last executing test programs:

4m42.380111921s ago: executing program 3 (id=787):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_tracing={0x1a, 0x37, &(0x7f0000000800)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, [@tail_call, @btf_id={0x18, 0x1, 0x3, 0x0, 0x4}, @alu={0x4, 0x0, 0xd, 0x8, 0xb, 0xfffffffffffffff0, 0x4}, @cb_func={0x18, 0x6, 0x4, 0x0, 0xffffffffffffffff}, @map_val={0x18, 0x7, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6fb}, @ringbuf_query, @call={0x85, 0x0, 0x0, 0x3}, @map_idx={0x18, 0x6, 0x5, 0x0, 0xb}, @map_idx={0x18, 0x6, 0x5, 0x0, 0x10}, @ringbuf_query, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @exit, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}}, @call={0x85, 0x0, 0x0, 0xaf}, @generic={0x1, 0x1, 0x0, 0x2, 0xfff}, @map_idx_val={0x18, 0xa, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8}, @generic={0x1, 0xa, 0x6, 0x0, 0x9}, @initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x80000001}, @map_idx={0x18, 0x6, 0x5, 0x0, 0xe}, @map_idx={0x18, 0x5, 0x5, 0x0, 0xe}, @alu={0x7, 0x0, 0xc, 0xa, 0x2, 0x50, 0x10}]}, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xf475, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
r0 = syz_io_uring_setup(0x3e, &(0x7f0000000640)={0x0, 0xaddb, 0x10100, 0x1, 0x92}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f00000003c0)=<r2=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x80002101})
io_uring_enter(r0, 0xd81, 0x0, 0x0, 0x0, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCMIWAIT(r5, 0x545c, 0x500)
syz_genetlink_get_family_id$batadv(&(0x7f0000000280), r4)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r7, 0x0, 0xffffffffffffffff}, 0x18)
r8 = socket$netlink(0x10, 0x3, 0x0)
r9 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x194)
getdents(r9, &(0x7f0000001fc0)=""/184, 0xb8)
sendmsg$IPCTNL_MSG_CT_DELETE(r9, &(0x7f0000000500)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x3c, 0x2, 0x1, 0x201, 0x0, 0x0, {0xa, 0x0, 0x5}, [@CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x1}, @CTA_TUPLE_MASTER={0x20, 0xe, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
r10 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r10, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r10, &(0x7f0000000100)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r11, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
r12 = socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(r10, &(0x7f0000000040)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r12, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="580000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000002800128009000100766c616e00000000180002800c0002001f0000001f000000060001000100000008000500", @ANYRES32=r13, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r13], 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0)
r14 = socket$kcm(0x11, 0x2, 0x0)
sendmsg$kcm(r14, &(0x7f0000001780)={&(0x7f00000003c0)=@caif, 0x80, 0x0}, 0x0)

4m41.52529946s ago: executing program 3 (id=799):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x9, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x7, 0x9, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r2)
syz_usb_connect$cdc_ncm(0x6, 0xf3, &(0x7f0000000540)={{0x12, 0x1, 0x110, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xe1, 0x2, 0x1, 0x11, 0x20, 0x5, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x9, 0x24, 0x6, 0x0, 0x1, "4812987e"}, {0x5, 0x24, 0x0, 0xdf}, {0xd, 0x24, 0xf, 0x1, 0x1, 0x0, 0x3, 0x5}, {0x6, 0x24, 0x1a, 0x401, 0x14}, [@mdlm_detail={0xc2, 0x24, 0x13, 0xee, "518feaf0692c135da9476dc0a5eef1567e69a81e949fcd31f4f7d3c3b4a03d43334ecee80f3f7f40ef9a41d4cc2b43f7aa3d305c6fc23775f803abf2a9fa26b1f5b65555ccd23da8bb42fee32af87080a01fb92dc3d08a95ee561798b7881364c756175786ab8d696ff5"}, @network_terminal={0x7, 0x24, 0xa, 0x5, 0x7, 0x2, 0x80}, @mbim={0xc, 0x24, 0x1b, 0x401, 0x3, 0x5, 0x7, 0x1, 0x2}]}, {{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x6, 0x4, 0x5}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x400, 0xf1, 0x2, 0x9}}, {{0x9, 0x5, 0x3, 0x2, 0x20, 0x26, 0xd, 0x7}}}}}}}]}}, 0x0)
ioctl$EVIOCRMFF(r2, 0x41015500, &(0x7f0000000500))
sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x40050)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8d40, 0x0)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000200)={0x0, 0x0, 0x6, 0x0, 0x0, "00769a7d8200010000001495595915303d6000"})
r4 = syz_open_pts(r3, 0x0)
ioctl$TCFLSH(r4, 0x80045440, 0x2)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r5, 0xffffffffffffffff, 0x100000000000000)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000640), 0x9e042, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r7 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000001040), 0x1, 0x0)
write$binfmt_register(r7, &(0x7f0000001080)={0x3a, 'syz1', 0x3a, 'E', 0x3a, 0x2, 0x3a, '-', 0x3a, ')', 0x3a, './file0', 0x3a, [0x46, 0x0]}, 0x2b)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000680)=0x2)
ioctl$KDFONTOP_SET(r6, 0x4b72, &(0x7f0000000080)={0x0, 0x3000000, 0x8, 0x1b, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd988721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"})
r8 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000009c0)="010000000037a788a11d1f000000000000006923c63a4541062101b60a2156566de77062086575a59ea9cb", 0x2b, r8)
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r9 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)=@newtclass={0x2c, 0x28, 0x2, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x1, 0x2}, {0x1, 0xc}, {0xfff3, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x4, 0xb}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4040840}, 0x20000000)
add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000140)="da", 0x1, r9)
keyctl$search(0xa, r8, &(0x7f00000004c0)='cifs.spnego\x00', &(0x7f0000000500)={'syz', 0x3}, r9)

4m40.774662091s ago: executing program 3 (id=820):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x1c0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3800480, &(0x7f0000002200), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn")
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
write$P9_RREADDIR(r0, &(0x7f0000000000)={0x28, 0x29, 0x1, {0x1, [{{0x40, 0x0, 0x3}, 0x6, 0x6, 0x5, './bus'}]}}, 0x28)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f0000000180)='./file0\x00', 0x4000, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x9})
mmap(&(0x7f00003f7000/0x3000)=nil, 0x3000, 0x1000008, 0xbb6e9fe6aa012c38, 0xffffffffffffffff, 0x85750000)
sendfile(r1, r2, 0x0, 0x20000023896)
close(r1)
r3 = gettid()
ppoll(0x0, 0x0, &(0x7f0000000340)={0x0, 0xff}, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
timer_settime(r4, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001b00)=[{0xffb, &(0x7f0000000240)=0x200000006, 0x6}], 0x1, 0x0, 0x0, 0x1)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x0)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0/file0\x00', 0x200000, 0x0)
close(r6)
close(r5)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)

4m40.716408896s ago: executing program 3 (id=821):
setfsgid(0xee00)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x14010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16], 0x1, 0x11ee, &(0x7f0000003680)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$tipc(r5, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20040018}, 0x0)
sendmsg$inet(r5, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0xff0f}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000480)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x218, 0x0, 0x0, 0x41000, 0x50, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x0}, 0x94)
recvmsg(r4, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)

4m40.475605776s ago: executing program 3 (id=822):
r0 = fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
r1 = mq_open(&(0x7f0000000a00)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb\x00\x00\x00\x00\x00', 0x42, 0x1f0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000440)=ANY=[@ANYBLOB="fa8b97ee6e78b28e618b8b3fbdf60ead379736fb7001e383f6e2f1898a2fd792c59e9a568c802d0562f7adbf3787480289ae228c636d757a2ebf4c", @ANYRES16=r1, @ANYRESDEC=r0, @ANYRES32=r0, @ANYRESHEX=r0, @ANYRES64=r1, @ANYRES64=r1], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x19}, 0x4}, 0x1c)
connect$pppl2tp(r3, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r4, 0x8, 0x0, 0x1003, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32)
writev(r3, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000001400000000000000ff000000850000000e000000850000000700000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000200)='spmi_write_begin\x00', r5}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
mq_timedsend(r1, 0x0, 0x0, 0x6, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r0, 0x0, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)
r8 = openat$cgroup_procs(r6, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r8, &(0x7f0000000140), 0x12)
r9 = openat$cgroup(r6, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)
r10 = openat$cgroup_procs(r9, &(0x7f00000004c0)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r10, &(0x7f0000000500), 0x12)

4m40.363036675s ago: executing program 3 (id=823):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
getrusage(0x1, 0x0)

4m40.362914285s ago: executing program 32 (id=823):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
getrusage(0x1, 0x0)

4m37.507132496s ago: executing program 2 (id=863):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_tracing={0x1a, 0x37, &(0x7f0000000800)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, [@tail_call, @btf_id={0x18, 0x1, 0x3, 0x0, 0x4}, @alu={0x4, 0x0, 0xd, 0x8, 0xb, 0xfffffffffffffff0, 0x4}, @cb_func={0x18, 0x6, 0x4, 0x0, 0xffffffffffffffff}, @map_val={0x18, 0x7, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6fb}, @ringbuf_query, @call={0x85, 0x0, 0x0, 0x3}, @map_idx={0x18, 0x6, 0x5, 0x0, 0xb}, @map_idx={0x18, 0x6, 0x5, 0x0, 0x10}, @ringbuf_query, @func={0x85, 0x0, 0x1, 0x0, 0x3}, @exit, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}}, @call={0x85, 0x0, 0x0, 0xaf}, @generic={0x1, 0x1, 0x0, 0x2, 0xfff}, @map_idx_val={0x18, 0xa, 0x6, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8}, @generic={0x1, 0xa, 0x6, 0x0, 0x9}, @initr0={0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x80000001}, @map_idx={0x18, 0x6, 0x5, 0x0, 0xe}, @map_idx={0x18, 0x5, 0x5, 0x0, 0xe}, @alu={0x7, 0x0, 0xc, 0xa, 0x2, 0x50, 0x10}]}, 0x0, 0x2, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xf475, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x40000000}, 0x94)
r0 = syz_io_uring_setup(0x3e, &(0x7f0000000640)={0x0, 0xaddb, 0x10100, 0x1, 0x92}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f00000003c0)=<r2=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r3, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x80002101})
io_uring_enter(r0, 0xd81, 0x0, 0x0, 0x0, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCMIWAIT(r5, 0x545c, 0x500)
syz_genetlink_get_family_id$batadv(&(0x7f0000000280), r4)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r7, 0x0, 0xffffffffffffffff}, 0x18)
socket$netlink(0x10, 0x3, 0x0)
r8 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x194)
getdents(r8, &(0x7f0000001fc0)=""/184, 0xb8)
sendmsg$IPCTNL_MSG_CT_DELETE(r8, &(0x7f0000000500)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x3c, 0x2, 0x1, 0x201, 0x0, 0x0, {0xa, 0x0, 0x5}, [@CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x1}, @CTA_TUPLE_MASTER={0x20, 0xe, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
r9 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r9, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$packet(r9, &(0x7f0000000040)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="580000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000002800128009000100766c616e00000000180002800c0002001f0000001f000000060001000100000008000500", @ANYRES32=r10, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r10], 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0)
r11 = socket$kcm(0x11, 0x2, 0x0)
setsockopt$sock_attach_bpf(r11, 0x107, 0x14, &(0x7f0000000000), 0x4)
sendmsg$kcm(r11, &(0x7f0000001780)={&(0x7f00000003c0)=@caif, 0x80, 0x0}, 0x0)

4m36.647544976s ago: executing program 2 (id=881):
socket$kcm(0x10, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, r0}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000000)='percpu_alloc_percpu\x00'}, 0x10)
socket$kcm(0x2a, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000500)={[{@dioread_nolock}, {@stripe={'stripe', 0x3d, 0x3}}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@nogrpid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000380)='kfree\x00'}, 0x18)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x42000000)
socket$nl_netfilter(0x10, 0x3, 0xc)

4m35.649007896s ago: executing program 2 (id=883):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[], 0x18, 0x80}, 0x4000000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800"/15, @ANYRESDEC], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket(0x10, 0x3, 0x0)
write(r2, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f0000000000000200020000", 0x1c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r3 = semget$private(0x0, 0x6, 0x0)
semtimedop(r3, &(0x7f00000002c0)=[{0x1, 0xfffe, 0x1000}], 0x1, 0x0)
semctl$SETALL(r3, 0x0, 0x11, &(0x7f0000000200)=[0x8, 0xb2b])
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000bf5000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
setsockopt$sock_int(r1, 0x1, 0x2a, &(0x7f0000000000)=0x4, 0x4)
sendmsg$NFT_MSG_GETOBJ(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="34000000130a03000000000000000000020000060900020073797a31000000000800034000000001090001"], 0x34}}, 0x0)

4m35.543159925s ago: executing program 2 (id=884):
setfsgid(0xee00)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x14010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16], 0x1, 0x11ee, &(0x7f0000003680)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000340)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0xff0f}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000480)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x218, 0x0, 0x0, 0x41000, 0x50, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x0}, 0x94)
recvmsg(r4, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)

4m35.411402226s ago: executing program 2 (id=889):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r1}, 0x18)
getrusage(0x1, 0x0)

4m35.271151077s ago: executing program 2 (id=891):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect$cdc_ncm(0x6, 0xd5, &(0x7f0000000540)={{0x12, 0x1, 0x110, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xc3, 0x2, 0x1, 0x11, 0x20, 0x5, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0xdf}, {0xd, 0x24, 0xf, 0x1, 0x1, 0x0, 0x3, 0x5}, {0x6, 0x24, 0x1a, 0x401, 0x14}, [@mdlm_detail={0x54, 0x24, 0x13, 0xee, "518feaf0692c135da9476dc0a5eef1567e69a81e949fcd31f4f7d3c3b4a03d43334ecee80f3f7f40ef9a41d4cc2b43f7aa3d305c6fc23775f803abf2a9fa26b1f5b65555ccd23da8bb42fee32af87080"}, @network_terminal={0x7, 0x24, 0xa, 0x5, 0x7, 0x2, 0x80}, @mbim={0xc, 0x24, 0x1b, 0x401, 0x3, 0x5, 0x7, 0x1, 0x2}]}, {{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x6, 0x4, 0x5}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x400, 0xf1, 0x2, 0x9}}, {{0x9, 0x5, 0x3, 0x2, 0x20, 0x26, 0xd, 0x7}}}}}}}]}}, 0x0)
ioctl$EVIOCRMFF(r0, 0x41015500, &(0x7f0000000500))

4m35.270792337s ago: executing program 33 (id=891):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect$cdc_ncm(0x6, 0xd5, &(0x7f0000000540)={{0x12, 0x1, 0x110, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xc3, 0x2, 0x1, 0x11, 0x20, 0x5, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0xdf}, {0xd, 0x24, 0xf, 0x1, 0x1, 0x0, 0x3, 0x5}, {0x6, 0x24, 0x1a, 0x401, 0x14}, [@mdlm_detail={0x54, 0x24, 0x13, 0xee, "518feaf0692c135da9476dc0a5eef1567e69a81e949fcd31f4f7d3c3b4a03d43334ecee80f3f7f40ef9a41d4cc2b43f7aa3d305c6fc23775f803abf2a9fa26b1f5b65555ccd23da8bb42fee32af87080"}, @network_terminal={0x7, 0x24, 0xa, 0x5, 0x7, 0x2, 0x80}, @mbim={0xc, 0x24, 0x1b, 0x401, 0x3, 0x5, 0x7, 0x1, 0x2}]}, {{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x6, 0x4, 0x5}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x400, 0xf1, 0x2, 0x9}}, {{0x9, 0x5, 0x3, 0x2, 0x20, 0x26, 0xd, 0x7}}}}}}}]}}, 0x0)
ioctl$EVIOCRMFF(r0, 0x41015500, &(0x7f0000000500))

4m33.151343849s ago: executing program 4 (id=932):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x1c0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3800480, &(0x7f0000002200), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn")
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
write$P9_RREADDIR(r0, &(0x7f0000000000)={0x28, 0x29, 0x1, {0x1, [{{0x40, 0x0, 0x3}, 0x6, 0x6, 0x5, './bus'}]}}, 0x28)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
open(&(0x7f0000000180)='./file0\x00', 0x4000, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
capset(&(0x7f0000000040)={0x20080522}, 0x0)
mmap(&(0x7f00003f7000/0x3000)=nil, 0x3000, 0x1000008, 0xbb6e9fe6aa012c38, 0xffffffffffffffff, 0x85750000)
sendfile(r1, r2, 0x0, 0x20000023896)
close(r1)
r3 = gettid()
ppoll(0x0, 0x0, &(0x7f0000000340)={0x0, 0xff}, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)=<r4=>0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
timer_settime(r4, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex_waitv(&(0x7f0000001b00)=[{0xffb, &(0x7f0000000240)=0x200000006, 0x6}], 0x1, 0x0, 0x0, 0x1)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x0)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='./file0/file0\x00', 0x200000, 0x0)
close(r6)
close(r5)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)

4m33.071413945s ago: executing program 4 (id=933):
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000040)={{0x1, 0x1, 0x18}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0xc, &(0x7f0000000340)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x15, 0xc, &(0x7f0000000340)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
socket$can_j1939(0x1d, 0x2, 0x7) (async)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
r2 = fcntl$dupfd(r1, 0x406, r1)
getsockopt$inet6_mreq(r2, 0x29, 0xf, 0x0, 0x0) (async)
getsockopt$inet6_mreq(r2, 0x29, 0xf, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
recvmsg$can_j1939(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000200)=@alg, 0x80, &(0x7f0000000600)=[{&(0x7f00000010c0)=""/4096, 0x1000}, {&(0x7f0000000080)=""/9, 0x9}, {&(0x7f0000000280)=""/29, 0x1d}, {&(0x7f00000002c0)=""/54, 0x36}, {&(0x7f0000000400)=""/150, 0x96}, {&(0x7f00000004c0)=""/187, 0xbb}, {&(0x7f0000000580)=""/123, 0x7b}], 0x7, &(0x7f0000000680)=""/184, 0xb8}, 0x2100)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000900)=ANY=[], 0x1c}, 0x1, 0x0, 0x0, 0x4}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f000000970000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r4 = dup(r3)
socket$netlink(0x10, 0x3, 0x0) (async)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r7 = epoll_create1(0x80000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0)
r9 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r8, &(0x7f0000000040)={0xa0000004})
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r8, &(0x7f0000000100)={0x20000014}) (async)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r8, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r9, 0x1, r7, &(0x7f0000000140)={0xa0000001})
epoll_wait(r9, &(0x7f0000000280)=[{}], 0x1, 0x4000005) (async)
epoll_wait(r9, &(0x7f0000000280)=[{}], 0x1, 0x4000005)
close_range(r6, 0xffffffffffffffff, 0x0) (async)
close_range(r6, 0xffffffffffffffff, 0x0)
ptrace(0x10, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc) (async)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0, <r10=>0x0}, &(0x7f0000000080)=0xc)
sendmsg$netlink(r5, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000500)={0x30, 0x2c, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x0, 0x0, 0x0, @uid=r10}, @nested={0xb, 0x0, 0x0, 0x1, [@generic="976b6408686030"]}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @pid}]}]}, 0x30}], 0x1}, 0x0)
ioctl$HIDIOCGPHYS(r4, 0x80404812, &(0x7f0000000780))
ioprio_get$uid(0x3, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000840)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="070000001c20000000000000", @ANYRES32, @ANYBLOB="00869b892cef868003d5d166bf3531c7edf501f6783fd26c2233650eaae3db1fe7e89e8ebacd9d1cb9b42221782c276938f6f357fcd822e632dbf0d4c56c447e69e8d1290f6531711a", @ANYRES64=0x0], 0x20)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8912, &(0x7f00000007c0)='9\v\xd0\a\xe8\xb5\x95\xf6\xc1\xcbc\r\x02iq\xd3k\xf0\xcb\x98\x1a\x1c\x8c\xcb\xf8r\"N>\xd6\x8el\x94\xaeZe\xb6\x0f\xec|R\x0e\xc3\xf0\xdaFR\xc0k\x7fj]l|\xdc\x9e\xeb.\xf4\xe7\x9b,\x014\xb0J\xa2d\xc1\xa0\x00\x00\x00')
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000050000000000000000000024000a20000000000a1f000000000000000000010000000900010073797a300000000058000000030a0104000000000000000001000000090003803d2175fbe782c2eb2b00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c0004804800018008000100666962003c000280080003400000000c0800014000000002080001400000"], 0x122}}, 0x8010) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000050000000000000000000024000a20000000000a1f000000000000000000010000000900010073797a300000000058000000030a0104000000000000000001000000090003803d2175fbe782c2eb2b00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c0004804800018008000100666962003c000280080003400000000c0800014000000002080001400000"], 0x122}}, 0x8010)

4m32.839034954s ago: executing program 4 (id=938):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xf, 0xc, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x18)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
readv(r1, &(0x7f0000000180)=[{&(0x7f00000012c0)=""/73, 0x49}], 0x1)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, "000080f100df000000a7d9de16c708db7200"})
r2 = syz_open_pts(r1, 0x42)
r3 = dup3(r2, r1, 0x0)
write$UHID_INPUT(r3, &(0x7f00000001c0)={0xd, {"08c39ee52f329f1698b1c4865f8b0a0a5eee9f496a0809c3d21c25867b6edda88489ab4c09fe0a7f1e8640aa8e344f412df0d69475a5d6570e21f31fac7dfb4aa7ade0e851582d5c1abdd809580cb34c9e48576b1c73ed76013256fca058ada3db47d86cc75b33cf762b67fe61f152618c49a40858f68794a4fc484ab73ccd254ba3d147f5feddaf91dacc238c0a8096f79597ca1e6da781fcf37a0141a335c6a7577d2d53c6e552a7be208381bb31d1d3e0e92ea651655217535734b286d3f19780a4c720075a36a734151f8c00e651cb3a6bbe30e3f6aee48750436da6471e965e81f38134674fcb697108fb7345010bb8fa15fba9b33355d7858327171ab9c68f6c21b2ffbff4eb061dab80bc77a4a7769e7ff73bcd98790e09415bfc5978cf5af45c3ec9ef9c1a39f766c59d59590281038dbcb765580ba2b3f141d5bbfc40910a0894cd1f22d2a8b6d4e4778debef99438b54d44b4b7568de2777431a5b2f3e8d1a45a60a468f5e33e8ef534f803dfb6798c270f52edf031ecd996bb78c4e92961c63c079676d77412ebc6074e5f235417785e7a14b14ce7626b015071c154cc2bf8f4499b93293e9997c23df4c7a1498cf12414fb31eb873728e4f613b540d22e7ca718f18da5b82ed24995e4309c3af4a2e1097465bf09728082d09e71ea365522035eb9772b8e072f8454777ee304dacd59d3eb9f933f151fa14f8c38eadbeba04810a2dea7a66824f09235c13a45f07870210d0d310ce3ae6284577bd4e65f32700f6723727926cb52e4f27776a1dab0f6668327ab5cf1893879a635261f2e0d9923ccecbf5b80f10a8275c1515f47930d614e787f14c105d3a4f8faf8e7f738cf4eae4fc39ef3db3cb87794ace87f7239b69dc4ab4e5ae57cdfbd309e847d99600ef14b51faead01e8ade57d24270bc13a1787896096eeacb8ab1c93d31d93cfb244bb09ecfecf336362a5656db7df327cbb9aeb898f8af229c7bb9452805f2b4510c5df86b6d564e01f000000167ade5205331523a6392af2bea9e6db0ba5480cbf1b202714233289c4017cb66e83c0c8b6e88bedb922162d0ceecf6c5da173bbefe6781ab7720d2be6cca378db650c69d4228141ae190922fbbaddb86c7f0fe138b704e8305b3bcc7910b2280d96d71dafdbfa876b0013fc4de586f85d9ee077b6349becbdca8bd989a51c4c76ed8a8cc691a65078e0272a62edec8236a779f0cbffeda49dcdccd4def7064e0d77ae5a8c64f3057b4a3a0d4457d33f2bc6c112378315411baa4bb126fe540d750491fc58fbb66911ef82bce5ed76872dbcd8e05dea2f3f347a653aa39ab5d75e71671bfeb924e71476134dbf91e3f287fd853cc34bf81e717edd41aa04b6fbeb43cf2074f0c8fe5350401b6cff801c147a3b58b972aa5652629a9fd8b1df2852708ce958d4e9974ec4383aa5da4e3f75fdc85981e97b75863546f67a8703673b6fe2c26f0e9eeb8c45c26f673adac55fa5d69b82ae7d032fd3b26866047e8c029b90a62794a89c11398944b398b4177b2dcc5a743c16d4a5333b1e30af678d3db8df849c1753db067a6f94bab00c0dd3c7e94a8675924c89bda98ac09e10bcdf83f5114b9b466c413477a5cdc48c857230798934bcc1f0eb3a2d2944b139e459af32e515785f46ed4e97cdcb23c7e4dc7c4f91b5b5ca5228344aeb6652fffaf31325c7429bc70a5f6beaaa98ef190dffdeccc94bd814b3edfdd48243bf34291076ab5438ee00e924a827d5b453df42d24144fe1a45bb6c84fcbb2143d0a561c1e867c1279bdf0a47061ea77a84f36c720aff785f0db10eda84c767b5f3874f9455c0f026735ded32f0403ef7dbcf97d2233d59c670114ddf89314ba74fc248bcbdbf43c24e46304e229b3cf583aa410f4dfd119152495da8737518ee2a05a8ca1f004be3c551408f2e4013e444b63bf2bb26ddeae505642dffcc989ee241c48741181b506e22fdc4530319522780c74bf786852dc66ebbb51f8ecbb1e35de09ef7afe589bb8a31c5d63477db5d5e7174694ea04cfa98057d39127a4e5eedb4897a491c6693acd0a036abf846f3b6f3006e5e5fd586f29a4a8a31abbccf732e4f1b88187a72d669c16302657e9cbbeb9322662e111edc7771526400b6123d0f8207bcaa38bee07043e36e223d418ac948d65e7acfe72cc3fdcf03a3e43ecfec8ae489ddba09126709c5c7968829e3504de8a5010c9372de09476a7b96b04d7aed2486d8f89f21f075321abe350024abe00a81f87df3dc372fc3206496776c26b6958243070bda4cace3e358da5d39a3945765c2ba4b002b06efd416af66f3343f218ed84550ea83f02f9a5c3fc677ea60987aa25f0406d6154081cfdc074814a2465accdfa102858f5a52c9eae293c56ddcaf8f6926d3dd0ccb51a30c960d6b7e473038ebd3702b5106f6bc040efdfd7169fd3f2dc42ff23de26a239e13b74278729fd7e843b38a35c55fd50181ac13a9cbbbfd8feb36afaeb1993349c0ac5a0c44ffd92919dfe272b0f8ed7df7198cd299715f021109a58dced4753d3c7ddd6e9ea01596f18b2fe7000000004ccfca57aed5b5cebdff65de480a56bd53f4c7f83ddef00d7c9686311d1fce76f320bb3222a11db30ba6ed31535d8fda61e694478ca9935d72719b8d6b9be88ae3df30b60ee251b919b4d1734b994c62accdf855488b351738331b462eccf27efdc5577d7a5548579dc90d227a42ac010f33a720dc3cf0a63454f8b07c775287495761a058ec1e28e6aaf8057241f4ef8b5de56e279355bb66630c4ddf35e7c2cfff26a4241b1df0379d2a1e9f959e46d3843f89844ead50aff44640fcbc4a1edb033afff7cc9e57c4f8d31900764233e11fa4c28e547788c1b00de4268df692ba3415a9ad90fa712f9618f5ecff57da32809380eeff040cd3b23f508614c72b303cec3bcd732708303b166193366a062b9cea536f28478c387e626744c6a611a8e7162d274efccc84eee8eb31d3310c86752777dd5b5ffe234e895c54909f19a4aabcf3c15b90c02170409e314fd90e766ec4ba93c8ec6321237a980ad3c32fb2fab69e57541ea7f5427a85c2c57d40f9ebe9de5572f46a4713fb28e0af42d0adef3e29195aa41a3ba318181512eebfadffede4e35ff7f975928edc5d4d9f2d931fb44b30e1df55e66c52e1648e9cdaf71221b57c6a6b087428ccc57ade5b1531341cba2be452b426c434c70fd8c493337d4995cbd76ea1dd545226e3eb59d5f94ffb5352f87a4a66cd7c5e88322404fd397c46e198646a9c819d0eb1f10e54d8a3ea912f1cb134ff1095aa7325287f6ea9af8c13b67d6abcbb70dbc06838ecb33e45b60f6cb832c3e72d1401770f66bd02f35a2d007815ab676099e31f5102000000c0e83d5e7107c8dc5830c9cddb9781185b94d7f2814c5058ba3ac54c268741c5728f4997a9628602c2a36090162379f3f37c47619b3e7c7397a5913b7060b51e0c7f7226ff1135444f866f89a4b74136cbd3acb7178bd63183b3fd9cd19fdeb6fcc6341910ad4605da76a9af4bfb8b75fcd666f8188902b380ae560d9aa04f8f9b0ac5c109d1824a470726e06a49d955f8f71c8a86081e75b13f62600deb941da181eaff544cd559c467d8dae432debd22e7a7b3e1ad731a5b9470f5f60423dda061ff899c07c79f3da34f38e1d8182d6ee0c36c602945509167be440382a8a8a759b20e41638fd57152029b190b5701d30a86f579e2d0cc53a2f809ca9bd3aba1eb2772a7acc35c4d983afa83a9baea35c0ed4931234719636cf8f5fe1884bde6cebbdf23bd62b1ebf0a5cb78c27295349bd7d5cf28c4ee4689497238fd3aa71a417914e6892667a56bd69dc2e5882cfb67df71494e9a9199e025892e4e7435f727636cd988cc7563d28db5133f649849c5b3973a3428de10ad39d96146b22acc50f50eee5a038876452b960686892de40efe30081ccdaa2bf64af78d5988026e529b36c62a21378ac42d220d0dd878010178e374e6dbb2b61206066d04e729ed03c6fd9a4e00547fe9304aec0925d85a0acd07fdc5d48c1a1cff656916f5d25952327792255e0d606a32517781cc3d737ec753eb95b5b5b95dabd8946907ab54cc85d05b475e2e5486c6fc070417198d3a50910e2949d20d3fa68fd327934cff5171224942b8f18d88947763a7c710d09c4b269bdf2d3e715329917fb70728a4a0530999b755ba8fc04deabf4bc4bcffc4d62d491538c65078122bf2c263ae0020af67cfc9cf19e5b929e086af281fb43d5504d728935c5cfac136eb81703d50fddb39a5a713b2914c6acd9b2d07819cf7bba495ac5734fe423e611d309b80eeafcf9053d51b0ab3c29d5ca5eb8861ffc1ebc4d53f361b8991baecb52860c15202f979e34054fcde869d018103ccd6d914a70f1840fc6aaf426beec975ddb980b19b0f4cc2ca393c0b9e6ebe5e7d1c9fc1ef7a1c91378f0b73262993fb80667ecf62bac3c47cbd002ae1b87b8dc3ec99d5c987765d778868eb55022cc3bed14b8f934a584bcc98fa0b4f6e6982ab8d8a2bb49f9074ef429dd7b8db332a96ccec6983a97be7c8634c02e7937ffc8d613b83aa375886bf40a87ec062090382f874bf2c8e5fbb58ac18a46c4d9e85af3ca21bdacb7755f49776b0eb3972ff682c84beb07d74cbe2764e378253e72128991b73d2730704a5448280e8a0fd8cc87d4cddcffbfe5525ae3d2304877a3988e33c8e12bf77793e753f25840e9af2ce56bdb999fc62623a2298b4244534f662eb398a2577c72f6cfd5174697dcee151d4f3a7293b11de3889c43744da4165aca4e4a1e926d37ae4d7471584a06f3641f2037a74a58c2397a594f29d142d59f91bb57e24e1a3f30f68c626033cc34895c1b16d62e3a375c3e09f5dbd9338cd3a500643143cd404b57019c648c3ec31d696233fe16efc3c4c84aca0830ca8b9fbf1144b98d82f41e4cf67631c74cdcf8d9c8b8556b876ff1592683ccac0b47a26cb3a2cb1b917f433bb54e0b53deae9ac4b1cd0594c1fa0e6744e7ed88fdac60901e3da989f3b0d7c12b140cc576fa1b0e8e705321d37c303691aafc9fed9c3dc419078d0925ead56455ea5f3cd57941e410c1c14c2e8972d7cca44fcaca1f64fc817f4a41b6d9fb237fed159cb09e788ae560726537f49cb64b9f60915d402e0931355c55ad792cde758548b1af54b196e414046d4af3579a6c30ceac3d68bbfd2adef309c064e759a9f0dd69d682a3880b8ff27b69abffaa45ee7e65d8f1f6e40c188f6249fdf72220b4c87243217ba0292b9e9b67ebeda4fb83406216a4d765812bafeff34cc57f7d2cd1608282079c076055b9cabffe5fa491b970291bc2672540ccc15ed877d7dbe3ef683724c715ace770905e48c2dc6a44e1fc095773676d070eac00ee3834b07590cba7093f56b678313870471c81599d34c53fc03ec6c913d8ba3f604ace8da12d2025cbb5000bc062f4db65a6feacaf3915206d1c15ce7e78c17dc2ea32cb57d6fab0a22d487c77118e75016006f812541ec8180a321287a2d57248d4ee4a19706a19d802c70e250c3b0fc400a0b5cdc06537d2f55fd5300be4eeeaab8cc481a84b6a5e17d8c47ec92fe40710d4ec3530a94ca16710ade2ec7562398106e0ddbb6c8af6412166afd99d45d29a3a967e58decd0d6fc5bebb98d639b5606efd358a43d635d50f0ccb8472197da604994e7fb700243d5f7e45700", 0x1000}}, 0xffffff5c)

4m32.814112266s ago: executing program 4 (id=939):
setfsgid(0xee00)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x18)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./bus\x00', 0x14010, &(0x7f0000000a40)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e1e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba064dfa60bd7fafb3c22dc057e6f9e2a5eb144290afe5369110a71d4b7fc5937a32e213c443f3b9e506b25cf9e2520999b330fc9e86bde8c8ec78f67c0c7f24db0000000", @ANYRES16], 0x1, 0x11ee, &(0x7f0000003680)="$eJzs3MGLG1UcB/Bf17Xdbt3NqrXagvjQi16GZg9e9BJkC9KA0jZCKwhTd6IhYxIyYSEiVk9e/TvEozdBvOllL/4N3vbisQdxxKS1jUSpSDdSPp9LfvDel997BAZmmDdHr3/5Ub9bZd18EmsnTsTaKCLdTpFiLe76LF557Ycfn796/cblVru9dyWlS61rzVdTStsvfPfuJ1+/+P3kzDvfbH97Kg533jv6Zffnw3OH549+u/Zhr0q9Kg2Gk5Snm8PhJL9ZFmm/V/WzlN4ui7wqUm9QFeOF8W45HI2mKR/sb22OxkVVpXwwTf1imibDNBlPU/5B3hukLMvS1mbwX3S+ul3XdURdPx4no67r+nRsxpl4IrZiOxqxE0/GU/F0nI1n4lw8G8/F+dmsVa8bAAAAAAAAAAAAAAAAAAAAHi3O/wMAAAAAAAAAAAAAAAAAAMDqXb1+43Kr3d67ktJGRPnFQeegM/+dj7e60YsyirgYjfg1Zqf/5+b1pTfbexfTzE58Xt66k7910HlsMd+cfU5gab45z6fF/KnYvD+/G404uzy/uzS/ES+/dF8+i0b89H4Mo4z9+CN7L/9pM6U33mr/JX9hNg8AAAAeBVn609L79yz7u/F5/kGeD6zdbbaQX48L6yvbNndU04/7eVkW44dWnIyH3uKfio2IWF33By/W43+xDIViXqz6ysRxuPenr3olAAAAAAAAAAAA/BvH8Trh0sanj32rAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYKgAA///20tEU")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r2, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0xff0f}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000480)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x218, 0x0, 0x0, 0x41000, 0x50, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x0}, 0x94)
recvmsg(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)

4m32.626904702s ago: executing program 4 (id=940):
unshare(0x26000400)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xffef3de1b28f5d35, 0xd, &(0x7f0000000880)=ANY=[@ANYBLOB="180000000001000000000000000000008500000007000000181100568826e460af776ab864002a775b5dd6c74db21c1e63816afbf67204bfa1d6c9a75e40fd8b9e1459d562a1dd45c5ce7578d2da746583767db1f981b051bc63fda29f8f7f8415678174ab8a417b4ac348cabb060b8a07e8a967d89a0b13867f827fdc01194ba95e2e124920ca72dc09de2af4480a8a87683d85ed42970f", @ANYRES32=r0, @ANYRES8=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a500850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0xc, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
r2 = socket(0x10, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801003944baeda34eeb327588819879851f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r3}, 0x10)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qi_submit\x00', r4, 0x0, 0x4004}, 0x18)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000180)={0x84, @remote, 0x0, 0x0, 'lblc\x00'}, 0x2c)

4m32.503088811s ago: executing program 4 (id=941):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
munlockall()

4m32.502982641s ago: executing program 34 (id=941):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
munlockall()

3.545634763s ago: executing program 6 (id=5750):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x19}, 0x4}, 0x1c)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x1003, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x180204}], 0x1) (fail_nth: 1)

3.511151126s ago: executing program 0 (id=5751):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x18)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x1503}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0x0, 0x24000891}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0xce)
pipe2$9p(&(0x7f0000000240)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RLERRORu(r6, &(0x7f00000023c0)=ANY=[@ANYBLOB="5300000007000046009d40"], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x2004000, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[], [], 0x6b}})

3.510619086s ago: executing program 7 (id=5752):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x149040, 0x10)
fcntl$setlease(r0, 0x400, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="1800"/15, @ANYRESOCT=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000002c0)='tlb_flush\x00', r2}, 0x18)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000dd000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001380)=ANY=[@ANYBLOB="140000001000010000000000000000000800000a60000000060a0b040000000000000000020000000900010073797a3000000000340004803000018008000100636d7000240002801000038009000100e7a6f6264f000000080001401000000a08000240000000010900020073797a32"], 0x88}}, 0x0)
mount(0x0, &(0x7f0000003c40)='.\x00', &(0x7f0000000040)='hugetlbfs\x00', 0x0, &(0x7f0000003cc0)='gid=1\x00nk]e')
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$setlease(r0, 0x400, 0x2)

3.439222511s ago: executing program 5 (id=5753):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000040000000400000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r0}, &(0x7f0000000a00), &(0x7f0000000a40)}, 0x20) (fail_nth: 1)

3.383786366s ago: executing program 6 (id=5754):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)={{0x14}, [@NFT_MSG_DELOBJ={0x3c, 0x14, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0x7}, [@NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x7}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_OBJ_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELRULE={0x34, 0x8, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x3}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x98}}, 0x0)
r1 = socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
io_setup(0x5, &(0x7f0000000140)=<r4=>0x0)
r5 = eventfd2(0x0, 0x0)
io_submit(r4, 0x1, &(0x7f0000000280)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x1, r5}])
ppoll(&(0x7f0000000040)=[{r5, 0x2101}, {r3, 0x6790}], 0x2, 0x0, 0x0, 0x0)
shutdown(r3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
socket$isdn(0x22, 0x3, 0x23)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='task_newtask\x00', r6}, 0x10)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r7, 0x29, 0x48, &(0x7f0000000380)=ANY=[@ANYBLOB='\x00\a'], 0x8)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
r8 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r9 = dup(r8)
write$UHID_INPUT(r9, &(0x7f0000002080)={0xf, {"a2e3ad21e08eeb661b5d500987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f353b68090890e0878f0e1ac6e7049b3b46959b649a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07410936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f6435f7590000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0da42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x1006)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000003b40)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'lo\x00', <r11=>0x0})
r12 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r12, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000006800010003001000fdffff7f0000000000000000140002000100000015000000000000000800000062698434e81ab3eb6b730aefac438f841c41b91dd0dd49"], 0x2c}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f00000002c0)={'syztnl1\x00', &(0x7f0000000080)={'ip6tnl0\x00', r11, 0x29, 0x1, 0x8e, 0x0, 0x2a, @remote, @mcast2, 0x1, 0x10, 0xae83, 0x9}})
sendmsg$L2TP_CMD_TUNNEL_GET(r9, &(0x7f00000004c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x40000}, 0xff9f, &(0x7f0000000400)={&(0x7f0000000180)={0x38, 0x0, 0x10, 0x70bd31, 0x25dfdbfb, {}, [@L2TP_ATTR_IP6_DADDR={0x14, 0x20, @empty}, @L2TP_ATTR_OFFSET={0x6, 0x3, 0x6}, @L2TP_ATTR_MTU={0x6, 0x1c, 0x3}]}, 0x38}}, 0x24000814)

3.383618026s ago: executing program 5 (id=5755):
gettid()
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, 0x0, 0x0)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r3 = accept(r1, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0x2400c840}, 0x0)
recvfrom(r2, &(0x7f0000000280)=""/90, 0xfffffffffffffe4a, 0x530, 0x0, 0x0)

2.936076123s ago: executing program 7 (id=5756):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0900000004000000e27f"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000580)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x1, 0x0, 0x7ffc0002}]})
sync_file_range(0xffffffffffffffff, 0x5, 0x3, 0x4)

2.895110146s ago: executing program 7 (id=5758):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x64, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0xffffffff, 0xff}, 0x0, 0x0, 0x7fffff, 0x6, 0x2, 0xcb, 0xefff, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
write$selinux_load(r0, &(0x7f0000000880)={0xf97cff8c, 0x8, 'SE Linux', "561b2ee131303d8e3ae9c1b8ecaef44f3fa5425c59b374474d1338d5705eaed74b35b053f2d1c08fb4e4c0384c78d2471fc429832b3f05ba868a18e2b263242e5ee3240cf71b38e476e3b2c56bd0b982b7ed9dc1b8f8b18633b46331da94841e8c75a08e93f33c10c6239daf3e13f603d7b3f4370e26ac9e1a66351ecab398a63bdfeaec4ba50062ac08e48052a70251ff543506b94ddaadad9261d706a42ab1116172de73b80333bd2adb414988e932910c51779c09decffe992b3daf0fce3d00ec688487a0921abfc264ae76936646814905b521862a62f72d0df1c066b055ac7582564809d0aff394cb11b410660ec2d272c6458e4e71973e548ca7c334a090897ed8daf8bd425dbd72fd0f2616bf704faff18ec72f33b425124c07e4c90136b669a6ff6d3c98d4bbf7c49e8fa247aecc2fb1a94a0c00c669e42ca766cae64df46b228b43509acf1088a19511e553851a8c1944607a06381be9ce8ad3b6c13eb28fce3e0a95789511a274c6f8c8e07f2268fdaf514fac70ffc5b8c6df4f3879d65aa732e09f9d2a4e13b582f64fc3841cc9f9bf85577c15e96048a401f9f962f373c28af9f49408c71d2c507542bc319fcb8880356081886e12ba349a76761f09fe1ab3bda2f8f42f9292d95ecac19628633c68901fc71e38900e4e119e522c13f546b7f755175c8e8900ca90eae34b83042a34bfacf8d68b4bcc1d19ace41b6ebdf9a277272c451d648a0ab741cd9982119c948cf3416cc49c18b26f994e48cc4bbfd2f9a159bbc1d2f76a72d77e14e2f39df6097fcef47ecf2af66c68832586785a8a40d5adfc058969a1067d7561c42cc2f9f0d6b4fe4304a799a2473c6fb4fcbd4981eeb5f0fad4d67d7e22f666800ee881b352e38bcde612d374d0131630755acf6fe104913137113198266ffda25985e6389b25284231c619a725ada7a929c014f869ce5fc8afcc195e83b0e600b42bba3c8027496cf8f8c0d593ce31d12e5e7cbc4526a4261d51cd2a9d4d2a13400d40605bbd5e294e5d45710506a18114aee268f3cbd003b8e3b651629ea66219af9492a402a9be6690a4f442fb45bd6178e337f26a22b1cc9555064b3ef16ce65902804725c6715a149ad8f442ba0207983c26a6b304d17312ab18b61a984d816c45fc5c9886c8b2935d1bc784f496393ba6c7b97262bf90843a5d7a2b55984cbee9d8b16cec5092302dd5a60efee09d07bab7323371704014ceaf62b88b1ea58a8478b4a2db0246dbba478059acd0260e56be4b279e829185a275bc7fe045e11ea4db70a76d765ddf77fc7e746468c5e4c837d26b35b0e4c6d8fefbabc833c26d208efea1ea48963a9fd01fc16375cef33650b51539ece1bef088b612f09aceddb0cc69b6266adfe4301d63162484ba73eee0fd860b72dfd154943489236a7ad43439e509b5304c5de4af4bc5911a24a4a98826adc9c7eab705e6b1739b1046e1ad43b87bd8356b002fcb7d6a47ef869917a5793c555904347265998a6a1d3e6f285beec4eb94e0c2244a6be22e8e9438649b14b92710c87d2448fe1307f8c16efa53c08ffeae8bad9de64195991291ef361005f78951da9ce86fa33f910f7c3194aef89ff80d88f38367feaa84d6de778426d26f64adfab04e91c6953c9f6e1d18d58c3fa56ead87f10af8e10559a06c5f79896cadf6dffee5f571e039902bbed59eebd1ae3a587d68203a6a5fc4f00cee0f44ef9bbe1f13b9c2c68642725e50a6893440e220ffb433c19ccc4265f49e4d91d0fae85e7b107c578d60b97e0aa1ac8a0526c83d38f8787942db324d2b8ecc9d0844d164fd66bb686032c54645dfe129b07019c1bfaa8c99b5e345ca6fc39ef26a5da2f686392bcc19a77d88fdc7f97262d765a3b649a5776b3a0c7fcc21d81b27bec8a477971487e81144483d29cb099dbe788da16d71664444d06970a5a6edbde341ca43e0b4e92433027f6c946f7e35cb69e4657574ddb15d4298a8b9583a61fc716c20340c398297f806432374e1be5938164158cc1516ba2c76db14e5d148efff36f2e7e56c354e795117894411e675bc3f270dd48c0370c0d698e57607d25c41ef4e262dcad8c688044f7585a3b21ff2e29ada5a3a1c73576980b50ef2b0d2c374a6a129ef407c1124839979bd393d70453df30cfbcbf1c87e63d2d87ff53bd7ad0310f773250a0ff5ba4b1dca3ff28d679f9d36da2ac4a894397c30963fea5cfa80b03342aca57d13a81f8f07a891c781dab6578ee33d2c38fceba7f7f86e4945750bdeda018fa58653005abd24dcef14015c475f4c792b68ece6b2f1b667866244a65423d9e054174b1de85f689618adcb72ac31536b2389198439e8ba8a256d18d8da0e681c7b8007d01546ff4d91522f447e771bb0258c3fa8be889be669019465a0cb281eb3eee4d567a561469e8ae490cd2702cf610b414d9949086fc697dc107c78cc94803d082c946fa7ca6acae2d28d2b755d9d667cd49b571316cdec93e86b20cf5812c586998b9b32564170fc97ab22d145d5b290e2130329e634504423e87edb0482f33d3871c350a3762f2b6c3032dd84cf0001a95b61badbb0ac7b585ffc616c3607e4df0564d7220a5bafb372cf0fee0b72b2f5b05f0290ef4391570de4ef9cbb36d9a875ad1ec1ab823ded8420b634dcd0141f9e6202f641ec7abdc5a79112bf7147ce106262d028460dd14009061eaac4daea1053bc0b8d9ee7f73fc5d9d1f4205013f69cc0202edcb7bd4f4549749c47a1e0ec3c04c8f209e943cc668860f863b60ab15c4613740b6f05cce50ff98723938ac22588a211e16b9879f25a054ece9fb0cbce1572532c0c50ed2dd50e2c28f76167f66c19378afeee0b0fc36d63e18af0b55ab14b2d0e445ffd82dbfcceedd96c6ad48a318c3357e104e1714a97ed3bd5f3f978e6265c5d19afecee9cdb1ad9b34044209192c555583709f866891f76874c0d80acbd4a86d6927b6fb8d5b7bcf3d2b6379a96b0fdd8a3b24c21138f0b2cb3ea9d72d62c369e52d9d5b81a1e09b2276ae8f56faf933461aa2bc529971c31eadd558f5de089b098ef6b39a6f9ee77644f4dbfcaa8f64114ecaf833252e369f1b9e4848c67553e8522020509f00cf80bef0b0a65a3e7959851d5effaf048fc9e1119f3dcf46630a218e0b4c9e54a68fc67c3cc75b9b1c329a6c56410d3417ce92bbca150dd5417cacc5e7d8e6852d99986583be06c04e65f5549518f34f90ca76644fd6b66cf7c6527c0e8faa389497850411a4cc174e52a26a08eebb3c34112cc1b29bc70c4250806b0d256d83ad41efc693f7d026cda917b816edae4476e22e70e8b5b7497e384ac6796cd05f312de5f234d995132f2f762d4827d5c50488e040c780b9248a9fb74f822d3a4721f2fdcd1d1c21b4f1f1c2ede58ab57577b76770e5e249a1bc4673f2efbc62b407792a5b9053cd839e9adf95ca2418bd9f3dc3b71571a795c691123dbbaf5e54894c9f44ad4c81ebf632375bfbe3be39982a529b1b68ca3916cb64e85b1bf0e10e75fa1075bdf57b12bd8342ba02610b35aca5e37ec13838af1cd2fc56f28ebbd52d0a636493f37d494dca39e529edf7b497659a68717972a542ca9c9e6983015e649ac2f360755a99be3ee88b84cb0ad3aa6bf63b526bcc740cb3a2027b27e3e86679b6f2c0b27083d17620bfea1f58906a3346fbd6b89535907678aad96d145ae658e0046165963a3f2471aca7858f6a96c8fab505cdeb03074d25ea37057c9bb1c193598ac63744c8a6dbf8f100e796619a8c2f72d2035ff0c0acbb972850b97bf9709a0237af253cd5fa6b81a3cb28d8413517750c2afcb641db23259fd7eaba913d608081852ff1b5d44ee490111fb7e66662101ffbc123df92dd9dd4596c0ec8e1f206620d8f216e114af48db40fac4b530653c6908491b436ed199148817aa171d029509c49fde7cb2f8c20b55af0cb42bc3b195765ab7dfa9a843aad7863881640c2aff2cc2a50198c4d6e12db4f7639f0b2a6e854cb4c3a3519d9618a9a2698cd96fd77ff0e6909e30fbf4fa28b1233cbf0a5f3fd30a75e09a67f3cf228cfc6f4f296f70b3af51b819e28fdeed15a98c6cace5d6c9cab330146d01a26ff9aeaaf811d0c3db57146149563399dc873742f10970897c533a3f15684be3986383e740fa99fac77b8d78a69ebaf42e7fce226515bb5d77ff34f674be0e4e91eda760eac883b5a62d399f2f8fa9460cafb68ce29a51c14e7413801793bc2040d74f38293d501fd9411b51d93134c00c38fbed43ba81e43f3145dddada8952d3a07dba6c3e7552b54378e5af5c720865531c6f387cf173d5c2b937a8dd0aa01ea35689f4e270f999cf769de48bdc2c7dafea38f1afbc6be3112ab358d3e6c88d55ffbe7f63db9a5e81df63c96250f1e307da559f5df9c94c1fac00c61cb946cbcee86d7cf7def41c76a8c77f79e23c457c338387e654c39d5c7837514af775279944df94c15581b9b8526b7cc41b3c482f5d64d0b4d8118f15773c13c895b90177f6644d1912ada0df5f39e10af25186cdd24053ca4df3012f053b0f78e36959bd801438bf785e50bf19ff6eccb4b7bb2198f8bcc879b429798cdc0f8758656226e54e38450e9e4bbb33a390260d223ae89a47654972502be30cd5c45e3dcb7fa3419b10beadd4b29fd8fdf7178d16d7e6f2f40b2fed40b7d3f5aa3faddb1db1792a247850cff18e3307a881a9ee051e850a788af39f823693fc507a29229d190bce0b9e1188ae82c425dafc3313e18d428565fae96b25b5a1f0b1fdddeb689cfb25ddeaa92199a7c9d2a4c3d27168537ffaac1e126d39abfb1f500b29516875c7e03fae871316699ef53d0d3378ab6d8a3950090247a2357d5ba40912ddc4dfb2bb36d3a833c9f820b4a83808c3bd6b25b4b66ead59e5b716c0f9a0d4da14de823c226ac33a00a253e71e1d9e56d17f024aecc01d95422903f02e6d706f24b169cc910a8d8c540b3edad533422135ec9a68d758a8cf8bf186fb480cdb09a585bdd0da41ff433acbb95cb3737e536b4a4dc5a6b1cc1b25d4e6964cbc06651f047f46dcbd8ee4946ef072253ae9f4e7cd68050cbfc9121e65a2b31f3b3dca2fdd6ebd33b5db1278c451e4d581aeea2ed514f812c520f5c7e0c8a100b58586e6810bfdf2a4703b21692d879f0e6fe550bcb86b5d59dc1cf75b61007a81ce72900ca909ee8e8f0b0608229904dce756cf1860ffd1ef6af3f62894524d10f3fc05016d49b9b4e59ca52315e024065a04c0ccba075b93cd7280e8a4207ac4f14f8e8c539230ad4da1755b60de3f73831120911206c409be86d75d1b8b396815147e6ac4e2deae169f4ffa7b6f6cf388adb7530ece9d45e39f1c6a837bee9dc8fc22ace3ffb6f06a566f6b51c0dc52fe2d907357fe23a58ff34569d0f46c2b57e8ac28ca61fe66292a6ce4eee6041971bd20419d7703a536430d0dfacd81ad924e560eb2b73d52ce675ed999464445485f051778b5237d282b3e5cd027a934be7a69d217b009d173f5a767b8c69917429c5dcd7300082191b0f3f45ed8c74de98d97c9e6dde3ae29ceab2a6309812470d39016172193e22d11429a0572142efe8470dae76b9de3771975bb4e6e4e8124d5894886d344a2200a524713c7de02f1c2a0bcf197f205b5661a49ba49e44c365aa20e8600b0421a864d717bb1e969c5ec87e77251b44b1cd5f0765358996de0c18209a415ebe1f5b9d4cc551f787fd04c8c690f45a14679ac983c1e2bb3f66186674760996d64494f0e852b4b60b1"}, 0x1010)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="07000000040000000802000021"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b703000000040000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f00000022c0)={[{@errors_remount}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@block_validity}, {@dioread_lock}]}, 0x3, 0x439, &(0x7f0000002380)="$eJzs3MtvG0UYAPBv105LXyRU5dEHECiIikfSpKX0wAUEEgeQkOBQjiFJq1K3QU2QaFVBQKgcUSXuiCMSfwEnuCDghMQV7qhShXJp4WS09m5iO3aauE5c8O8nrTuzO9bM592xZ3a6CWBgjWYvScTuiPg9Iobr2eYCo/V/bi1dmf576cp0EtXqW38ltXI3l65MF0WL9+0qMuWI9LMkDrapd/7S5XNTlcrsxTw/vnD+/fH5S5efO3t+6szsmdkLkydPHj828cKJyed7EmcW180DH80d2v/aO9femD517d2fv02K+Fvi6JHRtQ4+Wa32uLr+2tOQTsp9bAgbUqp30xiq9f/hKMXKyRuOVz/ta+OATVWtVqsPdD68WAX+x5LodwuA/ih+6LP5b7Ft0dDjrnDjpfoEKIv7Vr7Vj5QjzcsMtcxve2k0Ik4t/vNVtsXm3IcAAGjyfTb+ebbd+C+NxvtC9+ZrKCMRcV9E7I2IExGxLyLuj6iVfTAiHtpg/a2LJKvHP+n1rgJbp2z892K+ttU8/itGfzFSynN7avEPJafPVmaP5p/JkRjanuUn1qjjh1d++6LTscbxX7Zl9Rdjwbwd18vbm98zM7UwdScxN7rxScSBcrv4k+WVgCQi9kfEgS7rOPv0N4c6Hbt9/GvowTpT9euIp+rnfzFa4i8ka69Pjt8Tldmj48VVsdovv159s1P9dxR/D2Tnf2fb6385/pGkcb12fuN1XP3j845zmm6v/23J2037PpxaWLg4EbEteb3e6JX9pYuTLeUmV8pn8R853L7/742VT+JgRGQX8cMR8UhEPJq3/bGIeDwiDq8R/08vP/Fe9/Fvriz+mQ2d/5XEtmjd0z5ROvfjd02Vjmwk/uz8H6+ljuR71vP9t552dXc1AwAAwH9PGhG7I0nHltNpOjZW/z/8+2JnWpmbX3jm9NwHF2bqzwiMxFBa3OkabrgfOpFP64v8ZEv+WH7f+MvSjlp+bHquMtPv4GHA7erQ/zN/lvrdOmDTdbeOlva8HcDW87wmDC79HwaX/g+Dq03/39GPdgBbr93v/8d9aAew9coNr/nfBAMGhPk/DC79HwaX/g8DaX5H3P4heQmJVYlI74pmSGxSot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL3xbwAAAP//1Xjmag==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xb, &(0x7f0000000640)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x7, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffe94, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r3}, 0x10)
arch_prctl$ARCH_GET_CPUID(0x1011)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
gettid()
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
io_setup(0x6, &(0x7f0000000300)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000040)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x80000000}])
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
ppoll(&(0x7f00000001c0)=[{}, {0xffffffffffffffff, 0x6b3f7e8c4e6d7001}], 0x2, 0x0, 0x0, 0x0)

2.8431074s ago: executing program 0 (id=5760):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001400)=@newtaction={0xe78, 0x30, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [{0xe64, 0x1, [@m_pedit={0xe60, 0x1, 0x0, 0x0, {{0xa}, {0xe34, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{0x101, 0x5c, 0x0, 0xb, 0x9}, 0x8, 0x7}, [{0x7, 0x8, 0xb6f8, 0x8, 0x101, 0x3}, {0x9, 0x6, 0x6, 0xfffffff7, 0xd, 0xed7}, {0xaabee86, 0x100, 0x4, 0x8, 0x8, 0xb6d}, {0x66, 0x80000000, 0xfffffffd, 0x2, 0x10000, 0x9}, {0x2, 0xfffffffc, 0x9, 0x1, 0x9}, {0x3, 0x8, 0x9, 0x400, 0xf, 0x939b}, {0xdc11, 0xfffffff9, 0x3ff, 0xfada, 0x401, 0x10000}, {0x15, 0x9, 0x7, 0x9577, 0x7, 0x1}, {0x5, 0x1, 0x2, 0x80000001, 0xfff, 0x8}, {0xb73, 0x5, 0x3, 0xfffffff7, 0x0, 0xd}, {0xffffff80, 0x3, 0x1, 0x80000001, 0x4, 0x4}, {0x519, 0xf0, 0x66, 0x3, 0x5, 0xfffffff7}, {0x400, 0x200, 0x1ff, 0x3, 0x5, 0x5}, {0x3, 0x5, 0x1, 0x101, 0x200}, {0x4, 0x7, 0x1, 0x9, 0xf, 0x1}, {0x401, 0x433, 0x7, 0xffffff7f, 0x9, 0x7}, {0x10, 0x6, 0x9, 0x0, 0x5, 0x2}, {0x5, 0x1, 0x8, 0x3, 0xa9, 0xfffffffc}, {0x0, 0x80000000, 0x2, 0xce6, 0x1ff, 0x2}, {0x1400, 0x8, 0x5, 0x3ff, 0xfffffffe, 0x8}, {0xa177, 0x8, 0x1, 0x7, 0x9, 0x8000}, {0xce0, 0x4, 0x1ff, 0xd7, 0x7, 0x6}, {0xffff4234, 0x4f9, 0xfffffff9, 0x1, 0xc, 0xffffffdd}, {0x81, 0x2c, 0xc13, 0x7d1, 0x4, 0x6}, {0x5, 0x7, 0x7, 0x1000, 0x2, 0x7f}, {0x400, 0x6, 0x7, 0x6, 0x120, 0x6}, {0x6, 0x3, 0x4, 0x7ff, 0x0, 0x3}, {0x6, 0x0, 0x3, 0x2, 0xfff, 0x2}, {0x8, 0x3, 0x6, 0x5c6a, 0x5, 0x9}, {0x8, 0x1, 0x8, 0x8, 0x8, 0x95}, {0xf80, 0x8, 0x10000, 0x8, 0xe, 0xfffeffff}, {0x4, 0x8000, 0x3, 0x8aa6, 0xfffffff7, 0x5}, {0x8, 0x7, 0xfffffff7, 0x3ff, 0xd7d, 0x5}, {0xd50, 0x2, 0x8, 0x4, 0x8, 0x3}, {0x2, 0x6, 0x7f, 0x9, 0xfffffff9, 0x1}, {0x162, 0x0, 0x4b3, 0xcb5, 0x5, 0x7fffffdf}, {0x80000000, 0x0, 0x1, 0x2, 0x100, 0x3}, {0x8, 0x8, 0x1, 0xffffffff, 0x3ff, 0x5d1}, {0x3, 0xd054, 0x9, 0x5, 0xfffff801, 0x1}, {0x7, 0x8, 0x983, 0x0, 0x6, 0x200}, {0x47, 0x200, 0x8, 0x9, 0x2, 0x9}, {0x1, 0xfffffff9, 0x2, 0x7, 0x7, 0x1000}, {0x10000, 0x24056a58, 0x8, 0x8, 0x0, 0x8}, {0x2, 0x1ff, 0x3ff, 0x0, 0x2, 0x40000000}, {0x7ff, 0x7ff, 0x0, 0x3, 0x9ca, 0xffffffff}, {0x80000000, 0x9, 0x2, 0x4, 0xdd9f, 0x40}, {0xa, 0x9, 0x3, 0x0, 0xe00, 0x7fff}, {0x4, 0x7, 0x3, 0x0, 0x7f, 0x8}, {0x7, 0x8, 0x10, 0x4, 0x0, 0x80000000}, {0x7, 0x5, 0xfffff801, 0x1ff, 0x1, 0x10000}, {0x80000001, 0x2, 0x2, 0x3, 0x4}, {0x40, 0x0, 0x7, 0xc, 0x1, 0xffff0001}, {0x6, 0x0, 0x2, 0x5, 0x742}, {0x4, 0x401, 0xc0, 0xffffffff, 0x8, 0x2}, {0x7, 0x6, 0x5, 0x4d2b, 0x4, 0x8001}, {0x6, 0xf731, 0x2b1, 0xfffffffa, 0x1, 0x101}, {0x5, 0x7, 0x101, 0x0, 0x7, 0x8}, {0x3, 0x7, 0x8, 0x8, 0x7, 0xa0}, {0x1a, 0xe, 0x3ff, 0x0, 0x3, 0xfe}, {0x2, 0x7, 0xcf0, 0x5, 0x7, 0x6}, {0xfff, 0x6, 0x0, 0x1000, 0x0, 0xf}, {0x9, 0xfffffbff, 0x2, 0x5}, {0x0, 0x22f, 0x2, 0xe7b, 0xba, 0x7ff}, {0x1, 0x7b7, 0x0, 0xcb2d, 0xe, 0x6}, {0x0, 0x30000, 0x50, 0x5, 0x5, 0x8000}, {0xf9, 0x5b, 0x8, 0x3, 0x3, 0xff36}, {0x2de, 0x6, 0x5, 0xa4, 0x6, 0x7}, {0x8, 0x9, 0xd32, 0xd4, 0x100, 0x1d}, {0x0, 0xb, 0xec36, 0x52, 0x7, 0xe}, {0x80000000, 0x7f, 0x80, 0x4, 0x35b3, 0x5}, {0x8, 0x7, 0x44c9bfe0, 0x40, 0x4, 0x1}, {0xffff7fff, 0xf7af, 0x1ff, 0x21, 0x81, 0xa}, {0x2, 0x4, 0x7fffffff, 0x2, 0x1ff, 0x800}, {0x9, 0x9, 0x8, 0x2, 0x9, 0x6}, {0x6, 0x9, 0xafb, 0x3, 0x9, 0x5}, {0x2b20, 0x9, 0x7fffffff, 0x7c82, 0x7f, 0x8}, {0x1ff, 0x0, 0x0, 0x6, 0x8, 0x2}, {0x3, 0x6, 0x1c97600f, 0x6, 0xd, 0x800}, {0x1, 0x0, 0x0, 0x9, 0x19, 0x2}, {0x3, 0x7, 0xd, 0x7fffffff, 0x4}, {0x7f, 0x3, 0x5, 0x1, 0x75, 0x100}, {0xfff, 0x1, 0x1d, 0x40, 0x472, 0x1}, {0xe, 0x48f, 0x7, 0xfffffffc, 0x6, 0x7}, {0x9, 0x9, 0x401, 0x6, 0x1ff, 0x1}, {0xdd4, 0x0, 0x9, 0x6, 0x7, 0x7e27a179}, {0x3134, 0xfffffff9, 0x7, 0x6, 0x2, 0x1ff}, {0x6, 0x9, 0x611, 0x3, 0x2, 0x1}, {0x9, 0x3, 0x2, 0x9e7, 0x6, 0x4}, {0x5, 0x7, 0x1, 0x10000, 0xa, 0x1}, {0x9, 0x8, 0x0, 0x5, 0x3, 0x80000001}, {0x8, 0x9, 0x2, 0x5, 0x6, 0xd888}, {0x1, 0xdc0f, 0x8, 0x6, 0x5, 0x1}, {0xfffffff8, 0x7, 0xb13, 0x7f, 0x81, 0x2}, {0x2da, 0x0, 0x9, 0xa748, 0x4, 0x1}, {0x1, 0x5, 0x1, 0x6, 0x6, 0x4f}, {0x2a, 0x7, 0x1, 0x0, 0x2, 0x80000001}, {0x8, 0x2f, 0xfffffff9, 0x4, 0x200, 0x800}, {0x40, 0x6, 0xc, 0xa1f7, 0x9, 0x1000}, {0x4, 0x101, 0x3, 0x401, 0x0, 0xfff}, {0x1, 0x0, 0x9, 0xf, 0x1000, 0x40}, {0x3, 0x3, 0x1, 0x8, 0x400, 0x8}, {0x2, 0x1000, 0x5, 0x8, 0x200, 0x66d4}, {0x7, 0x2b914a38, 0xda2, 0x0, 0x2, 0x6}, {0x95, 0x9, 0x6, 0x3, 0x5, 0xfffffffb}, {0x3eb, 0x9, 0x4, 0x2, 0xfffff801, 0x9}, {0xf48, 0x80000000, 0x1000, 0x1, 0x9, 0x3}, {0x5, 0xffffffff, 0x3, 0xf, 0x8, 0x2}, {0x10000000, 0xbc9, 0x0, 0x6, 0x1}, {0x3ff, 0x0, 0x6, 0x3, 0x892, 0xffff5833}, {0x2, 0x5, 0x8, 0x8, 0xbcb7, 0x8}, {0x5, 0x3, 0x1, 0x7, 0x8, 0xfffffffb}, {0x6, 0x2, 0x8, 0x1, 0x9, 0x40}, {0x73d, 0x81, 0x4, 0x4c, 0x2, 0x10000}, {0x4, 0x1, 0x401, 0x4, 0x3}, {0x99, 0x1, 0xfffffffb, 0x2, 0xd, 0x4}, {0x100, 0xfffffffd, 0x5, 0xa, 0x7, 0x5cf4}, {0x8, 0x5, 0x9, 0x1000, 0x1ff, 0x80}, {0x800, 0x10000, 0x2, 0xd3, 0xe, 0xfffffffd}, {0x4, 0x3, 0x6, 0x727b, 0xc, 0x5}, {0x6, 0x2bf3, 0x3, 0x35, 0xd, 0xf24}, {0x9, 0x890c, 0xcf3, 0x87ee, 0x5, 0xfffffffc}, {0x49424b5d, 0xf, 0x3, 0x7, 0x2d219f14, 0x1ff}, {0x3, 0x5, 0x9, 0x9, 0xffffffff, 0x4}, {0x6, 0x5, 0x4, 0x80, 0x7fffffff, 0x8000}, {0x5, 0xfffff404, 0x1, 0x8, 0x879, 0x3}, {0x5, 0xc, 0x6, 0xfffffffb, 0x8, 0x2}, {0x4, 0x600, 0x39846a8c, 0x1, 0x7fff, 0xb}, {0xfffffff1, 0x8, 0x3, 0x3, 0x2, 0x3}], [{0x5, 0x1}, {}, {0x5, 0x1}, {0x1}, {}, {0x1, 0x4fa8102eea1673da}, {0x4}, {0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x0, 0x1}, {0x0, 0x1}, {0x1, 0x1}, {0x5}, {0x4, 0x1}, {0x1}, {0x2, 0x1}, {0x5}, {0x3, 0x1}, {0x1, 0x1}, {0x1, 0x1}, {0x2}, {0x3, 0x1}, {0x2, 0x1}, {0x4, 0x1}, {0x3}, {0x5}, {0x3}, {0x4, 0x1}, {0x0, 0x1}, {0x5, 0x1a2b73033141e383}, {0x3, 0x1}, {0x2}, {0x5}, {0x4, 0x1}, {}, {}, {0x3, 0x1}, {0x3, 0x1}, {0x1}, {0x3}, {0x3, 0x1}, {0x5}, {0x2}, {0x3, 0x1}, {0x7, 0x1}, {0x4}, {0x5}, {0x2}, {0x4, 0x1}, {}, {0x2}, {0x1}, {0x4, 0x1}, {0x1, 0x1}, {0x5}, {0x1, 0x1}, {0x3}, {}, {0x2, 0x1}, {}, {0x7}, {0x1, 0x1}, {0x3}, {0x2}, {0x1}, {0x8, 0x1}, {0x3}, {0x1}, {0x2}, {0x4, 0x1}, {0x4, 0x1}, {0x5, 0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x5}, {0x5}, {0x3, 0x1}, {0x1}, {0x0, 0xbfb90171edaf7461}, {0x5, 0x1}, {0x1, 0x1}, {0x2, 0x1}, {0x5, 0x1}, {0x0, 0x1}, {0x5}, {0x3, 0x1}, {0x5, 0x1}, {0x5, 0x1}, {0x1, 0x1}, {0x4, 0x1}, {0x5}, {0x4, 0x1}, {0x5}, {0x0, 0x1}, {0x5}, {}, {0x2}, {0x3, 0x1}, {0x4, 0x1}, {0x2, 0x1}, {0x2}, {0x2}, {0x1}, {0x1, 0x1}, {}, {0x4, 0x1}, {0x5, 0x1}, {0x5}, {0x3}, {}, {0x0, 0x1}, {0x4}, {0x5}, {0x4, 0x1}, {0x1}, {0x4}, {0x5, 0x1}, {0x5}, {0x2}, {0x5, 0x1}, {0x5}, {0x3}, {0x3}, {0x4}, {}, {0x0, 0x1}, {0x2}]}}, @TCA_PEDIT_KEYS_EX={0x10, 0x5, 0x0, 0x1, [{0xc, 0x6, 0x0, 0x1, [@TCA_PEDIT_KEY_EX_CMD={0x6, 0x2, 0x500}]}]}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0xe78}, 0x1, 0x0, 0x0, 0x4081}, 0x2400c800)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000008000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000081b000000b7000000000000009500000000000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41002, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='sys_enter\x00', r4}, 0x18)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x404, &(0x7f00000000c0)=ANY=[@ANYRES16=0x0, @ANYBLOB="132b0d95dd8786d3856320fa6af87a94c11be7db8ba396dc7186f8a009b572405ea17e077d6f91b83a4adb9fbc4abe1b8d82d9c33a0c82f90e3dfa494170be8a2015c288c29d1152e653f4897c032a50e12cf4945f912897e647dd0c0e2c8b3109fed7647ca9ad6049365d0a3a28d31da4281511ffe2f1fb98e26bfb", @ANYRES8], 0x1, 0x1235, &(0x7f0000000ac0)="$eJzs3E9rHGUcB/BfNqlZU/NHrdVW0Ae9eFqaHDwJEiQFyYJSG6EVhCmZ6JJxN2SWwIoYe+pVb74G8ehNEd9Arr4Cb715ykEcYSdtsrVBozFb7OdzmR/7m+/M87DLwizPs3ff+PKTzY2ytZH1ozExEY2tiLSfIkUj7nlptT7euLm63G6vXEvp6vL1xddTSnMv//jBZ9++8lP//PvfzX0/HXsLH96JpV/2Lu5duvv79Y87ZeqUqdvrpyzd6vX62a0iT+udcrOV0rtFnpV56nTLfHukv1H0trYGKeuuz85sbedlmbLuIG3mg9Tvpf72IGUfZZ1uarVaaXYmONa5vz5l7Zv9qvohoqrOxRNRVVX1ZMzExItfRcRcfBERT8cz8WxciMm4GM/HC3FpeNZZDB8AAAAAAAAAAAAAAAAAAAAeH/vD3fyj+//Px1MxG3MxHwv39/8/Z/8/AAAAAAAAAAAAAAAAAAAA/Gfeu3FzdbndXrmWUjOiuLOztrNWH+v+8kZ0oog8rsR8/BbD3f+1ur76dnvlShqajIjdg/zuztrkaH5x+HcCB/mpYe9efrHOp7hdHMlPx0ydb0ZEHksxHxeO3L95mF96aL4Zr7165P6tmK92I3pRxPrw3of5zxdTeuud9gP5y8PzAAAA4P+gle5bGH3+rZ/fW63j+nX+BL8PPPB8PRWXp8Y7dyLKwaebWVHk26NF80+vjK2YfjSGcZKi8W/i03FsqzHS+vrniHHP9JEomgef5dO44MSZD/40rnP7VOY+Woz5i4kzcfimj3skAAAAAAAAAAAAnMTfWQ/4a/zjVYRT8ZCVZW+OZ6oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAH+zAsQAAAACAMH/rNDo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//72mw60=")
truncate(&(0x7f0000000a80)='./file2\x00', 0x6e8)
r5 = socket$kcm(0x10, 0x2, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000003c0)=0x1)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="180000000000e5ffffff00000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000010000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x18)
ioctl$TIOCVHANGUP(r6, 0x5437, 0x2)
sendmsg$kcm(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000040)="2e00000025008101040000000000009f1ba1f848430000005e1406ca000000ffffffff25ed5860000a898988a800", 0x2e}], 0x1}, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b70300000000000085000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setrlimit(0x9, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, r10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r11}, 0x10)
link(&(0x7f00000001c0)='./file1\x00', 0x0)
io_setup(0x2004, &(0x7f0000000680))
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

2.83745463s ago: executing program 6 (id=5761):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r0 = socket(0x10, 0x3, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r1, 0x5)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r2, 0x6)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x4, 0x0, 0x7ffc0005}]})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='kfree\x00', r4}, 0x18)
r5 = socket$igmp6(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r5, 0x29, 0x22, &(0x7f0000000000)={{0xa, 0x0, 0x101, @loopback, 0xa3c}, {0xa, 0xfffe, 0xfffffffd, @dev, 0x4}, 0x1000, {[0x9, 0x0, 0xfffffffe, 0xfffffef9, 0x0, 0x1, 0x2]}}, 0x5c)
r6 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000580)='$\x00\x19y\x01\xff\xb4\x9e\x95oQE\xc9\x1f|\bZ\xf44\x7f)\x03c\x9a\x85\x01V\xb8p+\x84\xfb\xe6?\x88\xe9\x98Y\x0e\xd5P\xa2\xcc\x01*\xcd%v!\x82\xf1\xaaB\x04-\x88\xeb-q8\x03\xadO\xa0F\xc5Z\x0f\xee\x94\xfcy\xa5\xa4L\xa1\xd7g\x9d\xd2m5r\xef\xe1\xd1\x87\x1aM\xa6\xa8\xa2\xef\xb0\x9e\xa9d\xee\xacl\x9c\xcb\x03\x17\xbbG\x15\xba3\xa5r<]T\xc6R\x03\xee#\x0f\x88\xc4\xd3\x02\xd1 @\r\x1cc\xe4|\x13H\xc2\x1fq\x88\xdd\x98\xe1~\xb0\xedK\x17x\v\x9b\xaa\xb4\a\xb6\x8b\x9e*=\x8f\x05\x8b\x88\xc9\x12\xa6\x8fs\x98\xf1\xfe\xcdX\xce,AD\xd2v\xf4\xe5\xd3\xf3\xf1TY\x1c\x8a\x98\xf8\xcf6\xc3>]l\xdaQ\xac\n{)\xc9\x95\xb4\x12j}8\x03\xba&\xe8p\xe8\xf0\xa4\xa6e\xbc\xef\x93%/x\x19\xaa\xb5\x97\x98A\\\x91\x9a \xa8\xf8a\xd8\x97\x1eR\xaf\xc8\x9f', 0x0)
read$ptp(r6, 0x0, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x2160, 0x102)
fsetxattr$trusted_overlay_redirect(r7, &(0x7f0000000040), 0x0, 0x0, 0x0)
llistxattr(&(0x7f00000003c0)='./file1\x00', 0x0, 0x0)
connect$netlink(r0, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x14, 0x30, 0x829}, 0x14}}, 0x0)

2.741757788s ago: executing program 6 (id=5765):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000340)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='utf8=1,utf8=1,utf8\x00\x00,utf8=1,shortname=win95,errors=remount-ro,uni_xlate=1,\x00'], 0x3, 0x236, &(0x7f0000000380)="$eJzs2r+LHGUYB/BnLomJFy574i8SEF+0UJshd7VFDrmAuKBoVoiCZOLN6rLj7rGzHKyIuUpb/wRrsbQTJaXNNf4FFnbXXJlCHEl2Y3JhLYKYXfXzafaBZ7/M8+67vLzFHL761Sf9bp13i3GsZFmsXIr9uJXFeqzEXfvxyktXf3runavvvbHVbm+/ndLlrSsbmymlc8//+P5n375wc3z23e/OfX86DtY/ODza/PXgmYPzh79f+bhXp16dBsNxKtL14XBcXK/KtNOr+3lKb1VlUZepN6jL0bF+txru7k5SMdhZW90dlXWdisEk9ctJGg/TeDRJxUdFb5DyPE9rq8Hf0fnmVtPEUXPqWjRN8/jXcfZmrP0SrcieSNmTl7Knr2XP7mfnj5qmtehR+UfY//+3+w71MxHVl3udvc70c9rf6kYvqijjYrTit7j9N5mZ1pdfb29fTHesxxfVjVn+xl7nxPH8RrRifX5+Y5pPx/OnYzXiVMQsvxmteGpO/ofY3pybPxMvv3jf8/Noxc8fxjCq2Inb2XvP/3wjpdfebD+Qv3DnewAA/zV5+tPc+1ue/1V/mn+I++ED96uTceHkYtdORD35tF9UVTn6txd3F7Qs8yxr8dic1onZb7ccEyqWoljcmcSjc2/TFz0JAAAAAAAAAAAAD+NRvE646DUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADL7Y8AAAD//+u8zfo=")
sendmsg(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000240)='K', 0x1}], 0x1, 0x0, 0x0, 0x11000000}, 0x4008014)
r0 = syz_clone(0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000540))
ptrace$cont(0x21, r0, 0x0, 0x0)

2.612965759s ago: executing program 6 (id=5766):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x149040, 0x10)
fcntl$setlease(r0, 0x400, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001b80)=ANY=[@ANYBLOB="0600000004000000080000000a"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000180400", @ANYRESOCT=r0, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000002c0)='tlb_flush\x00', r2}, 0x18)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a300000dd000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001380)=ANY=[@ANYBLOB="140000001000010000000000000000000800000a60000000060a0b040000000000000000020000000900010073797a3000000000340004803000018008000100636d7000240002801000038009000100e7a6f6264f000000080001401000000a08000240000000010900020073797a32"], 0x88}}, 0x0)
mount(0x0, &(0x7f0000003c40)='.\x00', &(0x7f0000000040)='hugetlbfs\x00', 0x0, &(0x7f0000003cc0)='gid=1\x00nk]e')
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$setlease(r0, 0x400, 0x2)

2.433960913s ago: executing program 5 (id=5769):
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
syz_clone(0x410e6080, 0x0, 0x0, 0x0, 0x0, 0x0)

2.400059846s ago: executing program 0 (id=5770):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000740)=@file={0x0, './mnt\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(r1, 0x26, &(0x7f00000000c0)={0x1, 0x2, 0x9, 0x401})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
ioctl$EVIOCGRAB(r3, 0x40044590, 0x0)
r4 = syz_open_dev$loop(&(0x7f0000000140), 0x760, 0xa382)
r5 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x1)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000240)={0x0, <r7=>0x0}, &(0x7f0000000280)=0x5)
setuid(r7)
pwritev(r5, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r4, 0x4c00, r5)
sendfile(r4, r4, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r4, 0x4c02, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$caif_stream(0x25, 0x1, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
getsockopt$WPAN_SECURITY(r0, 0x0, 0x1, 0x0, 0x0)
socket$kcm(0x21, 0x2, 0x2)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400)={[{@sysvgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")

2.335108091s ago: executing program 6 (id=5771):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x18)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x1503}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0x0, 0x24000891}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0xce)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f00000023c0)=ANY=[@ANYBLOB="5300000007000046009d40"], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x2004000, &(0x7f0000000080)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[], [], 0x6b}})

2.334902311s ago: executing program 35 (id=5771):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r3}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x18)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x1503}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0x0, 0x24000891}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0xce)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
write$P9_RLERRORu(0xffffffffffffffff, &(0x7f00000023c0)=ANY=[@ANYBLOB="5300000007000046009d40"], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x2004000, &(0x7f0000000080)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[], [], 0x6b}})

1.812403813s ago: executing program 7 (id=5773):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000c80)=[{{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f00000008c0)="3bcbdb0fcfa026557d2ea2b0fa34b7b3ddf4e60fe678186210e935989ea66d7c81fcd371943f18f118107da91cf43c5479ca82428e90b96b3635a98e39939ef5109511d949224164c044f18fb4d64db5c0404f01b99fba50263ee03e82a28fcd751660b0cab68a62a8b6eac29946c988fc747092d35e935ad8442feece96b4ee481cf95a8feb6ec3d6e5cf", 0x8b}, {&(0x7f00000001c0)="742f311a83a225186454bcfd09e48b60d703de616d0e6f11523b39811b58bc1452d76496e44c556198949ad6bab7e9bd1136845e7ff02f7ca7ee", 0x3a}], 0x2}}, {{0x0, 0x0, &(0x7f0000004080)=[{&(0x7f0000000f00)="52348bf9812fc081678b5760a4c4967393fd8939aaf12a894c5424df616c4eea14fbac2dad114a75c405d89fafa5715b56abba4bbceca456d8225e3f6eb57a03287e74c7bd74e40e3fda3150f92d181e7c82cb2f8ea0416fc4c0f111161cdb9a52911925644e25f871d02f403c83214f830f93b30b874e75cab53f1ed7871f21c0d654a47fab0637868517d7e8d9915e99b4dc2dcafdcb2ef2a012ec95418a544c32181fb969e01318e00a12fd1b2a0eb57bcf7de086e320f2d4be4e1453010be849e4d7dba41558329699aacd3d1c7d97b9bf74caf8b7946647309d209558b1965ef7ea4576ec0e289b73c208", 0xed}], 0x1}}], 0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

1.228593501s ago: executing program 5 (id=5775):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002000000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000deab44f4850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r0 = socket(0x10, 0x3, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r1, 0x5)
r2 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r2, 0x6)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x6}, 0x0, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x4, 0x0, 0x7ffc0005}]})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='kfree\x00', r4}, 0x18)
r5 = socket$igmp6(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r5, 0x29, 0x22, &(0x7f0000000000)={{0xa, 0x0, 0x101, @loopback, 0xa3c}, {0xa, 0xfffe, 0xfffffffd, @dev, 0x4}, 0x1000, {[0x9, 0x0, 0xfffffffe, 0xfffffef9, 0x0, 0x1, 0x2]}}, 0x5c)
r6 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000240)=',-\x10*\x00', &(0x7f0000000580)='$\x00\x19y\x01\xff\xb4\x9e\x95oQE\xc9\x1f|\bZ\xf44\x7f)\x03c\x9a\x85\x01V\xb8p+\x84\xfb\xe6?\x88\xe9\x98Y\x0e\xd5P\xa2\xcc\x01*\xcd%v!\x82\xf1\xaaB\x04-\x88\xeb-q8\x03\xadO\xa0F\xc5Z\x0f\xee\x94\xfcy\xa5\xa4L\xa1\xd7g\x9d\xd2m5r\xef\xe1\xd1\x87\x1aM\xa6\xa8\xa2\xef\xb0\x9e\xa9d\xee\xacl\x9c\xcb\x03\x17\xbbG\x15\xba3\xa5r<]T\xc6R\x03\xee#\x0f\x88\xc4\xd3\x02\xd1 @\r\x1cc\xe4|\x13H\xc2\x1fq\x88\xdd\x98\xe1~\xb0\xedK\x17x\v\x9b\xaa\xb4\a\xb6\x8b\x9e*=\x8f\x05\x8b\x88\xc9\x12\xa6\x8fs\x98\xf1\xfe\xcdX\xce,AD\xd2v\xf4\xe5\xd3\xf3\xf1TY\x1c\x8a\x98\xf8\xcf6\xc3>]l\xdaQ\xac\n{)\xc9\x95\xb4\x12j}8\x03\xba&\xe8p\xe8\xf0\xa4\xa6e\xbc\xef\x93%/x\x19\xaa\xb5\x97\x98A\\\x91\x9a \xa8\xf8a\xd8\x97\x1eR\xaf\xc8\x9f', 0x0)
read$ptp(r6, 0x0, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x2160, 0x102)
fsetxattr$trusted_overlay_redirect(r7, &(0x7f0000000040), 0x0, 0x0, 0x0)
llistxattr(&(0x7f00000003c0)='./file1\x00', 0x0, 0x0)
connect$netlink(r0, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x14, 0x30, 0x829}, 0x14}}, 0x0)

1.135698548s ago: executing program 0 (id=5776):
r0 = socket(0x40000000015, 0x805, 0x0)
getsockopt(r0, 0x114, 0x2710, &(0x7f0000019440)=""/102400, &(0x7f00000000c0)=0x19000)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000180)=0x1)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x1)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f00000001c0)={'syzkaller0\x00', 0x2})
ioctl$TUNSETLINK(r3, 0x400454cd, 0x304)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000011008188e6b62aa73f72cc9f0ba1f8483d0000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r5)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0xa, 0x0, 0x0, 0x40f00, 0x60, '\x00', 0x0, @fallback=0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000500)='kmem_cache_free\x00', r6}, 0x18)
r7 = socket$key(0xf, 0x3, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600"/20, @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
r9 = socket$inet(0x2, 0x2, 0x1)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x4010)
sendmsg$inet(r9, &(0x7f0000001040)={&(0x7f0000000040)={0x2, 0xffff, @remote}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000400)='\b\x00', 0x2}, {&(0x7f0000000180)="2d0000008058", 0x6}], 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000890b040a0101027f00000100000000001c000000000000000000000008"], 0x40}, 0x20008024)
sendmsg$key(r7, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030003110000002cbd7000fcdbdf2503000900"], 0x88}, 0x1, 0x7}, 0x0)

934.702004ms ago: executing program 5 (id=5777):
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x9, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x0, 0x10000, 0x0, 0x7, 0x9, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCRMFF(r2, 0x41015500, &(0x7f0000000500))
sendmsg$nl_generic(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}, 0x1, 0x0, 0x0, 0x20000000}, 0x40050)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8d40, 0x0)
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000200)={0x0, 0x0, 0x6, 0x0, 0x0, "00769a7d8200010000001495595915303d6000"})
r4 = syz_open_pts(r3, 0x0)
ioctl$TCFLSH(r4, 0x80045440, 0x2)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r5, 0xffffffffffffffff, 0x100000000000000)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000640), 0x9e042, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r7 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000001040), 0x1, 0x0)
write$binfmt_register(r7, &(0x7f0000001080)={0x3a, 'syz1', 0x3a, 'E', 0x3a, 0x2, 0x3a, '-', 0x3a, ')', 0x3a, './file0', 0x3a, [0x46, 0x0]}, 0x2b)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000680)=0x2)
ioctl$KDFONTOP_SET(r6, 0x4b72, &(0x7f0000000080)={0x0, 0x3000000, 0x8, 0x1b, 0x100, &(0x7f00000000c0)="387ed7626d850509a2d6c1aa38f15cd00f85c263cb226db671261fff7ce9c555f189afae3530db6dd493f28fd988721b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef495689092883b902a41cd75387ef6f7bc7d460d5e665f398ff95596dc94ec97003a3db08e500c2fb07e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1f7a1e850ecb3421143c5c4ded0f083a0c524dcf320827266819b6a952db5bc96141b26c54db857edbcbbc81c7af7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8da0dbf5e20d604413ed2ddf9bcbf881caf811852806175d63892a15234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa02863be90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695ef060000001bbe1b649f42f310859122c0d2c1e558dc6586958a28374f386ecf369274e43003a09b5159ea515eb44521901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc509254a12cece59181fcb5bad8c24bd9f8f78d17ab01831325501e80d899e9252f99d3a2666343392fda115048e4f4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd3330000000000000009a3237aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b5b66ab89d2d6333f699b16db68986ab3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9b647ba812f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d14df8aa9df6f40a80ace2bb8a2aad3b0c66915927db4173181943d88c0c76d5969e2043db5bd77fd60ba0f012139929ccfec965c1f769785a4d23332d71f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fdc1bc31152538db50f47dc38ba908a0d808687e478a609fe0daa0000000000000000e7f2e98597e27f3e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d4794ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e8fd4e71929f918b98c4cbfcb11a90139264a9ee807c973167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d174d2465380b1a00ddc42915e4f3a5db640600000095a3d63904c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e04c93a5470774975b42091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00000000ddffffff00"})
r8 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000009c0)="010000000037a788a11d1f000000000000006923c63a4541062101b60a2156566de77062086575a59ea9cb", 0x2b, r8)
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r9 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000780)={&(0x7f00000006c0)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000740)={&(0x7f0000000700)=@newtclass={0x2c, 0x28, 0x2, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x1, 0x2}, {0x1, 0xc}, {0xfff3, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x4, 0xb}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4040840}, 0x20000000)
add_key$user(&(0x7f0000000080), &(0x7f0000000100)={'syz', 0x0}, &(0x7f0000000140)="da", 0x1, r9)
keyctl$search(0xa, r8, &(0x7f00000004c0)='cifs.spnego\x00', &(0x7f0000000500)={'syz', 0x3}, r9)

875.07192ms ago: executing program 1 (id=5778):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000340)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='utf8=1,utf8=1,utf8\x00\x00,utf8=1,shortname=win95,errors=remount-ro,uni_xlate=1,\x00'], 0x3, 0x236, &(0x7f0000000380)="$eJzs2r+LHGUYB/BnLomJFy574i8SEF+0UJshd7VFDrmAuKBoVoiCZOLN6rLj7rGzHKyIuUpb/wRrsbQTJaXNNf4FFnbXXJlCHEl2Y3JhLYKYXfXzafaBZ7/M8+67vLzFHL761Sf9bp13i3GsZFmsXIr9uJXFeqzEXfvxyktXf3runavvvbHVbm+/ndLlrSsbmymlc8//+P5n375wc3z23e/OfX86DtY/ODza/PXgmYPzh79f+bhXp16dBsNxKtL14XBcXK/KtNOr+3lKb1VlUZepN6jL0bF+txru7k5SMdhZW90dlXWdisEk9ctJGg/TeDRJxUdFb5DyPE9rq8Hf0fnmVtPEUXPqWjRN8/jXcfZmrP0SrcieSNmTl7Knr2XP7mfnj5qmtehR+UfY//+3+w71MxHVl3udvc70c9rf6kYvqijjYrTit7j9N5mZ1pdfb29fTHesxxfVjVn+xl7nxPH8RrRifX5+Y5pPx/OnYzXiVMQsvxmteGpO/ofY3pybPxMvv3jf8/Noxc8fxjCq2Inb2XvP/3wjpdfebD+Qv3DnewAA/zV5+tPc+1ue/1V/mn+I++ED96uTceHkYtdORD35tF9UVTn6txd3F7Qs8yxr8dic1onZb7ccEyqWoljcmcSjc2/TFz0JAAAAAAAAAAAAD+NRvE646DUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADL7Y8AAAD//+u8zfo=")
r0 = socket$can_raw(0x1d, 0x3, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0x400, &(0x7f0000000100)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54dabaa5206d4a2a060b5ccc774b3ec4c81a1a9852327ff871d16d0d9344e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9aeb8576d329be6e4bb168f1434000000", @ANYRESHEX=0x0], 0xfd, 0x296, &(0x7f0000001080)="$eJzs3M1qE1EUwPFj0o80tU0WIiiIB92oi6GNL2CQFsSAUhtRF8LUTjRkTMrMWImI7c6tz1FcuhPUF+jGnQt30k0XCm66UCOdjzatQ6u2yYTm/4Myp3Pvydz5CmcGctfvvHpcq7hGxfQklVFJiSzLhkh+MwodC5cpPx6SdstycfT7pzO37t67XiyVpmZUp4uzlwuqOn723dPnr8998EZvvxl/Oyyr+fvr3wpfVk+unlr/NRt9esNTU+caDc+csy2dr7o1Q/WmbZmupdW6azk72it2Y2GhqWZ9fiy74Fiuq2a9qTWrqV5DPaep5kOzWlfDMHQsK/0m/c8Z5ZWZGbPYkcEgCSNxKx2naKZjG8sr3RgUAADoLUnV/4+qrlZdre9X/6eE+r9zqP+PkuNrEvsUuFn/Z8P7d8uln10cGQAAAAAAAAAAAAAAAAAAAAAAOIiNVivXarVy0TL6GxaRjIhE/yc9TnTGQc7/cPeHi0PW9sO9jIj9crG8WA6WQXuxIlWxxZKJQZEf/vUQCuLpa6WpCfXl5b29FOYvLZbT/vXh50fy8fmTQb7uzB+UbPv2C5KTE/I5Lr8Qmz8kF8635RuSk48PpCG2zPvX9Xb+i0nVqzdKu/JH/H4AAAAAABwFhm754/ndbzc0mjZkV3uwcvv9gOT2eT+w6/l6QE4PJLffAAAAAAD0E7f5rGbatuUQ7AiuiMiefZI+dCM9cqA6GKQ2z0HXt/41ujV64yAcarD2JNi1v+mc4JcSAAAAgI7YLvqTHgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP1rj2nAMmEXf03U/3/mHmvbXLr7ewgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0jt8BAAD//ysQG/U=")
chdir(&(0x7f0000000240)='./file0\x00')
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x82400, 0x184)
getdents(r2, 0x0, 0x40)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'bridge0\x00', <r3=>0x0})
writev(0xffffffffffffffff, &(0x7f0000000100)=[{0x0}, {&(0x7f0000000580)="051a00000e80006558f2878f02000000", 0x10}], 0x2)
sendmsg$can_raw(r0, &(0x7f0000000000)={&(0x7f0000000580)={0x1d, r3}, 0x10, &(0x7f0000000100)={0x0}, 0x2, 0x0, 0x0, 0x4904}, 0x4040005)
sendmsg(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000240)='K', 0x1}], 0x1, 0x0, 0x0, 0x11000000}, 0x4008014)
r4 = syz_clone(0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
ptrace$setregs(0xd, r4, 0x0, &(0x7f0000000540))
ptrace$cont(0x21, r4, 0x0, 0x0)

764.147888ms ago: executing program 5 (id=5779):
gettid()
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, 0x0, 0x0)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
r3 = accept(r1, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[], 0xfffffdef}, 0x1, 0x0, 0x0, 0x2400c840}, 0x0)
recvfrom(r2, &(0x7f0000000280)=""/90, 0xfffffffffffffe4a, 0x530, 0x0, 0x0)

763.637118ms ago: executing program 7 (id=5780):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000040000000400000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r1}, &(0x7f0000000a00), &(0x7f0000000a40)=r0}, 0x20) (fail_nth: 1)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r1}, &(0x7f0000000880), &(0x7f00000008c0)=r0}, 0x20)
mmap$xdp(&(0x7f0000ff4000/0x4000)=nil, 0x4000, 0x8, 0x11, r0, 0x0)
preadv2(r1, &(0x7f0000000340)=[{&(0x7f0000000280)=""/41, 0x29}, {&(0x7f00000003c0)=""/220, 0xdc}, {&(0x7f00000002c0)=""/115, 0x73}, {&(0x7f00000004c0)=""/163, 0xa3}], 0x4, 0x0, 0xb3fd, 0x16)

744.8155ms ago: executing program 1 (id=5781):
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
r0 = gettid()
rt_sigsuspend(&(0x7f0000000040)={[0x3]}, 0x8)
tkill(r0, 0x7)
r1 = socket$netlink(0x10, 0x3, 0x14)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r3 = signalfd(r1, &(0x7f0000000040)={[0x3]}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6e, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r4}, 0x38)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d000000181100", @ANYRES32=r4], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$selinux_access(r6, &(0x7f00000004c0)=ANY=[@ANYBLOB="73797374656d5f753a6f626a6563745f723a7570647077645f657865635f742073797374656d5f753a73797374656d5f723afaffffffffffffff3a73302030"], 0x56)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r7, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r7, 0x8933, &(0x7f0000001000))
sendmsg$ETHTOOL_MSG_RINGS_GET(r3, &(0x7f0000001180)={&(0x7f0000000c40)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000001140)={0x0}}, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f0000000c00)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x8000)
sendmsg$NL80211_CMD_CONTROL_PORT_FRAME(r3, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r2}, 0x38)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000000c0)='kfree\x00', r8}, 0x18)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000000314010000000000000000000900020073797a2f000000000800410072786500140033007465616d5f736c6176655f30"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8844)
socket$nl_netfilter(0x10, 0x3, 0xc)

498.23774ms ago: executing program 1 (id=5782):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x80)
faccessat(r1, &(0x7f0000000080)='./file0\x00', 0x12)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000030000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004"], 0x0, 0x26, 0x0, 0x0, 0xb}, 0x28)
stat(&(0x7f00000002c0)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0})
setfsgid(r4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000740)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
splice(r7, 0x0, r8, 0x0, 0x1, 0x0)
vmsplice(r8, &(0x7f0000000240)=[{&(0x7f0000000180)}, {&(0x7f0000000780)="e3", 0x1}, {&(0x7f0000000340)='@', 0x1}, {&(0x7f0000000000)="b1", 0x1}], 0x4, 0x6)
ioctl$sock_inet_udp_SIOCINQ(r8, 0x541b, 0x0)
write(r6, 0x0, 0x0)

467.726233ms ago: executing program 0 (id=5783):
open(&(0x7f00009e1000)='./file0\x00', 0x149040, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, 0x0, 0x0, 0x7ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x18)
symlinkat(0x0, 0xffffffffffffff9c, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3f7, &(0x7f00000004c0)="$eJzs281rXFUbAPDn3nyUt2nfxFq/2qrTBjGgJk2iQsBNRUVBcKE7FxKaaSlOmtKM2BYXKoKr4saVrlzpH+DGhSDuXQmudC+FIMW1jNyZe5txMhMzyYyjvb8fTHLO3DOc88yZZ+bcc2cCKK1K9ieJOBIRP0fEdKv61waV1r/fb793Prsl0Wi8/lvSbJfVi6bF46byylwakX6UxMku/W5ev/H2aq1WvZrXF+rrVxY2r9946tL66sXqxerl5ZVnzi4trzy7sjywWG/ePvXTxuev/fHJmV+mnr/51gvZeI/kx9rjGJRKVKKR6zz22KA7G7GjbeVkfIQDoS9jEZFN10Qz/6djLLYnbzpe/HCkgwOGKvtsOtT78PsN4C6WxKhHAIxG8UFfnNsP4zz432zrXOsEaGf845HmbSY6zm8HKTvbuvbmx99mtxjSPgQAQLvvsvXPk93WP2nc39bu//m1oZmIuCcijkXEvRFxPCLui2i2fSAiHuyz/0pHfef6J721r8D2KFv/Pdd1/Vus/mJmLK8dbcY/kVy4VKuezZ+TuZg4lNUXd+njx1e++rLXsUrb+i+7Zf0Xa8F8HLfGOzbo1lbrqweJud3WBxEnuq5/kztXApKIeCgiTuyzj2/ONT7rdezv4x+uxhcRj3ed/+2roMnu1ycXmq+HheJVsdOpd6+s9ep/1PFn83949/hnkvbrtZv99/H1zOmtXsf2+/qfTN5olifz+66t1utXFyMmk1d33r+0/diiXrTP4p+b7Z7/x2L7mTiZzWNEPBwRj0TEo/nYT0fEmYiY3SX+l2Zfru4//uHK4l/ra/77L6wvff9Dr/73Nv9PN0tz+T17ef/b6wAP8twBAADAf0Xa/A58ks7fKafp/HzrO/zH43Ba29isP3Fh453La63vys/ERFrsdE237Ycu5nvDRX2po76c7xt/Ova/Zn3+/Eat56YY8I+Y6pH/mV/HRj06YOj8XgvKS/5Decl/KC/5D+Ul/6G85D+Ul/yH8pL/UF7yH8pL/kMpHeR3/QoKCndrYdTvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIPxZwAAAP//jYTnFQ==")
connect$inet6(0xffffffffffffffff, &(0x7f00000001c0)={0xa, 0x0, 0x8, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}, 0x1c)

467.373662ms ago: executing program 7 (id=5784):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{r0}, &(0x7f0000000400), &(0x7f0000000500)=r1}, 0x20)
r2 = socket$netlink(0x10, 0x3, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r3, 0x0)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000000200)=0x8, 0x4)
r4 = syz_open_dev$vcsn(0x0, 0x7fffffff, 0x40000)
getsockopt$WPAN_SECURITY(r4, 0x0, 0x1, &(0x7f0000000240), &(0x7f0000000280)=0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x1a, &(0x7f0000000100)=0x401, 0x4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x5, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@call={0x85, 0x0, 0x0, 0x85}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
setsockopt$sock_int(r5, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r5, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty, 0xffffffff}, 0x1c)
listen(r5, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000208004500002800000000fd06907864010101ac1414aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5c0400e090780000"], 0x0)
r7 = socket$netlink(0x10, 0x3, 0x10)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
getsockname$packet(r4, &(0x7f0000000380)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r2, &(0x7f0000000600)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000580)=@deltfilter={0x2c, 0x2d, 0x800, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x0, r8, {0x0, 0xe}, {0x7, 0xfff2}, {0xfff3, 0x2}}, [@TCA_CHAIN={0x8, 0xb, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x80)
capget(0x0, 0x0)
bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f0000000000)=0x80, 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r7, 0x10e, 0x4, &(0x7f0000000180)=0x800, 0x4)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)

266.257819ms ago: executing program 0 (id=5785):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000740)=@file={0x0, './mnt\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(r1, 0x26, &(0x7f00000000c0)={0x1, 0x2, 0x9, 0x401})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = syz_open_dev$evdev(&(0x7f0000000040), 0x2, 0x0)
ioctl$EVIOCGRAB(r3, 0x40044590, 0x0)
r4 = syz_open_dev$loop(&(0x7f0000000140), 0x760, 0xa382)
r5 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x1)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000000240)={0x0, <r7=>0x0}, &(0x7f0000000280)=0x5)
setuid(r7)
pwritev(r5, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r4, 0x4c00, r5)
sendfile(r4, r4, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r4, 0x4c02, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$caif_stream(0x25, 0x1, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
getsockopt$WPAN_SECURITY(r0, 0x0, 0x1, 0x0, 0x0)
socket$kcm(0x21, 0x2, 0x2)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000400)={[{@sysvgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")

222.867042ms ago: executing program 1 (id=5786):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="10000000040000000400000002"], 0x48)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f0000000f00)={[{@usrquota}, {@barrier}, {@resuid}, {@min_batch_time={'min_batch_time', 0x3d, 0x101}}, {@errors_remount}, {@bh}]}, 0x6, 0x600, &(0x7f0000001200)="$eJzs3c9rHGUfAPDvzCZ5kzbvm/ZFxBbFgIcWpGlSi1UvtvVgDwUL9iDioaFJauj2B00KthZMwYOCgohXkV78B7xL795EUG+ehSpSUVDpyuzOtptkN92m2Z008/nAZp/nmdl9nu9OnswzM3l2Aiit8exHGrEr4s6pJGKsZdloNBaO5+vd/u3a6eyRRK32+q9JJHlZc/0kf96eZ4Yj4tujEf+vrK534crVs9PVWsN7EfsXz13cv3Dl6r75c9NnZs/Mnp868MLBQ5MvTh2c2pA4t+fPx46/9uTH77/9/Nx31X1JHI6Tg+/OxIo4Nsp4jMedPMTW8oGIOJQl2nwuj5oHCmGkd+1gfSr57+NgRDweY1Gp5xrGYv6jQhsH9FStElEDSirR/6GkmuOA5rF9d8fBJ3s8KumfW0caB0Cr4x9onBuJ4fqx0bbbScuRUePcxo4NqD+r459ruz/PHrHsPMSfd7fOwAbU08nS9Yh4ol38Sb1tO+qRZvGny9qRRMRkRAzl7XvlIdqQtKR7cR5mLeuNP42Iw/lzVn50nfWPr8j3O34AyunmkXxHvpTl7u3/srFHc/wTbcY/o232XetR9P6v8/ivub8frp8jT1eMw7Ixy4n2bzm4suCnD4992qn+1vFf9sjqb44F++HW9YjdK+L/IAs2H/9k8Sdttn+2yqnD3dXx6ve/HOu0rOj4azci9rQ9/rk3Ks1Sa1yf3D83X52dbPxsW8fX37z1Zaf6i44/2/7bOsTfsv3Tla/LPpOLXdbx1Ykb5zotG71v/OnPQ0njeHMoL3lnenHx0lTEUHI8X6Wl/MDabWmu03yPLP69z7Tv/8t+/68vf5+R5p/MLlx84+ztTsvWs/1bLibfqXXZhk6y+Gfuv/1X9f+s7JMu6/jjzctPdVq2VvwuFwMAAAAAAMCDSevXYJN04m46TScmGvNlH4ttafXCwuKzcxcun5+J2Fv/f8jBtHmle6yRT7L8VP7/sM38gRX55yJiZ0R8Vhmp5ydOX6jOFB08AAAAAAAAAAAAAAAAAAAAbBLb8/n/zftU/15pzP8HSqKXN5gDNjf9H8qr3v9X3eIJKAP7fygv/R/KS/+H8tL/obz0fygv/R/KS/+H8tL/AQAAAGBL2vn0zR+TiFh6aaT+yAzly8wIgq1tsOgGAIWpFN0AoDB3L/0b7EPpdDX+/yv/csDeNwcoQNKusD44qK3d+W+2fSUAAAAAAAAAAAAA0AN7dnWe/29uMGxtpv1BeT3E/H9fHQCPOF/9D+XlGB+43yz+4U4LzP8HAAAAAAAAAAAAgL4ZrT+SdCKfCzwaaToxEfHfiNgRg8ncfHV2MiL+FxE/VAb/k+Wnim40AAAAAAAAAAAAAAAAAAAAbDELV66ena5WZy+1Jv5eVbK1E827oPahrpfjAV8VSf8/lpGIKHyj9Cwx0FKSRCxlW35TNOzSQmyOZtQTBf9hAgAAAAAAAAAAAAAAAACAEmqZe9ze7i/63CIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6L979//vXaLoGAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAR9O/AQAA//9/3EA1")
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r0}, &(0x7f0000000a00), &(0x7f0000000a40)}, 0x20)

154.082948ms ago: executing program 1 (id=5787):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
writev(r1, &(0x7f0000000240)=[{&(0x7f0000000080)="2e9b5b0007e03dd65193dfb6c575963f86dd606712e900320400000000000000eaebfd2607ee", 0x26}, {&(0x7f0000000100)="b700"/12, 0xc}, {&(0x7f0000000040)="37a8a6c41e", 0x5}, {&(0x7f0000000280)="3de496b26cb156fc17de651bb0059979575c10b71057fb", 0x17}], 0x4)

0s ago: executing program 1 (id=5788):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r2=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x80, 0x4, 0x28}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x18)
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=@newlink={0x44, 0x10, 0x401, 0xfffffffc, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x1503}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x44}, 0x1, 0x0, 0x0, 0x24000891}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0xce)
pipe2$9p(&(0x7f0000000240)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15)
write$P9_RLERRORu(r4, &(0x7f00000023c0)=ANY=[@ANYBLOB="5300000007000046009d40"], 0x53)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x2004000, &(0x7f0000000080)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r4}, 0x2c, {[], [], 0x6b}})

kernel console output (not intermixed with test programs):

yscall=321 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  301.478291][   T29] audit: type=1326 audit(1754575009.360:15161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17146 comm="syz.0.4983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  301.504425][   T29] audit: type=1326 audit(1754575009.360:15162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17146 comm="syz.0.4983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  301.530748][   T29] audit: type=1326 audit(1754575009.360:15163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17146 comm="syz.0.4983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  301.557661][   T29] audit: type=1326 audit(1754575009.360:15164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17146 comm="syz.0.4983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  301.583780][   T29] audit: type=1326 audit(1754575009.360:15165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17146 comm="syz.0.4983" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  301.761093][T17154] loop0: detected capacity change from 0 to 2048
[  301.800790][T17154] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  301.900997][T12336] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  301.916976][T12336] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  301.929936][T12336] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  301.956444][T17162] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  301.970999][T17167] loop0: detected capacity change from 0 to 1024
[  301.989978][T17167] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  302.003362][T17167] ext4 filesystem being mounted at /345/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  302.030900][T17167] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  302.053962][T17167] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4989'.
[  302.068324][T17173] netlink: 'syz.1.4991': attribute type 10 has an invalid length.
[  302.079498][T12336] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.184960][T17178] loop6: detected capacity change from 0 to 512
[  302.210327][T17182] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4992'.
[  302.252417][   T29] audit: type=1326 audit(1754575010.164:15166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17183 comm="syz.1.4995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4127f1ebe9 code=0x7ffc0000
[  302.283889][   T29] audit: type=1326 audit(1754575010.164:15167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17183 comm="syz.1.4995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4127f1ebe9 code=0x7ffc0000
[  302.503165][T17190] loop6: detected capacity change from 0 to 8192
[  302.522840][T17190] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  302.540911][T17190] FAT-fs (loop6): error, fat_free: invalid cluster chain (i_pos 1046)
[  302.554597][T17190] FAT-fs (loop6): Filesystem has been set read-only
[  302.626416][T17199] netlink: 10 bytes leftover after parsing attributes in process `syz.6.4998'.
[  302.640599][T17195] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  302.690463][T17201] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  302.711515][T17201] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5002'.
[  302.743126][T17204] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  302.754925][T17204] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  302.754931][T13926] FAT-fs (loop6): error, fat_free: invalid cluster chain (i_pos 1046)
[  302.853676][T17208] netlink: 'syz.1.5005': attribute type 10 has an invalid length.
[  303.509665][T17225] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  303.551391][T17228] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  303.586799][T17228] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5013'.
[  303.658719][T17230] loop6: detected capacity change from 0 to 8192
[  303.670213][T17230] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  303.685708][T17230] FAT-fs (loop6): error, fat_free: invalid cluster chain (i_pos 1046)
[  303.696029][T17230] FAT-fs (loop6): Filesystem has been set read-only
[  303.747207][T17236] netlink: 'syz.5.5017': attribute type 10 has an invalid length.
[  303.770540][T17237] netlink: 10 bytes leftover after parsing attributes in process `syz.6.5014'.
[  303.840374][T17234] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5016'.
[  303.888455][T13926] FAT-fs (loop6): error, fat_free: invalid cluster chain (i_pos 1046)
[  303.961823][T17247] loop5: detected capacity change from 0 to 512
[  303.998770][T17251] loop5: detected capacity change from 0 to 2048
[  304.047359][T14149] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  304.065721][T14149] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  304.327314][T17272] loop5: detected capacity change from 0 to 8192
[  304.336059][T17272] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  304.348290][T17272] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 1046)
[  304.357204][T17272] FAT-fs (loop5): Filesystem has been set read-only
[  304.404738][T17272] netlink: 10 bytes leftover after parsing attributes in process `syz.5.5029'.
[  304.517724][T14149] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 1046)
[  304.576553][T17277] netlink: 'syz.5.5031': attribute type 10 has an invalid length.
[  304.755126][T17284] loop5: detected capacity change from 0 to 8192
[  304.763679][T17284] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  305.121454][T17300] loop5: detected capacity change from 0 to 2048
[  305.273344][T17303] sctp: [Deprecated]: syz.0.5039 (pid 17303) Use of struct sctp_assoc_value in delayed_ack socket option.
[  305.273344][T17303] Use struct sctp_sack_info instead
[  305.461747][T17296] lo speed is unknown, defaulting to 1000
[  305.630334][T14149] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  305.648598][T14149] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  305.710073][T17313] netlink: 'syz.5.5044': attribute type 10 has an invalid length.
[  305.886795][T17315] loop7: detected capacity change from 0 to 8192
[  305.896364][T17315] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  306.170547][T17325] syz!: rxe_newlink: already configured on team_slave_0
[  306.282778][T17321] lo speed is unknown, defaulting to 1000
[  306.411680][T17333] loop0: detected capacity change from 0 to 8192
[  306.421769][T17333] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  306.462605][T17333] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 1046)
[  306.471670][T17333] FAT-fs (loop0): Filesystem has been set read-only
[  306.500588][T17336] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  306.651175][T17338] __nla_validate_parse: 1 callbacks suppressed
[  306.651193][T17338] netlink: 10 bytes leftover after parsing attributes in process `syz.0.5051'.
[  306.871349][T12336] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 1046)
[  306.883511][T17343] loop7: detected capacity change from 0 to 1024
[  306.918167][T17343] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  307.005482][T17356] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  307.042131][T17359] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  307.054594][T17359] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  307.079353][T17356] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5054'.
[  307.166907][T17364] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  307.217656][T17366] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5062'.
[  307.281019][T17368] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  307.757997][T17375] loop7: detected capacity change from 0 to 2048
[  308.180512][T14541] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  308.218107][T14541] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  308.354640][T17397] loop6: detected capacity change from 0 to 1024
[  308.371222][T17397] ext4 filesystem being mounted at /255/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  308.384186][T17393] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  308.408141][T17391] netlink: 'syz.7.5069': attribute type 10 has an invalid length.
[  308.434442][T17397] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  308.489270][T17400] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5073'.
[  308.597932][T17403] loop6: detected capacity change from 0 to 8192
[  308.616951][T17403] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  309.510590][   T29] kauditd_printk_skb: 28 callbacks suppressed
[  309.510660][   T29] audit: type=1326 audit(1754575016.955:15196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17416 comm="syz.1.5081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4127f1ebe9 code=0x7ffc0000
[  309.591604][   T29] audit: type=1326 audit(1754575016.993:15197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17416 comm="syz.1.5081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4127f1ebe9 code=0x7ffc0000
[  309.622439][   T29] audit: type=1326 audit(1754575016.993:15198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17416 comm="syz.1.5081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4127f1ebe9 code=0x7ffc0000
[  309.651320][   T29] audit: type=1326 audit(1754575016.993:15199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17416 comm="syz.1.5081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f4127f1ebe9 code=0x7ffc0000
[  309.685070][   T29] audit: type=1326 audit(1754575016.993:15200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17416 comm="syz.1.5081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4127f1ebe9 code=0x7ffc0000
[  309.718614][   T29] audit: type=1326 audit(1754575016.993:15201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17416 comm="syz.1.5081" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4127f1ebe9 code=0x7ffc0000
[  309.751580][   T29] audit: type=1326 audit(1754575017.086:15202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17421 comm="syz.6.5083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e3a6eebe9 code=0x7ffc0000
[  309.783172][   T29] audit: type=1326 audit(1754575017.086:15203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17421 comm="syz.6.5083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e3a6eebe9 code=0x7ffc0000
[  309.808686][   T29] audit: type=1326 audit(1754575017.086:15204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17421 comm="syz.6.5083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e3a6eebe9 code=0x7ffc0000
[  309.834939][   T29] audit: type=1326 audit(1754575017.086:15205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17421 comm="syz.6.5083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e3a6eebe9 code=0x7ffc0000
[  309.883077][T17430] loop6: detected capacity change from 0 to 1024
[  309.911979][T17430] ext4 filesystem being mounted at /260/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  309.936446][T17430] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  310.230476][T17442] loop0: detected capacity change from 0 to 8192
[  310.244461][T17442] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  310.332214][T17440] lo speed is unknown, defaulting to 1000
[  310.611636][T17465] loop5: detected capacity change from 0 to 1024
[  310.915398][T17465] ext4 filesystem being mounted at /233/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  310.941648][T17469] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  310.996468][T17465] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  311.061216][T17475] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5097'.
[  311.242719][T17483] loop6: detected capacity change from 0 to 8192
[  311.299659][T17483] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  311.364417][T17481] netlink: 10 bytes leftover after parsing attributes in process `syz.1.5101'.
[  311.637248][T17484] lo speed is unknown, defaulting to 1000
[  312.689061][T17517] netlink: 'syz.1.5114': attribute type 10 has an invalid length.
[  312.752326][T17519] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  312.800004][T17525] loop6: detected capacity change from 0 to 1024
[  312.873354][T17525] ext4 filesystem being mounted at /267/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  312.905728][T17525] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  312.947936][T17528] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  312.987061][T17525] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5116'.
[  313.025318][T17534] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5117'.
[  313.281472][T17548] loop0: detected capacity change from 0 to 8192
[  313.298656][T17548] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  313.333500][T17548] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 1046)
[  313.343833][T17548] FAT-fs (loop0): Filesystem has been set read-only
[  313.403396][T17554] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  313.429052][T17548] netlink: 10 bytes leftover after parsing attributes in process `syz.0.5123'.
[  313.507667][T17563] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  313.536916][T17563] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5128'.
[  313.551209][T12336] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 1046)
[  313.705076][T17582] netlink: 'syz.1.5137': attribute type 10 has an invalid length.
[  313.773770][T17585] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5135'.
[  314.140097][T17594] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5140'.
[  314.226829][T17596] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  314.251813][T17596] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5141'.
[  315.012085][   T29] kauditd_printk_skb: 122 callbacks suppressed
[  315.012126][   T29] audit: type=1326 audit(1754575022.100:15328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17626 comm="syz.6.5153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e3a6eebe9 code=0x7ffc0000
[  315.049675][   T29] audit: type=1326 audit(1754575022.100:15329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17626 comm="syz.6.5153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e3a6eebe9 code=0x7ffc0000
[  315.079416][   T29] audit: type=1326 audit(1754575022.100:15330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17626 comm="syz.6.5153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e3a6eebe9 code=0x7ffc0000
[  315.111487][   T29] audit: type=1326 audit(1754575022.100:15331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17626 comm="syz.6.5153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f8e3a6eebe9 code=0x7ffc0000
[  315.141747][   T29] audit: type=1326 audit(1754575022.100:15332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17626 comm="syz.6.5153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e3a6eebe9 code=0x7ffc0000
[  315.168541][   T29] audit: type=1326 audit(1754575022.100:15333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17626 comm="syz.6.5153" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e3a6eebe9 code=0x7ffc0000
[  315.245670][   T29] audit: type=1326 audit(1754575022.306:15334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17633 comm="syz.7.5156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9833febe9 code=0x7ffc0000
[  315.272791][   T29] audit: type=1326 audit(1754575022.306:15335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17633 comm="syz.7.5156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7fd9833febe9 code=0x7ffc0000
[  315.300779][   T29] audit: type=1326 audit(1754575022.306:15336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17633 comm="syz.7.5156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9833febe9 code=0x7ffc0000
[  315.331424][   T29] audit: type=1326 audit(1754575022.306:15337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17633 comm="syz.7.5156" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9833febe9 code=0x7ffc0000
[  315.451486][T17642] loop6: detected capacity change from 0 to 2048
[  315.826713][T13926] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  315.853639][T17653] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5163'.
[  315.874661][T13926] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  315.909303][T17650] lo speed is unknown, defaulting to 1000
[  315.953898][T17657] sctp: [Deprecated]: syz.7.5158 (pid 17657) Use of struct sctp_assoc_value in delayed_ack socket option.
[  315.953898][T17657] Use struct sctp_sack_info instead
[  316.137823][T17670] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  316.439236][T17678] lo speed is unknown, defaulting to 1000
[  316.467280][T17682] loop7: detected capacity change from 0 to 8192
[  316.520046][T17682] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  317.461864][T17711] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  317.484091][T17713] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5184'.
[  317.732522][T17727] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5188'.
[  317.745280][   T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.876837][   T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.918096][T17721] lo speed is unknown, defaulting to 1000
[  318.063980][   T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.174613][T17721] chnl_net:caif_netlink_parms(): no params data found
[  318.210343][   T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.243416][T17721] bridge0: port 1(bridge_slave_0) entered blocking state
[  318.252612][T17721] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.276342][T17721] bridge_slave_0: entered allmulticast mode
[  318.284056][T17721] bridge_slave_0: entered promiscuous mode
[  318.300960][T17721] bridge0: port 2(bridge_slave_1) entered blocking state
[  318.308600][T17721] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.316745][T17721] bridge_slave_1: entered allmulticast mode
[  318.323671][T17721] bridge_slave_1: entered promiscuous mode
[  318.372614][T17740] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  318.484369][   T12] bond0 (unregistering): Released all slaves
[  318.495545][T17721] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  318.516530][T17721] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  318.571291][T17721] team0: Port device team_slave_0 added
[  318.578687][T17721] team0: Port device team_slave_1 added
[  318.608133][T17721] batman_adv: batadv0: Adding interface: batadv_slave_0
[  318.617345][T17721] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  318.645998][T17721] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  318.661854][   T12] hsr_slave_0: left promiscuous mode
[  318.668868][   T12] hsr_slave_1: left promiscuous mode
[  318.681597][   T12] veth1_vlan: left promiscuous mode
[  318.688824][   T12] veth0_vlan: left promiscuous mode
[  318.715376][T17759] loop0: detected capacity change from 0 to 1024
[  318.750443][T17759] EXT4-fs mount: 22 callbacks suppressed
[  318.750464][T17759] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  318.789153][T17759] ext4 filesystem being mounted at /383/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  318.820109][T17764] loop5: detected capacity change from 0 to 512
[  318.828748][T17721] batman_adv: batadv0: Adding interface: batadv_slave_1
[  318.829724][T17764] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  318.836566][T17721] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  318.850881][T17764] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.876668][T17721] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  318.897795][ T3657] lo speed is unknown, defaulting to 1000
[  318.903958][ T3657] infiniband syz0: ib_query_port failed (-19)
[  318.911916][T17759] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  318.927755][T17766] __nla_validate_parse: 1 callbacks suppressed
[  318.927771][T17766] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5197'.
[  318.966980][T12336] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.967037][T17721] hsr_slave_0: entered promiscuous mode
[  318.983540][T17721] hsr_slave_1: entered promiscuous mode
[  318.991323][T17721] debugfs: 'hsr0' already exists in 'hsr'
[  318.997303][T17721] Cannot create hsr debugfs directory
[  319.297984][T17784] loop0: detected capacity change from 0 to 512
[  319.304924][T17786] loop6: detected capacity change from 0 to 1024
[  319.314436][T17784] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  319.334736][T17784] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.357730][T17790] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  319.357730][T17790]    program syz.6.5208 not setting count and/or reply_len properly
[  319.409245][T17721] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  319.419850][T17721] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  319.429742][T17721] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  319.439050][T17721] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  319.446982][T17794] loop0: detected capacity change from 0 to 1024
[  319.459703][T17794] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  319.473063][T17794] ext4 filesystem being mounted at /391/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  319.494041][T17794] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  319.526907][T17794] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5210'.
[  319.538489][T17721] 8021q: adding VLAN 0 to HW filter on device bond0
[  319.548026][T12336] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.552417][T17721] 8021q: adding VLAN 0 to HW filter on device team0
[  319.571284][ T9099] bridge0: port 1(bridge_slave_0) entered blocking state
[  319.578867][ T9099] bridge0: port 1(bridge_slave_0) entered forwarding state
[  319.589985][ T9099] bridge0: port 2(bridge_slave_1) entered blocking state
[  319.598256][ T9099] bridge0: port 2(bridge_slave_1) entered forwarding state
[  319.666127][T17721] 8021q: adding VLAN 0 to HW filter on device batadv0
[  319.731142][T17721] veth0_vlan: entered promiscuous mode
[  319.739744][T17721] veth1_vlan: entered promiscuous mode
[  319.762677][T17721] veth0_macvtap: entered promiscuous mode
[  319.770155][T17721] veth1_macvtap: entered promiscuous mode
[  319.780393][T17721] batman_adv: batadv0: Interface activated: batadv_slave_0
[  319.799181][T17721] batman_adv: batadv0: Interface activated: batadv_slave_1
[  319.821171][ T9099] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  319.831899][ T9099] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  319.848432][ T9099] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  319.878528][ T9099] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  320.008517][T17843] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  320.008517][T17843]    program syz.1.5219 not setting count and/or reply_len properly
[  320.248004][T17853] netlink: 10 bytes leftover after parsing attributes in process `syz.1.5223'.
[  320.494100][T17860] netlink: 10 bytes leftover after parsing attributes in process `syz.1.5226'.
[  320.659525][   T29] kauditd_printk_skb: 125 callbacks suppressed
[  320.659543][   T29] audit: type=1326 audit(1754575027.385:15463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17863 comm="syz.0.5228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  320.694055][   T29] audit: type=1326 audit(1754575027.385:15464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17863 comm="syz.0.5228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  320.719726][   T29] audit: type=1326 audit(1754575027.385:15465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17863 comm="syz.0.5228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  320.744465][   T29] audit: type=1326 audit(1754575027.385:15466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17863 comm="syz.0.5228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  320.769795][   T29] audit: type=1326 audit(1754575027.385:15467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17863 comm="syz.0.5228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  320.795538][T17862] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  320.795765][   T29] audit: type=1326 audit(1754575027.516:15468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17868 comm="syz.0.5229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  320.839185][   T29] audit: type=1326 audit(1754575027.553:15469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17868 comm="syz.0.5229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  320.864846][   T29] audit: type=1326 audit(1754575027.553:15470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17868 comm="syz.0.5229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  320.890004][   T29] audit: type=1326 audit(1754575027.553:15471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17868 comm="syz.0.5229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  320.914577][   T29] audit: type=1326 audit(1754575027.553:15472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17868 comm="syz.0.5229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  321.125920][T17889] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  321.125920][T17889]    program syz.0.5237 not setting count and/or reply_len properly
[  321.179095][T17891] loop5: detected capacity change from 0 to 8192
[  321.196850][T17891] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  321.274944][T17895] sd 0:0:1:0: device reset
[  321.407765][T17899] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  321.434402][T17906] FAULT_INJECTION: forcing a failure.
[  321.434402][T17906] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  321.447624][T17906] CPU: 1 UID: 0 PID: 17906 Comm: syz.5.5243 Tainted: G        W           6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(voluntary) 
[  321.447740][T17906] Tainted: [W]=WARN
[  321.447748][T17906] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  321.447820][T17906] Call Trace:
[  321.447827][T17906]  <TASK>
[  321.447836][T17906]  __dump_stack+0x1d/0x30
[  321.447861][T17906]  dump_stack_lvl+0xe8/0x140
[  321.447882][T17906]  dump_stack+0x15/0x1b
[  321.447902][T17906]  should_fail_ex+0x265/0x280
[  321.448012][T17906]  should_fail+0xb/0x20
[  321.448121][T17906]  should_fail_usercopy+0x1a/0x20
[  321.448143][T17906]  copy_fpstate_to_sigframe+0x628/0x7d0
[  321.448180][T17906]  ? copy_fpstate_to_sigframe+0xe6/0x7d0
[  321.448213][T17906]  ? x86_task_fpu+0x36/0x60
[  321.448307][T17906]  get_sigframe+0x34d/0x490
[  321.448324][T17906]  ? get_signal+0xdc8/0xf70
[  321.448362][T17906]  x64_setup_rt_frame+0xa8/0x580
[  321.448463][T17906]  arch_do_signal_or_restart+0x27c/0x480
[  321.448552][T17906]  exit_to_user_mode_loop+0x7a/0x100
[  321.448577][T17906]  do_syscall_64+0x1d6/0x200
[  321.448601][T17906]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  321.448667][T17906]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  321.448688][T17906]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.448708][T17906] RIP: 0033:0x7f5224f0ebe9
[  321.448723][T17906] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  321.448740][T17906] RSP: 002b:00007f522396f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000065
[  321.448762][T17906] RAX: 0000000000000000 RBX: 00007f5225135fa0 RCX: 00007f5224f0ebe9
[  321.448786][T17906] RDX: 0000000000000000 RSI: 0000000000000271 RDI: 0000000000000010
[  321.448798][T17906] RBP: 00007f522396f090 R08: 0000000000000000 R09: 0000000000000000
[  321.448810][T17906] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  321.448823][T17906] R13: 00007f5225136038 R14: 00007f5225135fa0 R15: 00007fffd7f772e8
[  321.448840][T17906]  </TASK>
[  321.734417][T17911] loop6: detected capacity change from 0 to 512
[  321.741530][T17911] EXT4-fs: Ignoring removed nobh option
[  321.747533][T17911] EXT4-fs: Ignoring removed nobh option
[  321.755362][T17911] ext4: Bad value for 'journal_dev'
[  321.797748][T17913] ipvlan2: entered promiscuous mode
[  321.808469][T17913] bridge0: port 1(ipvlan2) entered blocking state
[  321.815173][T17913] bridge0: port 1(ipvlan2) entered disabled state
[  321.852664][T17916] 9pnet: p9_errstr2errno: server reported unknown error �@
[  321.866934][T17913] ipvlan2: entered allmulticast mode
[  321.872653][T17913] bridge0: entered allmulticast mode
[  321.879262][T17913] ipvlan2: left allmulticast mode
[  321.884671][T17913] bridge0: left allmulticast mode
[  321.923681][T17923] loop0: detected capacity change from 0 to 1024
[  321.973632][T17923] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  322.000152][T17923] ext4 filesystem being mounted at /403/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  322.033638][T17923] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  322.051062][T17927] loop6: detected capacity change from 0 to 8192
[  322.069558][T17939] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  322.069558][T17939]    program syz.7.5255 not setting count and/or reply_len properly
[  322.146534][T17927] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  322.173472][T17923] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5250'.
[  322.195289][T12336] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.473492][T17960] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  322.473492][T17960]    program syz.6.5263 not setting count and/or reply_len properly
[  322.614242][T17963] sctp: [Deprecated]: syz.5.5259 (pid 17963) Use of struct sctp_assoc_value in delayed_ack socket option.
[  322.614242][T17963] Use struct sctp_sack_info instead
[  322.834005][T17967] FAULT_INJECTION: forcing a failure.
[  322.834005][T17967] name failslab, interval 1, probability 0, space 0, times 0
[  322.847313][T17967] CPU: 0 UID: 0 PID: 17967 Comm: syz.1.5265 Tainted: G        W           6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(voluntary) 
[  322.847479][T17967] Tainted: [W]=WARN
[  322.847485][T17967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  322.847497][T17967] Call Trace:
[  322.847505][T17967]  <TASK>
[  322.847514][T17967]  __dump_stack+0x1d/0x30
[  322.847537][T17967]  dump_stack_lvl+0xe8/0x140
[  322.847567][T17967]  dump_stack+0x15/0x1b
[  322.847586][T17967]  should_fail_ex+0x265/0x280
[  322.847619][T17967]  should_failslab+0x8c/0xb0
[  322.847690][T17967]  kmem_cache_alloc_noprof+0x50/0x310
[  322.847722][T17967]  ? getname_flags+0x80/0x3b0
[  322.847759][T17967]  getname_flags+0x80/0x3b0
[  322.847793][T17967]  __x64_sys_rename+0x40/0x70
[  322.847820][T17967]  x64_sys_call+0x1f9/0x2ff0
[  322.847840][T17967]  do_syscall_64+0xd2/0x200
[  322.847890][T17967]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  322.847916][T17967]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  322.847937][T17967]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.847957][T17967] RIP: 0033:0x7f118ad8ebe9
[  322.847972][T17967] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.848004][T17967] RSP: 002b:00007f11897f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  322.848029][T17967] RAX: ffffffffffffffda RBX: 00007f118afb5fa0 RCX: 00007f118ad8ebe9
[  322.848041][T17967] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  322.848052][T17967] RBP: 00007f11897f7090 R08: 0000000000000000 R09: 0000000000000000
[  322.848066][T17967] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  322.848080][T17967] R13: 00007f118afb6038 R14: 00007f118afb5fa0 R15: 00007ffe7224d3e8
[  322.848123][T17967]  </TASK>
[  323.205330][T17977] loop5: detected capacity change from 0 to 1024
[  323.247547][T17977] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  323.261185][T17977] ext4 filesystem being mounted at /267/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  323.294014][T17977] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  323.313991][T17977] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5269'.
[  323.337276][T14149] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  323.392527][T17983] loop5: detected capacity change from 0 to 8192
[  323.401665][T17983] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  323.494444][T17985] loop6: detected capacity change from 0 to 512
[  323.522640][T17985] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  323.536687][T17985] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.054068][T18002] netlink: 10 bytes leftover after parsing attributes in process `syz.1.5278'.
[  324.180414][T18008] loop0: detected capacity change from 0 to 1024
[  324.193148][T18008] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  324.205490][T18008] ext4 filesystem being mounted at /407/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  324.232916][T18008] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  324.251736][T18008] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5281'.
[  324.271355][T12336] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.612938][T18022] loop6: detected capacity change from 0 to 512
[  324.622629][T18022] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  324.643825][T18022] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.803654][T18031] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  324.916334][T18060] loop5: detected capacity change from 0 to 512
[  324.934039][T18060] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  324.947171][T18060] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.960108][T18062] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5294'.
[  325.390909][T18076] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  325.418648][T18076] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5304'.
[  325.474710][T18074] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  325.474710][T18074]    program syz.5.5303 not setting count and/or reply_len properly
[  325.575492][T18089] loop5: detected capacity change from 0 to 512
[  325.588251][T18089] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  325.601783][T18089] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.689290][T18093] netlink: 'syz.5.5311': attribute type 10 has an invalid length.
[  325.747893][T18101] loop0: detected capacity change from 0 to 1024
[  325.807550][T18101] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  325.905818][T18101] ext4 filesystem being mounted at /412/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  325.947315][T18101] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  325.966894][T18101] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5315'.
[  325.991177][T12336] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  326.039189][   T29] kauditd_printk_skb: 334 callbacks suppressed
[  326.039202][   T29] audit: type=1326 audit(1754575032.408:15805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18124 comm="syz.5.5325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5224f0ebe9 code=0x7ffc0000
[  326.071784][   T29] audit: type=1326 audit(1754575032.418:15806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18124 comm="syz.5.5325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5224f0ebe9 code=0x7ffc0000
[  326.072818][T18116] loop6: detected capacity change from 0 to 512
[  326.096364][   T29] audit: type=1326 audit(1754575032.418:15807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18124 comm="syz.5.5325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5224f0ebe9 code=0x7ffc0000
[  326.128335][   T29] audit: type=1326 audit(1754575032.418:15808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18124 comm="syz.5.5325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5224f0ebe9 code=0x7ffc0000
[  326.153650][   T29] audit: type=1326 audit(1754575032.418:15809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18124 comm="syz.5.5325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f5224f0ebe9 code=0x7ffc0000
[  326.179818][   T29] audit: type=1326 audit(1754575032.418:15810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18124 comm="syz.5.5325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5224f0ebe9 code=0x7ffc0000
[  326.204289][   T29] audit: type=1326 audit(1754575032.418:15811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18124 comm="syz.5.5325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5224f0ebe9 code=0x7ffc0000
[  326.234705][T18116] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  326.250502][T18116] ext4 filesystem being mounted at /314/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  326.269939][   T29] audit: type=1326 audit(1754575032.633:15812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18135 comm="syz.5.5327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5224f0ebe9 code=0x7ffc0000
[  326.298796][   T29] audit: type=1326 audit(1754575032.633:15813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18135 comm="syz.5.5327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f5224f0ebe9 code=0x7ffc0000
[  326.303864][T18137] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5326'.
[  326.323781][   T29] audit: type=1326 audit(1754575032.633:15814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18135 comm="syz.5.5327" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5224f0ebe9 code=0x7ffc0000
[  326.379914][T13926] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  326.619891][T18168] loop5: detected capacity change from 0 to 1024
[  326.661859][T18168] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  326.676219][T18168] ext4 filesystem being mounted at /296/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  326.702212][T18168] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  326.728749][T18168] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5340'.
[  326.758762][T14149] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.068906][T18188] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  327.068906][T18188]    program syz.1.5347 not setting count and/or reply_len properly
[  327.150673][T18194] loop0: detected capacity change from 0 to 512
[  327.175562][T18194] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  327.199947][T18194] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.275747][T18198] netlink: 'syz.0.5351': attribute type 10 has an invalid length.
[  327.518484][T18203] loop7: detected capacity change from 0 to 128
[  327.528038][T18203] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  327.553415][T18203] ext4 filesystem being mounted at /140/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  327.620732][T18208] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  327.645691][T18212] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5354'.
[  327.715513][T18217] ipvlan2: entered promiscuous mode
[  327.724717][T18217] bridge0: port 3(ipvlan2) entered blocking state
[  327.731359][T18217] bridge0: port 3(ipvlan2) entered disabled state
[  327.741987][T18217] ipvlan2: entered allmulticast mode
[  327.747289][T18217] bridge0: entered allmulticast mode
[  327.756054][T18217] ipvlan2: left allmulticast mode
[  327.761679][T18217] bridge0: left allmulticast mode
[  327.775609][T18222] 9pnet: p9_errstr2errno: server reported unknown error �@
[  327.873232][T18226] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5359'.
[  328.251780][T18236] netlink: 12 bytes leftover after parsing attributes in process `syz.5.5364'.
[  328.309437][T14541] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  328.419720][T18241] loop0: detected capacity change from 0 to 1024
[  328.458909][T18241] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  328.472704][T18241] ext4 filesystem being mounted at /419/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  328.498989][T18241] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  328.526161][T18241] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5366'.
[  328.550445][T12336] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.580250][T18245] loop0: detected capacity change from 0 to 1024
[  328.613701][T18245] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  328.627047][T18245] ext4 filesystem being mounted at /420/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  328.685838][T18245] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  328.721274][T18245] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5367'.
[  328.802596][T12336] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.888629][T18269] netlink: 'syz.1.5377': attribute type 10 has an invalid length.
[  328.953435][T18270] loop0: detected capacity change from 0 to 128
[  328.962474][T18270] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  328.976332][T18270] ext4 filesystem being mounted at /422/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  329.185625][T18284] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  329.687833][T18297] loop6: detected capacity change from 0 to 512
[  329.698881][T18297] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  329.712532][T18297] ext4 filesystem being mounted at /324/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  329.724943][T18297] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #2: comm syz.6.5387: corrupted inode contents
[  329.737948][T18297] EXT4-fs error (device loop6): ext4_dirty_inode:6538: inode #2: comm syz.6.5387: mark_inode_dirty error
[  329.750422][T18297] EXT4-fs error (device loop6): ext4_do_update_inode:5653: inode #2: comm syz.6.5387: corrupted inode contents
[  329.774235][T12336] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  329.785212][T13926] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.805942][T18303] loop6: detected capacity change from 0 to 512
[  329.817632][T18303] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  329.837758][T18303] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.849414][T18306] netlink: 'syz.0.5390': attribute type 10 has an invalid length.
[  330.159614][T18325] loop0: detected capacity change from 0 to 128
[  330.169088][T18325] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  330.183854][T18325] ext4 filesystem being mounted at /425/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  330.887911][T18339] __nla_validate_parse: 2 callbacks suppressed
[  330.887930][T18339] netlink: 264 bytes leftover after parsing attributes in process `syz.5.5402'.
[  330.946452][T18341] loop6: detected capacity change from 0 to 512
[  330.955273][T12336] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  330.974574][T18341] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  331.003116][T18341] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.170613][T18355] netlink: 8 bytes leftover after parsing attributes in process `syz.0.5409'.
[  331.203892][T18361] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5406'.
[  331.353824][T18365] loop0: detected capacity change from 0 to 1024
[  331.366912][T18365] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  331.384324][T18365] ext4 filesystem being mounted at /429/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  331.410938][T18365] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  331.449663][T18365] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5411'.
[  331.506340][T12336] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.574439][T18374] loop0: detected capacity change from 0 to 1024
[  331.607266][T18374] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  331.622425][T18374] ext4 filesystem being mounted at /430/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  331.664236][T18374] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  331.705096][T18374] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5414'.
[  331.768886][T12336] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  331.806550][T18379] netlink: 264 bytes leftover after parsing attributes in process `syz.5.5416'.
[  331.909366][   T29] kauditd_printk_skb: 276 callbacks suppressed
[  331.909400][   T29] audit: type=1326 audit(1754575037.899:16091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18389 comm="syz.5.5420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5224f0ebe9 code=0x7ffc0000
[  331.944024][   T29] audit: type=1326 audit(1754575037.899:16092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18389 comm="syz.5.5420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5224f0ebe9 code=0x7ffc0000
[  331.969863][   T29] audit: type=1326 audit(1754575037.899:16093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18389 comm="syz.5.5420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5224f0ebe9 code=0x7ffc0000
[  331.997781][   T29] audit: type=1326 audit(1754575037.899:16094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18389 comm="syz.5.5420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5224f0ebe9 code=0x7ffc0000
[  332.024012][   T29] audit: type=1326 audit(1754575037.908:16095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18389 comm="syz.5.5420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5224f0ebe9 code=0x7ffc0000
[  332.051585][   T29] audit: type=1326 audit(1754575037.908:16096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18389 comm="syz.5.5420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5224f0ebe9 code=0x7ffc0000
[  332.079977][   T29] audit: type=1326 audit(1754575037.908:16097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18389 comm="syz.5.5420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5224f0ebe9 code=0x7ffc0000
[  332.106357][   T29] audit: type=1326 audit(1754575037.908:16098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18389 comm="syz.5.5420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5224f0ebe9 code=0x7ffc0000
[  332.106737][T18386] loop0: detected capacity change from 0 to 128
[  332.130788][   T29] audit: type=1326 audit(1754575037.908:16099): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18389 comm="syz.5.5420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f5224f0ebe9 code=0x7ffc0000
[  332.145518][T18395] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5421'.
[  332.164393][   T29] audit: type=1326 audit(1754575037.908:16100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18389 comm="syz.5.5420" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5224f0ebe9 code=0x7ffc0000
[  332.189207][T18386] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  332.216450][T18386] ext4 filesystem being mounted at /431/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  332.271062][T18403] loop5: detected capacity change from 0 to 8192
[  332.279223][T18403] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  332.302433][T18403] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 1046)
[  332.313169][T18403] FAT-fs (loop5): Filesystem has been set read-only
[  332.335217][T18407] loop6: detected capacity change from 0 to 512
[  332.363525][T18407] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  332.380296][T18407] EXT4-fs (loop6): 1 truncate cleaned up
[  332.393617][T18407] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  332.425730][T18403] netlink: 10 bytes leftover after parsing attributes in process `syz.5.5423'.
[  332.508569][T18405] netlink: 60 bytes leftover after parsing attributes in process `syz.6.5424'.
[  332.551301][T14149] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 1046)
[  332.585428][T18413] netlink: 264 bytes leftover after parsing attributes in process `syz.5.5427'.
[  332.617074][T18415] loop5: detected capacity change from 0 to 512
[  332.627985][T18415] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  332.659379][T14149] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.735204][T12336] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  332.845895][T18423] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  333.040069][T18445] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  333.067531][T18451] loop5: detected capacity change from 0 to 128
[  333.076956][T18451] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  333.090424][T18451] ext4 filesystem being mounted at /318/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  333.274438][T18472] netlink: 'syz.1.5449': attribute type 10 has an invalid length.
[  333.297509][T13926] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.618142][T18488] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  333.805938][T18508] ipvlan2: entered promiscuous mode
[  333.812830][T18508] bridge0: port 1(ipvlan2) entered blocking state
[  333.820357][T18508] bridge0: port 1(ipvlan2) entered disabled state
[  333.833764][T18508] ipvlan2: entered allmulticast mode
[  333.840630][T18508] bridge0: entered allmulticast mode
[  333.878454][T14149] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  333.893382][T18508] ipvlan2: left allmulticast mode
[  333.899125][T18508] bridge0: left allmulticast mode
[  334.079983][T18521] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  334.230311][T18550] loop7: detected capacity change from 0 to 1024
[  334.269695][T18550] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  334.284286][T18550] ext4 filesystem being mounted at /153/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  334.416095][T18558] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  335.092210][T18573] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  335.120089][T14541] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.822501][T18601] loop6: detected capacity change from 0 to 8192
[  335.830827][T18601] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  335.843489][T18601] FAT-fs (loop6): error, fat_free: invalid cluster chain (i_pos 1046)
[  335.852770][T18601] FAT-fs (loop6): Filesystem has been set read-only
[  336.045770][T13926] FAT-fs (loop6): error, fat_free: invalid cluster chain (i_pos 1046)
[  336.094199][T18605] syz!: rxe_newlink: already configured on team_slave_0
[  336.343249][T18619] loop0: detected capacity change from 0 to 8192
[  336.354460][T18619] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  336.367197][T18619] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 1046)
[  336.375720][T18619] FAT-fs (loop0): Filesystem has been set read-only
[  336.434331][T18619] __nla_validate_parse: 11 callbacks suppressed
[  336.434351][T18619] netlink: 10 bytes leftover after parsing attributes in process `syz.0.5499'.
[  336.568730][T12336] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 1046)
[  336.602906][T18621] loop0: detected capacity change from 0 to 1024
[  336.646631][T18621] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  336.660173][T18621] ext4 filesystem being mounted at /445/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  336.687163][T18621] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  336.708152][T18621] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5500'.
[  336.733220][T12336] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  337.222056][T18631] sctp: [Deprecated]: syz.5.5502 (pid 18631) Use of struct sctp_assoc_value in delayed_ack socket option.
[  337.222056][T18631] Use struct sctp_sack_info instead
[  337.262604][T18633] ipvlan2: entered promiscuous mode
[  337.268913][T18633] bridge0: port 1(ipvlan2) entered blocking state
[  337.275627][T18633] bridge0: port 1(ipvlan2) entered disabled state
[  337.342488][T18633] ipvlan2: entered allmulticast mode
[  337.348291][T18633] bridge0: entered allmulticast mode
[  337.386197][T18633] ipvlan2: left allmulticast mode
[  337.391623][T18633] bridge0: left allmulticast mode
[  337.478002][   T29] kauditd_printk_skb: 229 callbacks suppressed
[  337.478016][   T29] audit: type=1326 audit(1754575043.109:16330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18635 comm="syz.6.5504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e3a6eebe9 code=0x7ffc0000
[  337.509557][   T29] audit: type=1326 audit(1754575043.109:16331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18635 comm="syz.6.5504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e3a6eebe9 code=0x7ffc0000
[  337.534168][   T29] audit: type=1326 audit(1754575043.109:16332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18635 comm="syz.6.5504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e3a6eebe9 code=0x7ffc0000
[  337.561516][   T29] audit: type=1326 audit(1754575043.109:16333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18635 comm="syz.6.5504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f8e3a6eebe9 code=0x7ffc0000
[  337.587470][   T29] audit: type=1326 audit(1754575043.109:16334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18635 comm="syz.6.5504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e3a6eebe9 code=0x7ffc0000
[  337.612187][   T29] audit: type=1326 audit(1754575043.109:16335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18635 comm="syz.6.5504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e3a6eebe9 code=0x7ffc0000
[  337.687496][T18641] loop6: detected capacity change from 0 to 512
[  337.723558][T18641] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  337.761060][T18639] syz!: rxe_newlink: already configured on team_slave_0
[  337.822607][T18641] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  337.885134][T18650] loop0: detected capacity change from 0 to 8192
[  337.902113][T18650] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  337.922029][T18650] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 1046)
[  337.922391][T18654] ipvlan2: entered promiscuous mode
[  337.930677][T18650] FAT-fs (loop0): Filesystem has been set read-only
[  337.965416][T18654] bridge0: port 1(ipvlan2) entered blocking state
[  337.973162][T18654] bridge0: port 1(ipvlan2) entered disabled state
[  337.983327][T18656] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  337.984863][T18655] 9pnet_fd: Insufficient options for proto=fd
[  338.003192][T18656] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  338.034502][T18654] ipvlan2: entered allmulticast mode
[  338.040120][T18654] bridge0: entered allmulticast mode
[  338.056831][T18654] ipvlan2: left allmulticast mode
[  338.062015][T18654] bridge0: left allmulticast mode
[  338.092949][T18658] netlink: 10 bytes leftover after parsing attributes in process `syz.0.5508'.
[  338.194889][T18660] loop6: detected capacity change from 0 to 1024
[  338.253639][T18660] ext4 filesystem being mounted at /356/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  338.284370][T12336] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 1046)
[  338.315959][T18660] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  338.358937][T18660] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5511'.
[  338.440484][T18669] ipvlan2: entered promiscuous mode
[  338.475873][T18669] bridge0: port 1(ipvlan2) entered blocking state
[  338.482459][T18669] bridge0: port 1(ipvlan2) entered disabled state
[  338.511784][   T29] audit: type=1326 audit(1754575044.082:16336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18675 comm="syz.7.5516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9833febe9 code=0x7ffc0000
[  338.514447][T18669] ipvlan2: entered allmulticast mode
[  338.543408][   T29] audit: type=1326 audit(1754575044.082:16337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18675 comm="syz.7.5516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9833febe9 code=0x7ffc0000
[  338.548121][T18669] bridge0: entered allmulticast mode
[  338.595299][   T29] audit: type=1326 audit(1754575044.119:16338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18675 comm="syz.7.5516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd9833febe9 code=0x7ffc0000
[  338.613752][T18669] ipvlan2: left allmulticast mode
[  338.620313][   T29] audit: type=1326 audit(1754575044.119:16339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18675 comm="syz.7.5516" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd9833febe9 code=0x7ffc0000
[  338.625486][T18669] bridge0: left allmulticast mode
[  338.688252][T18686] netlink: 'syz.1.5519': attribute type 10 has an invalid length.
[  338.984165][T18699] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=18699 comm=syz.7.5523
[  339.073176][T18710] netlink: 16 bytes leftover after parsing attributes in process `syz.7.5526'.
[  339.343510][T18727] ipvlan2: entered promiscuous mode
[  339.352945][T18727] bridge0: port 1(ipvlan2) entered blocking state
[  339.360572][T18727] bridge0: port 1(ipvlan2) entered disabled state
[  339.370064][T18727] ipvlan2: entered allmulticast mode
[  339.376054][T18727] bridge0: entered allmulticast mode
[  339.384307][T18727] ipvlan2: left allmulticast mode
[  339.390856][T18727] bridge0: left allmulticast mode
[  339.401974][T18730] 9pnet_fd: Insufficient options for proto=fd
[  339.501494][T18737] ipvlan2: entered promiscuous mode
[  339.508947][T18737] bridge0: port 3(ipvlan2) entered blocking state
[  339.515944][T18737] bridge0: port 3(ipvlan2) entered disabled state
[  339.523592][T18737] ipvlan2: entered allmulticast mode
[  339.529187][T18737] bridge0: entered allmulticast mode
[  339.535452][T18737] ipvlan2: left allmulticast mode
[  339.541018][T18737] bridge0: left allmulticast mode
[  339.641023][T18747] ipvlan2: entered promiscuous mode
[  339.654870][T18747] bridge0: port 3(ipvlan2) entered blocking state
[  339.665801][T18747] bridge0: port 3(ipvlan2) entered disabled state
[  339.680605][T18747] ipvlan2: entered allmulticast mode
[  339.688200][T18747] bridge0: entered allmulticast mode
[  339.697336][T18747] ipvlan2: left allmulticast mode
[  339.703876][T18747] bridge0: left allmulticast mode
[  339.893223][T18758] loop0: detected capacity change from 0 to 8192
[  339.901264][T18758] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  339.914836][T18758] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 1046)
[  339.923504][T18758] FAT-fs (loop0): Filesystem has been set read-only
[  339.930347][T18759] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5546'.
[  339.982755][T18758] netlink: 10 bytes leftover after parsing attributes in process `syz.0.5547'.
[  340.088555][T12336] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 1046)
[  340.232423][T18775] loop6: detected capacity change from 0 to 512
[  340.274655][T18781] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  340.274655][T18781]    program syz.6.5556 not setting count and/or reply_len properly
[  340.375780][T18784] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  340.384489][T18784] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  340.827806][T18791] netlink: 10 bytes leftover after parsing attributes in process `syz.1.5560'.
[  341.101901][T18798] ipvlan2: entered promiscuous mode
[  341.116507][T18798] bridge0: port 1(ipvlan2) entered blocking state
[  341.123820][T18798] bridge0: port 1(ipvlan2) entered disabled state
[  341.135544][T18798] ipvlan2: entered allmulticast mode
[  341.142113][T18798] bridge0: entered allmulticast mode
[  341.149385][T18798] ipvlan2: left allmulticast mode
[  341.154817][T18798] bridge0: left allmulticast mode
[  341.172936][T18803] ipvlan2: entered promiscuous mode
[  341.179119][T18803] bridge0: port 1(ipvlan2) entered blocking state
[  341.185997][T18803] bridge0: port 1(ipvlan2) entered disabled state
[  341.193061][T18803] ipvlan2: entered allmulticast mode
[  341.199157][T18803] bridge0: entered allmulticast mode
[  341.207417][T18803] ipvlan2: left allmulticast mode
[  341.213005][T18803] bridge0: left allmulticast mode
[  341.235253][T18806] 9pnet_fd: Insufficient options for proto=fd
[  341.250222][T18808] loop5: detected capacity change from 0 to 512
[  341.400590][T18817] netlink: 'syz.0.5568': attribute type 10 has an invalid length.
[  341.480855][T18819] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  341.480855][T18819]    program syz.5.5569 not setting count and/or reply_len properly
[  341.563871][T18825] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  341.563871][T18825]    program syz.1.5572 not setting count and/or reply_len properly
[  341.657516][T18828] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  341.666599][T18828] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  342.305805][T18840] loop5: detected capacity change from 0 to 512
[  342.393799][T18850] loop5: detected capacity change from 0 to 1024
[  342.409826][T18850] ext4 filesystem being mounted at /339/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  342.428247][T18855] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  342.428247][T18855]    program syz.7.5583 not setting count and/or reply_len properly
[  342.450577][T18850] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  342.469730][T18850] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5582'.
[  342.532911][T18861] loop7: detected capacity change from 0 to 1024
[  342.591469][T18861] ext4 filesystem being mounted at /166/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  342.684628][T18865] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  343.012933][   T29] kauditd_printk_skb: 340 callbacks suppressed
[  343.012948][   T29] audit: type=1326 audit(1754575048.291:16680): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18873 comm="syz.0.5589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  343.081786][   T29] audit: type=1326 audit(1754575048.291:16681): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18873 comm="syz.0.5589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  343.108288][   T29] audit: type=1326 audit(1754575048.291:16682): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18873 comm="syz.0.5589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  343.132850][   T29] audit: type=1326 audit(1754575048.291:16683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18873 comm="syz.0.5589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  343.157129][   T29] audit: type=1326 audit(1754575048.291:16684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18873 comm="syz.0.5589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  343.185669][   T29] audit: type=1326 audit(1754575048.291:16685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18873 comm="syz.0.5589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  343.210235][   T29] audit: type=1326 audit(1754575048.291:16686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18873 comm="syz.0.5589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  343.236784][   T29] audit: type=1326 audit(1754575048.291:16687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18873 comm="syz.0.5589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  343.263930][   T29] audit: type=1326 audit(1754575048.291:16688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18873 comm="syz.0.5589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  343.289874][   T29] audit: type=1326 audit(1754575048.291:16689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18873 comm="syz.0.5589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83295debe9 code=0x7ffc0000
[  343.399779][T18881] loop0: detected capacity change from 0 to 8192
[  343.415708][T18881] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  343.435284][T18881] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 1046)
[  343.443884][T18881] FAT-fs (loop0): Filesystem has been set read-only
[  343.517976][T18894] loop5: detected capacity change from 0 to 512
[  343.526850][T18895] netlink: 10 bytes leftover after parsing attributes in process `syz.0.5592'.
[  343.577613][T18903] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  343.577613][T18903]    program syz.5.5600 not setting count and/or reply_len properly
[  343.612717][T12336] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 1046)
[  343.696561][T18913] loop6: detected capacity change from 0 to 1024
[  343.717085][T18913] ext4 filesystem being mounted at /372/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  343.766046][T18913] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  343.820889][T18922] ipvlan2: entered promiscuous mode
[  343.841415][T18922] bridge0: port 1(ipvlan2) entered blocking state
[  343.848817][T18922] bridge0: port 1(ipvlan2) entered disabled state
[  343.856633][T18922] ipvlan2: entered allmulticast mode
[  343.862466][T18922] bridge0: entered allmulticast mode
[  343.868585][T18922] ipvlan2: left allmulticast mode
[  343.873764][T18922] bridge0: left allmulticast mode
[  343.884614][T18923] 9pnet: p9_errstr2errno: server reported unknown error �@
[  343.997326][T18927] loop6: detected capacity change from 0 to 1024
[  344.025031][T18927] ext4 filesystem being mounted at /375/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  344.057625][T18927] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  344.087183][T18927] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5608'.
[  344.180824][T18936] loop6: detected capacity change from 0 to 512
[  344.499682][T18941] loop7: detected capacity change from 0 to 8192
[  344.508276][T18941] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  344.528840][T18941] FAT-fs (loop7): error, fat_free: invalid cluster chain (i_pos 1046)
[  344.538022][T18941] FAT-fs (loop7): Filesystem has been set read-only
[  344.591486][T18941] netlink: 10 bytes leftover after parsing attributes in process `syz.7.5613'.
[  344.595805][T18945] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  344.595805][T18945]    program syz.0.5615 not setting count and/or reply_len properly
[  344.629829][T14541] FAT-fs (loop7): error, fat_free: invalid cluster chain (i_pos 1046)
[  344.650101][T18948] loop0: detected capacity change from 0 to 1024
[  344.670132][T18948] ext4 filesystem being mounted at /474/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  344.695784][T18948] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  344.852856][T18963] ipvlan2: entered promiscuous mode
[  344.861184][T18963] bridge0: port 3(ipvlan2) entered blocking state
[  344.868160][T18963] bridge0: port 3(ipvlan2) entered disabled state
[  344.875501][T18963] ipvlan2: entered allmulticast mode
[  344.881385][T18963] bridge0: entered allmulticast mode
[  344.887394][T18963] ipvlan2: left allmulticast mode
[  344.892594][T18963] bridge0: left allmulticast mode
[  345.444458][T18975] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5625'.
[  345.496293][T18977] loop5: detected capacity change from 0 to 8192
[  345.504265][T18977] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  345.517051][T18977] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 1046)
[  345.525802][T18977] FAT-fs (loop5): Filesystem has been set read-only
[  345.584785][T18977] netlink: 10 bytes leftover after parsing attributes in process `syz.5.5626'.
[  345.608678][T14149] FAT-fs (loop5): error, fat_free: invalid cluster chain (i_pos 1046)
[  345.674117][T18990] loop5: detected capacity change from 0 to 1024
[  345.690635][T18992] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  345.690635][T18992]    program syz.0.5633 not setting count and/or reply_len properly
[  345.712690][T18990] ext4 filesystem being mounted at /350/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  345.739099][T18990] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  345.754925][T18998] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  345.754996][T18998] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  345.774756][T18990] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5632'.
[  345.804091][T19002] FAULT_INJECTION: forcing a failure.
[  345.804091][T19002] name failslab, interval 1, probability 0, space 0, times 0
[  345.817363][T19002] CPU: 1 UID: 0 PID: 19002 Comm: syz.5.5636 Tainted: G        W           6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(voluntary) 
[  345.817386][T19002] Tainted: [W]=WARN
[  345.817390][T19002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  345.817398][T19002] Call Trace:
[  345.817403][T19002]  <TASK>
[  345.817409][T19002]  __dump_stack+0x1d/0x30
[  345.817480][T19002]  dump_stack_lvl+0xe8/0x140
[  345.817492][T19002]  dump_stack+0x15/0x1b
[  345.817541][T19002]  should_fail_ex+0x265/0x280
[  345.817560][T19002]  should_failslab+0x8c/0xb0
[  345.817575][T19002]  __kvmalloc_node_noprof+0x123/0x4e0
[  345.817614][T19002]  ? vmemdup_user+0x26/0xd0
[  345.817631][T19002]  ? should_fail_usercopy+0x1a/0x20
[  345.817643][T19002]  vmemdup_user+0x26/0xd0
[  345.817658][T19002]  path_setxattrat+0x1b6/0x310
[  345.817683][T19002]  __x64_sys_fsetxattr+0x6b/0x80
[  345.817779][T19002]  x64_sys_call+0x1ced/0x2ff0
[  345.817792][T19002]  do_syscall_64+0xd2/0x200
[  345.817806][T19002]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  345.817835][T19002]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  345.817848][T19002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.817946][T19002] RIP: 0033:0x7f5224f0ebe9
[  345.817962][T19002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  345.817978][T19002] RSP: 002b:00007f522396f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[  345.817996][T19002] RAX: ffffffffffffffda RBX: 00007f5225135fa0 RCX: 00007f5224f0ebe9
[  345.818009][T19002] RDX: 00002000000002c0 RSI: 0000200000000140 RDI: 0000000000000006
[  345.818021][T19002] RBP: 00007f522396f090 R08: 0000000000000002 R09: 0000000000000000
[  345.818043][T19002] R10: 0000000000000018 R11: 0000000000000246 R12: 0000000000000001
[  345.818058][T19002] R13: 00007f5225136038 R14: 00007f5225135fa0 R15: 00007fffd7f772e8
[  345.818079][T19002]  </TASK>
[  346.047725][T19006] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1808 sclass=netlink_route_socket pid=19006 comm=syz.6.5638
[  346.063220][T19004] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  346.120324][T19004] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5637'.
[  346.175396][T19021] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  346.175396][T19021]    program syz.0.5645 not setting count and/or reply_len properly
[  346.222098][T19026] loop0: detected capacity change from 0 to 512
[  346.230003][T19016] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  346.243825][T19028] loop5: detected capacity change from 0 to 1024
[  346.256120][T19031] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1808 sclass=netlink_route_socket pid=19031 comm=syz.1.5648
[  346.281693][T19028] ext4 filesystem being mounted at /355/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  346.315357][T19028] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  346.432806][T19047] netlink: 200 bytes leftover after parsing attributes in process `syz.1.5654'.
[  346.472840][T19051] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  346.472840][T19051]    program syz.5.5656 not setting count and/or reply_len properly
[  346.492725][T19035] loop6: detected capacity change from 0 to 32768
[  346.536418][T19057] ipvlan2: entered promiscuous mode
[  346.543241][T19057] bridge0: port 3(ipvlan2) entered blocking state
[  346.550030][T19057] bridge0: port 3(ipvlan2) entered disabled state
[  346.565567][T19057] ipvlan2: entered allmulticast mode
[  346.571912][T19057] bridge0: entered allmulticast mode
[  346.577810][T19035] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5650'.
[  346.578329][T19057] ipvlan2: left allmulticast mode
[  346.593228][T19057] bridge0: left allmulticast mode
[  346.720459][T19069] FAULT_INJECTION: forcing a failure.
[  346.720459][T19069] name failslab, interval 1, probability 0, space 0, times 0
[  346.733813][T19069] CPU: 0 UID: 0 PID: 19069 Comm: syz.1.5663 Tainted: G        W           6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(voluntary) 
[  346.733846][T19069] Tainted: [W]=WARN
[  346.733852][T19069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  346.733864][T19069] Call Trace:
[  346.733870][T19069]  <TASK>
[  346.733878][T19069]  __dump_stack+0x1d/0x30
[  346.733899][T19069]  dump_stack_lvl+0xe8/0x140
[  346.733919][T19069]  dump_stack+0x15/0x1b
[  346.733937][T19069]  should_fail_ex+0x265/0x280
[  346.733971][T19069]  should_failslab+0x8c/0xb0
[  346.733998][T19069]  kmem_cache_alloc_noprof+0x50/0x310
[  346.734024][T19069]  ? vm_area_dup+0x33/0x2c0
[  346.734053][T19069]  vm_area_dup+0x33/0x2c0
[  346.734084][T19069]  __split_vma+0xe9/0x650
[  346.734108][T19069]  ? perf_swevent_add+0x257/0x2a0
[  346.734142][T19069]  vms_gather_munmap_vmas+0x17a/0x7b0
[  346.734165][T19069]  ? mas_find+0x608/0x700
[  346.734188][T19069]  mmap_region+0x53f/0x1630
[  346.734215][T19069]  ? mntput+0x4b/0x80
[  346.734265][T19069]  do_mmap+0x9b3/0xbe0
[  346.734299][T19069]  vm_mmap_pgoff+0x17a/0x2e0
[  346.734332][T19069]  ksys_mmap_pgoff+0x268/0x310
[  346.734363][T19069]  x64_sys_call+0x14a3/0x2ff0
[  346.734385][T19069]  do_syscall_64+0xd2/0x200
[  346.734411][T19069]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  346.734436][T19069]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.734458][T19069] RIP: 0033:0x7f118ad8ebe9
[  346.734472][T19069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.734488][T19069] RSP: 002b:00007f11897f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  346.734508][T19069] RAX: ffffffffffffffda RBX: 00007f118afb5fa0 RCX: 00007f118ad8ebe9
[  346.734522][T19069] RDX: 000000000100000a RSI: 0000000000003000 RDI: 0000200000ffb000
[  346.734537][T19069] RBP: 00007f11897f7090 R08: 0000000000000003 R09: 000000008a473000
[  346.734551][T19069] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000001
[  346.734565][T19069] R13: 00007f118afb6038 R14: 00007f118afb5fa0 R15: 00007ffe7224d3e8
[  346.734581][T19069]  </TASK>
[  347.006296][T19079] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  347.006296][T19079]    program syz.1.5667 not setting count and/or reply_len properly
[  347.105017][T19092] loop5: detected capacity change from 0 to 512
[  347.113618][T19086] loop6: detected capacity change from 0 to 128
[  347.123895][T19086] ext4 filesystem being mounted at /385/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  347.138711][T19092] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.5673: corrupted in-inode xattr: invalid ea_ino
[  347.153647][T19092] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.5673: couldn't read orphan inode 15 (err -117)
[  347.239014][T19100] 9pnet: p9_errstr2errno: server reported unknown error �@
[  347.250222][T19102] FAULT_INJECTION: forcing a failure.
[  347.250222][T19102] name failslab, interval 1, probability 0, space 0, times 0
[  347.264040][T19102] CPU: 1 UID: 0 PID: 19102 Comm: syz.0.5676 Tainted: G        W           6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(voluntary) 
[  347.264143][T19102] Tainted: [W]=WARN
[  347.264151][T19102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  347.264176][T19102] Call Trace:
[  347.264185][T19102]  <TASK>
[  347.264195][T19102]  __dump_stack+0x1d/0x30
[  347.264220][T19102]  dump_stack_lvl+0xe8/0x140
[  347.264241][T19102]  dump_stack+0x15/0x1b
[  347.264299][T19102]  should_fail_ex+0x265/0x280
[  347.264336][T19102]  should_failslab+0x8c/0xb0
[  347.264359][T19102]  kmem_cache_alloc_node_noprof+0x57/0x320
[  347.264469][T19102]  ? __alloc_skb+0x101/0x320
[  347.264499][T19102]  __alloc_skb+0x101/0x320
[  347.264532][T19102]  tcp_stream_alloc_skb+0x2d/0x1d0
[  347.264562][T19102]  tcp_sendmsg_locked+0xcbf/0x2c00
[  347.264609][T19102]  ? mntput_no_expire+0x6f/0x460
[  347.264648][T19102]  ? __rcu_read_unlock+0x4f/0x70
[  347.264733][T19102]  ? __pfx_tcp_sendmsg+0x10/0x10
[  347.264757][T19102]  tcp_sendmsg+0x2f/0x50
[  347.264780][T19102]  inet_sendmsg+0x76/0xd0
[  347.264814][T19102]  __sock_sendmsg+0x102/0x180
[  347.264858][T19102]  __sys_sendto+0x268/0x330
[  347.264899][T19102]  __x64_sys_sendto+0x76/0x90
[  347.264951][T19102]  x64_sys_call+0x2d05/0x2ff0
[  347.264973][T19102]  do_syscall_64+0xd2/0x200
[  347.264995][T19102]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  347.265019][T19102]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  347.265100][T19102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.265126][T19102] RIP: 0033:0x7f83295debe9
[  347.265143][T19102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  347.265160][T19102] RSP: 002b:00007f8328047038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  347.265291][T19102] RAX: ffffffffffffffda RBX: 00007f8329805fa0 RCX: 00007f83295debe9
[  347.265323][T19102] RDX: 0000000000001d4c RSI: 0000200000000580 RDI: 0000000000000003
[  347.265335][T19102] RBP: 00007f8328047090 R08: 0000000000000000 R09: 0000000000000000
[  347.265347][T19102] R10: 0000000010048095 R11: 0000000000000246 R12: 0000000000000001
[  347.265361][T19102] R13: 00007f8329806038 R14: 00007f8329805fa0 R15: 00007ffe29ca4b48
[  347.265383][T19102]  </TASK>
[  347.544929][T19106] ipvlan2: entered promiscuous mode
[  347.552532][T19106] bridge0: port 1(ipvlan2) entered blocking state
[  347.559500][T19106] bridge0: port 1(ipvlan2) entered disabled state
[  347.567022][T19106] ipvlan2: entered allmulticast mode
[  347.572527][T19106] bridge0: entered allmulticast mode
[  347.579592][T19106] ipvlan2: left allmulticast mode
[  347.584716][T19106] bridge0: left allmulticast mode
[  347.598618][T19109] 9pnet: p9_errstr2errno: server reported unknown error �@
[  347.785692][T19115] syz!: rxe_newlink: already configured on team_slave_0
[  347.836510][T19122] __nla_validate_parse: 2 callbacks suppressed
[  347.836528][T19122] netlink: 200 bytes leftover after parsing attributes in process `syz.0.5683'.
[  347.854665][T19124] SELinux:  Context system_u:object_r:hwdata_t:s0 is not valid (left unmapped).
[  347.948803][T19129] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5686'.
[  348.024146][T19131] loop6: detected capacity change from 0 to 1024
[  348.081835][T19131] ext4 filesystem being mounted at /388/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  348.101517][T19139] 9pnet: p9_errstr2errno: server reported unknown error �@
[  348.145561][T19131] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  348.177541][T19131] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5687'.
[  348.197698][T19142] loop5: detected capacity change from 0 to 512
[  348.230059][T19149] FAULT_INJECTION: forcing a failure.
[  348.230059][T19149] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  348.245099][T19149] CPU: 0 UID: 0 PID: 19149 Comm: syz.6.5694 Tainted: G        W           6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(voluntary) 
[  348.245132][T19149] Tainted: [W]=WARN
[  348.245251][T19149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  348.245266][T19149] Call Trace:
[  348.245273][T19149]  <TASK>
[  348.245286][T19149]  __dump_stack+0x1d/0x30
[  348.245308][T19149]  dump_stack_lvl+0xe8/0x140
[  348.245390][T19149]  dump_stack+0x15/0x1b
[  348.245407][T19149]  should_fail_ex+0x265/0x280
[  348.245442][T19149]  should_fail+0xb/0x20
[  348.245544][T19149]  should_fail_usercopy+0x1a/0x20
[  348.245564][T19149]  _copy_from_user+0x1c/0xb0
[  348.245630][T19149]  ___sys_sendmsg+0xc1/0x1d0
[  348.245673][T19149]  __x64_sys_sendmsg+0xd4/0x160
[  348.245731][T19149]  x64_sys_call+0x191e/0x2ff0
[  348.245751][T19149]  do_syscall_64+0xd2/0x200
[  348.245830][T19149]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  348.245984][T19149]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  348.246084][T19149]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.246106][T19149] RIP: 0033:0x7f8e3a6eebe9
[  348.246121][T19149] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.246139][T19149] RSP: 002b:00007f8e3914f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  348.246204][T19149] RAX: ffffffffffffffda RBX: 00007f8e3a915fa0 RCX: 00007f8e3a6eebe9
[  348.246217][T19149] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  348.246229][T19149] RBP: 00007f8e3914f090 R08: 0000000000000000 R09: 0000000000000000
[  348.246241][T19149] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  348.246254][T19149] R13: 00007f8e3a916038 R14: 00007f8e3a915fa0 R15: 00007fff4c6de7c8
[  348.246346][T19149]  </TASK>
[  348.465656][   T29] kauditd_printk_skb: 414 callbacks suppressed
[  348.465672][   T29] audit: type=1400 audit(1754575053.389:17104): avc:  denied  { getopt } for  pid=19150 comm="syz.5.5695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  348.503311][T19144] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  348.527377][   T29] audit: type=1400 audit(1754575053.455:17105): avc:  denied  { mount } for  pid=19150 comm="syz.5.5695" name="/" dev="sysfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysfs_t tclass=filesystem permissive=1
[  348.547174][T19156] netlink: 'syz.6.5696': attribute type 10 has an invalid length.
[  348.555880][   T29] audit: type=1400 audit(1754575053.455:17106): avc:  denied  { ioctl } for  pid=19150 comm="syz.5.5695" path="socket:[66383]" dev="sockfs" ino=66383 ioctlcmd=0x943c scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  348.596406][   T29] audit: type=1400 audit(1754575053.455:17107): avc:  denied  { execute } for  pid=19150 comm="syz.5.5695" dev="tmpfs" ino=713 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  348.621532][   T29] audit: type=1400 audit(1754575053.455:17108): avc:  denied  { execute_no_trans } for  pid=19150 comm="syz.5.5695" path=2F6D656D66643A5B0BDB58AE5B1AA9FDFAADD16D64C8854858A9250C1A65E0202864656C6574656429 dev="tmpfs" ino=713 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  348.656651][   T29] audit: type=1400 audit(1754575053.455:17109): avc:  denied  { create } for  pid=19155 comm="syz.6.5696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  348.679754][   T29] audit: type=1400 audit(1754575053.455:17110): avc:  denied  { getopt } for  pid=19155 comm="syz.6.5696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  348.720144][   T29] audit: type=1400 audit(1754575053.632:17111): avc:  denied  { create } for  pid=19155 comm="syz.6.5696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  348.746829][T19161] FAULT_INJECTION: forcing a failure.
[  348.746829][T19161] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  348.760863][T19161] CPU: 0 UID: 0 PID: 19161 Comm: syz.5.5698 Tainted: G        W           6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(voluntary) 
[  348.760912][T19161] Tainted: [W]=WARN
[  348.760917][T19161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  348.760929][T19161] Call Trace:
[  348.760935][T19161]  <TASK>
[  348.760943][T19161]  __dump_stack+0x1d/0x30
[  348.760964][T19161]  dump_stack_lvl+0xe8/0x140
[  348.761067][T19161]  dump_stack+0x15/0x1b
[  348.761116][T19161]  should_fail_ex+0x265/0x280
[  348.761154][T19161]  should_fail+0xb/0x20
[  348.761206][T19161]  should_fail_usercopy+0x1a/0x20
[  348.761226][T19161]  _copy_to_user+0x20/0xa0
[  348.761251][T19161]  simple_read_from_buffer+0xb5/0x130
[  348.761274][T19161]  proc_fail_nth_read+0x10e/0x150
[  348.761302][T19161]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  348.761404][T19161]  vfs_read+0x1a0/0x6f0
[  348.761425][T19161]  ? __rcu_read_unlock+0x4f/0x70
[  348.761481][T19161]  ? __fget_files+0x184/0x1c0
[  348.761508][T19161]  ksys_read+0xda/0x1a0
[  348.761531][T19161]  __x64_sys_read+0x40/0x50
[  348.761578][T19161]  x64_sys_call+0x27bc/0x2ff0
[  348.761678][T19161]  do_syscall_64+0xd2/0x200
[  348.761702][T19161]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  348.761726][T19161]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  348.761748][T19161]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.761839][T19161] RIP: 0033:0x7f5224f0d5fc
[  348.761855][T19161] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  348.761873][T19161] RSP: 002b:00007f522396f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  348.761935][T19161] RAX: ffffffffffffffda RBX: 00007f5225135fa0 RCX: 00007f5224f0d5fc
[  348.761965][T19161] RDX: 000000000000000f RSI: 00007f522396f0a0 RDI: 0000000000000006
[  348.761978][T19161] RBP: 00007f522396f090 R08: 0000000000000000 R09: 0000000000000000
[  348.761990][T19161] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  348.762003][T19161] R13: 00007f5225136038 R14: 00007f5225135fa0 R15: 00007fffd7f772e8
[  348.762094][T19161]  </TASK>
[  348.762614][   T29] audit: type=1400 audit(1754575053.670:17112): avc:  denied  { write } for  pid=19155 comm="syz.6.5696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  349.001485][   T29] audit: type=1400 audit(1754575053.707:17113): avc:  denied  { write } for  pid=19155 comm="syz.6.5696" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  349.300433][T19197] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  349.300433][T19197]    program syz.0.5712 not setting count and/or reply_len properly
[  349.371008][T19202] ipvlan2: entered promiscuous mode
[  349.377339][T19202] bridge0: port 1(ipvlan2) entered blocking state
[  349.384234][T19202] bridge0: port 1(ipvlan2) entered disabled state
[  349.391167][T19202] ipvlan2: entered allmulticast mode
[  349.396603][T19202] bridge0: entered allmulticast mode
[  349.403450][T19202] ipvlan2: left allmulticast mode
[  349.408594][T19202] bridge0: left allmulticast mode
[  349.428493][T19205] sctp: [Deprecated]: syz.7.5701 (pid 19205) Use of struct sctp_assoc_value in delayed_ack socket option.
[  349.428493][T19205] Use struct sctp_sack_info instead
[  349.548260][T19207] loop0: detected capacity change from 0 to 1024
[  349.572304][T19207] ext4 filesystem being mounted at /500/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  349.615166][T19207] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  349.647712][T19207] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5715'.
[  349.754919][T19213] ipvlan2: entered promiscuous mode
[  349.792200][T19211] FAULT_INJECTION: forcing a failure.
[  349.792200][T19211] name failslab, interval 1, probability 0, space 0, times 0
[  349.806228][T19211] CPU: 1 UID: 0 PID: 19211 Comm: syz.0.5716 Tainted: G        W           6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(voluntary) 
[  349.806262][T19211] Tainted: [W]=WARN
[  349.806329][T19211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  349.806344][T19211] Call Trace:
[  349.806351][T19211]  <TASK>
[  349.806359][T19211]  __dump_stack+0x1d/0x30
[  349.806400][T19211]  dump_stack_lvl+0xe8/0x140
[  349.806430][T19211]  dump_stack+0x15/0x1b
[  349.806446][T19211]  should_fail_ex+0x265/0x280
[  349.806477][T19211]  ? alloc_pipe_info+0xae/0x350
[  349.806581][T19211]  should_failslab+0x8c/0xb0
[  349.806604][T19211]  __kmalloc_cache_noprof+0x4c/0x320
[  349.806635][T19211]  alloc_pipe_info+0xae/0x350
[  349.806662][T19211]  splice_direct_to_actor+0x592/0x680
[  349.806700][T19211]  ? kstrtouint_from_user+0x9f/0xf0
[  349.806778][T19211]  ? __pfx_direct_splice_actor+0x10/0x10
[  349.806800][T19211]  ? __rcu_read_unlock+0x4f/0x70
[  349.806824][T19211]  ? get_pid_task+0x96/0xd0
[  349.806847][T19211]  ? avc_policy_seqno+0x15/0x30
[  349.806870][T19211]  ? selinux_file_permission+0x1e4/0x320
[  349.806933][T19211]  do_splice_direct+0xda/0x150
[  349.806952][T19211]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  349.807018][T19211]  do_sendfile+0x380/0x650
[  349.807064][T19211]  __x64_sys_sendfile64+0x105/0x150
[  349.807167][T19211]  x64_sys_call+0x2bb0/0x2ff0
[  349.807192][T19211]  do_syscall_64+0xd2/0x200
[  349.807217][T19211]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  349.807257][T19211]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  349.807279][T19211]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.807302][T19211] RIP: 0033:0x7f83295debe9
[  349.807316][T19211] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  349.807336][T19211] RSP: 002b:00007f8328047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  349.807381][T19211] RAX: ffffffffffffffda RBX: 00007f8329805fa0 RCX: 00007f83295debe9
[  349.807396][T19211] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000003
[  349.807409][T19211] RBP: 00007f8328047090 R08: 0000000000000000 R09: 0000000000000000
[  349.807422][T19211] R10: 0000000800000009 R11: 0000000000000246 R12: 0000000000000001
[  349.807434][T19211] R13: 00007f8329806038 R14: 00007f8329805fa0 R15: 00007ffe29ca4b48
[  349.807455][T19211]  </TASK>
[  349.829359][T19213] bridge0: port 1(ipvlan2) entered blocking state
[  350.066091][T19213] bridge0: port 1(ipvlan2) entered disabled state
[  350.074216][T19213] ipvlan2: entered allmulticast mode
[  350.080510][T19213] bridge0: entered allmulticast mode
[  350.087009][T19213] ipvlan2: left allmulticast mode
[  350.092111][T19213] bridge0: left allmulticast mode
[  350.111304][T19219] loop7: detected capacity change from 0 to 512
[  350.142351][T19221] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  350.205778][T19225] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5720'.
[  350.245039][T19228] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5723'.
[  350.345023][T19242] loop7: detected capacity change from 0 to 1024
[  350.377017][T19242] ext4 filesystem being mounted at /179/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  350.410600][T19238] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  350.583362][T19251] loop5: detected capacity change from 0 to 1024
[  350.619206][T19252] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  350.673563][T19253] netlink: 28 bytes leftover after parsing attributes in process `syz.7.5728'.
[  350.698036][T19251] netlink: 56 bytes leftover after parsing attributes in process `syz.5.5730'.
[  350.966016][T14149] EXT4-fs unmount: 42 callbacks suppressed
[  350.966032][T14149] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.213081][T19268] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5735'.
[  351.311836][T14541] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.326757][T19274] loop5: detected capacity change from 0 to 512
[  351.342808][T19270] loop6: detected capacity change from 0 to 8192
[  351.357884][T19278] FAULT_INJECTION: forcing a failure.
[  351.357884][T19278] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  351.371458][T19278] CPU: 0 UID: 0 PID: 19278 Comm: syz.1.5741 Tainted: G        W           6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(voluntary) 
[  351.371494][T19278] Tainted: [W]=WARN
[  351.371501][T19278] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  351.371516][T19278] Call Trace:
[  351.371524][T19278]  <TASK>
[  351.371532][T19278]  __dump_stack+0x1d/0x30
[  351.371553][T19278]  dump_stack_lvl+0xe8/0x140
[  351.371649][T19278]  dump_stack+0x15/0x1b
[  351.371668][T19278]  should_fail_ex+0x265/0x280
[  351.371782][T19278]  should_fail+0xb/0x20
[  351.371815][T19278]  should_fail_usercopy+0x1a/0x20
[  351.371838][T19278]  _copy_from_user+0x1c/0xb0
[  351.371866][T19278]  ___sys_sendmsg+0xc1/0x1d0
[  351.371984][T19278]  __x64_sys_sendmsg+0xd4/0x160
[  351.372020][T19278]  x64_sys_call+0x191e/0x2ff0
[  351.372042][T19278]  do_syscall_64+0xd2/0x200
[  351.372120][T19278]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  351.372146][T19278]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  351.372182][T19278]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.372204][T19278] RIP: 0033:0x7f118ad8ebe9
[  351.372220][T19278] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  351.372237][T19278] RSP: 002b:00007f11897f7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  351.372274][T19278] RAX: ffffffffffffffda RBX: 00007f118afb5fa0 RCX: 00007f118ad8ebe9
[  351.372287][T19278] RDX: 0000000000000800 RSI: 00002000000003c0 RDI: 0000000000000003
[  351.372300][T19278] RBP: 00007f11897f7090 R08: 0000000000000000 R09: 0000000000000000
[  351.372312][T19278] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  351.372325][T19278] R13: 00007f118afb6038 R14: 00007f118afb5fa0 R15: 00007ffe7224d3e8
[  351.372344][T19278]  </TASK>
[  351.389933][T19280] loop7: detected capacity change from 0 to 1024
[  351.500044][T19270] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  351.551953][T19274] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  351.571052][T19284] ipvlan2: entered promiscuous mode
[  351.596699][T19270] FAT-fs (loop6): error, fat_free: invalid cluster chain (i_pos 1046)
[  351.605293][T19274] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.607230][T19270] FAT-fs (loop6): Filesystem has been set read-only
[  351.627999][T19284] bridge0: port 3(ipvlan2) entered blocking state
[  351.639340][T19284] bridge0: port 3(ipvlan2) entered disabled state
[  351.648977][T19280] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  351.662314][T19280] ext4 filesystem being mounted at /180/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  351.676749][T19284] ipvlan2: entered allmulticast mode
[  351.682425][T19284] bridge0: entered allmulticast mode
[  351.689557][T19284] ipvlan2: left allmulticast mode
[  351.694820][T19284] bridge0: left allmulticast mode
[  351.790221][T19290] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  351.812271][T19270] netlink: 10 bytes leftover after parsing attributes in process `syz.6.5736'.
[  351.843993][T19300] FAULT_INJECTION: forcing a failure.
[  351.843993][T19300] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  351.858131][T19300] CPU: 0 UID: 0 PID: 19300 Comm: syz.5.5747 Tainted: G        W           6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(voluntary) 
[  351.858166][T19300] Tainted: [W]=WARN
[  351.858172][T19300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  351.858313][T19300] Call Trace:
[  351.858320][T19300]  <TASK>
[  351.858327][T19300]  __dump_stack+0x1d/0x30
[  351.858388][T19300]  dump_stack_lvl+0xe8/0x140
[  351.858407][T19300]  dump_stack+0x15/0x1b
[  351.858423][T19300]  should_fail_ex+0x265/0x280
[  351.858508][T19300]  should_fail+0xb/0x20
[  351.858535][T19300]  should_fail_usercopy+0x1a/0x20
[  351.858554][T19300]  _copy_from_user+0x1c/0xb0
[  351.858578][T19300]  ___sys_sendmsg+0xc1/0x1d0
[  351.858637][T19300]  __sys_sendmmsg+0x178/0x300
[  351.858672][T19300]  __x64_sys_sendmmsg+0x57/0x70
[  351.858690][T19300]  x64_sys_call+0x1c4a/0x2ff0
[  351.858728][T19300]  do_syscall_64+0xd2/0x200
[  351.858752][T19300]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  351.858814][T19300]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  351.858849][T19300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.858876][T19300] RIP: 0033:0x7f5224f0ebe9
[  351.858891][T19300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  351.858976][T19300] RSP: 002b:00007f522396f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  351.858995][T19300] RAX: ffffffffffffffda RBX: 00007f5225135fa0 RCX: 00007f5224f0ebe9
[  351.859007][T19300] RDX: 0000000000000001 RSI: 00002000000069c0 RDI: 0000000000000003
[  351.859019][T19300] RBP: 00007f522396f090 R08: 0000000000000000 R09: 0000000000000000
[  351.859088][T19300] R10: 0000000020000800 R11: 0000000000000246 R12: 0000000000000001
[  351.859100][T19300] R13: 00007f5225136038 R14: 00007f5225135fa0 R15: 00007fffd7f772e8
[  351.859118][T19300]  </TASK>
[  352.098288][T19302] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  352.098288][T19302]    program syz.5.5748 not setting count and/or reply_len properly
[  352.174941][T19306] netlink: 'syz.0.5745': attribute type 21 has an invalid length.
[  352.180476][T19304] loop5: detected capacity change from 0 to 512
[  352.203433][T19304] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  352.218096][T19304] ext4 filesystem being mounted at /387/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  352.234118][T19304] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.245837][T13926] FAT-fs (loop6): error, fat_free: invalid cluster chain (i_pos 1046)
[  352.290527][T14541] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  352.303701][T19310] ipvlan2: entered promiscuous mode
[  352.315568][T19312] FAULT_INJECTION: forcing a failure.
[  352.315568][T19312] name failslab, interval 1, probability 0, space 0, times 0
[  352.324693][T19310] bridge0: port 1(ipvlan2) entered blocking state
[  352.328860][T19312] CPU: 0 UID: 0 PID: 19312 Comm: syz.6.5750 Tainted: G        W           6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(voluntary) 
[  352.328914][T19312] Tainted: [W]=WARN
[  352.328922][T19312] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  352.328936][T19312] Call Trace:
[  352.328944][T19312]  <TASK>
[  352.328952][T19312]  __dump_stack+0x1d/0x30
[  352.329030][T19312]  dump_stack_lvl+0xe8/0x140
[  352.329051][T19312]  dump_stack+0x15/0x1b
[  352.329068][T19312]  should_fail_ex+0x265/0x280
[  352.329104][T19312]  should_failslab+0x8c/0xb0
[  352.329131][T19312]  kmem_cache_alloc_node_noprof+0x57/0x320
[  352.329222][T19312]  ? __alloc_skb+0x101/0x320
[  352.329285][T19312]  ? avc_has_perm+0xf7/0x180
[  352.329310][T19312]  __alloc_skb+0x101/0x320
[  352.329341][T19312]  sock_wmalloc+0x7e/0xc0
[  352.329416][T19312]  pppol2tp_sendmsg+0xfb/0x440
[  352.329453][T19312]  ? __pfx_pppol2tp_sendmsg+0x10/0x10
[  352.329489][T19312]  __sock_sendmsg+0x142/0x180
[  352.329529][T19312]  sock_write_iter+0x165/0x1b0
[  352.329557][T19312]  do_iter_readv_writev+0x421/0x4c0
[  352.329587][T19312]  vfs_writev+0x2df/0x8b0
[  352.329632][T19312]  do_writev+0xe7/0x210
[  352.329714][T19312]  __x64_sys_writev+0x45/0x50
[  352.329749][T19312]  x64_sys_call+0x1e9a/0x2ff0
[  352.329788][T19312]  do_syscall_64+0xd2/0x200
[  352.329815][T19312]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  352.329841][T19312]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  352.329902][T19312]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.329953][T19312] RIP: 0033:0x7f8e3a6eebe9
[  352.329971][T19312] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  352.330047][T19312] RSP: 002b:00007f8e3914f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  352.330068][T19312] RAX: ffffffffffffffda RBX: 00007f8e3a915fa0 RCX: 00007f8e3a6eebe9
[  352.330083][T19312] RDX: 0000000000000001 RSI: 0000200000000180 RDI: 0000000000000003
[  352.330096][T19312] RBP: 00007f8e3914f090 R08: 0000000000000000 R09: 0000000000000000
[  352.330110][T19312] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  352.330123][T19312] R13: 00007f8e3a916038 R14: 00007f8e3a915fa0 R15: 00007fff4c6de7c8
[  352.330172][T19312]  </TASK>
[  352.333813][T19314] FAULT_INJECTION: forcing a failure.
[  352.333813][T19314] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  352.335711][T19310] bridge0: port 1(ipvlan2) entered disabled state
[  352.350293][T19314] CPU: 0 UID: 0 PID: 19314 Comm: syz.5.5753 Tainted: G        W           6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(voluntary) 
[  352.350445][T19314] Tainted: [W]=WARN
[  352.350452][T19314] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  352.350466][T19314] Call Trace:
[  352.350474][T19314]  <TASK>
[  352.350483][T19314]  __dump_stack+0x1d/0x30
[  352.350507][T19314]  dump_stack_lvl+0xe8/0x140
[  352.350546][T19314]  dump_stack+0x15/0x1b
[  352.350564][T19314]  should_fail_ex+0x265/0x280
[  352.350600][T19314]  should_fail+0xb/0x20
[  352.350687][T19314]  should_fail_usercopy+0x1a/0x20
[  352.350708][T19314]  _copy_from_user+0x1c/0xb0
[  352.350812][T19314]  __sys_bpf+0x178/0x7b0
[  352.350848][T19314]  __x64_sys_bpf+0x41/0x50
[  352.350942][T19314]  x64_sys_call+0x2aea/0x2ff0
[  352.350965][T19314]  do_syscall_64+0xd2/0x200
[  352.351049][T19314]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  352.351075][T19314]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  352.351099][T19314]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.351122][T19314] RIP: 0033:0x7f5224f0ebe9
[  352.351171][T19314] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  352.351190][T19314] RSP: 002b:00007f522396f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  352.351209][T19314] RAX: ffffffffffffffda RBX: 00007f5225135fa0 RCX: 00007f5224f0ebe9
[  352.351259][T19314] RDX: 0000000000000020 RSI: 0000200000000a80 RDI: 0000000000000002
[  352.351273][T19314] RBP: 00007f522396f090 R08: 0000000000000000 R09: 0000000000000000
[  352.351286][T19314] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  352.351299][T19314] R13: 00007f5225136038 R14: 00007f5225135fa0 R15: 00007fffd7f772e8
[  352.351320][T19314]  </TASK>
[  352.424030][T19316] sctp: [Deprecated]: syz.1.5746 (pid 19316) Use of struct sctp_assoc_value in delayed_ack socket option.
[  352.424030][T19316] Use struct sctp_sack_info instead
[  352.432385][T19310] ipvlan2: entered allmulticast mode
[  352.819812][T19310] bridge0: entered allmulticast mode
[  352.822270][T19310] ipvlan2: left allmulticast mode
[  352.830709][T19310] bridge0: left allmulticast mode
[  352.922849][T19340] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  352.922849][T19340]    program syz.1.5759 not setting count and/or reply_len properly
[  353.028339][T19356] netlink: 'syz.1.5764': attribute type 10 has an invalid length.
[  353.038717][T19355] loop7: detected capacity change from 0 to 512
[  353.059780][T19345] loop0: detected capacity change from 0 to 8192
[  353.068651][T19355] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  353.080677][T19358] loop6: detected capacity change from 0 to 128
[  353.087761][T19345] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  353.106880][T19345] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 1046)
[  353.115749][T19345] FAT-fs (loop0): Filesystem has been set read-only
[  353.145037][T19355] EXT4-fs (loop7): 1 truncate cleaned up
[  353.151779][T19355] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  353.243468][T19361] __nla_validate_parse: 2 callbacks suppressed
[  353.243483][T19361] netlink: 10 bytes leftover after parsing attributes in process `syz.0.5760'.
[  353.378910][ T9611] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.392967][T12336] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 1046)
[  353.455693][ T9611] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.528907][ T9611] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.610882][ T9611] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  353.790540][T19384] sctp: [Deprecated]: syz.1.5768 (pid 19384) Use of struct sctp_assoc_value in delayed_ack socket option.
[  353.790540][T19384] Use struct sctp_sack_info instead
[  353.894874][ T9611] bond0 (unregistering): Released all slaves
[  353.980320][T14541] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.085430][ T9611] hsr_slave_0: left promiscuous mode
[  354.091447][ T9611] hsr_slave_1: left promiscuous mode
[  354.187026][T19372] chnl_net:caif_netlink_parms(): no params data found
[  354.266867][T19372] bridge0: port 1(bridge_slave_0) entered blocking state
[  354.268817][   T29] kauditd_printk_skb: 288 callbacks suppressed
[  354.268832][   T29] audit: type=1326 audit(1754575058.824:17402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19395 comm="syz.1.5774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118ad8ebe9 code=0x7ffc0000
[  354.274124][T19372] bridge0: port 1(bridge_slave_0) entered disabled state
[  354.283784][   T29] audit: type=1326 audit(1754575058.833:17403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19395 comm="syz.1.5774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f118ad8ebe9 code=0x7ffc0000
[  354.329269][T19372] bridge_slave_0: entered allmulticast mode
[  354.347163][T19372] bridge_slave_0: entered promiscuous mode
[  354.355075][T19372] bridge0: port 2(bridge_slave_1) entered blocking state
[  354.363226][T19372] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.381857][T19372] bridge_slave_1: entered allmulticast mode
[  354.393543][T19372] bridge_slave_1: entered promiscuous mode
[  354.405203][   T29] audit: type=1326 audit(1754575058.889:17404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19395 comm="syz.1.5774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118ad8ebe9 code=0x7ffc0000
[  354.431890][   T29] audit: type=1326 audit(1754575058.889:17405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19395 comm="syz.1.5774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118ad8ebe9 code=0x7ffc0000
[  354.456916][   T29] audit: type=1326 audit(1754575058.889:17406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19395 comm="syz.1.5774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f118ad8ebe9 code=0x7ffc0000
[  354.482949][   T29] audit: type=1326 audit(1754575058.889:17407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19395 comm="syz.1.5774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118ad8ebe9 code=0x7ffc0000
[  354.508040][   T29] audit: type=1326 audit(1754575058.889:17408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19395 comm="syz.1.5774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118ad8ebe9 code=0x7ffc0000
[  354.535547][   T29] audit: type=1326 audit(1754575058.889:17409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19395 comm="syz.1.5774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f118ad8ebe9 code=0x7ffc0000
[  354.560903][   T29] audit: type=1326 audit(1754575058.889:17410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19395 comm="syz.1.5774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f118ad8ebe9 code=0x7ffc0000
[  354.589749][   T29] audit: type=1326 audit(1754575058.889:17411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19395 comm="syz.1.5774" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f118ad8ebe9 code=0x7ffc0000
[  354.803163][T19372] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  354.813166][T19399] netlink: 'syz.0.5776': attribute type 10 has an invalid length.
[  354.833772][T19372] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  354.879587][T19372] team0: Port device team_slave_0 added
[  354.887763][T19372] team0: Port device team_slave_1 added
[  354.907653][T19372] batman_adv: batadv0: Adding interface: batadv_slave_0
[  354.915178][T19372] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  354.942386][T19372] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  354.980890][T19372] batman_adv: batadv0: Adding interface: batadv_slave_1
[  354.987888][T19372] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  355.015237][T19372] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  355.031225][T19409] FAULT_INJECTION: forcing a failure.
[  355.031225][T19409] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  355.044983][T19409] CPU: 0 UID: 0 PID: 19409 Comm: syz.7.5780 Tainted: G        W           6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(voluntary) 
[  355.045018][T19409] Tainted: [W]=WARN
[  355.045025][T19409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  355.045133][T19409] Call Trace:
[  355.045140][T19409]  <TASK>
[  355.045148][T19409]  __dump_stack+0x1d/0x30
[  355.045173][T19409]  dump_stack_lvl+0xe8/0x140
[  355.045194][T19409]  dump_stack+0x15/0x1b
[  355.045286][T19409]  should_fail_ex+0x265/0x280
[  355.045324][T19409]  should_fail+0xb/0x20
[  355.045386][T19409]  should_fail_usercopy+0x1a/0x20
[  355.045408][T19409]  _copy_from_user+0x1c/0xb0
[  355.045444][T19409]  __sys_bpf+0x178/0x7b0
[  355.045484][T19409]  __x64_sys_bpf+0x41/0x50
[  355.045512][T19409]  x64_sys_call+0x2aea/0x2ff0
[  355.045579][T19409]  do_syscall_64+0xd2/0x200
[  355.045622][T19409]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  355.045656][T19409]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  355.045709][T19409]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.045734][T19409] RIP: 0033:0x7fd9833febe9
[  355.045751][T19409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  355.045771][T19409] RSP: 002b:00007fd981e5f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  355.045794][T19409] RAX: ffffffffffffffda RBX: 00007fd983625fa0 RCX: 00007fd9833febe9
[  355.045859][T19409] RDX: 0000000000000020 RSI: 0000200000000a80 RDI: 0000000000000002
[  355.045874][T19409] RBP: 00007fd981e5f090 R08: 0000000000000000 R09: 0000000000000000
[  355.045889][T19409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  355.045903][T19409] R13: 00007fd983626038 R14: 00007fd983625fa0 R15: 00007ffea72df7c8
[  355.045924][T19409]  </TASK>
[  355.275020][T19411] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  355.284887][T19372] hsr_slave_0: entered promiscuous mode
[  355.303391][T19372] hsr_slave_1: entered promiscuous mode
[  355.310869][T19372] debugfs: 'hsr0' already exists in 'hsr'
[  355.316843][T19372] Cannot create hsr debugfs directory
[  355.379052][T19421] loop0: detected capacity change from 0 to 512
[  355.394593][T19421] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  355.443946][T19421] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  355.598243][T19372] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  355.616116][T19372] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  355.629337][T19372] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  355.646007][T19372] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  355.700249][T19372] 8021q: adding VLAN 0 to HW filter on device bond0
[  355.715822][T19372] 8021q: adding VLAN 0 to HW filter on device team0
[  355.728253][ T9611] bridge0: port 1(bridge_slave_0) entered blocking state
[  355.736800][ T9611] bridge0: port 1(bridge_slave_0) entered forwarding state
[  355.762780][T19372] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  355.775774][T19372] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  355.801651][ T9611] bridge0: port 2(bridge_slave_1) entered blocking state
[  355.809204][ T9611] bridge0: port 2(bridge_slave_1) entered forwarding state
[  355.874972][ T9611] ==================================================================
[  355.874972][T19447] ipvlan2: entered promiscuous mode
[  355.875018][ T9611] BUG: KCSAN: data-race in ipvlan_open / is_upper_ndev_bond_master_filter
[  355.897356][ T9611] 
[  355.899872][ T9611] read-write to 0xffff8881195010b0 of 4 bytes by task 19447 on cpu 1:
[  355.909147][ T9611]  ipvlan_open+0x72/0xf0
[  355.913627][ T9611]  __dev_open+0x2d2/0x530
[  355.918592][ T9611]  __dev_change_flags+0x163/0x400
[  355.924257][ T9611]  rtnl_newlink_create+0x36b/0x620
[  355.930085][ T9611]  rtnl_newlink+0xf29/0x12d0
[  355.934772][ T9611]  rtnetlink_rcv_msg+0x5fb/0x6d0
[  355.937698][T19447] bridge0: port 3(ipvlan2) entered blocking state
[  355.940240][ T9611]  netlink_rcv_skb+0x123/0x220
[  355.940278][ T9611]  rtnetlink_rcv+0x1c/0x30
[  355.946902][T19447] bridge0: port 3(ipvlan2) entered disabled state
[  355.952050][ T9611]  netlink_unicast+0x5bd/0x690
[  355.952088][ T9611]  netlink_sendmsg+0x58b/0x6b0
[  355.974112][ T9611]  __sock_sendmsg+0x142/0x180
[  355.979337][ T9611]  ____sys_sendmsg+0x31e/0x4e0
[  355.984641][ T9611]  ___sys_sendmsg+0x17b/0x1d0
[  355.989423][ T9611]  __x64_sys_sendmsg+0xd4/0x160
[  355.994516][ T9611]  x64_sys_call+0x191e/0x2ff0
[  355.998221][T19447] ipvlan2: entered allmulticast mode
[  355.999985][ T9611]  do_syscall_64+0xd2/0x200
[  356.005733][T19447] bridge0: entered allmulticast mode
[  356.010452][ T9611]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.010481][ T9611] 
[  356.010487][ T9611] read to 0xffff8881195010b0 of 4 bytes by task 9611 on cpu 0:
[  356.010504][ T9611]  is_upper_ndev_bond_master_filter+0x2b/0xb0
[  356.039935][ T9611]  ib_enum_roce_netdev+0x11f/0x1d0
[  356.045090][T19447] ipvlan2: left allmulticast mode
[  356.045767][ T9611]  ib_enum_all_roce_netdevs+0x89/0x100
[  356.050960][T19447] bridge0: left allmulticast mode
[  356.057145][ T9611]  netdevice_event_work_handler+0x67/0x3d0
[  356.068756][ T9611]  process_scheduled_works+0x4ce/0x9d0
[  356.074646][ T9611]  worker_thread+0x582/0x770
[  356.079354][ T9611]  kthread+0x486/0x510
[  356.083774][ T9611]  ret_from_fork+0xda/0x150
[  356.088932][ T9611]  ret_from_fork_asm+0x1a/0x30
[  356.093890][ T9611] 
[  356.096697][ T9611] value changed: 0x00001002 -> 0x00001083
[  356.103478][ T9611] 
[  356.105889][ T9611] Reported by Kernel Concurrency Sanitizer on:
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  356.112257][ T9611] CPU: 0 UID: 0 PID: 9611 Comm: kworker/u8:9 Tainted: G        W           6.16.0-syzkaller-11952-g6e64f4580381 #0 PREEMPT(voluntary) 
[  356.126595][ T9611] Tainted: [W]=WARN
[  356.130684][ T9611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  356.142404][ T9611] Workqueue: gid-cache-wq netdevice_event_work_handler
[  356.149666][ T9611] ==================================================================
[  356.274018][T19450] 9pnet: p9_errstr2errno: server reported unknown error �@
[  356.513133][ T9099] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.576183][ T9099] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.652189][ T9099] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.714524][ T9099] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  356.853230][ T9099] bond0 (unregistering): Released all slaves
[  356.961003][ T9099] hsr_slave_0: left promiscuous mode
[  356.966621][ T9099] hsr_slave_1: left promiscuous mode
[  356.974758][ T9099] veth1_vlan: left promiscuous mode
[  356.980377][ T9099] veth0_vlan: left promiscuous mode
[  357.389147][ T9099] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.441626][ T9099] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.495916][ T9099] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.570662][ T9099] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.644814][ T9099] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.719616][ T9099] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.773096][ T9099] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.815825][ T9099] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.890505][ T9099] bridge_slave_1: left allmulticast mode
[  357.896389][ T9099] bridge_slave_1: left promiscuous mode
[  357.902158][ T9099] bridge0: port 2(bridge_slave_1) entered disabled state
[  357.912177][ T9099] bridge_slave_0: left allmulticast mode
[  357.918903][ T9099] bridge_slave_0: left promiscuous mode
[  357.925987][ T9099] bridge0: port 1(bridge_slave_0) entered disabled state
[  358.060985][ T9099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  358.071590][ T9099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  358.081736][ T9099] bond0 (unregistering): Released all slaves
[  358.167939][ T9099] bond0 (unregistering): Released all slaves
[  358.238019][ T9099] hsr_slave_0: left promiscuous mode
[  358.245185][ T9099] hsr_slave_1: left promiscuous mode
[  358.252837][ T9099] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  358.261352][ T9099] batman_adv: batadv0: Removing interface: batadv_slave_0
[  358.269208][ T9099] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  358.277536][ T9099] batman_adv: batadv0: Removing interface: batadv_slave_1
[  358.289254][ T9099] hsr_slave_0: left promiscuous mode
[  358.296587][ T9099] hsr_slave_1: left promiscuous mode
[  358.307702][ T9099] veth1_vlan: left promiscuous mode
[  358.313261][ T9099] veth0_vlan: left promiscuous mode
[  358.319649][ T9099] veth1_vlan: left promiscuous mode
[  358.325781][ T9099] veth0_vlan: left promiscuous mode
[  358.396055][ T9099] team0 (unregistering): Port device team_slave_1 removed
[  358.406606][ T9099] team0 (unregistering): Port device team_slave_0 removed
[  359.046874][ T9099] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  359.119894][ T9099] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  359.173488][ T9099] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  359.227529][ T9099] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  359.495143][ T9099] bridge_slave_1: left allmulticast mode
[  359.501361][ T9099] bridge_slave_1: left promiscuous mode
[  359.507525][ T9099] bridge0: port 2(bridge_slave_1) entered disabled state
[  359.515699][ T9099] bridge_slave_0: left allmulticast mode
[  359.522060][ T9099] bridge_slave_0: left promiscuous mode
[  359.527989][ T9099] bridge0: port 1(bridge_slave_0) entered disabled state
[  359.621618][ T9099] bond0 (unregistering): Released all slaves
[  359.675749][ T9099] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  359.686153][ T9099] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  359.696618][ T9099] bond0 (unregistering): Released all slaves
[  359.778718][ T9099] hsr_slave_0: left promiscuous mode
[  359.785377][ T9099] hsr_slave_1: left promiscuous mode
[  359.792616][ T9099] hsr_slave_0: left promiscuous mode
[  359.798720][ T9099] hsr_slave_1: left promiscuous mode
[  359.805171][ T9099] batman_adv: batadv0: Removing interface: batadv_slave_0
[  359.813361][ T9099] batman_adv: batadv0: Removing interface: batadv_slave_1
[  359.824814][ T9099] veth1_vlan: left promiscuous mode
[  359.830871][ T9099] veth0_vlan: left promiscuous mode
[  359.886713][   T41] smc: removing ib device syz!
[  359.925966][ T9099] team0 (unregistering): Port device team_slave_1 removed
[  359.936118][ T9099] team0 (unregistering): Port device team_slave_0 removed