
unshare(0x26020480)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f0000000b00)={0xa, 0xfdfe, 0x100007, @remote, 0xa}, 0x1c)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000040000004500"], 0x50)
connect$pppl2tp(r2, &(0x7f0000000300)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8, 0x0, 0x2, 0x0, {0xa, 0x0, 0xf9d, @private2={0xfc, 0x2, '\x00', 0x1}}}}, 0x32)
writev(r2, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x2300, 0x0)
ioctl$PPPIOCATTCHAN(r4, 0x40047438, &(0x7f0000000040)=0x1)
read$qrtrtun(r1, 0x0, 0xeffd)

2.217261627s ago: executing program 3 (id=619):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
fcntl$dupfd(r0, 0x406, 0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$tipc(0x1e, 0x5, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r1, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)
ioperm(0x3c, 0x1, 0x8)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x5}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000000000000000000000000001812", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f0000000140)=0x100, 0x4)
mmap$xdp(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x200000d, 0x11, r5, 0x100000000)
ftruncate(r2, 0x2000009)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r6, &(0x7f00000001c0)=[{&(0x7f0000000400)="ba", 0xfdef}], 0x1, 0xe7b, 0x0, 0x1)

2.024756981s ago: executing program 3 (id=624):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r3, 0x3)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000380)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2, 0x0, 0x0, 0x1}}}}}}, 0x0)

1.991991551s ago: executing program 3 (id=626):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
socket(0x29, 0x2, 0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
socket(0x28, 0x5, 0x0)
socket$key(0xf, 0x3, 0x2)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_open_dev$loop(&(0x7f00000002c0), 0x8000000000000000, 0x88203)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000000)={0x10000014})
capset(&(0x7f0000000080)={0x19980330}, &(0x7f0000000440)={0x200000, 0x200001, 0x4, 0x4000, 0x1})
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket(0x1e, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000009fb41100"/20, @ANYRES32, @ANYRES64], 0x0, 0x20000, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00'}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2)

1.916782973s ago: executing program 3 (id=628):
bpf$MAP_LOOKUP_ELEM(0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000013c0)="d080", 0xfdef}], 0x1, 0x0, 0x0, 0x800300}, 0x20000801)
recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x40002002)

1.321909624s ago: executing program 0 (id=638):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000001, 0x5d031, 0xffffffffffffffff, 0x0)
bind$inet6(r2, &(0x7f0000d84000)={0xa, 0x4e24, 0x1000000, @loopback, 0x7}, 0x1c)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)

1.284270745s ago: executing program 0 (id=639):
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="190000000400000004"], 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x846}, 0x18)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000340)={r0, 0x0, 0x0}, 0x20)

1.226304686s ago: executing program 0 (id=640):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121202, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0xc2f00, 0x4d, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x18)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x2)

1.225996856s ago: executing program 5 (id=641):
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)

1.225482036s ago: executing program 5 (id=642):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3ac3209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b135ab6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385beef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8e3070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750890ae71555b3228b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6c30ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d25f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88372091cd397b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca00000000000000000000007925d0f1256330b9e2aa9a18cea8e009116f63c6c7d8f7f95bf0f6731e5eb1dcdc534f357b9f08e7a9a3aebeca145d695053b5bef004ca24e6c57ed10f01488d38b8b0b68d93e3cf630837915d518fde2115e66615786fe7b9216de958119cf762cac77ac829a02f48e72c0d2841880b2c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
pipe(&(0x7f0000000380)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
splice(r4, 0x0, r6, 0x0, 0xf3a, 0x0)
write$cgroup_pid(r6, &(0x7f0000000000), 0xffffff98)
splice(r2, 0x0, r6, 0x0, 0x9, 0x1)
write(r3, 0x0, 0x0)
close(r5)
socket$inet_udplite(0x2, 0x2, 0x88)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0)
ioctl$TIOCGPTPEER(r7, 0x5441, 0x2)
socket$phonet_pipe(0x23, 0x5, 0x2)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_config_ext={0x2, 0x1}, 0x1205, 0xb, 0x4, 0x9, 0x0, 0x0, 0x5a34, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, 0x0, 0x40000000000000, 0xffffffffffffffff, 0x0)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)

1.176193497s ago: executing program 0 (id=643):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @ib_path={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
lchown(&(0x7f0000000700)='./file0\x00', 0x0, 0x0)

1.114484268s ago: executing program 0 (id=644):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = perf_event_open(&(0x7f0000000180)={0x2, 0x80, 0xad, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r7}, 0x10)
close(r6)
mount_setattr(r4, &(0x7f0000000100)='.\x00', 0x9000, &(0x7f0000001dc0)={0x0, 0x85, 0x20000}, 0x20)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0xa, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x7fffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x6002, &(0x7f0000000000)=0x3, 0xf, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r8 = socket(0x10, 0x3, 0x0)
r9 = syz_open_dev$evdev(&(0x7f00000000c0), 0x3, 0x40)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sys_enter\x00', r10}, 0x10)
syz_usb_disconnect(r9)
setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r11, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x14, r12, 0xf6aa5dc177113cdb, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0xc0}, 0x402c840)
sendmsg$MPTCP_PM_CMD_SET_LIMITS(r8, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x40, r12, 0x200, 0x70bd29, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x3}, @MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast2}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000015}, 0x4040)

1.03763092s ago: executing program 3 (id=645):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f0000000a40)={[{@mblk_io_submit}, {@min_batch_time={'min_batch_time', 0x3d, 0xffd}}, {@nolazytime}, {@jqfmt_vfsold}, {@quota}, {@minixdf}, {@errors_remount}], [{@obj_type={'obj_type', 0x3d, '}'}}, {@fsuuid={'fsuuid', 0x3d, {[0x37, 0x33, 0x64, 0x66, 0x66, 0x63, 0x2c, 0x32], 0x2d, [0x64, 0x65, 0x33, 0x32], 0x2d, [0x62, 0x0, 0x34, 0x62], 0x2d, [0x38, 0x38, 0x32, 0x34], 0x2d, [0x30, 0x63, 0x65, 0x36, 0x64, 0x64, 0x66, 0x37]}}}, {@func={'func', 0x3d, 'MODULE_CHECK'}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105942, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x3, &(0x7f0000000c00)=ANY=[@ANYBLOB="180000000100211900000000000000009500000000000000c1acaab73a14428f0f9edc41a75bcefa72080c260ee75c55be55f0f7d4dad138b83b835edef18a9ac12a01f2f2ac62e9059d44b4b37de0eb4619edf003937232facbf06c2b27e861c49eeac34989990f3c8fe2d2641d3ab9a4ef52ea82d0b89bd61004b5039ef1aa7e7311ae1320de9e84fa08203a43ad0000000000000004ccc264c6a6aa3e5bfc1833023af282aeffc0456aa703b3c8ba88f61cc163c2b0e1c0d1983c975a3eb1092e5b38cfeb2cf4481650a3dde7c4267cf3629fdecb579ee20f7ec6ee90249dde6bcff8ac1bfde2ce0f3f48459f1916b96a7602e58e7935eb98e31d762523c8ed45b86d7fdc4c57ba3930f59727d6ce515d69aaa10697d696fc3dc7b54babc76a4f266f5c3f023e06c4b50f2f75e43daba46953c0c7032ea1b33c33c107f786f6c1b54d35007d845eb0db2e571dd2a940ec9ddb2bd9942b0e48be0b510f9eadc731ffdfb83082a063047ce25753cd489870da9cac37bdcf1380d66b3ac0fda6904d6f01c44d2d7cbafeeac79b504b36e0bc527c84c18792156b0aab0f6900"/429], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
write$cgroup_subtree(r1, 0x0, 0x32600)
r3 = perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4c094, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xbf}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$fou(&(0x7f0000000a00), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000780)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000000000000000100000005000400010000000500020090ef578d0520449219ed0a00000017bfbde3b1e87a5aa6a03d316ded247eb02aee7f04a04cd57cb68c95e22c68f8d29582e7fa8ee11fd3015efbcbdf93dfb6b3563aba1ebf3df0d8336fa26fffaeaee2869a2d9b492d8974701cee19fc16b3ec6f1cfa4a4a74dbe70cfcb8edd5989164462dfa1b0406bf93f57fd524f534415a"], 0x24}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r8, &(0x7f0000000440)={0x0, 0x6, &(0x7f0000000340)={&(0x7f0000000180)={0x1c, r9, 0x209, 0x0, 0x0, {}, [@FOU_ATTR_TYPE={0x5, 0x4, 0x2}]}, 0x1c}}, 0x0)
sendmsg$FOU_CMD_GET(r7, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYRESDEC=r3, @ANYRESDEC=r0, @ANYRES8=r2], 0x24}, 0x1, 0x0, 0x0, 0x4004c81}, 0x40)
write(r4, &(0x7f0000000180)="2cd889f0253e14", 0x7)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getpid()
mmap(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x1000003, 0x20031, 0xffffffffffffffff, 0xffffe000)
mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, &(0x7f0000000000)=0x3, 0x9, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)

784.320485ms ago: executing program 5 (id=646):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000d9"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x60, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r3}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)

668.737827ms ago: executing program 5 (id=647):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB], 0x48)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000005680), &(0x7f00000056c0)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ioctl$TIOCMIWAIT(r0, 0x545c, 0x200000000000000)

614.905748ms ago: executing program 2 (id=648):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0xb}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080066110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0b2ae13d922e6235592ce847e2566c43d72918a897323fd0723043c47c896ce0bce66a245ad9d6817fd98cd824498949714ffaac8a6f77ef0000ca5d82054d54d53cd2b6db714e75d9bdae214fa68a0557eb2c5ca683a4b6fcfcff0bffffffffffd47042eaebfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beacf871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae66317f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef0dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d7736ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6480000001a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabc53c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f384c4956b41f3843e7c878b1e11316d8ddae1c6c3b85aaf7a9fcaf8f5d6186c42542d68ba72682c938d3c0a2e6e10eed71b1d31c9f300b41745329bf34495c63e43fb896e4903fb0fae54a8f0fe3b48a5b29d279070647e65097c8ecf32a15080000000000000001007ba4a70a084bd994ac5e00000000000000000000000000351a30cd97f83d72631d0fe92efa974a53f4dc1eb9a86df632a6d463688123f64d42a919bcfc44a90ffd680200000091f842a91c977f6075d07e39e669b0713af0498a99bf5261cb3269d499a5202d7a08b33ade7b38829b9bd39619688d5e9af22170ef83e5b92cbb32b655c45de1c154aad81bf64351668a3f76d5afa958aff76249e0ffdf8e45155536a1a44bfcbfbfd232af000052f9002a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x12, 0x4, 0x4, 0x12}, 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)=ANY=[@ANYRES32=r2, @ANYRES32=r1], 0x10)
close(r1)
socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r2}, &(0x7f0000000500), &(0x7f0000000540)=r1}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r2}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20)

579.621629ms ago: executing program 2 (id=649):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000001, 0x5d031, 0xffffffffffffffff, 0x0)
bind$inet6(r2, &(0x7f0000d84000)={0xa, 0x4e24, 0x1000000, @loopback, 0x7}, 0x1c)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)

542.647039ms ago: executing program 2 (id=650):
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="190000000400000004"], 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x846}, 0x18)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000340)={r0, 0x0, 0x0}, 0x20)

466.681921ms ago: executing program 2 (id=651):
bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x7, &(0x7f00000190c0)=ANY=[], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x18)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @link_local={0x3}, @void, {@ipv4={0x800, @tcp={{0xa, 0x4, 0x0, 0x0, 0x3c, 0x64, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@rr={0x7, 0xf, 0x8, [@multicast2, @remote, @multicast2]}, @timestamp={0x44, 0x4}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x2800, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000003000000400001802c0004001400010002000000ac14140f00000000000000001400020002000000ffffff08c41f9f00000000000d0001007564703a73797a3200000000076f275d75ec3465007dd67213c6ac6ed93e1b2a2ea69200797c2803bded82299abeb32c2432803c45a8b220e85244d6ee23d3fa17da48940d4a7869f5844ff04a0bbbc730d540dbdf21681c2b7ebe6d6ee7e3b9aecaf365cacd68973778592c4f8959b0f460680cb8ba2557228352ea4199406c9fe6203152713088cc734af31151f94cb8aade36e50de6b7"], 0x54}}, 0x0)

466.301551ms ago: executing program 5 (id=652):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000780)=ANY=[@ANYBLOB="18000000000f0000000000000c00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000200b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000640)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, 0x0)

385.758112ms ago: executing program 2 (id=654):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[], 0x15)
r3 = dup(r2)
write$P9_RLERRORu(r3, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @ib_path={0x0}}, 0x20)
write$binfmt_elf64(r3, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
lchown(&(0x7f0000000700)='./file0\x00', 0x0, 0x0)

344.336823ms ago: executing program 5 (id=655):
bpf$MAP_LOOKUP_ELEM(0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000012c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f00000013c0)="d080", 0xfdef}], 0x1, 0x0, 0x0, 0x800300}, 0x20000801)
recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x40002002)

343.652563ms ago: executing program 2 (id=656):
r0 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000080)={0x0, 0x0})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x8401)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x7ff, 0x5, 0xc, 0xfffffffffffffffd, 0x59c, 0xffffffffffffffff})
ioctl$SG_BLKTRACETEARDOWN(r3, 0x1276, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
write$binfmt_elf32(r0, &(0x7f0000000580)=ANY=[@ANYBLOB="7f454c4604070003050000000000000002000300030000000903000038000000fcffffff0e000000000020000100050000000000000000000300000008000000f30000007f00000004"], 0x58)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
epoll_create1(0x80000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000000)

295.037284ms ago: executing program 6 (id=657):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008020000d9"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x60, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r3}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)

226.947036ms ago: executing program 0 (id=658):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_open_dev$usbfs(0x0, 0x3, 0x2581)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f00000002c0), 0x0)
unshare(0x26020480)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000040000004500"], 0x50)
connect$pppl2tp(r2, &(0x7f0000000300)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x8, 0x0, 0x2, 0x0, {0xa, 0x0, 0xf9d, @private2={0xfc, 0x2, '\x00', 0x1}}}}, 0x32)
writev(r2, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x2300, 0x0)
ioctl$PPPIOCATTCHAN(r4, 0x40047438, &(0x7f0000000040)=0x1)
read$qrtrtun(r1, 0x0, 0xeffd)

176.563547ms ago: executing program 6 (id=659):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000003000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0, 0x0, 0xb}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000940)=ANY=[@ANYBLOB="b4050000200080066110000000000000c6000000000000009500d800000000009f33ef60916e55893f1eeb0b2ae13d922e6235592ce847e2566c43d72918a897323fd0723043c47c896ce0bce66a245ad9d6817fd98cd824498949714ffaac8a6f77ef0000ca5d82054d54d53cd2b6db714e75d9bdae214fa68a0557eb2c5ca683a4b6fcfcff0bffffffffffd47042eaebfa6fa26fa7a347c7faa8e700458c60897d4a6148a1c11428427c40de60beacf871ab5c2ff88a02084e5b5271e45f00003826fb8579c1fb01d2c5553d2ccb5fc5b51fe6b174ebd9907dcff414ed55b0c20cdbe7009a6fe7cc78762f1d4dcdbca64920db9a50f86c21632f7a4bd344e0bd74ff05d37ef68e3b9db863c758ffffffffabe90ac5d08dd9d4e0359c41cf3626e1230bc1cd4c02c460ceb44276e9bd94d1c2e6d17dc5c2edf332a62f5fe68fbbbbfcfd00000000000fbf940e6652d357474ed5f816f66ac3027460ae66317f83cdd7a7eb2a7003d1a6cf5478533584961c329fcf5a43e05c92bfef0dcd28000000003f2915a3039c9a78f63b8ec7e60a0000fed7d67c440e23d130e51eea1e085bebabe7059de9cbfc5117c024185a062acb6b8eec31c21b3af8b9eedb4660ed2deb7acf2a33a376a5cb7d4266d5b0be14488d14b473502486ad8dd600000000000000000000c7766ea7c581782c0d90f42a85303835fc291c25d29e6bead5d7360f2e1929d7736ebc8558c4506407d3046022bdf25485bd5442169e9b4c1278343581b7a06f65e8ea6b042c4fd08381e5000000000000006398d6480000001a723b91030000006480304c66b217aea0156ce9eef911fe5b7370f79987303ecb3aabc53c60014a0101ab766754f596b41da9534d12b8306a1b36cf3b03f0d790879f523eabfbee83d8bd472ef69660cf6ec897106c51e54a17497f384c4956b41f3843e7c878b1e11316d8ddae1c6c3b85aaf7a9fcaf8f5d6186c42542d68ba72682c938d3c0a2e6e10eed71b1d31c9f300b41745329bf34495c63e43fb896e4903fb0fae54a8f0fe3b48a5b29d279070647e65097c8ecf32a15080000000000000001007ba4a70a084bd994ac5e00000000000000000000000000351a30cd97f83d72631d0fe92efa974a53f4dc1eb9a86df632a6d463688123f64d42a919bcfc44a90ffd680200000091f842a91c977f6075d07e39e669b0713af0498a99bf5261cb3269d499a5202d7a08b33ade7b38829b9bd39619688d5e9af22170ef83e5b92cbb32b655c45de1c154aad81bf64351668a3f76d5afa958aff76249e0ffdf8e45155536a1a44bfcbfbfd232af000052f9002a"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x12, 0x4, 0x4, 0x12}, 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)=ANY=[@ANYRES32=r2, @ANYRES32=r1], 0x10)
close(r1)
socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r2}, &(0x7f0000000500), &(0x7f0000000540)=r1}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r2}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20)

166.642787ms ago: executing program 3 (id=660):
r0 = creat(&(0x7f0000000240)='./file0/file0\x00', 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000080)={0x0, 0x0})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7030000ec000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x8401)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000b40)={'\x00', 0x7ff, 0x5, 0xc, 0xfffffffffffffffd, 0x59c, 0xffffffffffffffff})
ioctl$SG_BLKTRACETEARDOWN(r3, 0x1276, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r2}, 0x18)
write$binfmt_elf32(r0, &(0x7f0000000580)=ANY=[@ANYBLOB="7f454c4604070003050000000000000002000300030000000903000038000000fcffffff0e000000000020000100050000000000000000000300000008000000f30000007f00000004"], 0x58)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000800000001"], 0x48)
epoll_create1(0x80000)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=<r5=>0x0)
timer_settime(r5, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[], &(0x7f0000000180), 0x0)
open_by_handle_at(0xffffffffffffff9c, &(0x7f00000000c0)=ANY=[], 0x200000000000000)

156.147437ms ago: executing program 6 (id=661):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='kfree\x00', r1}, 0x9)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x48801}, 0x0)

114.834428ms ago: executing program 6 (id=662):
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="190000000400000004"], 0x50)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x846}, 0x18)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000340)={r0, 0x0, 0x0}, 0x20)

24.764279ms ago: executing program 6 (id=663):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70200001400001cb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x18)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000001, 0x5d031, 0xffffffffffffffff, 0x0)
bind$inet6(r2, &(0x7f0000d84000)={0xa, 0x4e24, 0x1000000, @loopback, 0x7}, 0x1c)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)

0s ago: executing program 6 (id=664):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
fcntl$dupfd(r0, 0x406, 0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x45, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x4}, 0x104020, 0x7, 0x2, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000009}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x9)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x5, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000001200000000000000000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000002c0)={r1, 0x4, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)
ioperm(0x3c, 0x1, 0x8)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file1\x00', 0x14552, &(0x7f0000000b40)=ANY=[], 0xfb, 0x1219, &(0x7f0000001100)="$eJzs28FrXEUcB/BfkqapqclGrdUWxEEvFeTR5OBFL0FSkC4obSO0gvBqXnTJczfkLYEVsXry6t8hggjeBPGml1z8DwRvuXisID7JrrZd3RVWQjfI53PZH8z7zs7ssAuzzBy+8tn7O9tVtp13Y3ZmJmZ3I9LdFClm4y8fxwsvf//DM9dv3rq63mxuXEvpyvqN1ZdSSsvPfvvWh18891337JtfL3+zEAcrbx/+svbzwfmDC4e/33ivVaVWldqdbsrT7U6nm98ui7TVqnaylN4oi7wqUqtdFXtD7dtlZ3e3l/L21tLi7l5RVSlv99JO0UvdTuru9VL+bt5qpyzL0tJiMLlT96rNz+/WdR1R1/NxOuq6rh+JxTgbj8ZSLEcjVuKxeDyeiHPxZJyPp+Lp+OqnL3tHCQAAAAAAAAAAAAAAAAAAAOD4THr//0L/qWmPGgAAAAAAAAAAAAAAAAAAAP5frt+8dXW92dy4ltKZiPLT/c39zcHroH19O1pRRhGXoxG/Rf/2/8CgvvJac+Ny6luJT8o7f+bv7G/ODedXoxEvjs6vDvJpOL8Qiw/m16IR50bl52NtZP5MXHr+gXwWjfjxnehEGVtxlL3//h+tpvTq682/5S/2nxtv7mEsDwAAAByLLN0zcv+eZePaB/kJ/h8Y2l8fZS+emurUiYiq98FOXpbFnmJkcelkDKNfnD7ODucjYrLUr3VdT/9DmFIx/puyEBH/ueeZiDgZE/xHMe1fJh6G+4s+7ZEAAAAAAAAAAAAwibHHABf+7YTg3ETHCac9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+YAeOBQAAAACE+Vun0bEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfBUAAP//0AbP3Q==")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x5}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000000000000000000000000001812", @ANYRES32=r3, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x18)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f0000000140)=0x100, 0x4)
mmap$xdp(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x200000d, 0x11, r5, 0x100000000)
ftruncate(r2, 0x2000009)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
pwritev2(r6, &(0x7f00000001c0)=[{&(0x7f0000000400)="ba", 0xfdef}], 0x1, 0xe7b, 0x0, 0x1)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.0.185' (ED25519) to the list of known hosts.
[   35.717515][   T30] audit: type=1400 audit(1757903551.361:62): avc:  denied  { mounton } for  pid=3288 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=2022 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1
[   35.718748][ T3288] cgroup: Unknown subsys name 'net'
[   35.745270][   T30] audit: type=1400 audit(1757903551.361:63): avc:  denied  { mount } for  pid=3288 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   35.778368][   T30] audit: type=1400 audit(1757903551.391:64): avc:  denied  { unmount } for  pid=3288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[   35.938010][ T3288] cgroup: Unknown subsys name 'cpuset'
[   35.946153][ T3288] cgroup: Unknown subsys name 'rlimit'
[   36.076712][   T30] audit: type=1400 audit(1757903551.711:65): avc:  denied  { setattr } for  pid=3288 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=142 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1
[   36.105860][   T30] audit: type=1400 audit(1757903551.721:66): avc:  denied  { create } for  pid=3288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   36.129164][   T30] audit: type=1400 audit(1757903551.721:67): avc:  denied  { write } for  pid=3288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   36.155083][   T30] audit: type=1400 audit(1757903551.721:68): avc:  denied  { read } for  pid=3288 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[   36.179990][   T30] audit: type=1400 audit(1757903551.721:69): avc:  denied  { mounton } for  pid=3288 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1
[   36.190724][ T3294] SELinux:  Context root:object_r:swapfile_t is not valid (left unmapped).
[   36.208977][   T30] audit: type=1400 audit(1757903551.721:70): avc:  denied  { mount } for  pid=3288 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1
Setting up swapspace version 1, size = 127995904 bytes
[   36.248092][   T30] audit: type=1400 audit(1757903551.861:71): avc:  denied  { relabelto } for  pid=3294 comm="mkswap" name="swap-file" dev="sda1" ino=2025 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t"
[   36.294874][ T3288] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   37.589068][ T3301] chnl_net:caif_netlink_parms(): no params data found
[   37.611678][ T3307] chnl_net:caif_netlink_parms(): no params data found
[   37.699200][ T3302] chnl_net:caif_netlink_parms(): no params data found
[   37.722087][ T3301] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.730053][ T3301] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.738066][ T3301] bridge_slave_0: entered allmulticast mode
[   37.745218][ T3301] bridge_slave_0: entered promiscuous mode
[   37.756171][ T3301] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.764397][ T3301] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.772166][ T3301] bridge_slave_1: entered allmulticast mode
[   37.779060][ T3301] bridge_slave_1: entered promiscuous mode
[   37.791585][ T3309] chnl_net:caif_netlink_parms(): no params data found
[   37.801766][ T3307] bridge0: port 1(bridge_slave_0) entered blocking state
[   37.810085][ T3307] bridge0: port 1(bridge_slave_0) entered disabled state
[   37.818439][ T3307] bridge_slave_0: entered allmulticast mode
[   37.825801][ T3307] bridge_slave_0: entered promiscuous mode
[   37.834607][ T3307] bridge0: port 2(bridge_slave_1) entered blocking state
[   37.842824][ T3307] bridge0: port 2(bridge_slave_1) entered disabled state
[   37.851125][ T3307] bridge_slave_1: entered allmulticast mode
[   37.858326][ T3307] bridge_slave_1: entered promiscuous mode
[   37.904692][ T3301] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   37.935304][ T3301] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   37.957671][ T3307] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   37.979450][ T3307] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   38.024882][ T3301] team0: Port device team_slave_0 added
[   38.033341][ T3301] team0: Port device team_slave_1 added
[   38.040094][ T3313] chnl_net:caif_netlink_parms(): no params data found
[   38.056318][ T3302] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.064490][ T3302] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.073157][ T3302] bridge_slave_0: entered allmulticast mode
[   38.080572][ T3302] bridge_slave_0: entered promiscuous mode
[   38.087928][ T3302] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.096281][ T3302] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.104547][ T3302] bridge_slave_1: entered allmulticast mode
[   38.111527][ T3302] bridge_slave_1: entered promiscuous mode
[   38.119807][ T3309] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.128164][ T3309] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.137265][ T3309] bridge_slave_0: entered allmulticast mode
[   38.144682][ T3309] bridge_slave_0: entered promiscuous mode
[   38.169890][ T3307] team0: Port device team_slave_0 added
[   38.182439][ T3309] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.191200][ T3309] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.199446][ T3309] bridge_slave_1: entered allmulticast mode
[   38.207605][ T3309] bridge_slave_1: entered promiscuous mode
[   38.216277][ T3301] batman_adv: batadv0: Adding interface: batadv_slave_0
[   38.223991][ T3301] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.252931][ T3301] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   38.267820][ T3307] team0: Port device team_slave_1 added
[   38.291975][ T3301] batman_adv: batadv0: Adding interface: batadv_slave_1
[   38.300457][ T3301] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.330524][ T3301] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   38.356021][ T3302] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   38.376497][ T3309] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   38.391513][ T3309] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   38.401785][ T3307] batman_adv: batadv0: Adding interface: batadv_slave_0
[   38.410447][ T3307] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.440853][ T3307] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   38.455059][ T3302] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   38.494157][ T3307] batman_adv: batadv0: Adding interface: batadv_slave_1
[   38.502374][ T3307] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.533515][ T3307] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   38.546243][ T3302] team0: Port device team_slave_0 added
[   38.562153][ T3309] team0: Port device team_slave_0 added
[   38.572013][ T3309] team0: Port device team_slave_1 added
[   38.579819][ T3302] team0: Port device team_slave_1 added
[   38.616371][ T3313] bridge0: port 1(bridge_slave_0) entered blocking state
[   38.624202][ T3313] bridge0: port 1(bridge_slave_0) entered disabled state
[   38.633227][ T3313] bridge_slave_0: entered allmulticast mode
[   38.641031][ T3313] bridge_slave_0: entered promiscuous mode
[   38.650594][ T3301] hsr_slave_0: entered promiscuous mode
[   38.658170][ T3301] hsr_slave_1: entered promiscuous mode
[   38.684969][ T3313] bridge0: port 2(bridge_slave_1) entered blocking state
[   38.694489][ T3313] bridge0: port 2(bridge_slave_1) entered disabled state
[   38.703382][ T3313] bridge_slave_1: entered allmulticast mode
[   38.712115][ T3313] bridge_slave_1: entered promiscuous mode
[   38.731587][ T3309] batman_adv: batadv0: Adding interface: batadv_slave_0
[   38.740528][ T3309] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.771290][ T3309] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   38.785348][ T3302] batman_adv: batadv0: Adding interface: batadv_slave_0
[   38.792748][ T3302] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.823681][ T3302] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   38.849987][ T3307] hsr_slave_0: entered promiscuous mode
[   38.856906][ T3307] hsr_slave_1: entered promiscuous mode
[   38.863417][ T3307] debugfs: 'hsr0' already exists in 'hsr'
[   38.869916][ T3307] Cannot create hsr debugfs directory
[   38.876605][ T3309] batman_adv: batadv0: Adding interface: batadv_slave_1
[   38.886608][ T3309] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.917386][ T3309] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   38.930585][ T3302] batman_adv: batadv0: Adding interface: batadv_slave_1
[   38.938869][ T3302] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   38.969518][ T3302] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   39.001010][ T3313] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   39.013380][ T3313] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   39.093363][ T3309] hsr_slave_0: entered promiscuous mode
[   39.100161][ T3309] hsr_slave_1: entered promiscuous mode
[   39.108387][ T3309] debugfs: 'hsr0' already exists in 'hsr'
[   39.114754][ T3309] Cannot create hsr debugfs directory
[   39.125498][ T3313] team0: Port device team_slave_0 added
[   39.133975][ T3313] team0: Port device team_slave_1 added
[   39.142733][ T3302] hsr_slave_0: entered promiscuous mode
[   39.149970][ T3302] hsr_slave_1: entered promiscuous mode
[   39.167161][ T3302] debugfs: 'hsr0' already exists in 'hsr'
[   39.173257][ T3302] Cannot create hsr debugfs directory
[   39.228191][ T3313] batman_adv: batadv0: Adding interface: batadv_slave_0
[   39.237334][ T3313] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.266194][ T3313] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   39.300455][ T3313] batman_adv: batadv0: Adding interface: batadv_slave_1
[   39.308387][ T3313] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   39.338624][ T3313] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   39.410037][ T3313] hsr_slave_0: entered promiscuous mode
[   39.416856][ T3313] hsr_slave_1: entered promiscuous mode
[   39.423636][ T3313] debugfs: 'hsr0' already exists in 'hsr'
[   39.430359][ T3313] Cannot create hsr debugfs directory
[   39.487675][ T3301] netdevsim netdevsim4 netdevsim0: renamed from eth0
[   39.503854][ T3301] netdevsim netdevsim4 netdevsim1: renamed from eth1
[   39.513975][ T3301] netdevsim netdevsim4 netdevsim2: renamed from eth2
[   39.531655][ T3301] netdevsim netdevsim4 netdevsim3: renamed from eth3
[   39.561640][ T3302] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   39.575406][ T3302] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   39.602797][ T3302] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   39.622640][ T3302] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   39.660883][ T3307] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   39.680907][ T3307] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   39.693934][ T3307] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   39.706595][ T3307] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   39.736543][ T3309] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   39.763531][ T3302] 8021q: adding VLAN 0 to HW filter on device bond0
[   39.776976][ T3309] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   39.788597][ T3309] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   39.799026][ T3309] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   39.826242][ T3302] 8021q: adding VLAN 0 to HW filter on device team0
[   39.845091][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[   39.854900][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[   39.880347][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   39.888447][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   39.902206][ T3301] 8021q: adding VLAN 0 to HW filter on device bond0
[   39.913744][ T3313] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   39.925947][ T3313] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   39.936811][ T3313] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   39.957487][ T3313] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   39.988275][ T3301] 8021q: adding VLAN 0 to HW filter on device team0
[   40.022221][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.030709][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.042819][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.050501][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.083327][ T3307] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.111372][ T3307] 8021q: adding VLAN 0 to HW filter on device team0
[   40.126303][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.134812][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.145992][ T3309] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.158691][ T3301] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   40.173833][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.181748][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.195755][ T3309] 8021q: adding VLAN 0 to HW filter on device team0
[   40.219277][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.227729][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.238860][ T3302] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.282585][ T3301] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.304505][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.312573][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.346138][ T3313] 8021q: adding VLAN 0 to HW filter on device bond0
[   40.355507][ T3307] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   40.379416][ T3313] 8021q: adding VLAN 0 to HW filter on device team0
[   40.402664][ T3309] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   40.415454][ T3309] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   40.435611][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[   40.444078][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[   40.482157][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[   40.490385][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[   40.514605][ T3302] veth0_vlan: entered promiscuous mode
[   40.549410][ T3302] veth1_vlan: entered promiscuous mode
[   40.562894][ T3307] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.586681][ T3302] veth0_macvtap: entered promiscuous mode
[   40.610162][ T3302] veth1_macvtap: entered promiscuous mode
[   40.634838][ T3302] batman_adv: batadv0: Interface activated: batadv_slave_0
[   40.650672][ T3309] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.669388][ T3302] batman_adv: batadv0: Interface activated: batadv_slave_1
[   40.698524][ T3301] veth0_vlan: entered promiscuous mode
[   40.720013][   T52] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   40.752259][   T52] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   40.763280][ T3301] veth1_vlan: entered promiscuous mode
[   40.767654][   T30] kauditd_printk_skb: 9 callbacks suppressed
[   40.767676][   T30] audit: type=1400 audit(1757903556.401:81): avc:  denied  { mounton } for  pid=3302 comm="syz-executor" path="/root/syzkaller.wcnDIB/syz-tmp" dev="sda1" ino=2041 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[   40.796772][ T3301] veth0_macvtap: entered promiscuous mode
[   40.803426][   T30] audit: type=1400 audit(1757903556.401:82): avc:  denied  { mount } for  pid=3302 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[   40.820858][ T3313] 8021q: adding VLAN 0 to HW filter on device batadv0
[   40.835280][   T30] audit: type=1400 audit(1757903556.401:83): avc:  denied  { mounton } for  pid=3302 comm="syz-executor" path="/root/syzkaller.wcnDIB/syz-tmp/newroot/dev" dev="tmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[   40.857194][   T52] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   40.871651][   T30] audit: type=1400 audit(1757903556.401:84): avc:  denied  { mount } for  pid=3302 comm="syz-executor" name="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[   40.883438][ T3301] veth1_macvtap: entered promiscuous mode
[   40.906460][   T30] audit: type=1400 audit(1757903556.401:85): avc:  denied  { mounton } for  pid=3302 comm="syz-executor" path="/root/syzkaller.wcnDIB/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   40.949683][   T52] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   40.978326][   T30] audit: type=1400 audit(1757903556.451:86): avc:  denied  { mounton } for  pid=3302 comm="syz-executor" path="/root/syzkaller.wcnDIB/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=3728 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[   41.009462][   T30] audit: type=1400 audit(1757903556.451:87): avc:  denied  { unmount } for  pid=3302 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   41.020068][ T3301] batman_adv: batadv0: Interface activated: batadv_slave_0
[   41.032806][   T30] audit: type=1400 audit(1757903556.591:88): avc:  denied  { mounton } for  pid=3302 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=536 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[   41.032835][   T30] audit: type=1400 audit(1757903556.591:89): avc:  denied  { mount } for  pid=3302 comm="syz-executor" name="/" dev="gadgetfs" ino=3750 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[   41.100052][ T3302] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   41.103661][ T3307] veth0_vlan: entered promiscuous mode
[   41.137871][ T3301] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.157506][   T30] audit: type=1400 audit(1757903556.791:90): avc:  denied  { read write } for  pid=3302 comm="syz-executor" name="loop0" dev="devtmpfs" ino=100 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   41.168233][ T3309] veth0_vlan: entered promiscuous mode
[   41.196475][  T269] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.207189][ T3307] veth1_vlan: entered promiscuous mode
[   41.218072][  T269] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.238963][ T3472] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1'.
[   41.252205][ T3309] veth1_vlan: entered promiscuous mode
[   41.262050][  T269] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.275257][ T3313] veth0_vlan: entered promiscuous mode
[   41.311125][   T41] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.323813][ T3307] veth0_macvtap: entered promiscuous mode
[   41.345945][ T3309] veth0_macvtap: entered promiscuous mode
[   41.361178][ T3313] veth1_vlan: entered promiscuous mode
[   41.369094][ T3479] FAULT_INJECTION: forcing a failure.
[   41.369094][ T3479] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   41.383511][ T3479] CPU: 0 UID: 0 PID: 3479 Comm: syz.4.5 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   41.383688][ T3479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   41.383704][ T3479] Call Trace:
[   41.383711][ T3479]  <TASK>
[   41.383720][ T3479]  __dump_stack+0x1d/0x30
[   41.383751][ T3479]  dump_stack_lvl+0xe8/0x140
[   41.383777][ T3479]  dump_stack+0x15/0x1b
[   41.383858][ T3479]  should_fail_ex+0x265/0x280
[   41.383932][ T3479]  should_fail+0xb/0x20
[   41.383957][ T3479]  should_fail_usercopy+0x1a/0x20
[   41.383982][ T3479]  _copy_from_user+0x1c/0xb0
[   41.384041][ T3479]  ip_mcast_join_leave+0xa1/0x180
[   41.384069][ T3479]  ? __mutex_lock+0x6e/0xcc0
[   41.384113][ T3479]  do_ip_setsockopt+0x18e0/0x2240
[   41.384169][ T3479]  ip_setsockopt+0x58/0x110
[   41.384196][ T3479]  udp_setsockopt+0x99/0xb0
[   41.384216][ T3479]  sock_common_setsockopt+0x66/0x80
[   41.384309][ T3479]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   41.384351][ T3479]  __sys_setsockopt+0x181/0x200
[   41.384385][ T3479]  __x64_sys_setsockopt+0x64/0x80
[   41.384465][ T3479]  x64_sys_call+0x20ec/0x2ff0
[   41.384487][ T3479]  do_syscall_64+0xd2/0x200
[   41.384525][ T3479]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   41.384556][ T3479]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   41.384651][ T3479]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   41.384679][ T3479] RIP: 0033:0x7f61d369eba9
[   41.384698][ T3479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   41.384720][ T3479] RSP: 002b:00007f61d20ff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   41.384750][ T3479] RAX: ffffffffffffffda RBX: 00007f61d38e5fa0 RCX: 00007f61d369eba9
[   41.384807][ T3479] RDX: 000000000000002a RSI: 0000000000000000 RDI: 0000000000000005
[   41.384820][ T3479] RBP: 00007f61d20ff090 R08: 0000000000000088 R09: 0000000000000000
[   41.384836][ T3479] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[   41.384849][ T3479] R13: 00007f61d38e6038 R14: 00007f61d38e5fa0 R15: 00007ffff572a928
[   41.384872][ T3479]  </TASK>
[   41.626267][ T3309] veth1_macvtap: entered promiscuous mode
[   41.635092][ T3307] veth1_macvtap: entered promiscuous mode
[   41.656131][ T3309] batman_adv: batadv0: Interface activated: batadv_slave_0
[   41.679358][ T3307] batman_adv: batadv0: Interface activated: batadv_slave_0
[   41.688790][ T3313] veth0_macvtap: entered promiscuous mode
[   41.699271][ T3309] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.708028][ T3313] veth1_macvtap: entered promiscuous mode
[   41.723714][  T292] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.735636][ T3307] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.749868][  T292] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.760823][  T292] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.774216][  T292] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.797309][  T292] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.809272][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_0
[   41.821935][ T3486] loop4: detected capacity change from 0 to 128
[   41.837686][  T292] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   41.849026][   T41] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   41.851544][ T3486] FAT-fs (loop4): Directory bread(block 32) failed
[   41.867345][ T3486] FAT-fs (loop4): Directory bread(block 33) failed
[   41.874791][ T3486] FAT-fs (loop4): Directory bread(block 34) failed
[   41.881242][ T3313] batman_adv: batadv0: Interface activated: batadv_slave_1
[   41.887405][ T3486] FAT-fs (loop4): Directory bread(block 35) failed
[   41.897173][   T41] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   41.899482][ T3486] FAT-fs (loop4): Directory bread(block 36) failed
[   41.917336][ T3486] FAT-fs (loop4): Directory bread(block 37) failed
[   41.926907][ T3486] FAT-fs (loop4): Directory bread(block 38) failed
[   41.930834][ T3453] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   41.934733][ T3486] FAT-fs (loop4): Directory bread(block 39) failed
[   41.958713][ T3486] FAT-fs (loop4): Directory bread(block 40) failed
[   41.981697][ T3486] FAT-fs (loop4): Directory bread(block 41) failed
[   41.996486][ T3453] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   42.035244][ T3486] process 'syz.4.9' launched './file2' with NULL argv: empty string added
[   42.050334][ T3486] syz.4.9: attempt to access beyond end of device
[   42.050334][ T3486] loop4: rw=0, sector=4112, nr_sectors = 4 limit=128
[   42.065839][ T3486] Buffer I/O error on dev loop4, logical block 1028, async page read
[   42.076403][ T3453] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   42.105314][ T3453] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   42.118983][ T3486] syz.4.9: attempt to access beyond end of device
[   42.118983][ T3486] loop4: rw=0, sector=167964, nr_sectors = 4 limit=128
[   42.134158][ T3486] Buffer I/O error on dev loop4, logical block 41991, async page read
[   42.137316][ T3497] FAULT_INJECTION: forcing a failure.
[   42.137316][ T3497] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   42.144027][ T3486] FAT-fs (loop4): Filesystem has been set read-only
[   42.159256][ T3497] CPU: 1 UID: 0 PID: 3497 Comm: syz.1.10 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   42.159294][ T3497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   42.159315][ T3497] Call Trace:
[   42.159322][ T3497]  <TASK>
[   42.159334][ T3497]  __dump_stack+0x1d/0x30
[   42.159363][ T3497]  dump_stack_lvl+0xe8/0x140
[   42.159388][ T3497]  dump_stack+0x15/0x1b
[   42.159443][ T3497]  should_fail_ex+0x265/0x280
[   42.159468][ T3497]  should_fail+0xb/0x20
[   42.159489][ T3497]  should_fail_usercopy+0x1a/0x20
[   42.159558][ T3497]  _copy_from_user+0x1c/0xb0
[   42.159606][ T3497]  ip_mcast_join_leave+0xa1/0x180
[   42.159647][ T3497]  do_ip_setsockopt+0x18e0/0x2240
[   42.159729][ T3497]  ip_setsockopt+0x58/0x110
[   42.159761][ T3497]  udp_setsockopt+0x99/0xb0
[   42.159788][ T3497]  sock_common_setsockopt+0x66/0x80
[   42.159910][ T3497]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   42.159961][ T3497]  __sys_setsockopt+0x181/0x200
[   42.160011][ T3497]  __x64_sys_setsockopt+0x64/0x80
[   42.160049][ T3497]  x64_sys_call+0x20ec/0x2ff0
[   42.160123][ T3497]  do_syscall_64+0xd2/0x200
[   42.160171][ T3497]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   42.160213][ T3497]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   42.160258][ T3497]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   42.160288][ T3497] RIP: 0033:0x7f81adb8eba9
[   42.160347][ T3497] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   42.160373][ T3497] RSP: 002b:00007f81ac5ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   42.160399][ T3497] RAX: ffffffffffffffda RBX: 00007f81addd5fa0 RCX: 00007f81adb8eba9
[   42.160418][ T3497] RDX: 000000000000002a RSI: 0000000000000000 RDI: 0000000000000004
[   42.160436][ T3497] RBP: 00007f81ac5ef090 R08: 0000000000000088 R09: 0000000000000000
[   42.160512][ T3497] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[   42.160531][ T3497] R13: 00007f81addd6038 R14: 00007f81addd5fa0 R15: 00007ffdd0eda3d8
[   42.160559][ T3497]  </TASK>
[   42.190852][ T3377] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[   42.196698][ T3486] syz.4.9: attempt to access beyond end of device
[   42.196698][ T3486] loop4: rw=0, sector=4112, nr_sectors = 4 limit=128
[   42.227568][ T3377] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   42.228065][ T3486] Buffer I/O error on dev loop4, logical block 1028, async page read
[   42.452767][ T3486] syz.4.9: attempt to access beyond end of device
[   42.452767][ T3486] loop4: rw=0, sector=167964, nr_sectors = 4 limit=128
[   42.468654][ T3486] Buffer I/O error on dev loop4, logical block 41991, async page read
[   42.558799][ T3507] loop4: detected capacity change from 0 to 128
[   42.565787][ T3507] vfat: Unknown parameter 'short.ame'
[   42.675441][ T3507] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14'.
[   42.686565][ T3507] netlink: 4 bytes leftover after parsing attributes in process `syz.4.14'.
[   42.803998][ T3517] loop3: detected capacity change from 0 to 164
[   42.812281][ T3517] =======================================================
[   42.812281][ T3517] WARNING: The mand mount option has been deprecated and
[   42.812281][ T3517]          and is ignored by this kernel. Remove the mand
[   42.812281][ T3517]          option from the mount to silence this warning.
[   42.812281][ T3517] =======================================================
[   42.872002][ T3517] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17'.
[   42.927210][ T3517] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17'.
[   42.945708][ T3522] loop4: detected capacity change from 0 to 512
[   42.948015][ T3517] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17'.
[   42.964461][ T3517] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17'.
[   42.980623][ T3522] EXT4-fs (loop4): mounted filesystem 00800000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   43.007019][ T3517] rock: directory entry would overflow storage
[   43.013782][ T3517] rock: sig=0x4f50, size=4, remaining=3
[   43.018706][ T3525] random: crng reseeded on system resumption
[   43.019928][ T3517] iso9660: Corrupted directory entry in block 5 of inode 1792
[   43.051921][ T3525] netlink: 464 bytes leftover after parsing attributes in process `syz.2.20'.
[   43.063606][ T3525] Zero length message leads to an empty skb
[   43.064773][ T3522] EXT4-fs error (device loop4): ext4_acquire_dquot:6937: comm syz.4.19: Failed to acquire dquot type 0
[   43.084465][ T3522] EXT4-fs warning (device loop4): ext4_enable_quotas:7172: Failed to enable quota tracking (type=0, err=-5, ino=3). Please run e2fsck to fix.
[   43.108503][ T3525] loop2: detected capacity change from 0 to 1024
[   43.129322][ T3525] EXT4-fs (loop2): corrupt root inode, run e2fsck
[   43.144959][ T3525] EXT4-fs (loop2): mount failed
[   43.186524][ T3530] netlink: 24 bytes leftover after parsing attributes in process `syz.3.21'.
[   43.212978][ T3522] netlink: 'syz.4.19': attribute type 3 has an invalid length.
[   43.222344][ T3522] netlink: 132 bytes leftover after parsing attributes in process `syz.4.19'.
[   43.288773][ T3301] EXT4-fs error (device loop4): ext4_readdir:264: inode #2: block 3: comm syz-executor: path /5/file0: bad entry in directory: rec_len is too small for name_len - offset=24, inode=11, rec_len=20, size=4096 fake=0
[   43.540262][ T3550] loop1: detected capacity change from 0 to 8192
[   43.700815][ T3301] syz-executor (3301) used greatest stack depth: 10592 bytes left
[   43.717351][ T3453] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.773983][ T3453] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.797720][ T3557] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   43.825634][ T3561] random: crng reseeded on system resumption
[   43.853891][ T3453] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   43.939126][ T3453] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   44.179518][ T3453] bridge_slave_1: left allmulticast mode
[   44.186041][ T3453] bridge_slave_1: left promiscuous mode
[   44.192443][ T3453] bridge0: port 2(bridge_slave_1) entered disabled state
[   44.221079][ T3453] bridge_slave_0: left allmulticast mode
[   44.227401][ T3453] bridge_slave_0: left promiscuous mode
[   44.234180][ T3453] bridge0: port 1(bridge_slave_0) entered disabled state
[   44.420469][ T3453] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   44.432746][ T3453] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   44.445224][ T3453] bond0 (unregistering): Released all slaves
[   44.538364][ T3453] hsr_slave_0: left promiscuous mode
[   44.547189][ T3453] hsr_slave_1: left promiscuous mode
[   44.553748][ T3453] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   44.562821][ T3453] batman_adv: batadv0: Removing interface: batadv_slave_0
[   44.593761][ T3453] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   44.602981][ T3453] batman_adv: batadv0: Removing interface: batadv_slave_1
[   44.627320][ T3453] veth1_macvtap: left promiscuous mode
[   44.635548][ T3453] veth0_macvtap: left promiscuous mode
[   44.652597][ T3453] veth1_vlan: left promiscuous mode
[   44.666227][ T3453] veth0_vlan: left promiscuous mode
[   44.800706][ T3605] loop1: detected capacity change from 0 to 8192
[   44.928969][ T3453] team0 (unregistering): Port device team_slave_1 removed
[   44.945307][ T3453] team0 (unregistering): Port device team_slave_0 removed
[   45.202762][ T3562] chnl_net:caif_netlink_parms(): no params data found
[   45.300028][ T3621] capability: warning: `syz.3.45' uses 32-bit capabilities (legacy support in use)
[   45.333462][ T3621] loop3: detected capacity change from 0 to 512
[   45.490301][ T3621] EXT4-fs (loop3): too many log groups per flexible block group
[   45.499083][ T3621] EXT4-fs (loop3): failed to initialize mballoc (-12)
[   45.512470][ T3621] EXT4-fs (loop3): mount failed
[   45.557594][ T3562] bridge0: port 1(bridge_slave_0) entered blocking state
[   45.565442][ T3562] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.608532][ T3562] bridge_slave_0: entered allmulticast mode
[   45.617236][ T3562] bridge_slave_0: entered promiscuous mode
[   45.661381][ T3562] bridge0: port 2(bridge_slave_1) entered blocking state
[   45.669763][ T3562] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.690383][ T3562] bridge_slave_1: entered allmulticast mode
[   45.697741][ T3562] bridge_slave_1: entered promiscuous mode
[   45.737881][ T3562] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   45.784823][   T30] kauditd_printk_skb: 1396 callbacks suppressed
[   45.784843][   T30] audit: type=1326 audit(1757903561.421:1485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3647 comm="syz.3.51" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad88beba9 code=0x7ffc0000
[   45.801195][ T3562] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   45.901606][   T30] audit: type=1326 audit(1757903561.461:1486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3653 comm="syz.3.51" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fdad88f1465 code=0x7ffc0000
[   45.928960][   T30] audit: type=1326 audit(1757903561.471:1487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3647 comm="syz.3.51" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7fdad88beba9 code=0x7ffc0000
[   45.955221][   T30] audit: type=1326 audit(1757903561.471:1488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3647 comm="syz.3.51" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad88beba9 code=0x7ffc0000
[   45.981859][   T30] audit: type=1326 audit(1757903561.471:1489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3647 comm="syz.3.51" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad88beba9 code=0x7ffc0000
[   46.008526][   T30] audit: type=1326 audit(1757903561.471:1490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3647 comm="syz.3.51" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fdad88beba9 code=0x7ffc0000
[   46.034473][   T30] audit: type=1326 audit(1757903561.471:1491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3647 comm="syz.3.51" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad88beba9 code=0x7ffc0000
[   46.061442][   T30] audit: type=1326 audit(1757903561.471:1492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3647 comm="syz.3.51" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad88beba9 code=0x7ffc0000
[   46.089000][   T30] audit: type=1326 audit(1757903561.471:1493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3647 comm="syz.3.51" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7fdad88beba9 code=0x7ffc0000
[   46.115881][   T30] audit: type=1326 audit(1757903561.471:1494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3647 comm="syz.3.51" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad88beba9 code=0x7ffc0000
[   46.214940][ T3562] team0: Port device team_slave_0 added
[   46.228319][ T3562] team0: Port device team_slave_1 added
[   46.309718][ T3562] batman_adv: batadv0: Adding interface: batadv_slave_0
[   46.317417][ T3562] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.348052][ T3562] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   46.399002][ T3562] batman_adv: batadv0: Adding interface: batadv_slave_1
[   46.406524][ T3562] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   46.435288][ T3562] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   46.529067][ T3673] loop2: detected capacity change from 0 to 512
[   46.560415][ T3673] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   46.574897][ T3673] EXT4-fs (loop2): can't mount with both data=journal and delalloc
[   46.605194][ T3673] __nla_validate_parse: 4 callbacks suppressed
[   46.605208][ T3673] netlink: 80 bytes leftover after parsing attributes in process `syz.2.55'.
[   46.638091][ T3562] hsr_slave_0: entered promiscuous mode
[   46.645877][ T3562] hsr_slave_1: entered promiscuous mode
[   46.802436][ T3562] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   46.814905][ T3562] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   46.827944][ T3562] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   46.838103][ T3562] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   46.925217][ T3699] loop3: detected capacity change from 0 to 8192
[   47.066679][ T3693] loop2: detected capacity change from 0 to 8192
[   47.095929][ T3562] 8021q: adding VLAN 0 to HW filter on device bond0
[   47.106490][ T3694] loop1: detected capacity change from 0 to 8192
[   47.124222][ T3562] 8021q: adding VLAN 0 to HW filter on device team0
[   47.138679][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[   47.146508][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[   47.163331][ T3453] bridge0: port 2(bridge_slave_1) entered blocking state
[   47.171734][ T3453] bridge0: port 2(bridge_slave_1) entered forwarding state
[   47.334496][ T3562] 8021q: adding VLAN 0 to HW filter on device batadv0
[   47.643172][ T3562] veth0_vlan: entered promiscuous mode
[   47.670896][ T3562] veth1_vlan: entered promiscuous mode
[   47.708626][ T3562] veth0_macvtap: entered promiscuous mode
[   47.716756][ T3562] veth1_macvtap: entered promiscuous mode
[   47.743832][ T3562] batman_adv: batadv0: Interface activated: batadv_slave_0
[   47.777324][ T3562] batman_adv: batadv0: Interface activated: batadv_slave_1
[   47.798377][  T269] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   47.809058][ T3453] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   47.891993][    C1] hrtimer: interrupt took 32797 ns
[   47.893288][ T3453] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   47.961630][ T3360] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[   47.989647][ T3360] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   48.020787][ T3741] bridge_slave_0: left allmulticast mode
[   48.027285][ T3741] bridge_slave_0: left promiscuous mode
[   48.033656][ T3741] bridge0: port 1(bridge_slave_0) entered disabled state
[   48.082676][ T3741] bridge_slave_1: left allmulticast mode
[   48.089018][ T3741] bridge_slave_1: left promiscuous mode
[   48.095532][ T3741] bridge0: port 2(bridge_slave_1) entered disabled state
[   48.131929][ T3741] bond0: (slave bond_slave_0): Releasing backup interface
[   48.150374][ T3741] bond0: (slave bond_slave_1): Releasing backup interface
[   48.164850][ T3741] team0: Port device team_slave_0 removed
[   48.174989][ T3741] team0: Port device team_slave_1 removed
[   48.183139][ T3741] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   48.192109][ T3741] batman_adv: batadv0: Removing interface: batadv_slave_0
[   48.201950][ T3741] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   48.210478][ T3741] batman_adv: batadv0: Removing interface: batadv_slave_1
[   48.237073][   T41] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   48.281506][ T3754] random: crng reseeded on system resumption
[   48.296211][ T3755] cgroup: Unknown subsys name '¬§@﬽æì¦4*oäÂÒ£hÓîºoþüíUÜ'
[   48.329505][ T3754] netlink: 464 bytes leftover after parsing attributes in process `syz.5.33'.
[   48.361877][ T3754] loop5: detected capacity change from 0 to 1024
[   48.381647][ T3754] EXT4-fs (loop5): corrupt root inode, run e2fsck
[   48.407413][ T3754] EXT4-fs (loop5): mount failed
[   48.522616][ T3769] ref_ctr increment failed for inode: 0x1e offset: 0xb ref_ctr_offset: 0x82 of mm: 0xffff888109892840
[   48.536277][ T3769] ref_ctr increment failed for inode: 0x1e offset: 0xf ref_ctr_offset: 0x82 of mm: 0xffff888109892840
[   48.559739][ T3768] uprobe: syz.5.75:3768 failed to unregister, leaking uprobe
[   48.708640][ T3774] loop2: detected capacity change from 0 to 8192
[   48.718560][ T3768] uprobe: syz.5.75:3768 failed to unregister, leaking uprobe
[   48.939214][ T3783] random: crng reseeded on system resumption
[   48.968268][ T3783] netlink: 464 bytes leftover after parsing attributes in process `syz.1.80'.
[   49.051079][ T3785] loop5: detected capacity change from 0 to 2048
[   49.066061][ T3783] loop1: detected capacity change from 0 to 1024
[   49.076875][ T3787] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   49.086766][ T3787] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   49.107380][ T3785] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   49.132428][ T3783] EXT4-fs (loop1): corrupt root inode, run e2fsck
[   49.154679][ T3783] EXT4-fs (loop1): mount failed
[   49.239664][ T3562] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.314452][ T3798] random: crng reseeded on system resumption
[   49.333566][ T3798] netlink: 464 bytes leftover after parsing attributes in process `syz.3.85'.
[   49.356315][ T3796] loop5: detected capacity change from 0 to 256
[   49.365993][ T3798] loop3: detected capacity change from 0 to 1024
[   49.373608][ T3796] msdos: Bad value for 'gid'
[   49.379010][ T3796] msdos: Bad value for 'gid'
[   49.405095][ T3798] EXT4-fs (loop3): corrupt root inode, run e2fsck
[   49.413240][ T3798] EXT4-fs (loop3): mount failed
[   49.588909][ T3812] FAULT_INJECTION: forcing a failure.
[   49.588909][ T3812] name failslab, interval 1, probability 0, space 0, times 1
[   49.602644][ T3812] CPU: 1 UID: 0 PID: 3812 Comm: syz.2.89 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   49.602731][ T3812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   49.602804][ T3812] Call Trace:
[   49.602826][ T3812]  <TASK>
[   49.602837][ T3812]  __dump_stack+0x1d/0x30
[   49.602866][ T3812]  dump_stack_lvl+0xe8/0x140
[   49.602893][ T3812]  dump_stack+0x15/0x1b
[   49.602921][ T3812]  should_fail_ex+0x265/0x280
[   49.602959][ T3812]  should_failslab+0x8c/0xb0
[   49.602994][ T3812]  kmem_cache_alloc_noprof+0x50/0x310
[   49.603042][ T3812]  ? security_file_alloc+0x32/0x100
[   49.603090][ T3812]  security_file_alloc+0x32/0x100
[   49.603135][ T3812]  init_file+0x5c/0x1d0
[   49.603256][ T3812]  alloc_empty_file+0x8b/0x200
[   49.603297][ T3812]  path_openat+0x68/0x2170
[   49.603324][ T3812]  ? _parse_integer_limit+0x170/0x190
[   49.603398][ T3812]  ? kstrtoull+0x111/0x140
[   49.603429][ T3812]  ? kstrtouint+0x76/0xc0
[   49.603461][ T3812]  do_filp_open+0x109/0x230
[   49.603524][ T3812]  do_sys_openat2+0xa6/0x110
[   49.603581][ T3812]  __x64_sys_openat+0xf2/0x120
[   49.603694][ T3812]  x64_sys_call+0x2e9c/0x2ff0
[   49.603726][ T3812]  do_syscall_64+0xd2/0x200
[   49.603794][ T3812]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   49.603828][ T3812]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   49.603930][ T3812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   49.603958][ T3812] RIP: 0033:0x7efcdc0eeba9
[   49.603979][ T3812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   49.604004][ T3812] RSP: 002b:00007efcdab4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   49.604030][ T3812] RAX: ffffffffffffffda RBX: 00007efcdc335fa0 RCX: 00007efcdc0eeba9
[   49.604115][ T3812] RDX: 0000000000000100 RSI: 0000200000000000 RDI: ffffffffffffff9c
[   49.604132][ T3812] RBP: 00007efcdab4f090 R08: 0000000000000000 R09: 0000000000000000
[   49.604159][ T3812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   49.604176][ T3812] R13: 00007efcdc336038 R14: 00007efcdc335fa0 R15: 00007fffb5bea0a8
[   49.604199][ T3812]  </TASK>
[   49.840829][ T3814] loop5: detected capacity change from 0 to 8192
[   49.887911][ T1037] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[   49.901464][ T3820] loop3: detected capacity change from 0 to 512
[   49.918953][ T3820] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   49.937297][ T1037] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   49.966640][ T3820] EXT4-fs error (device loop3): ext4_get_branch:178: inode #11: block 4294967295: comm syz.3.93: invalid block
[   50.017310][ T3820] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.93: invalid indirect mapped block 4294967295 (level 1)
[   50.056677][ T3820] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #11: comm syz.3.93: invalid indirect mapped block 4294967295 (level 1)
[   50.077373][ T3820] EXT4-fs (loop3): 2 truncates cleaned up
[   50.077659][ T3823] loop2: detected capacity change from 0 to 8192
[   50.092589][ T3820] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   50.121333][ T3820] EXT4-fs error (device loop3): ext4_validate_block_bitmap:432: comm syz.3.93: bg 0: block 5: invalid block bitmap
[   50.172370][ T3313] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.305139][ T3836] random: crng reseeded on system resumption
[   50.369945][ T3836] netlink: 464 bytes leftover after parsing attributes in process `syz.3.95'.
[   50.454741][ T3838] loop3: detected capacity change from 0 to 1024
[   50.508091][ T3838] EXT4-fs (loop3): corrupt root inode, run e2fsck
[   50.547198][ T3838] EXT4-fs (loop3): mount failed
[   50.664109][ T3840] FAULT_INJECTION: forcing a failure.
[   50.664109][ T3840] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   50.678753][ T3840] CPU: 0 UID: 0 PID: 3840 Comm: syz.0.97 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   50.678827][ T3840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   50.678843][ T3840] Call Trace:
[   50.678852][ T3840]  <TASK>
[   50.678863][ T3840]  __dump_stack+0x1d/0x30
[   50.678890][ T3840]  dump_stack_lvl+0xe8/0x140
[   50.678915][ T3840]  dump_stack+0x15/0x1b
[   50.678972][ T3840]  should_fail_ex+0x265/0x280
[   50.679004][ T3840]  should_fail+0xb/0x20
[   50.679104][ T3840]  should_fail_usercopy+0x1a/0x20
[   50.679135][ T3840]  copy_fpstate_to_sigframe+0x628/0x7d0
[   50.679224][ T3840]  ? copy_fpstate_to_sigframe+0xe6/0x7d0
[   50.679275][ T3840]  ? x86_task_fpu+0x36/0x60
[   50.679331][ T3840]  get_sigframe+0x34d/0x490
[   50.679353][ T3840]  ? get_signal+0xdc8/0xf70
[   50.679424][ T3840]  x64_setup_rt_frame+0xa8/0x580
[   50.679453][ T3840]  arch_do_signal_or_restart+0x27c/0x480
[   50.679481][ T3840]  exit_to_user_mode_loop+0x7a/0x100
[   50.679505][ T3840]  do_syscall_64+0x1d6/0x200
[   50.679583][ T3840]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   50.679615][ T3840]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   50.679681][ T3840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   50.679756][ T3840] RIP: 0033:0x7fd56f7deba9
[   50.679775][ T3840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   50.679793][ T3840] RSP: 002b:00007fd56e247038 EFLAGS: 00000246 ORIG_RAX: 000000000000003d
[   50.679817][ T3840] RAX: 0000000000000042 RBX: 00007fd56fa25fa0 RCX: 00007fd56f7deba9
[   50.679833][ T3840] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000000000042
[   50.679956][ T3840] RBP: 00007fd56e247090 R08: 0000000000000000 R09: 0000000000000000
[   50.679972][ T3840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   50.679986][ T3840] R13: 00007fd56fa26038 R14: 00007fd56fa25fa0 R15: 00007ffc63038258
[   50.680010][ T3840]  </TASK>
[   50.739445][ T3849] loop5: detected capacity change from 0 to 8192
[   50.904081][ T3855] loop3: detected capacity change from 0 to 1024
[   50.927835][ T3855] EXT4-fs (loop3): unable to read superblock
[   50.975076][   T30] kauditd_printk_skb: 212 callbacks suppressed
[   50.975094][   T30] audit: type=1326 audit(1757903566.611:1707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3856 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd56f7deba9 code=0x7ffc0000
[   51.010060][   T30] audit: type=1326 audit(1757903566.631:1708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3856 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd56f7deba9 code=0x7ffc0000
[   51.037652][   T30] audit: type=1326 audit(1757903566.631:1709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3856 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7fd56f7deba9 code=0x7ffc0000
[   51.064331][   T30] audit: type=1326 audit(1757903566.631:1710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3856 comm="syz.0.102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd56f7deba9 code=0x7ffc0000
[   51.102887][   T30] audit: type=1326 audit(1757903566.651:1711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3851 comm="syz.3.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad88beba9 code=0x7fc00000
[   51.130293][   T30] audit: type=1326 audit(1757903566.651:1712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3851 comm="syz.3.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7fdad88beba9 code=0x7fc00000
[   51.157146][   T30] audit: type=1326 audit(1757903566.651:1713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3851 comm="syz.3.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad88beba9 code=0x7fc00000
[   51.164588][ T3397] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   51.184436][   T30] audit: type=1326 audit(1757903566.651:1714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3851 comm="syz.3.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad88beba9 code=0x7fc00000
[   51.220847][   T30] audit: type=1326 audit(1757903566.651:1715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3851 comm="syz.3.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad88beba9 code=0x7fc00000
[   51.248016][   T30] audit: type=1326 audit(1757903566.651:1716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=3851 comm="syz.3.101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad88beba9 code=0x7fc00000
[   51.248302][ T3397] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   51.338341][ T3404] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   51.376558][ T3404] hid-generic 0000:0000:0000.0005: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   51.491032][ T3869] loop1: detected capacity change from 0 to 8192
[   51.738310][ T3881] loop5: detected capacity change from 0 to 256
[   51.813161][ T3887] random: crng reseeded on system resumption
[   51.830392][ T3887] netlink: 464 bytes leftover after parsing attributes in process `syz.5.111'.
[   51.895557][ T3887] loop5: detected capacity change from 0 to 1024
[   51.933829][ T3887] EXT4-fs (loop5): corrupt root inode, run e2fsck
[   51.957131][ T3887] EXT4-fs (loop5): mount failed
[   52.207620][ T3894] FAULT_INJECTION: forcing a failure.
[   52.207620][ T3894] name failslab, interval 1, probability 0, space 0, times 0
[   52.226372][ T3894] CPU: 1 UID: 0 PID: 3894 Comm: syz.5.115 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.226483][ T3894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   52.226499][ T3894] Call Trace:
[   52.226506][ T3894]  <TASK>
[   52.226515][ T3894]  __dump_stack+0x1d/0x30
[   52.226541][ T3894]  dump_stack_lvl+0xe8/0x140
[   52.226640][ T3894]  dump_stack+0x15/0x1b
[   52.226660][ T3894]  should_fail_ex+0x265/0x280
[   52.226693][ T3894]  should_failslab+0x8c/0xb0
[   52.226801][ T3894]  __kmalloc_noprof+0xa5/0x3e0
[   52.226830][ T3894]  ? kobject_get_path+0x92/0x1c0
[   52.226852][ T3894]  kobject_get_path+0x92/0x1c0
[   52.226877][ T3894]  kobject_uevent_env+0x1da/0x570
[   52.226907][ T3894]  ? device_pm_check_callbacks+0x683/0x6a0
[   52.226978][ T3894]  kobject_uevent+0x1d/0x30
[   52.227003][ T3894]  device_del+0x710/0x790
[   52.227041][ T3894]  device_unregister+0x15/0x40
[   52.227130][ T3894]  bdi_unregister+0x307/0x3a0
[   52.227170][ T3894]  __del_gendisk+0x2c3/0x570
[   52.227211][ T3894]  del_gendisk+0xac/0xf0
[   52.227316][ T3894]  loop_remove+0x26/0x80
[   52.227339][ T3894]  loop_control_ioctl+0x3b3/0x3f0
[   52.227359][ T3894]  ? __pfx_loop_control_ioctl+0x10/0x10
[   52.227384][ T3894]  __se_sys_ioctl+0xce/0x140
[   52.227410][ T3894]  __x64_sys_ioctl+0x43/0x50
[   52.227435][ T3894]  x64_sys_call+0x1816/0x2ff0
[   52.227481][ T3894]  do_syscall_64+0xd2/0x200
[   52.227553][ T3894]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   52.227581][ T3894]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   52.227621][ T3894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.227645][ T3894] RIP: 0033:0x7fea9e81eba9
[   52.227678][ T3894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.227702][ T3894] RSP: 002b:00007fea9d287038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   52.227726][ T3894] RAX: ffffffffffffffda RBX: 00007fea9ea65fa0 RCX: 00007fea9e81eba9
[   52.227742][ T3894] RDX: 0000000000000002 RSI: 0000000000004c81 RDI: 0000000000000003
[   52.227758][ T3894] RBP: 00007fea9d287090 R08: 0000000000000000 R09: 0000000000000000
[   52.227770][ T3894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.227781][ T3894] R13: 00007fea9ea66038 R14: 00007fea9ea65fa0 R15: 00007ffc0540e3e8
[   52.227799][ T3894]  </TASK>
[   52.564074][ T3886] loop3: detected capacity change from 0 to 512
[   52.603701][ T3900] FAULT_INJECTION: forcing a failure.
[   52.603701][ T3900] name failslab, interval 1, probability 0, space 0, times 0
[   52.617909][ T3900] CPU: 0 UID: 0 PID: 3900 Comm: syz.2.118 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   52.617939][ T3900] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   52.617952][ T3900] Call Trace:
[   52.617957][ T3900]  <TASK>
[   52.617964][ T3900]  __dump_stack+0x1d/0x30
[   52.618044][ T3900]  dump_stack_lvl+0xe8/0x140
[   52.618069][ T3900]  dump_stack+0x15/0x1b
[   52.618091][ T3900]  should_fail_ex+0x265/0x280
[   52.618121][ T3900]  should_failslab+0x8c/0xb0
[   52.618154][ T3900]  kmem_cache_alloc_noprof+0x50/0x310
[   52.618266][ T3900]  ? _sctp_make_chunk+0xbf/0x210
[   52.618305][ T3900]  _sctp_make_chunk+0xbf/0x210
[   52.618349][ T3900]  sctp_make_abort_user+0x4c/0x3a0
[   52.618423][ T3900]  ? sctp_epaddr_lookup_transport+0x9e/0x130
[   52.618462][ T3900]  sctp_sendmsg_check_sflags+0x17e/0x1e0
[   52.618492][ T3900]  sctp_sendmsg+0x75f/0x18d0
[   52.618527][ T3900]  ? __pfx_sctp_sendmsg+0x10/0x10
[   52.618547][ T3900]  inet_sendmsg+0xc5/0xd0
[   52.618639][ T3900]  __sock_sendmsg+0x102/0x180
[   52.618698][ T3900]  ____sys_sendmsg+0x345/0x4e0
[   52.618737][ T3900]  ___sys_sendmsg+0x17b/0x1d0
[   52.618823][ T3900]  __sys_sendmmsg+0x178/0x300
[   52.618863][ T3900]  __x64_sys_sendmmsg+0x57/0x70
[   52.618898][ T3900]  x64_sys_call+0x1c4a/0x2ff0
[   52.618927][ T3900]  do_syscall_64+0xd2/0x200
[   52.618966][ T3900]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   52.619020][ T3900]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   52.619059][ T3900]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   52.619148][ T3900] RIP: 0033:0x7efcdc0eeba9
[   52.619168][ T3900] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   52.619189][ T3900] RSP: 002b:00007efcdab4f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[   52.619208][ T3900] RAX: ffffffffffffffda RBX: 00007efcdc335fa0 RCX: 00007efcdc0eeba9
[   52.619220][ T3900] RDX: 0000000000000001 RSI: 00002000000032c0 RDI: 0000000000000006
[   52.619232][ T3900] RBP: 00007efcdab4f090 R08: 0000000000000000 R09: 0000000000000000
[   52.619243][ T3900] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   52.619258][ T3900] R13: 00007efcdc336038 R14: 00007efcdc335fa0 R15: 00007fffb5bea0a8
[   52.619282][ T3900]  </TASK>
[   52.625205][ T3886] EXT4-fs: Ignoring removed mblk_io_submit option
[   52.837171][ T3908] netlink: 8 bytes leftover after parsing attributes in process `syz.1.120'.
[   52.850531][ T3886] ext4: Unknown parameter 'obj_type'
[   52.852511][ T3908] netlink: 8 bytes leftover after parsing attributes in process `syz.1.120'.
[   52.963619][ T3912] loop1: detected capacity change from 0 to 1024
[   52.973276][ T3912] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   52.997713][ T3912] EXT4-fs (loop1): revision level too high, forcing read-only mode
[   53.014920][ T3912] EXT4-fs (loop1): orphan cleanup on readonly fs
[   53.025077][ T3912] EXT4-fs error (device loop1): __ext4_get_inode_loc:4861: comm syz.1.123: Invalid inode table block 0 in block_group 0
[   53.040602][ T3912] EXT4-fs (loop1): Remounting filesystem read-only
[   53.048803][ T3912] EXT4-fs (loop1): 1 truncate cleaned up
[   53.056463][ T3912] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   53.095065][ T3909] loop5: detected capacity change from 0 to 8192
[   53.188019][ T3922] netlink: 464 bytes leftover after parsing attributes in process `syz.0.127'.
[   53.514416][ T3935] wireguard0: entered promiscuous mode
[   53.521110][ T3935] wireguard0: entered allmulticast mode
[   53.748321][ T3919] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   53.775346][ T3453] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   53.974874][ T3947] netlink: 196 bytes leftover after parsing attributes in process `syz.5.132'.
[   54.144908][ T3951] FAULT_INJECTION: forcing a failure.
[   54.144908][ T3951] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   54.159031][ T3951] CPU: 0 UID: 0 PID: 3951 Comm: syz.3.136 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   54.159062][ T3951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   54.159080][ T3951] Call Trace:
[   54.159089][ T3951]  <TASK>
[   54.159159][ T3951]  __dump_stack+0x1d/0x30
[   54.159275][ T3951]  dump_stack_lvl+0xe8/0x140
[   54.159304][ T3951]  dump_stack+0x15/0x1b
[   54.159334][ T3951]  should_fail_ex+0x265/0x280
[   54.159374][ T3951]  should_fail+0xb/0x20
[   54.159404][ T3951]  should_fail_usercopy+0x1a/0x20
[   54.159500][ T3951]  _copy_from_iter+0xd2/0xe80
[   54.159612][ T3951]  ? __build_skb_around+0x1a0/0x200
[   54.159651][ T3951]  ? __alloc_skb+0x223/0x320
[   54.159678][ T3951]  netlink_sendmsg+0x471/0x6b0
[   54.159715][ T3951]  ? __pfx_netlink_sendmsg+0x10/0x10
[   54.159828][ T3951]  __sock_sendmsg+0x142/0x180
[   54.159940][ T3951]  ____sys_sendmsg+0x31e/0x4e0
[   54.159984][ T3951]  ___sys_sendmsg+0x17b/0x1d0
[   54.160036][ T3951]  __x64_sys_sendmsg+0xd4/0x160
[   54.160142][ T3951]  x64_sys_call+0x191e/0x2ff0
[   54.160179][ T3951]  do_syscall_64+0xd2/0x200
[   54.160227][ T3951]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   54.160270][ T3951]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   54.160394][ T3951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   54.160424][ T3951] RIP: 0033:0x7fdad88beba9
[   54.160443][ T3951] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   54.160462][ T3951] RSP: 002b:00007fdad731f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   54.160489][ T3951] RAX: ffffffffffffffda RBX: 00007fdad8b05fa0 RCX: 00007fdad88beba9
[   54.160520][ T3951] RDX: 0000000000000040 RSI: 0000200000009b40 RDI: 0000000000000003
[   54.160537][ T3951] RBP: 00007fdad731f090 R08: 0000000000000000 R09: 0000000000000000
[   54.160599][ T3951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   54.160615][ T3951] R13: 00007fdad8b06038 R14: 00007fdad8b05fa0 R15: 00007ffcfb5fdda8
[   54.160641][ T3951]  </TASK>
[   54.456619][ T3453] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.561833][ T3960] loop5: detected capacity change from 0 to 2048
[   54.605296][ T3453] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.639393][ T3960] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   54.688141][ T3453] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   54.715520][ T3939] chnl_net:caif_netlink_parms(): no params data found
[   54.767223][ T3977] netlink: 464 bytes leftover after parsing attributes in process `syz.0.143'.
[   54.822115][ T3939] bridge0: port 1(bridge_slave_0) entered blocking state
[   54.829990][ T3939] bridge0: port 1(bridge_slave_0) entered disabled state
[   54.840191][ T3939] bridge_slave_0: entered allmulticast mode
[   54.848421][ T3939] bridge_slave_0: entered promiscuous mode
[   54.856348][ T3453] bridge_slave_1: left allmulticast mode
[   54.863336][ T3453] bridge_slave_1: left promiscuous mode
[   54.870427][ T3453] bridge0: port 2(bridge_slave_1) entered disabled state
[   54.894033][ T3453] bridge_slave_0: left allmulticast mode
[   54.900924][ T3453] bridge_slave_0: left promiscuous mode
[   54.907175][ T3453] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.060867][ T3453] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   55.074022][ T3453] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   55.085528][ T3453] bond0 (unregistering): Released all slaves
[   55.096814][ T3939] bridge0: port 2(bridge_slave_1) entered blocking state
[   55.105021][ T3939] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.115023][ T3939] bridge_slave_1: entered allmulticast mode
[   55.122911][ T3939] bridge_slave_1: entered promiscuous mode
[   55.138642][ T3990] tipc: Started in network mode
[   55.145316][ T3990] tipc: Node identity ac14140f, cluster identity 4711
[   55.158324][ T3990] tipc: New replicast peer: 255.255.255.8
[   55.166211][ T3990] tipc: Enabled bearer <udp:syz2>, priority 10
[   55.185797][ T3939] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   55.199310][ T3453] hsr_slave_0: left promiscuous mode
[   55.206434][ T3453] hsr_slave_1: left promiscuous mode
[   55.213260][ T3453] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   55.221793][ T3453] batman_adv: batadv0: Removing interface: batadv_slave_0
[   55.257637][ T3453] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   55.266700][ T3453] batman_adv: batadv0: Removing interface: batadv_slave_1
[   55.294979][ T3453] veth1_macvtap: left promiscuous mode
[   55.301611][ T3453] veth0_macvtap: left promiscuous mode
[   55.311943][ T3453] veth1_vlan: left promiscuous mode
[   55.319874][ T3453] veth0_vlan: left promiscuous mode
[   55.356454][ T3562] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   55.413609][ T3453] team0 (unregistering): Port device team_slave_1 removed
[   55.430019][ T3453] team0 (unregistering): Port device team_slave_0 removed
[   55.470517][ T3939] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   55.507757][ T3939] team0: Port device team_slave_0 added
[   55.515148][ T3939] team0: Port device team_slave_1 added
[   55.539446][ T3939] batman_adv: batadv0: Adding interface: batadv_slave_0
[   55.546789][ T3939] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.577045][ T3939] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   55.591258][ T3939] batman_adv: batadv0: Adding interface: batadv_slave_1
[   55.599345][ T3939] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   55.628480][ T3939] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   55.713112][ T4010] bridge_slave_0: left allmulticast mode
[   55.720544][ T4010] bridge_slave_0: left promiscuous mode
[   55.727474][ T4010] bridge0: port 1(bridge_slave_0) entered disabled state
[   55.739704][ T4010] bridge_slave_1: left allmulticast mode
[   55.745803][ T4010] bridge_slave_1: left promiscuous mode
[   55.751956][ T4010] bridge0: port 2(bridge_slave_1) entered disabled state
[   55.766733][ T4010] bond0: (slave bond_slave_0): Releasing backup interface
[   55.781028][ T4010] bond0: (slave bond_slave_1): Releasing backup interface
[   55.795796][ T4010] team0: Port device team_slave_0 removed
[   55.808162][ T4010] team0: Port device team_slave_1 removed
[   55.816177][ T4010] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   55.826859][ T4010] batman_adv: batadv0: Removing interface: batadv_slave_0
[   55.838438][ T4010] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   55.846959][ T4010] batman_adv: batadv0: Removing interface: batadv_slave_1
[   55.874303][ T3939] hsr_slave_0: entered promiscuous mode
[   55.884066][ T3939] hsr_slave_1: entered promiscuous mode
[   55.893868][ T3939] debugfs: 'hsr0' already exists in 'hsr'
[   55.901406][ T3939] Cannot create hsr debugfs directory
[   55.916863][ T4022] tipc: Started in network mode
[   55.923523][ T4022] tipc: Node identity ac14140f, cluster identity 4711
[   55.933491][ T4022] tipc: New replicast peer: 255.255.255.8
[   55.940447][ T4022] tipc: Enabled bearer <udp:syz2>, priority 10
[   55.996518][ T4024] loop5: detected capacity change from 0 to 8192
[   56.112674][ T3939] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   56.125274][ T3939] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   56.125244][ T4033] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   56.141432][ T4033] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   56.162827][ T3939] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   56.171530][   T10] tipc: Node number set to 2886997007
[   56.182826][   T30] kauditd_printk_skb: 136 callbacks suppressed
[   56.182845][   T30] audit: type=1326 audit(1757903571.821:1851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4034 comm="syz.2.162" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7efcdc0eeba9 code=0x0
[   56.222368][ T3939] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   56.264681][   T30] audit: type=1326 audit(1757903571.901:1852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4037 comm="syz.3.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad88beba9 code=0x7ffc0000
[   56.296231][   T30] audit: type=1326 audit(1757903571.901:1853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4037 comm="syz.3.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad88beba9 code=0x7ffc0000
[   56.333413][   T30] audit: type=1326 audit(1757903571.901:1854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4037 comm="syz.3.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad88beba9 code=0x7ffc0000
[   56.364007][   T30] audit: type=1326 audit(1757903571.901:1855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4037 comm="syz.3.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad88beba9 code=0x7ffc0000
[   56.392370][   T30] audit: type=1326 audit(1757903571.901:1856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4037 comm="syz.3.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fdad88beba9 code=0x7ffc0000
[   56.424668][   T30] audit: type=1326 audit(1757903571.901:1857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4037 comm="syz.3.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad88beba9 code=0x7ffc0000
[   56.424726][   T30] audit: type=1326 audit(1757903571.901:1858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4037 comm="syz.3.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad88beba9 code=0x7ffc0000
[   56.485543][   T30] audit: type=1326 audit(1757903571.901:1859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4037 comm="syz.3.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fdad88beba9 code=0x7ffc0000
[   56.513130][   T30] audit: type=1326 audit(1757903571.901:1860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4037 comm="syz.3.163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdad88beba9 code=0x7ffc0000
[   56.614325][ T3939] 8021q: adding VLAN 0 to HW filter on device bond0
[   56.634475][ T4054] random: crng reseeded on system resumption
[   56.645685][ T3939] 8021q: adding VLAN 0 to HW filter on device team0
[   56.664413][ T4054] netlink: 464 bytes leftover after parsing attributes in process `syz.5.165'.
[   56.677689][ T3453] bridge0: port 1(bridge_slave_0) entered blocking state
[   56.689544][ T3453] bridge0: port 1(bridge_slave_0) entered forwarding state
[   56.700555][ T3453] bridge0: port 2(bridge_slave_1) entered blocking state
[   56.708856][ T3453] bridge0: port 2(bridge_slave_1) entered forwarding state
[   56.730352][ T4054] loop5: detected capacity change from 0 to 1024
[   56.760135][ T4054] EXT4-fs (loop5): corrupt root inode, run e2fsck
[   56.767821][ T4054] EXT4-fs (loop5): mount failed
[   56.812448][ T3939] 8021q: adding VLAN 0 to HW filter on device batadv0
[   56.995884][ T3939] veth0_vlan: entered promiscuous mode
[   57.006157][ T3939] veth1_vlan: entered promiscuous mode
[   57.040598][ T3939] veth0_macvtap: entered promiscuous mode
[   57.055118][ T3939] veth1_macvtap: entered promiscuous mode
[   57.067212][ T3405] tipc: Node number set to 2886997007
[   57.082516][ T4085] random: crng reseeded on system resumption
[   57.085094][ T3939] batman_adv: batadv0: Interface activated: batadv_slave_0
[   57.105715][ T3939] batman_adv: batadv0: Interface activated: batadv_slave_1
[   57.122262][   T26] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   57.166147][ T4085] netlink: 464 bytes leftover after parsing attributes in process `syz.0.171'.
[   57.177534][   T26] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   57.240695][   T26] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   57.277308][   T26] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   57.653722][ T4118] random: crng reseeded on system resumption
[   57.674151][ T4118] netlink: 464 bytes leftover after parsing attributes in process `syz.2.181'.
[   57.824236][   T10] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[   57.840953][   T10] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   58.059961][ T4094] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.101028][ T4094] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.152593][ T4094] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.196608][ T4128] ref_ctr increment failed for inode: 0xf0 offset: 0xb ref_ctr_offset: 0x82 of mm: 0xffff88810005e1c0
[   58.233214][ T4128] ref_ctr increment failed for inode: 0xf0 offset: 0xf ref_ctr_offset: 0x82 of mm: 0xffff88810005e1c0
[   58.251979][ T4094] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   58.271111][ T4127] uprobe: syz.3.184:4127 failed to unregister, leaking uprobe
[   58.284522][ T4133] random: crng reseeded on system resumption
[   58.357584][ T3476] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[   58.375439][ T4134] netlink: 464 bytes leftover after parsing attributes in process `syz.6.185'.
[   58.387964][ T3476] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[   58.405583][ T3476] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[   58.417352][ T4127] uprobe: syz.3.184:4127 failed to unregister, leaking uprobe
[   58.434301][ T4134] loop6: detected capacity change from 0 to 1024
[   58.447586][ T3476] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[   58.460494][ T4134] EXT4-fs (loop6): corrupt root inode, run e2fsck
[   58.468907][ T4134] EXT4-fs (loop6): mount failed
[   58.584776][ T4140] netlink: 8 bytes leftover after parsing attributes in process `syz.5.187'.
[   58.646808][ T4151] random: crng reseeded on system resumption
[   58.676874][ T4151] netlink: 464 bytes leftover after parsing attributes in process `syz.0.192'.
[   58.777500][ T4160] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22
[   58.787476][ T4160] netdevsim netdevsim6: Direct firmware load for . failed with error -22
[   58.966670][ T4181] netlink: 4 bytes leftover after parsing attributes in process `syz.0.202'.
[   58.988707][ T4169] loop6: detected capacity change from 0 to 8192
[   59.022593][ T4183] loop5: detected capacity change from 0 to 2048
[   59.050432][ T4183] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   59.302842][ T4199] syz.0.208 (4199) used greatest stack depth: 9392 bytes left
[   59.392973][ T4205] bridge_slave_0: left allmulticast mode
[   59.399872][ T4205] bridge_slave_0: left promiscuous mode
[   59.406815][ T4205] bridge0: port 1(bridge_slave_0) entered disabled state
[   59.409841][ T4204] uprobe: syz.0.210:4204 failed to unregister, leaking uprobe
[   59.425413][ T4205] bridge_slave_1: left allmulticast mode
[   59.432218][ T4205] bridge_slave_1: left promiscuous mode
[   59.438918][ T4205] bridge0: port 2(bridge_slave_1) entered disabled state
[   59.454063][ T4205] bond0: (slave bond_slave_0): Releasing backup interface
[   59.470699][ T4205] bond0: (slave bond_slave_1): Releasing backup interface
[   59.479729][ T4204] uprobe: syz.0.210:4204 failed to unregister, leaking uprobe
[   59.495268][ T4205] team0: Port device team_slave_0 removed
[   59.509380][ T4205] team0: Port device team_slave_1 removed
[   59.522182][ T4205] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   59.531165][ T4205] batman_adv: batadv0: Removing interface: batadv_slave_0
[   59.543396][ T4205] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   59.556788][ T4205] batman_adv: batadv0: Removing interface: batadv_slave_1
[   59.627639][ T4208] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   59.710402][ T4214] FAULT_INJECTION: forcing a failure.
[   59.710402][ T4214] name failslab, interval 1, probability 0, space 0, times 0
[   59.725492][ T4214] CPU: 1 UID: 0 PID: 4214 Comm: syz.3.215 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   59.725532][ T4214] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   59.725550][ T4214] Call Trace:
[   59.725560][ T4214]  <TASK>
[   59.725570][ T4214]  __dump_stack+0x1d/0x30
[   59.725596][ T4214]  dump_stack_lvl+0xe8/0x140
[   59.725834][ T4214]  dump_stack+0x15/0x1b
[   59.725926][ T4214]  should_fail_ex+0x265/0x280
[   59.726021][ T4214]  should_failslab+0x8c/0xb0
[   59.726126][ T4214]  kmem_cache_alloc_noprof+0x50/0x310
[   59.726240][ T4214]  ? alloc_empty_file+0x76/0x200
[   59.726287][ T4214]  alloc_empty_file+0x76/0x200
[   59.726328][ T4214]  alloc_file_pseudo+0xc6/0x160
[   59.726397][ T4214]  __shmem_file_setup+0x1de/0x210
[   59.726506][ T4214]  shmem_file_setup+0x3b/0x50
[   59.726530][ T4214]  __se_sys_memfd_create+0x2c3/0x590
[   59.726560][ T4214]  __x64_sys_memfd_create+0x31/0x40
[   59.726588][ T4214]  x64_sys_call+0x2abe/0x2ff0
[   59.726618][ T4214]  do_syscall_64+0xd2/0x200
[   59.726726][ T4214]  ? arch_exit_to_user_mode_prepare+0x27/0x80
[   59.726768][ T4214]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[   59.726810][ T4214]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   59.726843][ T4214] RIP: 0033:0x7fdad88beba9
[   59.726865][ T4214] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   59.726894][ T4214] RSP: 002b:00007fdad731ee18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[   59.726918][ T4214] RAX: ffffffffffffffda RBX: 00000000000005ad RCX: 00007fdad88beba9
[   59.726936][ T4214] RDX: 00007fdad731eef0 RSI: 0000000000000000 RDI: 00007fdad89427e8
[   59.726951][ T4214] RBP: 0000200000000180 R08: 00007fdad731ebb7 R09: 00007fdad731ee40
[   59.726966][ T4214] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000040
[   59.727013][ T4214] R13: 00007fdad731eef0 R14: 00007fdad731eeb0 R15: 0000200000000940
[   59.727040][ T4214]  </TASK>
[   59.997919][ T3562] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   60.089796][ T4224] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   60.123075][ T4224] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   60.825531][ T4229] loop6: detected capacity change from 0 to 8192
[   61.065734][ T4236] bridge_slave_0: left allmulticast mode
[   61.072048][ T4236] bridge_slave_0: left promiscuous mode
[   61.078731][ T4236] bridge0: port 1(bridge_slave_0) entered disabled state
[   61.092707][ T4239] FAT-fs (loop6): error, clusters badly computed (611 != 1)
[   61.101398][ T4239] FAT-fs (loop6): Filesystem has been set read-only
[   61.130082][ T4229] FAT-fs (loop6): error, clusters badly computed (613 != 612)
[   61.143314][ T4236] bridge_slave_1: left allmulticast mode
[   61.149933][ T4236] bridge_slave_1: left promiscuous mode
[   61.155881][ T4236] bridge0: port 2(bridge_slave_1) entered disabled state
[   61.175965][ T4229] FAT-fs (loop6): error, clusters badly computed (614 != 613)
[   61.196277][ T4239] FAT-fs (loop6): error, clusters badly computed (614 != 2)
[   61.220193][ T4229] FAT-fs (loop6): error, clusters badly computed (616 != 614)
[   61.229624][ T4236] bond0: (slave bond_slave_0): Releasing backup interface
[   61.246030][ T4236] bond0: (slave bond_slave_1): Releasing backup interface
[   61.261983][ T4229] FAT-fs (loop6): error, clusters badly computed (617 != 615)
[   61.272517][ T4229] FAT-fs (loop6): error, clusters badly computed (618 != 616)
[   61.273353][ T4236] team0: Port device team_slave_0 removed
[   61.282289][ T4229] FAT-fs (loop6): error, clusters badly computed (619 != 617)
[   61.291832][ T4239] FAT-fs (loop6): error, clusters badly computed (616 != 3)
[   61.309560][ T4239] FAT-fs (loop6): error, clusters badly computed (623 != 4)
[   61.310104][ T4236] team0: Port device team_slave_1 removed
[   61.331617][ T4236] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   61.340816][ T4236] batman_adv: batadv0: Removing interface: batadv_slave_0
[   61.351147][   T30] kauditd_printk_skb: 1170 callbacks suppressed
[   61.351166][   T30] audit: type=1400 audit(1757903576.991:3029): avc:  denied  { unmount } for  pid=3939 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[   61.381198][   T30] audit: type=1400 audit(1757903576.991:3030): avc:  denied  { read write } for  pid=3562 comm="syz-executor" name="loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   61.414598][ T4236] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   61.423552][ T4236] batman_adv: batadv0: Removing interface: batadv_slave_1
[   61.450627][   T30] audit: type=1400 audit(1757903576.991:3031): avc:  denied  { open } for  pid=3562 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=105 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   61.478687][   T30] audit: type=1400 audit(1757903576.991:3032): avc:  denied  { ioctl } for  pid=3562 comm="syz-executor" path="/dev/loop5" dev="devtmpfs" ino=105 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[   61.508811][   T30] audit: type=1400 audit(1757903577.031:3033): avc:  denied  { map_create } for  pid=4244 comm="syz.5.226" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   61.530601][   T30] audit: type=1400 audit(1757903577.031:3034): avc:  denied  { map_read map_write } for  pid=4244 comm="syz.5.226" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   61.553525][   T30] audit: type=1400 audit(1757903577.031:3035): avc:  denied  { prog_load } for  pid=4244 comm="syz.5.226" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   61.576100][   T30] audit: type=1400 audit(1757903577.031:3036): avc:  denied  { bpf } for  pid=4244 comm="syz.5.226" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   61.599579][   T30] audit: type=1400 audit(1757903577.031:3037): avc:  denied  { perfmon } for  pid=4244 comm="syz.5.226" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   61.623926][   T30] audit: type=1400 audit(1757903577.071:3038): avc:  denied  { prog_run } for  pid=4247 comm="syz.6.227" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   61.666372][ T4252] netlink: 8 bytes leftover after parsing attributes in process `syz.3.229'.
[   61.676027][ T4252] netlink: 8 bytes leftover after parsing attributes in process `syz.3.229'.
[   61.739763][ T4260] tipc: Started in network mode
[   61.745533][ T4260] tipc: Node identity ac14140f, cluster identity 4711
[   61.755200][ T4260] tipc: New replicast peer: 255.255.255.8
[   61.761782][ T4260] tipc: Enabled bearer <udp:syz2>, priority 10
[   61.846859][ T4271] loop6: detected capacity change from 0 to 1024
[   61.871102][ T4271] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   61.904707][ T4271] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4183: comm syz.6.236: Allocating blocks 385-513 which overlap fs metadata
[   61.906912][ T4279] random: crng reseeded on system resumption
[   61.958160][ T4284] netlink: 8 bytes leftover after parsing attributes in process `syz.5.241'.
[   61.967849][ T4284] netlink: 8 bytes leftover after parsing attributes in process `syz.5.241'.
[   62.018083][ T4282] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[   62.019912][ T4271] EXT4-fs (loop6): pa ffff8881072020e0: logic 16, phys. 129, len 24
[   62.028387][ T4282] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[   62.036973][ T4271] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[   62.062714][ T3939] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.124499][   T23] hid-generic 0000:0000:0000.0007: unknown main item tag 0x0
[   62.136303][   T23] hid-generic 0000:0000:0000.0007: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   62.154813][ T4294] tipc: Started in network mode
[   62.160580][ T4294] tipc: Node identity ac14140f, cluster identity 4711
[   62.195008][ T4294] tipc: New replicast peer: 255.255.255.8
[   62.201649][ T4294] tipc: Enabled bearer <udp:syz2>, priority 10
[   62.392804][ T4311] loop6: detected capacity change from 0 to 8192
[   62.443582][ T4319] __nla_validate_parse: 1 callbacks suppressed
[   62.443601][ T4319] netlink: 8 bytes leftover after parsing attributes in process `syz.0.253'.
[   62.461601][ T4319] netlink: 8 bytes leftover after parsing attributes in process `syz.0.253'.
[   62.815907][ T4335] wireguard0: entered promiscuous mode
[   62.822213][ T4335] wireguard0: entered allmulticast mode
[   63.147638][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   63.156085][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   63.164767][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   63.217993][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   63.227775][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   63.236140][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   63.245730][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   63.255246][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   63.263910][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   63.273267][   T23] hid-generic 0000:0000:0000.0008: unknown main item tag 0x0
[   63.287884][   T23] hid-generic 0000:0000:0000.0008: hidraw0: <UNKNOWN> HID v8.00 Device [syz0] on syz1
[   63.316393][ T1037] tipc: Node number set to 2886997007
[   63.334275][ T1037] tipc: Node number set to 2886997007
[   63.370301][ T4351] random: crng reseeded on system resumption
[   63.396579][ T4351] netlink: 464 bytes leftover after parsing attributes in process `syz.2.265'.
[   63.424779][ T4356] netlink: 8 bytes leftover after parsing attributes in process `syz.6.266'.
[   63.435113][ T4356] netlink: 8 bytes leftover after parsing attributes in process `syz.6.266'.
[   63.662039][ T4364] vlan2: entered promiscuous mode
[   63.668329][ T4364] bridge0: entered promiscuous mode
[   63.745656][ T4376] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   63.755578][ T4376] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   63.852140][ T4384] random: crng reseeded on system resumption
[   63.870242][ T4386] netlink: 8 bytes leftover after parsing attributes in process `syz.5.278'.
[   63.880409][ T4386] netlink: 8 bytes leftover after parsing attributes in process `syz.5.278'.
[   63.908590][ T4384] netlink: 464 bytes leftover after parsing attributes in process `syz.6.279'.
[   63.928701][ T4384] loop6: detected capacity change from 0 to 1024
[   63.956488][ T4384] EXT4-fs (loop6): corrupt root inode, run e2fsck
[   63.965465][ T4384] EXT4-fs (loop6): mount failed
[   64.177648][   T23] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   64.443562][ T3360] hid-generic 0000:0000:0000.000A: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   64.730888][ T4424] netlink: 8 bytes leftover after parsing attributes in process `syz.6.292'.
[   64.740845][ T4424] netlink: 8 bytes leftover after parsing attributes in process `syz.6.292'.
[   64.783548][ T4426] random: crng reseeded on system resumption
[   64.845031][ T4434] random: crng reseeded on system resumption
[   64.975034][ T4434] loop5: detected capacity change from 0 to 1024
[   65.010779][ T4434] EXT4-fs (loop5): corrupt root inode, run e2fsck
[   65.068253][ T4434] EXT4-fs (loop5): mount failed
[   65.224282][ T4452] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   65.480457][ T4472] random: crng reseeded on system resumption
[   66.295410][ T4487] random: crng reseeded on system resumption
[   66.364795][   T30] kauditd_printk_skb: 441 callbacks suppressed
[   66.364810][   T30] audit: type=1326 audit(1757903582.001:3480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4475 comm="syz.5.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fea9e815b67 code=0x7ffc0000
[   66.573463][ T4493] wireguard0: entered promiscuous mode
[   66.580507][ T4493] wireguard0: entered allmulticast mode
[   66.702486][   T30] audit: type=1326 audit(1757903582.001:3481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4475 comm="syz.5.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fea9e7bada9 code=0x7ffc0000
[   66.730140][   T30] audit: type=1326 audit(1757903582.041:3482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4475 comm="syz.5.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fea9e815b67 code=0x7ffc0000
[   66.757161][   T30] audit: type=1326 audit(1757903582.041:3483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4475 comm="syz.5.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fea9e7bada9 code=0x7ffc0000
[   66.783568][   T30] audit: type=1326 audit(1757903582.041:3484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4475 comm="syz.5.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7fea9e81eba9 code=0x7ffc0000
[   66.809840][   T30] audit: type=1326 audit(1757903582.041:3485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4475 comm="syz.5.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fea9e815b67 code=0x7ffc0000
[   66.836693][   T30] audit: type=1326 audit(1757903582.041:3486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4475 comm="syz.5.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fea9e7bada9 code=0x7ffc0000
[   66.863949][   T30] audit: type=1326 audit(1757903582.041:3487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4475 comm="syz.5.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=304 compat=0 ip=0x7fea9e81eba9 code=0x7ffc0000
[   66.889270][   T30] audit: type=1326 audit(1757903582.051:3488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4475 comm="syz.5.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fea9e815b67 code=0x7ffc0000
[   66.916489][   T30] audit: type=1326 audit(1757903582.051:3489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4475 comm="syz.5.312" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fea9e7bada9 code=0x7ffc0000
[   66.966476][ T4504] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[   66.976011][ T4504] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[   66.977614][ T4502] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   67.066987][ T4510] random: crng reseeded on system resumption
[   67.283632][ T4535] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22
[   67.292933][ T4535] netdevsim netdevsim6: Direct firmware load for . failed with error -22
[   67.608841][ T4547] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   67.618514][ T4547] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   67.722204][ T4545] loop5: detected capacity change from 0 to 8192
[   67.917654][ T1037] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   68.392419][ T4568] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   68.402133][ T4568] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   68.585315][ T4580] __nla_validate_parse: 7 callbacks suppressed
[   68.585336][ T4580] netlink: 8 bytes leftover after parsing attributes in process `syz.2.351'.
[   68.797774][ T4591] random: crng reseeded on system resumption
[   68.825722][ T4591] netlink: 464 bytes leftover after parsing attributes in process `syz.2.354'.
[   69.088925][ T4604] netlink: 28 bytes leftover after parsing attributes in process `syz.2.360'.
[   69.374979][ T4617] random: crng reseeded on system resumption
[   69.410827][ T4617] netlink: 464 bytes leftover after parsing attributes in process `syz.3.364'.
[   69.581221][ T4629] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   69.645269][ T4636] loop5: detected capacity change from 0 to 2048
[   69.714525][   T10] hid_parser_main: 21 callbacks suppressed
[   69.714548][   T10] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[   69.733073][ T4636] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.762001][   T10] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   69.932958][ T4650] random: crng reseeded on system resumption
[   69.985513][ T4652] netlink: 464 bytes leftover after parsing attributes in process `syz.3.378'.
[   70.159532][ T4655] random: crng reseeded on system resumption
[   70.173148][ T4655] netlink: 464 bytes leftover after parsing attributes in process `syz.3.379'.
[   70.306724][ T3562] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   70.319110][ T4666] 9pnet_fd: Insufficient options for proto=fd
[   70.462541][ T4680] random: crng reseeded on system resumption
[   70.480976][ T4680] netlink: 464 bytes leftover after parsing attributes in process `syz.2.389'.
[   70.561441][ T4690] netlink: 8 bytes leftover after parsing attributes in process `syz.3.392'.
[   70.671135][ T4697] 9pnet_fd: Insufficient options for proto=fd
[   70.909170][ T4720] bridge_slave_0: left allmulticast mode
[   70.915365][ T4720] bridge_slave_0: left promiscuous mode
[   70.922721][ T4720] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.940137][ T4720] bridge_slave_1: left allmulticast mode
[   70.946803][ T4720] bridge_slave_1: left promiscuous mode
[   70.953617][ T4720] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.972836][ T4720] bond0: (slave bond_slave_0): Releasing backup interface
[   70.985054][ T4720] bond0: (slave bond_slave_1): Releasing backup interface
[   70.999481][ T4720] team0: Port device team_slave_0 removed
[   71.011378][ T4720] team0: Port device team_slave_1 removed
[   71.020718][ T4720] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   71.030467][ T4720] batman_adv: batadv0: Removing interface: batadv_slave_0
[   71.040904][ T4720] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   71.049371][ T4720] batman_adv: batadv0: Removing interface: batadv_slave_1
[   71.099064][ T4721] wireguard0: entered promiscuous mode
[   71.104952][ T4721] wireguard0: entered allmulticast mode
[   71.200886][ T4733] 9pnet_fd: Insufficient options for proto=fd
[   71.225438][ T4729] loop6: detected capacity change from 0 to 8192
[   71.497523][   T30] kauditd_printk_skb: 522 callbacks suppressed
[   71.497546][   T30] audit: type=1326 audit(1757903587.121:4012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4742 comm="syz.5.414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea9e81eba9 code=0x7ffc0000
[   71.530993][   T30] audit: type=1326 audit(1757903587.121:4013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4742 comm="syz.5.414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7fea9e81eba9 code=0x7ffc0000
[   71.556719][   T30] audit: type=1326 audit(1757903587.121:4014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4742 comm="syz.5.414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea9e81eba9 code=0x7ffc0000
[   71.584332][   T30] audit: type=1326 audit(1757903587.121:4015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4742 comm="syz.5.414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fea9e81eba9 code=0x7ffc0000
[   71.610495][   T30] audit: type=1326 audit(1757903587.121:4016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4742 comm="syz.5.414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea9e81eba9 code=0x7ffc0000
[   71.637087][   T30] audit: type=1326 audit(1757903587.121:4017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4742 comm="syz.5.414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7fea9e81eba9 code=0x7ffc0000
[   71.701010][   T30] audit: type=1326 audit(1757903587.311:4018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4742 comm="syz.5.414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea9e81eba9 code=0x7ffc0000
[   71.727303][   T30] audit: type=1326 audit(1757903587.311:4019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4742 comm="syz.5.414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fea9e81eba9 code=0x7ffc0000
[   71.753888][   T30] audit: type=1326 audit(1757903587.311:4020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4742 comm="syz.5.414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea9e81eba9 code=0x7ffc0000
[   71.780491][   T30] audit: type=1326 audit(1757903587.321:4021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4742 comm="syz.5.414" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fea9e81eba9 code=0x7ffc0000
[   71.893458][ T4756] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[   71.903213][ T4756] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[   71.936979][ T4757] random: crng reseeded on system resumption
[   71.985452][ T4757] netlink: 464 bytes leftover after parsing attributes in process `syz.0.420'.
[   71.990301][ T4753] netlink: 8 bytes leftover after parsing attributes in process `syz.5.418'.
[   72.025447][ T4761] 9pnet_fd: Insufficient options for proto=fd
[   72.101618][ T4766] loop6: detected capacity change from 0 to 256
[   72.109399][ T4766] msdos: Bad value for 'gid'
[   72.114580][ T4766] msdos: Bad value for 'gid'
[   72.180200][   T23] hid-generic 0000:0000:0000.000D: unknown main item tag 0x0
[   72.190071][   T23] hid-generic 0000:0000:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   72.269250][ T4784] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   72.283348][ T4787] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   72.293098][ T4787] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   72.317406][ T4790] 9pnet_fd: Insufficient options for proto=fd
[   72.393487][ T4796] random: crng reseeded on system resumption
[   72.441120][ T4796] loop5: detected capacity change from 0 to 1024
[   72.459679][ T4796] EXT4-fs (loop5): corrupt root inode, run e2fsck
[   72.482404][ T4796] EXT4-fs (loop5): mount failed
[   72.684424][ T4814] random: crng reseeded on system resumption
[   72.761399][ T4820] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   72.786478][ T4823] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   72.796047][ T4823] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   72.807281][ T4824] 9pnet_fd: Insufficient options for proto=fd
[   72.868550][ T4830] random: crng reseeded on system resumption
[   72.895562][ T4830] loop6: detected capacity change from 0 to 1024
[   72.927775][ T4830] EXT4-fs (loop6): corrupt root inode, run e2fsck
[   72.935647][ T4830] EXT4-fs (loop6): mount failed
[   73.083810][ T4846] loop6: detected capacity change from 0 to 8192
[   73.426116][ T3405] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[   73.436308][ T3405] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   73.602625][ T4856] 9pnet_fd: Insufficient options for proto=fd
[   73.809382][ T4865] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[   73.818761][ T4865] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[   73.915837][ T4871] __nla_validate_parse: 11 callbacks suppressed
[   73.915866][ T4871] netlink: 8 bytes leftover after parsing attributes in process `syz.5.465'.
[   73.933463][ T4871] netlink: 8 bytes leftover after parsing attributes in process `syz.5.465'.
[   73.963716][ T4873] random: crng reseeded on system resumption
[   73.998810][ T4875] random: crng reseeded on system resumption
[   74.035419][ T4882] netlink: 464 bytes leftover after parsing attributes in process `syz.2.464'.
[   74.059581][ T4873] netlink: 464 bytes leftover after parsing attributes in process `syz.3.466'.
[   74.111841][ T4888] random: crng reseeded on system resumption
[   74.174606][ T4888] netlink: 464 bytes leftover after parsing attributes in process `syz.2.471'.
[   74.307691][ T4899] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[   74.317649][ T4899] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[   74.350045][ T4901] tipc: Started in network mode
[   74.355443][ T4901] tipc: Node identity ac14140f, cluster identity 4711
[   74.364016][ T4901] tipc: New replicast peer: 255.255.255.8
[   74.371202][ T4901] tipc: Enabled bearer <udp:syz2>, priority 10
[   74.413327][ T4905] netlink: 8 bytes leftover after parsing attributes in process `syz.2.478'.
[   74.423984][ T4905] netlink: 8 bytes leftover after parsing attributes in process `syz.2.478'.
[   74.896779][ T4917] netlink: 8 bytes leftover after parsing attributes in process `syz.3.483'.
[   75.005818][ T4925] loop6: detected capacity change from 0 to 8192
[   75.056599][ T4936] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   75.367074][ T3405] tipc: Node number set to 2886997007
[   75.588429][ T4954] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[   75.598761][ T4954] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[   75.854210][ T4965] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   76.387874][ T4989] loop5: detected capacity change from 0 to 8192
[   76.527447][ T4998] random: crng reseeded on system resumption
[   76.571450][ T4998] netlink: 464 bytes leftover after parsing attributes in process `syz.6.514'.
[   76.619814][ T4998] loop6: detected capacity change from 0 to 1024
[   76.659543][ T4998] EXT4-fs (loop6): corrupt root inode, run e2fsck
[   76.677276][ T4998] EXT4-fs (loop6): mount failed
[   76.768095][ T5003] 9pnet_fd: Insufficient options for proto=fd
[   76.820249][   T30] kauditd_printk_skb: 659 callbacks suppressed
[   76.820265][   T30] audit: type=1326 audit(1757903592.461:4681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5004 comm="syz.6.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b1a0beba9 code=0x7ffc0000
[   76.854543][   T30] audit: type=1326 audit(1757903592.461:4682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5004 comm="syz.6.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b1a0beba9 code=0x7ffc0000
[   76.891477][   T30] audit: type=1326 audit(1757903592.521:4683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5004 comm="syz.6.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b1a0beba9 code=0x7ffc0000
[   76.918516][   T30] audit: type=1326 audit(1757903592.521:4684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5004 comm="syz.6.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5b1a0beba9 code=0x7ffc0000
[   76.945500][   T30] audit: type=1326 audit(1757903592.521:4685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5004 comm="syz.6.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b1a0beba9 code=0x7ffc0000
[   76.973128][   T30] audit: type=1326 audit(1757903592.521:4686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5004 comm="syz.6.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b1a0beba9 code=0x7ffc0000
[   76.999278][   T30] audit: type=1326 audit(1757903592.521:4687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5004 comm="syz.6.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f5b1a0beba9 code=0x7ffc0000
[   77.026867][   T30] audit: type=1326 audit(1757903592.531:4688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5004 comm="syz.6.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b1a0beba9 code=0x7ffc0000
[   77.054194][   T30] audit: type=1326 audit(1757903592.531:4689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5004 comm="syz.6.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b1a0beba9 code=0x7ffc0000
[   77.068783][ T5008] random: crng reseeded on system resumption
[   77.081756][   T30] audit: type=1326 audit(1757903592.531:4690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5004 comm="syz.6.516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5b1a0beba9 code=0x7ffc0000
[   77.137681][ T5008] netlink: 464 bytes leftover after parsing attributes in process `syz.2.517'.
[   77.700290][ T5028] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   77.796414][ T5030] 9pnet_fd: Insufficient options for proto=fd
[   77.931642][ T5037] random: crng reseeded on system resumption
[   78.004101][ T5034] loop6: detected capacity change from 0 to 8192
[   78.405685][ T5057] 9pnet_fd: Insufficient options for proto=fd
[   78.905613][ T5075] random: crng reseeded on system resumption
[   78.921246][ T5075] __nla_validate_parse: 2 callbacks suppressed
[   78.921310][ T5075] netlink: 464 bytes leftover after parsing attributes in process `syz.6.542'.
[   78.950519][    T9] hid-generic 0000:0000:0000.000F: unknown main item tag 0x0
[   78.979190][ T5075] loop6: detected capacity change from 0 to 1024
[   78.986894][    T9] hid-generic 0000:0000:0000.000F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   79.009791][ T5075] EXT4-fs (loop6): corrupt root inode, run e2fsck
[   79.024249][ T5075] EXT4-fs (loop6): mount failed
[   79.227954][ T5092] 9pnet_fd: Insufficient options for proto=fd
[   79.425855][ T5106] netlink: 8 bytes leftover after parsing attributes in process `syz.0.554'.
[   79.435630][ T5106] netlink: 8 bytes leftover after parsing attributes in process `syz.0.554'.
[   79.471029][ T5108] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22
[   79.481515][ T5108] netdevsim netdevsim6: Direct firmware load for . failed with error -22
[   79.579597][ T5114] random: crng reseeded on system resumption
[   79.604362][ T5114] netlink: 464 bytes leftover after parsing attributes in process `syz.6.558'.
[   79.632421][ T5114] loop6: detected capacity change from 0 to 1024
[   79.670038][ T5114] EXT4-fs (loop6): corrupt root inode, run e2fsck
[   79.677677][ T5114] EXT4-fs (loop6): mount failed
[   79.752769][ T5126] 9pnet_fd: Insufficient options for proto=fd
[   79.903758][ T5131] loop6: detected capacity change from 0 to 8192
[   80.030149][ T5147] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[   80.038955][ T5147] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[   80.145547][ T5153] random: crng reseeded on system resumption
[   80.185929][ T5153] netlink: 464 bytes leftover after parsing attributes in process `syz.3.572'.
[   80.300154][ T5156] wireguard0: entered promiscuous mode
[   80.306468][ T5156] wireguard0: entered allmulticast mode
[   80.331612][ T5160] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   80.555802][ T5173] loop5: detected capacity change from 0 to 1024
[   80.576906][ T5176] random: crng reseeded on system resumption
[   80.634795][ T5178] netlink: 464 bytes leftover after parsing attributes in process `syz.3.580'.
[   80.705073][ T5173] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.768946][ T5173] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.579: Allocating blocks 385-513 which overlap fs metadata
[   80.812152][ T5182] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[   80.822221][ T5182] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[   80.966948][ T5172] EXT4-fs (loop5): pa ffff888107202150: logic 16, phys. 129, len 24
[   80.975854][ T5172] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[   81.011812][ T3562] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.142691][ T5195] wireguard0: entered promiscuous mode
[   81.149415][ T5195] wireguard0: entered allmulticast mode
[   81.166652][ T5192] loop6: detected capacity change from 0 to 8192
[   81.203137][ T5191] loop5: detected capacity change from 0 to 8192
[   81.911886][ T5209] random: crng reseeded on system resumption
[   81.933063][ T5209] netlink: 464 bytes leftover after parsing attributes in process `syz.2.591'.
[   81.960779][ T5211] random: crng reseeded on system resumption
[   82.001540][ T5211] netlink: 464 bytes leftover after parsing attributes in process `syz.3.592'.
[   82.181650][ T5216] wireguard0: entered promiscuous mode
[   82.187758][ T5216] wireguard0: entered allmulticast mode
[   82.213948][ T5218] loop5: detected capacity change from 0 to 8192
[   82.230732][ T5228] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   82.231702][ T5229] random: crng reseeded on system resumption
[   82.262974][ T5225] netlink: 464 bytes leftover after parsing attributes in process `syz.0.597'.
[   82.263944][ T5231] loop6: detected capacity change from 0 to 256
[   82.282130][ T5231] msdos: Bad value for 'gid'
[   82.287743][ T5231] msdos: Bad value for 'gid'
[   82.298419][   T30] kauditd_printk_skb: 526 callbacks suppressed
[   82.298438][   T30] audit: type=1326 audit(1757903597.931:5217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5230 comm="syz.6.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b1a0beba9 code=0x7ffc0000
[   82.331943][   T30] audit: type=1326 audit(1757903597.931:5218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5230 comm="syz.6.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5b1a0beba9 code=0x7ffc0000
[   82.437445][ T5234] random: crng reseeded on system resumption
[   82.438303][   T30] audit: type=1326 audit(1757903597.941:5219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5230 comm="syz.6.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b1a0beba9 code=0x7ffc0000
[   82.452805][ T5234] netlink: 464 bytes leftover after parsing attributes in process `syz.3.600'.
[   82.470167][   T30] audit: type=1326 audit(1757903598.001:5220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5230 comm="syz.6.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5b1a0beba9 code=0x7ffc0000
[   82.506053][   T30] audit: type=1326 audit(1757903598.001:5221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5230 comm="syz.6.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b1a0beba9 code=0x7ffc0000
[   82.532139][   T30] audit: type=1326 audit(1757903598.001:5222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5230 comm="syz.6.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f5b1a0beba9 code=0x7ffc0000
[   82.558407][   T30] audit: type=1326 audit(1757903598.001:5223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5230 comm="syz.6.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b1a0beba9 code=0x7ffc0000
[   82.584619][   T30] audit: type=1326 audit(1757903598.001:5224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5230 comm="syz.6.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f5b1a0beba9 code=0x7ffc0000
[   82.610906][   T30] audit: type=1326 audit(1757903598.001:5225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5230 comm="syz.6.599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5b1a0beba9 code=0x7ffc0000
[   82.834695][ T5247] random: crng reseeded on system resumption
[   83.106936][ T5265] random: crng reseeded on system resumption
[   83.180402][   T30] audit: type=1326 audit(1757903598.811:5226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5270 comm="syz.5.614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea9e81eba9 code=0x7ffc0000
[   83.238543][ T5279] random: crng reseeded on system resumption
[   83.357156][ T5283] wireguard0: entered promiscuous mode
[   83.362835][ T5283] wireguard0: entered allmulticast mode
[   83.916628][ T5315] random: crng reseeded on system resumption
[   83.964896][ T5315] __nla_validate_parse: 3 callbacks suppressed
[   83.964914][ T5315] netlink: 464 bytes leftover after parsing attributes in process `syz.2.631'.
[   84.039904][ T5318] random: crng reseeded on system resumption
[   84.101470][ T5318] netlink: 464 bytes leftover after parsing attributes in process `syz.0.632'.
[   84.362017][ T5328] loop6: detected capacity change from 0 to 8192
[   85.084128][ T5365] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[   85.682044][ T5394] loop6: detected capacity change from 0 to 8192
[   85.871157][ T5396] ==================================================================
[   85.880935][ T5396] BUG: KCSAN: data-race in fat16_ent_put / fat_mirror_bhs
[   85.888224][ T5396] 
[   85.890918][ T5396] write to 0xffff88812961e446 of 2 bytes by task 5394 on cpu 1:
[   85.899921][ T5396]  fat16_ent_put+0x28/0x60
[   85.904720][ T5396]  fat_alloc_clusters+0x4ce/0xa80
[   85.910313][ T5396]  fat_get_block+0x258/0x5e0
[   85.915468][ T5396]  __block_write_begin_int+0x3fd/0xf90
[   85.921771][ T5396]  cont_write_begin+0x5fc/0x970
[   85.927281][ T5396]  fat_write_begin+0x4f/0xe0
[   85.932862][ T5396]  cont_write_begin+0x1ad/0x970
[   85.938195][ T5396]  fat_write_begin+0x4f/0xe0
[   85.943621][ T5396]  generic_cont_expand_simple+0xb0/0x150
[   85.949955][ T5396]  fat_cont_expand+0x3e/0x170
[   85.954971][ T5396]  fat_setattr+0x2a5/0x8a0
[   85.959762][ T5396]  notify_change+0x809/0x890
[   85.965025][ T5396]  do_ftruncate+0x34b/0x450
[   85.970034][ T5396]  __x64_sys_ftruncate+0x68/0xc0
[   85.975567][ T5396]  x64_sys_call+0x2d52/0x2ff0
[   85.980765][ T5396]  do_syscall_64+0xd2/0x200
[   85.985793][ T5396]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   85.992631][ T5396] 
[   85.995597][ T5396] read to 0xffff88812961e400 of 512 bytes by task 5396 on cpu 0:
[   86.005429][ T5396]  fat_mirror_bhs+0x1df/0x320
[   86.010644][ T5396]  fat_ent_write+0xd0/0xe0
[   86.015432][ T5396]  fat_chain_add+0x15d/0x440
[   86.020240][ T5396]  fat_get_block+0x46c/0x5e0
[   86.025328][ T5396]  __block_write_begin_int+0x3fd/0xf90
[   86.032066][ T5396]  cont_write_begin+0x5fc/0x970
[   86.037353][ T5396]  fat_write_begin+0x4f/0xe0
[   86.042674][ T5396]  generic_perform_write+0x181/0x490
[   86.049313][ T5396]  __generic_file_write_iter+0x9e/0x120
[   86.055574][ T5396]  generic_file_write_iter+0x8d/0x2f0
[   86.061419][ T5396]  do_iter_readv_writev+0x499/0x540
[   86.067315][ T5396]  vfs_writev+0x2df/0x8b0
[   86.072613][ T5396]  __se_sys_pwritev2+0xfc/0x1c0
[   86.079970][ T5396]  __x64_sys_pwritev2+0x67/0x80
[   86.085386][ T5396]  x64_sys_call+0x2c55/0x2ff0
[   86.090717][ T5396]  do_syscall_64+0xd2/0x200
[   86.095996][ T5396]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   86.102522][ T5396] 
[   86.105229][ T5396] Reported by Kernel Concurrency Sanitizer on:
[   86.112330][ T5396] CPU: 0 UID: 0 PID: 5396 Comm: syz.6.664 Not tainted syzkaller #0 PREEMPT(voluntary) 
[   86.123964][ T5396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[   86.135289][ T5396] ==================================================================