last executing test programs:

1.944198495s ago: executing program 4 (id=17253):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000380)={0x1, &(0x7f0000000300)=[{0x8, 0x4, 0x9}]})
wait4(0x0, 0x0, 0x0, 0x0)
wait4(0x0, 0x0, 0x40000000, 0x0)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000020000000100000000000001e5ff0000400000000000000001000084080000000000000001"], 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, r1, 0x1, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001f85236ccc4ce75fa61b6d6978d0", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0x6, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000340), 0x80a01)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x1, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r4, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x0, 'queue0\x00'})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r3}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffeb2, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r6}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet6(0x10, 0x2, 0x0)
syz_emit_ethernet(0x7e, &(0x7f0000001a40)={@random="0f539af21094", @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "1200b0", 0x48, 0x3a, 0x0, @empty, @mcast2, {[], @dest_unreach={0x3, 0x2, 0x0, 0x0, '\x00', {0x0, 0x6, "277382", 0x0, 0x2c, 0x0, @private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [@hopopts={0x2f, 0x1, '\x00', [@calipso={0x7, 0x8, {0x22ebffff, 0x0, 0xfc}}]}]}}}}}}}, 0x0)
mbind(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x1, &(0x7f0000000000)=0x800000000101, 0x29, 0x0)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x3)
io_setup(0x8, &(0x7f0000000000))
openat$vcsa(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)

1.638877881s ago: executing program 4 (id=17262):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000380)={0x1, &(0x7f0000000300)=[{0x8, 0x4, 0x9}]})
wait4(0x0, 0x0, 0x0, 0x0)
wait4(0x0, 0x0, 0x40000000, 0x0)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000020000000100000000000001e5ff0000400000000000000001000084080000000000000001"], 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, r1, 0x1, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001f85236ccc4ce75fa61b6d6978d0", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0x6, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000340), 0x80a01)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r4, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x0, 'queue0\x00'})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r3}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffeb2, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r5}, 0x10)
syz_emit_ethernet(0x7e, &(0x7f0000001a40)={@random="0f539af21094", @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "1200b0", 0x48, 0x3a, 0x0, @empty, @mcast2, {[], @dest_unreach={0x3, 0x2, 0x0, 0x0, '\x00', {0x0, 0x6, "277382", 0x0, 0x2c, 0x0, @private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [@hopopts={0x2f, 0x1, '\x00', [@calipso={0x7, 0x8, {0x22ebffff, 0x0, 0xfc}}]}]}}}}}}}, 0x0)
mbind(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x1, &(0x7f0000000000)=0x800000000101, 0x29, 0x0)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x3)

1.383094972s ago: executing program 4 (id=17272):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000002000000000000000100000000000800", @ANYRES32=0x1, @ANYBLOB='\x00'/13, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00'], 0x48)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x20001439)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000300), 0x20022, 0x0)
ioctl$PPPIOCATTACH(r1, 0x4004743d, &(0x7f0000000240))
r2 = syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x47ba, 0x0, 0x0, 0x0, 0x0)

992.508986ms ago: executing program 4 (id=17276):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
r1 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
io_uring_enter(r1, 0x567, 0x0, 0x0, 0x0, 0x0)

975.440077ms ago: executing program 4 (id=17277):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x14, 0x19, 0xa, 0x201}, 0x14}}, 0x0)

964.915188ms ago: executing program 4 (id=17278):
chdir(&(0x7f0000000000)='./file0\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
recvmmsg(r0, &(0x7f00000078c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000005c0)=ANY=[@ANYBLOB="f0000000120013070000000000000000fc0200000000000000000000000000007f00000100"/64, @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="000000000000000000000000000000000000000000000000e000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a9c919620700"/168], 0xf0}}, 0x0)
r1 = memfd_secret(0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0xb)
r3 = syz_io_uring_setup(0x1114, &(0x7f0000000500)={0x0, 0x10000, 0x2000, 0x2, 0xfffffffc}, &(0x7f0000000140)=<r4=>0x0, &(0x7f0000000000)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0})
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000400)='./file1\x00', 0x1018e54, &(0x7f0000000c00), 0x6, 0x64f, &(0x7f0000002080)="$eJzs3c9rHG0dAPDvzCZ5kzS+6SsiNigGPLQgTZNarHqxrQd7KFiwBxEPDU1SQ7c/SFKwtdAEvAgKIl6L9OI/4F169yaCevMsVJGKBS3dl5mdTTab3c2mSXaTzOcDm33mmdk8z3effTLPzOTZCaC0prMfacSZiPe3k4jJpnUTUV85XWz35t/P7mSPJGq17/8riaTIa2yfFM+nioXRiPjTtYjPVnaWu/rk6b35aq3uecSFtfuPLqw+eXp++f783cW7iw/mLn7j0uXZb85dmmuq6Ic7VTxfv/G9L/7yZz/++tKfq+eTuBK3hn+6EC1xHJTpmI73RYjN+UMRcTlLtHlfjpsTEEKpVYrP43BEfD4mo5Iv1U3G8i8GWjngUNUqEbXukt02AI4r3RvKqjEOaBzb93YcfOuQRyX98/pq/QBoZ/xDxSmH0fzYaPxN0nRkVD+3cfoAys/KePds9MW7Z1MvYtt5iLebrTN0AOV0sr4REV9oF3+S1+10HmkWf7rtWD+JiNmIGCnq95191CFpSh/GeZhueoy/ksXf3A5pRFwpnrP8ax9YfutprX7HD0A5vbpa7MjXs6Wt/V829miMf2Jr/PO88bqJ/V+SyQ16/9d5/NfY34/m4560ZRyWjVlutv+Vw60Zf//59V93Kr8+/pt60Xhk5TfGgv3weiNialv808W4M9ls/6TN+Dd7P25f6a2M7/7ln9c7rRt0/LWXEWfbHv9sjUqzVJfrkxeWlquLs/Wfbcv4wx9/9LtO5beP/6PeKr/jk7Z3WfuPd4i/qf3T1tdl78mj9r9yozXj9zdf3u9U/sSu7Z/+YySpH2+OFDk/2VhbW5mLGEluFJsU+fNraysXu8db3+ZtLX+eq8d/7ivt+/+2z39LVGONP5k9ePSDe286rfuQz3/TxeT3tR7r0EkW/0Jz+2+2dPf+n+X9qscy/vvDx1/qtK59/Mk+IgIAAAAAAIDySvNrsEk6s5lO05mZ+nzZz8V4Wn24uvbVpYePHyxEnMv/H3I4jTTJ/2Vksr6cLC1XF+eK/4dtLF9sWf5aRHwSEb+pjOXLM3ceVhcGHTwAAAAAAAAAAAAAAAAAAAAcEaeK+f+N+1T/p1Kf/w+UxO43mNtx/wfghGjX/8cGUA+g//L+320X/3H/6gL012HeYBo42vR/KC/9H8pL/4fy0v+hvPR/KC/9H8pL/wcAAACAE+mTL7/6WxIR698ayx+ZkWKdSb9wsg3vaevKodUD6D89Gspr89K/wT6UTk/j//8VXw54+NUBBiBpl5kPDmrdO/+rtq/csrH/ugEAAAAAAAAAAAAAdWfPdJ7/v7e5wcBxY9oflNc+5v/76gA45nz1P5SXY3xgl1n8MdppxW7z/wEAAAAAAAAAAACAAzORP5J0ppgLPBFpOjMT8ZmIOB3DydJydXE2Ij6OiL9Whj/KlucGXWkAAAAAAAAAAAAAAAAAAAA4YVafPL03X60urjQn/r8j52QnGndB3X3jWg/bdE18O/b4qkj6/7aMRcTAG+XQEkNNOUnEetbyR6JiK6txNKqRJwb8hwkAAAAAAAAAAAAAAAAAAEqoae5xe1O/7XONAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKD/tu7/v0tiYbz+gp423p4YdIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPH0aQAAAP//nhM77Q==")
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="1b000000000000000000008a7600c8aa53fc00000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000001200fba3db6bd4a57b32002800000800000000", @ANYRES32=r6, @ANYBLOB], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000011c0)={&(0x7f0000000140)='kfree\x00', r7, 0x0, 0x694}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab1204000000000000010902240001b30000040904410017ff5d810009050f1f0504000000090583"], 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
close(0xffffffffffffffff)
r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r8, 0x40045402, &(0x7f0000000040)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r8, 0x40345410, &(0x7f00000083c0)={{0x1}})
readv(r8, &(0x7f0000000200)=[{&(0x7f0000000140)=""/144, 0x90}], 0x1)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r8, 0x40505412, &(0x7f00000000c0)={0x0, 0x8, 0x0, 0x0, 0xf})
read(r8, &(0x7f00000002c0)=""/200, 0x39)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r8, 0x54a2)
io_uring_enter(r3, 0x47fa, 0x9bbe, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r1, 0x0)
mount$9p_fd(0x0, 0x0, &(0x7f00000000c0), 0x0, 0x0)

756.459876ms ago: executing program 2 (id=17285):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
faccessat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
modify_ldt$write(0x1, &(0x7f0000000180)={0x0, 0x1000, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x1000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)

696.430151ms ago: executing program 2 (id=17288):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x14, 0x19, 0xa, 0x201}, 0x14}}, 0x0)

667.393354ms ago: executing program 2 (id=17290):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
openat$ppp(0xffffffffffffff9c, 0x0, 0x20022, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000780)='mm_page_free\x00', r0}, 0x10)
r1 = io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x64})
getsockopt$WPAN_WANTACK(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000340)=0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

599.429259ms ago: executing program 2 (id=17294):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000240), 0x25, 0x4b6, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvvW1pKYUWJfFHVBBRNISZdoCGsMKNxhASI3HlAmo7NE1nOk1nirSyKP+DiSSu9E9wYeLChJV7d7pzgwsTVOILfclbzMudmZZSOm3fo8x96Xw+ycm9555hvt/D9J4zPW3nBNC3LkTERkSciIgHETHeuZ50Stxul+xxr189md189WQ2iWbz3n+TVnt2LXb8m8ypznOORMTPfhzxy+TduPW19cWZSqW80qkXG9XlYn1t/epCdWa+PF9eKpWmp6Ynb167UTqyvp6v/vHljxbu/Pwvf/7mi79t/ODXWVpjnbad/ThK7a4PbcfJDEbEnQ8RLAcDnf6cyDsRPpc0Ir4UERez+7+ZdzYAQC80m+PRHN9ZBwCOu7S1Bpakhc5awFikaaHQXsM7F6NppVZvXHlYW12aa6+VTcRQ+nChUp7srBVOxFCS1ada52/qpV31axFxNiJ+M3yyVS/M1ipzeb7xAYA+dmrX/P/RcHv+BwCOuZG8EwAAes78DwD9x/wPAP3H/A8A/cf8DwD9x/wPAP3H/A8AfeWnd+9mpbnZ+fzruUdrq4u1R1fnyvXFQnV1tjBbW1kuzNdq863P7Kke9HyVWm156nqsPi42yvVGsb62fr9aW11q3G99rvf98lBPegUA7Ofs+ef/SCJi49bJVokdezmYq+F4S/NOAMjNQN4JALkZzDsBIDe+xwf22KL3LV1/RejZ0ecC9Mblr1n/h35l/R/6l/V/6F/W/6F/NZuJPf8BoM9Y4wf8/B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+u7FWSdJCZy/wsUjTQiHidERMxFDycKFSnoyIMxHx9+Gh4aw+lXfSAMB7Sv+ddPb/ujx+aWx364nk4+HWMSJ+9bt7v30802isTGXX/7d9vfGsc72UR/4AwEG25umteXzL61dPZrdKL/N5+cP25qJZ3M1OabcMxmDrOBJDETH6/6RTb8verwwcQfyNpxHx1b36n7TWRiY6O5/ujp/FPt3T+Olb8dNWW/uY/V98+QhygX7zPBt/bu91/6VxoXXc+/4faY1Q729r/Nt8Z/xLt8e/gS7j34XDxrj+1590bXsa8fXBveIn2/GTLvEvHTL+P7/xrYvd2pq/j7gce8ffGavYqC4X62vrVxeqM/Pl+fJSqTQ9NT1589qNUrG1Rl3cWql+139uXTmzX/9Hu8QfOaD/3z1k///wyYNffHuf+N//zt6v/7l94mdz4vcOGX9m9E9dt+/O4s916f9Br/+VQ8Z/8a/1uUM+FADogfra+uJMpVJecdKzk+y92xcgDSe5nWRfAUfxPF/5gKnmPTIBH9qbmz7vTAAAAAAAAAAAAAAAgG568QdPefcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA4+vTAAAA//+0tdao")
fspick(0xffffffffffffff9c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b000000050000000200000004000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000480)='./binderfs/binder1\x00', 0x800, 0x0)
ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
mkdir(&(0x7f0000000000)='./file0\x00', 0x10)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0)
r1 = inotify_init()
inotify_add_watch(r1, &(0x7f00000000c0)='./file0\x00', 0x20000002)
statx(r1, &(0x7f00000003c0)='./file0\x00', 0x2000, 0x100, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000380)=@filename='./file0\x00', r2, &(0x7f0000000400)={0x4, 0xf, 0x6, 0x8000000000000000, 0x8000, 0x9, 0x9, 0x0, 0x5})
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)

488.628689ms ago: executing program 2 (id=17301):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
r0 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0)

420.113585ms ago: executing program 2 (id=17304):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000240), 0x25, 0x4b6, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvvW1pKYUWJfFHVBBRNISZdoCGsMKNxhASI3HlAmo7NE1nOk1nirSyKP+DiSSu9E9wYeLChJV7d7pzgwsTVOILfclbzMudmZZSOm3fo8x96Xw+ycm9555hvt/D9J4zPW3nBNC3LkTERkSciIgHETHeuZ50Stxul+xxr189md189WQ2iWbz3n+TVnt2LXb8m8ypznOORMTPfhzxy+TduPW19cWZSqW80qkXG9XlYn1t/epCdWa+PF9eKpWmp6Ynb167UTqyvp6v/vHljxbu/Pwvf/7mi79t/ODXWVpjnbad/ThK7a4PbcfJDEbEnQ8RLAcDnf6cyDsRPpc0Ir4UERez+7+ZdzYAQC80m+PRHN9ZBwCOu7S1Bpakhc5awFikaaHQXsM7F6NppVZvXHlYW12aa6+VTcRQ+nChUp7srBVOxFCS1ada52/qpV31axFxNiJ+M3yyVS/M1ipzeb7xAYA+dmrX/P/RcHv+BwCOuZG8EwAAes78DwD9x/wPAP3H/A8A/cf8DwD9x/wPAP3H/A8AfeWnd+9mpbnZ+fzruUdrq4u1R1fnyvXFQnV1tjBbW1kuzNdq863P7Kke9HyVWm156nqsPi42yvVGsb62fr9aW11q3G99rvf98lBPegUA7Ofs+ef/SCJi49bJVokdezmYq+F4S/NOAMjNQN4JALkZzDsBIDe+xwf22KL3LV1/RejZ0ecC9Mblr1n/h35l/R/6l/V/6F/W/6F/NZuJPf8BoM9Y4wf8/B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+u7FWSdJCZy/wsUjTQiHidERMxFDycKFSnoyIMxHx9+Gh4aw+lXfSAMB7Sv+ddPb/ujx+aWx364nk4+HWMSJ+9bt7v30802isTGXX/7d9vfGsc72UR/4AwEG25umteXzL61dPZrdKL/N5+cP25qJZ3M1OabcMxmDrOBJDETH6/6RTb8verwwcQfyNpxHx1b36n7TWRiY6O5/ujp/FPt3T+Olb8dNWW/uY/V98+QhygX7zPBt/bu91/6VxoXXc+/4faY1Q729r/Nt8Z/xLt8e/gS7j34XDxrj+1590bXsa8fXBveIn2/GTLvEvHTL+P7/xrYvd2pq/j7gce8ffGavYqC4X62vrVxeqM/Pl+fJSqTQ9NT1589qNUrG1Rl3cWql+139uXTmzX/9Hu8QfOaD/3z1k///wyYNffHuf+N//zt6v/7l94mdz4vcOGX9m9E9dt+/O4s916f9Br/+VQ8Z/8a/1uUM+FADogfra+uJMpVJecdKzk+y92xcgDSe5nWRfAUfxPF/5gKnmPTIBH9qbmz7vTAAAAAAAAAAAAAAAgG568QdPefcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA4+vTAAAA//+0tdao")
fspick(0xffffffffffffff9c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b000000050000000200000004000000"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000480)='./binderfs/binder1\x00', 0x800, 0x0)
ioctl$BINDER_THREAD_EXIT(r1, 0x40046208, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
mkdir(&(0x7f0000000000)='./file0\x00', 0x10)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0)
r2 = inotify_init()
r3 = inotify_add_watch(r2, &(0x7f00000000c0)='./file0\x00', 0x20000002)
statx(r2, &(0x7f00000003c0)='./file0\x00', 0x2000, 0x100, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000380)=@filename='./file0\x00', r4, &(0x7f0000000400)={0x4, 0xf, 0x6, 0x8000000000000000, 0x8000, 0x9, 0x9, 0x0, 0x5})
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
madvise(&(0x7f0000f7c000/0x3000)=nil, 0x3000, 0x14)
inotify_rm_watch(r2, r3)
umount2(&(0x7f0000000000)='./file0\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r0}, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000600)=ANY=[@ANYBLOB="18010000000000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r6}, 0x10)
r7 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
ioctl$MON_IOCX_MFETCH(r7, 0xc0109207, &(0x7f0000000080)={0x0, 0x6})
ioctl$MON_IOCX_GETX(r7, 0x80089203, &(0x7f0000000a40)={0x0, 0x0})

292.891085ms ago: executing program 1 (id=17308):
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0xc8, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000002000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
write$cgroup_subtree(r2, &(0x7f0000002a00)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce81ea038800fe08000e40000200875a65969ff57b00ff020000000000000000000000000001e2607e15e697ab", @ANYBLOB="40cce37e408a28e8b6a9151dbf453264fb1cfba4348872634613bbd1d724c7b29cce6e4879", @ANYRESOCT=r1, @ANYRES32=r3, @ANYRES64=r0, @ANYBLOB="25b81285c18717870f8be44399da4e3a52a9c0dbc329a06757b7464076f80ea35ca9875e5cfdab7dcb3f4d35b37c183f374b21fdb5d967e2df30415ea8fd33f50742d2d6f1f77921e91e8794a501514bb3d76b30befafa3d04f52345a81c8004a72036d1279fb48241975c9b9bdd3b56d9c443038395fad1d845ebcb558bf87704bd136fd4785c609d6225bbb9cf62f307ea85b458af8d433a65aea1dbc23bdf018d678665cba23bd3679c7a484fc86128c349b8da6aa30db51ae69eeb31695e83652c46eea4179ed7a965f9d01175c04df49b4d9f85f6b99df873c775fabcdaa50d96aec7f0ce5f5cb710fdf48a7c3fa30c13663ed3a0f3fd39dca5633f6c4a8bca1687dbffdb087e3c34e7edecdd6d25b84c4728d5b3530f13a55ef6c7a95ee67cb8154cead7e3ef00d3ec15c3affef66a5cfb4b5903816b51bad52eaa6d9743a52a5a24a918a42c886cf9711f9828c02ac818e04dfae9c52af1f2a8e3f335d46ffe2df6bb6e1310d0e31191c0b56a2d0ce4e98e5f3576f4a40894f3578604bbb4dafdceb1c66cc8f5efafe17bddd7a8d0c9258dd3cfe80130901d220ffb497c24502fd0aabde71fed24918e2ee25d34d66de1ffcaaa7387017a7ac227577731e6772129e578a4e043e8609174f1923b7e1b9e48bb9f370994e79213930b358ed678146a42274cedf3ba1a17673487287e1f9cd1025bf5652a52219bf9e01aa3cf338aae9773a9de7306f731012990f638f5d0d77aebd334c3f62e288a62e68e68dd8c140c54f3de37fb5b080ce469a318e0b432478e0c6c61641900d0948623be1cf8cab9a27de96efa5cd1a3c99947d9f318ebb78cfed381dae729749fbee1d2af89a0f8d50974aa6e8bcdf61e46de954ac2569623c6ca57115a09a0641214b46b41e63adc00b542dabc100c96be50ddb290d73693a59c0a5498ac1470e4197aa6bb1d07f5b80688c5361e735aae21e7540f29cae7c2dd4233cdae0e33897d6ba89580b34deb0ae49d1658fe7d313c75e9fab723b751e9cb0e3dec8aecf54f4feef016a51c3d9a2f4fa1617687131f148bd1c4f78662b19c9495dc5247361490048568733d2e5c02a49b70645b08ddec880ef551a429c4c411f1299b60acf6227ee375ee18c37d9abdc6409e4aafda2ab57d120bc5f2ec51ff7056c5e6897639c7a8a500a7ebc37c5f58a47c0f379236245acc6aada0b7c6135d9c3eee55635e61cf18c6c00a3b0868c8d307e2c4762d1ad75f534ce41d19096552765405c297aa97ac2d7a13c79e43261db99e5a7c70b0b69beabb4852701708667ea3da637a38d739efdac02d0803c5b7443d310ee193870917f0bae3f87b6d1a11a82f1d1f144acb97ddf893c054c58d63796096625436f4b629428f1378916ede0239e61672b7ac7d908046d97aefb9c96195c619757bc3e58d1d6e2a4c72b05dc003376f435c7c81dfa54fd62e23c3beb07b0c8171034f12e7c52fd77d67c3c8db8dee540db1f46ef6846cad25a3661a2d9c2b12c0c69f14252157652cd15a4bd3d986533f20bf3957b3e5a76b17d88a4c0e0796d698ab00f50c16169efb528497b206c6c1d3f23f148c13bdbd455ec5cee48d582e384a049af5ce3136915235ed712d54ba2fe3b3472a1c1875117137e0f81ea34cdcdf3a3ae7752bb844f7b140c21899687a703d68a4b74ccde9ac3017ebb45793238fc6edae4208ef2d3a57031e03be6b3380de20646451834864385887c568e26ae0ee5da84fa51b5e65f1758e1502a33b70d1b7df8469cf899d059d521698a749ee40222d8a9a7126042aad7a0f6dd49282b99e93a533616ae50b0be1eb8b7e6c276344bce883a3dc32f7482de7b417f2b79dfdf1aacdedd56540f91702d84fc4d5abbfdf507beb112d52107cec1902d76cbb52c050a7068e47e15ff2ed12250318469b094f7a3c486a1fc1619f0c1b3e0ce82f520ebab10e5fad8d749f8ed4b6259668d95024afe6e0bf72c4070c3ca42662c7188f8bf8772f9de5c89ce3d1cd3ba9a6347b1c89cbd657c15732e54cf1dd8626fd64d4835dc106e8d3f83df435e51edd1f6acba969279a867a491526acea4fd029b6aad1c2341d1c794c1e96cb87ccc33d7e6db6d6bfb83e1b1f70008e985b02244793cc3817044cf2fec6b83e262c1909509c71360741df00cd4f70e139c80050358e60296b425bbc5ca3f4dda97274828b20a17b7c8e3b290100d54a03055cd77d3c49313fac57df8f3beb0ba8e1df8d04225e5bb46879df2e7490fc42662b06b9ca6ba4da8fe7d6966195c5bdf9d8c0eb9d19b7ec07e59662306ea185f7ebebdf7d9d00061a9bcde310106b51f3ae5e298c2274d63b3a7cc9ad40c9241b1ad58676c815010d5b9ed6c8d3dbb84c841f7dbc5c53c203766c1cdb039106925d8bdbe73461562366c9ed087ef7f2d2933c1302d0d6e258b9ef99b911e674f9aaf1dc2810082ff67e14d3784e71b184459e5bec3c24f8228f49cd064e7a7fcff7df56f37f270ea0b15cbe6c4ddfc9d342775000d8c3e958c6658c6741297c8ed1d0561d851d671e2d93576172ffa72776425825bc9b806e605f7ac8d775bbcad7d8d30f6905b4d4160092e36bb63861adac7c989aae23b53a6de133765cdc60c063f6d4abfc6151bb9078d6be7e3c6493b6a12af16fce8809f7436bf3177f5c8d7ef44c07ffc2f7e8d122e19c9505c9b3d36f8259cff74f488282fa03c7084fe5592c176188b5d0533d5419721674e4fb6b507288f568128a47b7d99f3f970b0cd5c7844ba33422f5647e41df1bd7a29bac05182f9f81178405d509478be02125a1f7c51030836fcd597e6e70367dddd3fb158c0ff0c7a1bb85200f1c75d3799dd42a53646cc1ddea2b2d9ed38924250373fce0be567fcff7e3410a5d2a66efd0a64bd45d99cad22bbfa2809c26485aae3b9cff86adb7ed9876a97e0e5c4f77502ced2ae8f0b99de8ac7d11945e417e0855468ae629bef2f03570927104123b86f54048d1b2b26fa738339a729d89f66a1000680bb33d405188dfe9b7f7463cb4c84402545db12944669b38489d8af3de199e95c7848efd21ead1f82ba09a62a13110b8b4997b4f2ed8bd6e06aba9e8dcea7b8a7315f02eb081b2e515b47ca0eab435bc1663854fe820a94c9e5c3970cbf872e13b37ab1ab95794ece36412c38d7b2aa21836b91ce56816e574987f8e804e2e193ae76bbeec9606bf37945198b35a71dea111fe233f924ef3ebd5c258981a9186a6266f384906073030da1c81b0df5a3142147ae598e4ebc00250fdf92be4a91baa3ff184c1c578b4671120f24b8b64ac08b5a336016ceff8efbfe19416ab192a4ee01248e6b5b3cc8b132e395e5f48c6b2f4c96f4eaea1bd723ad755b2d6f5180cba0a79d434a074c4ee2b5ac7c02e858572d16ad4a9ea52e85e1fbd7f0dee009dd5cc1288bf2e72ad046862ccb228089a7c59a4fdb3cd3caf6402480e1dc9aa66d74eb5bc0f0b34cbe30c694cd2be2786d466abbf28587063511910578bdf272be5eb8e472c8b9c641eb8c7eebf447ae0fe2f94ebdb383181e82ec696fdfe83721085019e676219ad7de864e8ac668fa1f0b7befb40b079d5ac784c0304ccfad40923886bf76bed3383e0cf2d609fdc2adb49649cc747e64c077cb72db6f78ad0c32cffeb6eed334be272229b23aab94b2eafbedd4033e9eae4eef3ed6117739dd0575fbc227b0c6dc3387e6940ff7d9610befd7313548655af3831ac5b3f071c31c4c05390b9ffe7d82aa8fcfdab53b1d68d353877b53c9b0c48da9663bfb5323d606ae17e28f8ae38d66fe96d38d6f15772b4be06d0c3d1ef8370b7123c0f31596e49da6e453f40c19f893d4e669a5c1946f6eef0a97dd154d9767a4c3acadac414b8349e120f68aa8ecdd89c8d3385dd0e30f5e264d43aef1197e08d540cff6ffb507ebcd463d21b4acff8a7b5b21dee60b3d95cd668c55665c44e6336d9a4911f6840ad26c62d524d630139c0e25d59590ba914440a4a6cf3acc7a041db13d5f602bc31b32a4b5fcb0a33585810c08adf1167015362ccca71f271c93ce5a1b7ec9b55e3ff6b7e3c7da14d5f3fb9849bf396f10a1667e2301bd199fac6a5a4054807037b4484617230e910068c811c96175ca53f51bb50e4d1568da5195593a35a4ffab12c1c4dbbfe9365fa10c86bd67362d6d07617b790cded1a039786b6049f596971d25cd6ff28e2d000d8ef04fac9bdf87c2cb779171751603367735567931b2a8e656d6cfdafa036a9d1c03cac2ee9621ef0fa6e87670edbc79d2b0851f097f0245412d9a251dd490995ef885813f9044cf983c7d56359edc2511c896ba41dc3e591a24cd1c0b2970d8bbdae0b3dde90991e8a174662a4eee060ecc848e7a03835b1a8280334e16b0b1b22d9436ae2def46335137a26620731dccb21468b7e79ca1a01dfb42f599fd758ddd65976e8dc055dd518f68980a6195913c2a7245f8d5cf849eac3ff493138d6f181ed6ae4cf4b61908cde295e9f08915c45489602cb93729c9ec2076c79385f65834262378f2e9a16013caeecf47c6ead98c2352f8452dde4dbef0e362d19802e977501136dbef8280c0f31d43e0f08f520c8ba1c4eb27c1390a3bf134f0b871949e39ccb93dfcb007ab4d84504f65e04fd9d1610678a169f3345f7517b139d8e827b05ae9ec0e726025d1209f08618c649f7a2ee684a8b3945665ea1a7545dae36d061920d6d6262f625473bfed2d76681c3c4717da3a88734a6143b407c13e5c9d779dd839c09eb98399a146fc0181a92d593e99eb25835505e491e09bde3f9b981fa65da4f33df5745787dbcd6b1fd6ff5c1b79602cb8a27655a8ab966fcb66c1cb3cd74d26742b6dd6fc6e97313eac778f027168376adef57e95db7f81852e62559fd031ff53e670fb57835b51d001c70deb71b8f9a18537edefc4b3435f3498b59273a9bbabf14f6c1a830f4bf2433df7c058eb1435a9a3cf941dbca91248c38255f5b9f6eccf861f94db868601abca432977cbffc19bb78483d4014becadb71ffede0dda1cd2f00321254139a549322d46f20711dbd252b40e20ac8751cc112b49a6a940104515db8bfd50fc7b316c9eb8b2172dbce60a5c67ee4d0921412b0ac26906e9e170f9cb4f002dea71c37b96e6901d8afe38dea17e31d04b0a172a5cf983598351f0bb4b736e05bd96d645d9ebd4b6bf27fb117f7108b48935f09add35250b48ce3d18a0a496a1a52c4ff54bdeb03257b8f45eabfdbd20496ed2d315ace1b79b8892715baf18e93c43a9872a3d3c71d20d5f29768544f8e93f35a9358bbbd7864b20fdcff8415a547f89b6eebe78432e4a4821340f3e007e541129ec44c50f042d038c49b994a6c27d76d223af0f2ce3c0c8fffce728518cee45d1edcc2c617d6fe566a653dbaaec1568c11a1843fbec17cbd3e37602bd44131c99535422e199a29cd56ff7ef212be95e57b2f024ce6a892a8107007ca5c281196b3957f6bed72558338ebca7443d590b129c013b0a60dd15d06ed3004a06c2a983d680c2ae8feb240a0f3076936cbfa98149337e2c0d17b8669555f8a3d0a103dc6f0ac2aaecee8a4f852f6e262ae1522cd1f50f5f93bc189e5c54bc57e001c9b793140880c1113c9e0ff2f9ceb1e29c2c11bf88073ae09e77034c3ae728c7dbb92d87d23fafd771b6b15252a018c03e91b4aeebd89038c186966b8ea125cb3154e3c5fb9eb759b82f1da2966f4f2adb902c5dacfc69d32282122529163be0efcc71f3d0fe80ca41b44780428a319eb543cd6f85160"], 0xfe93)

274.936017ms ago: executing program 1 (id=17309):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r1 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r0}, 0x8)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="180100000100a7d90000000000000000850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x440, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
faccessat(r3, &(0x7f0000000000)='./file0\x00', 0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000d80), r5)
sendmsg$NL80211_CMD_GET_MPP(r5, &(0x7f0000000e40)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000e00)={&(0x7f0000000dc0)={0x20, r6, 0x2, 0x70bd29, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_MPATH_NEXT_HOP={0xa}]}, 0x20}, 0x1, 0x0, 0x0, 0x593e64e2e68450e7}, 0x20000000)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000e80)={'wlan0\x00', 0x8000})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
modify_ldt$write(0x1, &(0x7f0000000180)={0x0, 0x1000, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x1000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r8}, 0x10)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)

274.779817ms ago: executing program 3 (id=17310):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070015006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa80b0b8ed8fb1ec577c377f627daaf787a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bdeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aab926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb155481ef836eb0f8c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaed2b25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe514283707c70600000000000000b7561301bb997316db01ee601f2c9659db9bc04f7089a660d8dcc3ae83169cf331efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61ee2010000294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bfe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b2b458c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff00004043060000005dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df40600000000000000e9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c742eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd946ffffffffffffffff1389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000003c0)={'erspan0\x00', &(0x7f0000000340)={'syztnl1\x00', 0x0, 0x40, 0x7837, 0x1, 0x80000000, {{0xe, 0x4, 0x3, 0x3f, 0x38, 0x66, 0x0, 0x81, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}, @local, {[@timestamp_addr={0x44, 0x24, 0xd, 0x1, 0xf, [{@multicast2, 0xa}, {@private=0xa010101}, {@multicast2, 0x6}, {@loopback, 0xfffff801}]}]}}}}})
syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00')

248.471739ms ago: executing program 0 (id=17311):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
openat$ppp(0xffffffffffffff9c, 0x0, 0x20022, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000780)='mm_page_free\x00', r0}, 0x10)
r1 = io_uring_setup(0x1694, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x64})
getsockopt$WPAN_WANTACK(0xffffffffffffffff, 0x0, 0x0, &(0x7f00000001c0), &(0x7f0000000340)=0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

248.192589ms ago: executing program 3 (id=17312):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000240), 0x25, 0x4b6, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvvW1pKYUWJfFHVBBRNISZdoCGsMKNxhASI3HlAmo7NE1nOk1nirSyKP+DiSSu9E9wYeLChJV7d7pzgwsTVOILfclbzMudmZZSOm3fo8x96Xw+ycm9555hvt/D9J4zPW3nBNC3LkTERkSciIgHETHeuZ50Stxul+xxr189md189WQ2iWbz3n+TVnt2LXb8m8ypznOORMTPfhzxy+TduPW19cWZSqW80qkXG9XlYn1t/epCdWa+PF9eKpWmp6Ynb167UTqyvp6v/vHljxbu/Pwvf/7mi79t/ODXWVpjnbad/ThK7a4PbcfJDEbEnQ8RLAcDnf6cyDsRPpc0Ir4UERez+7+ZdzYAQC80m+PRHN9ZBwCOu7S1Bpakhc5awFikaaHQXsM7F6NppVZvXHlYW12aa6+VTcRQ+nChUp7srBVOxFCS1ada52/qpV31axFxNiJ+M3yyVS/M1ipzeb7xAYA+dmrX/P/RcHv+BwCOuZG8EwAAes78DwD9x/wPAP3H/A8A/cf8DwD9x/wPAP3H/A8AfeWnd+9mpbnZ+fzruUdrq4u1R1fnyvXFQnV1tjBbW1kuzNdq863P7Kke9HyVWm156nqsPi42yvVGsb62fr9aW11q3G99rvf98lBPegUA7Ofs+ef/SCJi49bJVokdezmYq+F4S/NOAMjNQN4JALkZzDsBIDe+xwf22KL3LV1/RejZ0ecC9Mblr1n/h35l/R/6l/V/6F/W/6F/NZuJPf8BoM9Y4wf8/B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+u7FWSdJCZy/wsUjTQiHidERMxFDycKFSnoyIMxHx9+Gh4aw+lXfSAMB7Sv+ddPb/ujx+aWx364nk4+HWMSJ+9bt7v30802isTGXX/7d9vfGsc72UR/4AwEG25umteXzL61dPZrdKL/N5+cP25qJZ3M1OabcMxmDrOBJDETH6/6RTb8verwwcQfyNpxHx1b36n7TWRiY6O5/ujp/FPt3T+Olb8dNWW/uY/V98+QhygX7zPBt/bu91/6VxoXXc+/4faY1Q729r/Nt8Z/xLt8e/gS7j34XDxrj+1590bXsa8fXBveIn2/GTLvEvHTL+P7/xrYvd2pq/j7gce8ffGavYqC4X62vrVxeqM/Pl+fJSqTQ9NT1589qNUrG1Rl3cWql+139uXTmzX/9Hu8QfOaD/3z1k///wyYNffHuf+N//zt6v/7l94mdz4vcOGX9m9E9dt+/O4s916f9Br/+VQ8Z/8a/1uUM+FADogfra+uJMpVJecdKzk+y92xcgDSe5nWRfAUfxPF/5gKnmPTIBH9qbmz7vTAAAAAAAAAAAAAAAgG568QdPefcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA4+vTAAAA//+0tdao")
fspick(0xffffffffffffff9c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b000000050000000200000004000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000480)='./binderfs/binder1\x00', 0x800, 0x0)
ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
mkdir(&(0x7f0000000000)='./file0\x00', 0x10)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0)
r1 = inotify_init()
inotify_add_watch(r1, &(0x7f00000000c0)='./file0\x00', 0x20000002)
statx(r1, &(0x7f00000003c0)='./file0\x00', 0x2000, 0x100, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000380)=@filename='./file0\x00', r2, &(0x7f0000000400)={0x4, 0xf, 0x6, 0x8000000000000000, 0x8000, 0x9, 0x9, 0x0, 0x5})
mlock(&(0x7f0000c00000/0x400000)=nil, 0x400000)
mremap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f0000fff000/0x1000)=nil)

236.21149ms ago: executing program 1 (id=17313):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
unshare(0x6a040000)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000300)={<r0=>0x0, @in={{0x2, 0x4e22, @empty}}}, &(0x7f0000000200)=0x84)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000280)={r0, 0xb, 0x6}, &(0x7f00000003c0)=0x8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = syz_io_uring_setup(0x4b6, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2}, &(0x7f0000ff0000), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000000040)=[{0x0}, {0x0}], 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r2, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
r3 = creat(0x0, 0x0)
lseek(r3, 0x7ffffb, 0x0)

164.084176ms ago: executing program 1 (id=17314):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
r1 = syz_io_uring_setup(0x4172, &(0x7f0000000780)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000180)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000000)=""/4, 0x4}], 0x27})
io_uring_enter(r1, 0x567, 0x0, 0x0, 0x0, 0x0)

156.797897ms ago: executing program 3 (id=17315):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000240)={0x5, &(0x7f0000000140)=[{0x0, 0x9, 0x1, 0x59e}, {0x800, 0x0, 0xfb, 0x1}, {0x2e, 0x2, 0x68, 0x2}, {0xfc01, 0x0, 0x7, 0xfd3a}, {0xb, 0x1, 0x7, 0x6}]})
r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0x200, 0x102)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x0, 0x0)
read$char_usb(r8, &(0x7f00000030c0)=""/4110, 0x100e)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b708000000feffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bind$tipc(r1, &(0x7f00000003c0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x3}}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r9}, 0x10)
sendmsg$802154_raw(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)="e9bed67a87ee4623d39c10780000000000000000", 0x14}}, 0x20040814)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000340)=ANY=[@ANYRES16=r2], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001100)={&(0x7f00000010c0)='mm_page_free\x00', r10}, 0x10)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYRES64=0x0, @ANYRESOCT=0x0], 0x6, 0x58d, &(0x7f0000000840)="$eJzs3V9v09wdwPGf2/Rpnm56NG0TQhV/DmWTilSCk0JQxJXnnKQHEjuyHdReoWpNUUXKJsqktTcrNwy07S1M4kXsdu8I7X43eWQ7Lv2TP6UtpKDvJwKfxsfn/I6J/OO4diwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAst2rbRUsaxmuvquHcauA3R6zP2rtzZDGiXxEr/iP5vFxN37r620+rr8R/Lci19Kdrko8Xedn7xZVfPfpNbirbfkRAX8XO7t6L9W638+qU9XMTj/hi1bVnQt80nbpWJvRVpVy2763UQlUzDR2uhZFuKjfQTuQHatG9o4qVyrLShTW/7dWrTkNnbz68W7LtsnpcaGknCH3v3uNC6K6YRsN49aROvDqu8zD+ID4xkYq001Rqc+vHzvK4IDe3up1iv3z8H2D/cKXSuJZKdqlUzIlI+UHlwUPbziVvFEulYvaGfYycqDH5Dy0m64KP4MDZTfXzvzTEiCdtWRU18OVKVQLxpTlkfV+W/39/T4/s93D+z7L8Vf/HbPW8JPn/RvrTjWH5X5TM7g+O50JeSQ+jXjuyK3vyQtalK13pyKvz9TeVjf8LjukUL0vklHu1Llo8MRKKL0aa4kg9F0efvqOkImUpiy3PZEVqEoqSmhhpiJZQ1iSUSHTyiXIlEC2OROJLIEoWxZU7oqQoFanIsijRUpA18aUtntSlKk7SyqZsJft9eUSMB5WKp6lUGlHpRDIn/+OzXfARHDi7Xpb/AQAAAADAd8tKzr7H8/8ZuZ6Uaqah7UmHBQAAAAAALtC7WnJ9vRXP/0XkulhD5//7/RMFAAAAAADgG2Ml99jF0/o5uZmWsjuhDk4CTE02RAAAAAAAcE7JL/RvxIu5uHRTrJPz/yHyXyVAAAAAAABwbu/Gfsd+2Jq1/vs/CYIZ601r9XfWthPXc7an0+2mj7cY1ealN5uWk7bKuX6Trr5m9b/98uBLMD+mi5z0eqPjsD4nAOun/tZHA5B/yq20zq2NdLmRrUl7mauZhi64fuNRURznp6lIr0Z/ebn1V0mG/95rxkFudTuFP/6pu5HE8iZu5c12/76IE7dHjIjldXb+5PrgEc8kN2L0+52zZHOr27E/jf+gqxNXZ4zo860spHUW5tLl3NHx5+M+i4Vho0+jmJFzjvyt3E7r3F68nS4GRFEaE0WndDiKqbPsi1NEsTwuiuVzRgEAk7KZfOvPwCyUHdKP590zHOU2x/0v40Ky+1tZTOsszicH1tz8gCO6Pe6IbrdWs8ycZrcfRmY32RcZfEQ/eAbSsBwb9/uvg36Lyeg//E1EPmRZ9cTww0bJinfh9OvtP8uVnd29u1vb6887zzsvS6Xlsn3fth+UZCYZRn9B7gEADDD+GTtja1j3x8yqf92/pCA7K9CVDVlK7jZIrjjIy+yRVv/x73gmfugyhKXjs9acHG6/lyXL//d6vaUxs7q03cxp6qaPlwEA4HuycDgPj8z//XpHa8TbWEtj5t1Hc/nxJwQPq1scEvF7bkcEAOCcdPDRmov+bgWBaT0rVipFJ1rRKvDdJyow1bpWxot04K44Xl2rVuBHvutPx4WnpqpDFbZbLT+IVM0PVMsPzWry5HfVf/R7qJuOFxk3bDW0E2rl+l7kuJGqmtBVrfYfGiZc0UGycdjSrqkZ14mM76nQbweuLigVan2ooqlqLzI1Exc91QpM0wnW1FO/0W5qVdWhG5hW5KcNZn0Zr+YHzbjZHya9rwEAuCx2dvderHe7nVdfsDDpMQIAgKM+J0tzxRgAAAAAAAAAAAAAAAAAAAAAAJPxNe7/G1/4zy9FLkEYFL6VQvzRvQRhXMJCXi6owUkfmQB8aT8HAAD//7A3Ulo=")
chown(&(0x7f0000000280)='./file1\x00', 0x0, 0x0)

148.142628ms ago: executing program 0 (id=17316):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
faccessat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES64, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
modify_ldt$write(0x1, &(0x7f0000000180)={0x0, 0x1000, 0xffffffffffffffff, 0x1, 0x2, 0x1}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1, 0x1000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)

142.626398ms ago: executing program 1 (id=17317):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000100000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0xb8, 0x7ffc0002}]})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002840)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYRES16=0x0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
futex(0x0, 0x5, 0x0, 0x0, 0x0, 0xf0000000)
r3 = eventfd2(0x0, 0x0)
ioctl$PPPIOCGUNIT(0xffffffffffffffff, 0x80047456, &(0x7f0000000040))
io_submit(0x0, 0x2, &(0x7f0000000940)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0}, 0x0])
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r6, 0x4c80, 0xffffffffffffffb6)
io_destroy(0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x5, 0x2213, &(0x7f0000000380)=ANY=[@ANYRESDEC=r5], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r7}, 0x10)
syz_emit_ethernet(0x2b4, &(0x7f0000002b00)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb86dd6656f48c027e1101ff010000000000000000000000000001fc0000000000000000000000000000000018000000000000c2040000000604010505020c750401810401040708000000030080050009a5e435acfa0c9a417476c01123b796a97e20055a708f47d3ecb181610bfe1910f1320dbd9b3ea18caa6496afe356b6fc2ebede8cb9504ce8f54be43ccd6dad28f91a9f0b4dad0fb766e95229b3dea336e715a4669cf569b683359e288360bf5a0401555a60d7be4e3862cc89034cfd6b5cbe1e66555265d1e72101fd125ae75d3cc2c744020d996aecf39adcc5cbda5915d2007ea400a5636c34581f50beda8bb73694de06e0000000003c0800db00000000ff01000000000000000000000000000100000000000000000000000000000000fc010000000000000000000000000000fc0200000000000000000000000000011d04030100000000ff020000000000000000000000000001200100008e56000000000000000000000002040110400000a00100000000000000000000000000012f0000000000000008080000000000000738000000020c05ff010700000000000000060000000000000007000000000000000000000000000000f7fffffffffffffffb0000000000000001070000000000000000000000004e204e2100ce907841010001f9df9ad6d2b64c02901e3aeb54d28c211815336e8ac37146614fed97d9c166fb7d39b9452593115e493a2958221bfa48b9d05192c89ec76c095a01a307769c39c3b2f3db1ca6b0e873d3a823f7bc8b11cf8f77661ec9dd6e1cf06bf110890e309612dbebe8e63c09bafc561dc3f0e339ac0e9956700276dee2562fcfdbbd528c95f4822330cfce17b5860333065438fd2e38a7476f1160bd6cdc12b537051e15f81938332dc16432f1faf72830dac51b2becd0d25b0e3deb8ef59f2e092aaa7676562c9adbb9e1e859530a51d0cb2a0f6e616fc91c7cff3bd2123362ab3d8337b76bca09059cbaf9be9b9f611a8482b0d482e0666fa3210c972b17a69ea9d6508baf27b522f6bc88ad9576d7dd9391b25ef4a69e33a7a9183c4c7e5e9acfd995aa05947966afe9d650404fa7a833e01830d3fb010bc4f007d4440c7154496413c6b79d9bbaca3ee8fcf61e8b370f1e5ff7e2f335392bbf7aa17f10c99f98f4f8027ec64a72a828e54b35069e7d010000000000000017cd51363688677ebbf91ec443c470f2c8e08d7b96dd8644fb6a6fd2884e088eead0921d691b0befccd5a3a93474ac93ec28f23e4f7d560f936d633f21abae86d0a125807cce9fb673decc1d"], 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x11, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='tlb_flush\x00', r8}, 0x10)
r9 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r9, &(0x7f0000000480)=[{&(0x7f0000000080)='4', 0x1}], 0x1)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/slabinfo\x00', 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r11, 0x6, 0x14, &(0x7f00000001c0), 0x4)
read$char_usb(r11, &(0x7f0000001840)=""/4090, 0xffa)
preadv2(r11, &(0x7f0000000200)=[{&(0x7f0000000280)=""/177, 0xb1}], 0x1, 0xee, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r10, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f00000004c0)=@ethtool_flash={0x33, 0x0, '.\x00'}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r0}, 0x10)

85.583543ms ago: executing program 0 (id=17318):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="18000000002c0000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f0000000240)={0x4, &(0x7f0000000140)=[{0x0, 0x9, 0x1, 0x59e}, {0x800, 0x0, 0xfb, 0x1}, {0x2e, 0x2, 0x68, 0x2}, {0xfc01, 0x0, 0x7, 0xfd3a}]})
r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0x200, 0x102)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x2f, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="60010000100013070000000000000000ac1e000100000000001414aa000000000000000000000000000000000000000002000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0xee00, @ANYBLOB="ac1414bb0000000000000000000000000000000032000000fe88000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000400000000000000000070001200726663343130362867636d28616573292900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002001000040"], 0x160}}, 0x0)
r6 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x0, 0x0)
read$char_usb(r9, &(0x7f00000030c0)=""/4110, 0x100e)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b708000000feffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bind$tipc(r1, &(0x7f00000003c0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x4, 0x3}}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10)
sendmsg$802154_raw(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)="e9bed67a87ee4623d39c10780000000000000000", 0x14}}, 0x20040814)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000340)=ANY=[@ANYRES16=r2], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001100)={&(0x7f00000010c0)='mm_page_free\x00', r11}, 0x10)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000300)=ANY=[@ANYRES64=0x0, @ANYRESOCT=0x0], 0x6, 0x58d, &(0x7f0000000840)="$eJzs3V9v09wdwPGf2/Rpnm56NG0TQhV/DmWTilSCk0JQxJXnnKQHEjuyHdReoWpNUUXKJsqktTcrNwy07S1M4kXsdu8I7X43eWQ7Lv2TP6UtpKDvJwKfxsfn/I6J/OO4diwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAst2rbRUsaxmuvquHcauA3R6zP2rtzZDGiXxEr/iP5vFxN37r620+rr8R/Lci19Kdrko8Xedn7xZVfPfpNbirbfkRAX8XO7t6L9W638+qU9XMTj/hi1bVnQt80nbpWJvRVpVy2763UQlUzDR2uhZFuKjfQTuQHatG9o4qVyrLShTW/7dWrTkNnbz68W7LtsnpcaGknCH3v3uNC6K6YRsN49aROvDqu8zD+ID4xkYq001Rqc+vHzvK4IDe3up1iv3z8H2D/cKXSuJZKdqlUzIlI+UHlwUPbziVvFEulYvaGfYycqDH5Dy0m64KP4MDZTfXzvzTEiCdtWRU18OVKVQLxpTlkfV+W/39/T4/s93D+z7L8Vf/HbPW8JPn/RvrTjWH5X5TM7g+O50JeSQ+jXjuyK3vyQtalK13pyKvz9TeVjf8LjukUL0vklHu1Llo8MRKKL0aa4kg9F0efvqOkImUpiy3PZEVqEoqSmhhpiJZQ1iSUSHTyiXIlEC2OROJLIEoWxZU7oqQoFanIsijRUpA18aUtntSlKk7SyqZsJft9eUSMB5WKp6lUGlHpRDIn/+OzXfARHDi7Xpb/AQAAAADAd8tKzr7H8/8ZuZ6Uaqah7UmHBQAAAAAALtC7WnJ9vRXP/0XkulhD5//7/RMFAAAAAADgG2Ml99jF0/o5uZmWsjuhDk4CTE02RAAAAAAAcE7JL/RvxIu5uHRTrJPz/yHyXyVAAAAAAABwbu/Gfsd+2Jq1/vs/CYIZ601r9XfWthPXc7an0+2mj7cY1ealN5uWk7bKuX6Trr5m9b/98uBLMD+mi5z0eqPjsD4nAOun/tZHA5B/yq20zq2NdLmRrUl7mauZhi64fuNRURznp6lIr0Z/ebn1V0mG/95rxkFudTuFP/6pu5HE8iZu5c12/76IE7dHjIjldXb+5PrgEc8kN2L0+52zZHOr27E/jf+gqxNXZ4zo860spHUW5tLl3NHx5+M+i4Vho0+jmJFzjvyt3E7r3F68nS4GRFEaE0WndDiKqbPsi1NEsTwuiuVzRgEAk7KZfOvPwCyUHdKP590zHOU2x/0v40Ky+1tZTOsszicH1tz8gCO6Pe6IbrdWs8ycZrcfRmY32RcZfEQ/eAbSsBwb9/uvg36Lyeg//E1EPmRZ9cTww0bJinfh9OvtP8uVnd29u1vb6887zzsvS6Xlsn3fth+UZCYZRn9B7gEADDD+GTtja1j3x8yqf92/pCA7K9CVDVlK7jZIrjjIy+yRVv/x73gmfugyhKXjs9acHG6/lyXL//d6vaUxs7q03cxp6qaPlwEA4HuycDgPj8z//XpHa8TbWEtj5t1Hc/nxJwQPq1scEvF7bkcEAOCcdPDRmov+bgWBaT0rVipFJ1rRKvDdJyow1bpWxot04K44Xl2rVuBHvutPx4WnpqpDFbZbLT+IVM0PVMsPzWry5HfVf/R7qJuOFxk3bDW0E2rl+l7kuJGqmtBVrfYfGiZc0UGycdjSrqkZ14mM76nQbweuLigVan2ooqlqLzI1Exc91QpM0wnW1FO/0W5qVdWhG5hW5KcNZn0Zr+YHzbjZHya9rwEAuCx2dvderHe7nVdfsDDpMQIAgKM+J0tzxRgAAAAAAAAAAAAAAAAAAAAAAJPxNe7/G1/4zy9FLkEYFL6VQvzRvQRhXMJCXi6owUkfmQB8aT8HAAD//7A3Ulo=")
chown(&(0x7f0000000280)='./file1\x00', 0x0, 0x0)

44.905326ms ago: executing program 3 (id=17320):
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x4}, 0x0, 0xc8, 0x0, 0x0, 0x0, 0x8}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r1)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
recvmsg$unix(r0, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}], 0x18}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000002000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
write$cgroup_subtree(r2, &(0x7f0000002a00)=ANY=[@ANYBLOB="8fedcb791f6f9875f37538e486dd6317ce81ea038800fe08000e40000200875a65969ff57b00ff020000000000000000000000000001e2607e15e697ab", @ANYBLOB="40cce37e408a28e8b6a9151dbf453264fb1cfba4348872634613bbd1d724c7b29cce6e4879", @ANYRESOCT=r1, @ANYRES32=r3, @ANYRES64=r0, @ANYBLOB="25b81285c18717870f8be44399da4e3a52a9c0dbc329a06757b7464076f80ea35ca9875e5cfdab7dcb3f4d35b37c183f374b21fdb5d967e2df30415ea8fd33f50742d2d6f1f77921e91e8794a501514bb3d76b30befafa3d04f52345a81c8004a72036d1279fb48241975c9b9bdd3b56d9c443038395fad1d845ebcb558bf87704bd136fd4785c609d6225bbb9cf62f307ea85b458af8d433a65aea1dbc23bdf018d678665cba23bd3679c7a484fc86128c349b8da6aa30db51ae69eeb31695e83652c46eea4179ed7a965f9d01175c04df49b4d9f85f6b99df873c775fabcdaa50d96aec7f0ce5f5cb710fdf48a7c3fa30c13663ed3a0f3fd39dca5633f6c4a8bca1687dbffdb087e3c34e7edecdd6d25b84c4728d5b3530f13a55ef6c7a95ee67cb8154cead7e3ef00d3ec15c3affef66a5cfb4b5903816b51bad52eaa6d9743a52a5a24a918a42c886cf9711f9828c02ac818e04dfae9c52af1f2a8e3f335d46ffe2df6bb6e1310d0e31191c0b56a2d0ce4e98e5f3576f4a40894f3578604bbb4dafdceb1c66cc8f5efafe17bddd7a8d0c9258dd3cfe80130901d220ffb497c24502fd0aabde71fed24918e2ee25d34d66de1ffcaaa7387017a7ac227577731e6772129e578a4e043e8609174f1923b7e1b9e48bb9f370994e79213930b358ed678146a42274cedf3ba1a17673487287e1f9cd1025bf5652a52219bf9e01aa3cf338aae9773a9de7306f731012990f638f5d0d77aebd334c3f62e288a62e68e68dd8c140c54f3de37fb5b080ce469a318e0b432478e0c6c61641900d0948623be1cf8cab9a27de96efa5cd1a3c99947d9f318ebb78cfed381dae729749fbee1d2af89a0f8d50974aa6e8bcdf61e46de954ac2569623c6ca57115a09a0641214b46b41e63adc00b542dabc100c96be50ddb290d73693a59c0a5498ac1470e4197aa6bb1d07f5b80688c5361e735aae21e7540f29cae7c2dd4233cdae0e33897d6ba89580b34deb0ae49d1658fe7d313c75e9fab723b751e9cb0e3dec8aecf54f4feef016a51c3d9a2f4fa1617687131f148bd1c4f78662b19c9495dc5247361490048568733d2e5c02a49b70645b08ddec880ef551a429c4c411f1299b60acf6227ee375ee18c37d9abdc6409e4aafda2ab57d120bc5f2ec51ff7056c5e6897639c7a8a500a7ebc37c5f58a47c0f379236245acc6aada0b7c6135d9c3eee55635e61cf18c6c00a3b0868c8d307e2c4762d1ad75f534ce41d19096552765405c297aa97ac2d7a13c79e43261db99e5a7c70b0b69beabb4852701708667ea3da637a38d739efdac02d0803c5b7443d310ee193870917f0bae3f87b6d1a11a82f1d1f144acb97ddf893c054c58d63796096625436f4b629428f1378916ede0239e61672b7ac7d908046d97aefb9c96195c619757bc3e58d1d6e2a4c72b05dc003376f435c7c81dfa54fd62e23c3beb07b0c8171034f12e7c52fd77d67c3c8db8dee540db1f46ef6846cad25a3661a2d9c2b12c0c69f14252157652cd15a4bd3d986533f20bf3957b3e5a76b17d88a4c0e0796d698ab00f50c16169efb528497b206c6c1d3f23f148c13bdbd455ec5cee48d582e384a049af5ce3136915235ed712d54ba2fe3b3472a1c1875117137e0f81ea34cdcdf3a3ae7752bb844f7b140c21899687a703d68a4b74ccde9ac3017ebb45793238fc6edae4208ef2d3a57031e03be6b3380de20646451834864385887c568e26ae0ee5da84fa51b5e65f1758e1502a33b70d1b7df8469cf899d059d521698a749ee40222d8a9a7126042aad7a0f6dd49282b99e93a533616ae50b0be1eb8b7e6c276344bce883a3dc32f7482de7b417f2b79dfdf1aacdedd56540f91702d84fc4d5abbfdf507beb112d52107cec1902d76cbb52c050a7068e47e15ff2ed12250318469b094f7a3c486a1fc1619f0c1b3e0ce82f520ebab10e5fad8d749f8ed4b6259668d95024afe6e0bf72c4070c3ca42662c7188f8bf8772f9de5c89ce3d1cd3ba9a6347b1c89cbd657c15732e54cf1dd8626fd64d4835dc106e8d3f83df435e51edd1f6acba969279a867a491526acea4fd029b6aad1c2341d1c794c1e96cb87ccc33d7e6db6d6bfb83e1b1f70008e985b02244793cc3817044cf2fec6b83e262c1909509c71360741df00cd4f70e139c80050358e60296b425bbc5ca3f4dda97274828b20a17b7c8e3b290100d54a03055cd77d3c49313fac57df8f3beb0ba8e1df8d04225e5bb46879df2e7490fc42662b06b9ca6ba4da8fe7d6966195c5bdf9d8c0eb9d19b7ec07e59662306ea185f7ebebdf7d9d00061a9bcde310106b51f3ae5e298c2274d63b3a7cc9ad40c9241b1ad58676c815010d5b9ed6c8d3dbb84c841f7dbc5c53c203766c1cdb039106925d8bdbe73461562366c9ed087ef7f2d2933c1302d0d6e258b9ef99b911e674f9aaf1dc2810082ff67e14d3784e71b184459e5bec3c24f8228f49cd064e7a7fcff7df56f37f270ea0b15cbe6c4ddfc9d342775000d8c3e958c6658c6741297c8ed1d0561d851d671e2d93576172ffa72776425825bc9b806e605f7ac8d775bbcad7d8d30f6905b4d4160092e36bb63861adac7c989aae23b53a6de133765cdc60c063f6d4abfc6151bb9078d6be7e3c6493b6a12af16fce8809f7436bf3177f5c8d7ef44c07ffc2f7e8d122e19c9505c9b3d36f8259cff74f488282fa03c7084fe5592c176188b5d0533d5419721674e4fb6b507288f568128a47b7d99f3f970b0cd5c7844ba33422f5647e41df1bd7a29bac05182f9f81178405d509478be02125a1f7c51030836fcd597e6e70367dddd3fb158c0ff0c7a1bb85200f1c75d3799dd42a53646cc1ddea2b2d9ed38924250373fce0be567fcff7e3410a5d2a66efd0a64bd45d99cad22bbfa2809c26485aae3b9cff86adb7ed9876a97e0e5c4f77502ced2ae8f0b99de8ac7d11945e417e0855468ae629bef2f03570927104123b86f54048d1b2b26fa738339a729d89f66a1000680bb33d405188dfe9b7f7463cb4c84402545db12944669b38489d8af3de199e95c7848efd21ead1f82ba09a62a13110b8b4997b4f2ed8bd6e06aba9e8dcea7b8a7315f02eb081b2e515b47ca0eab435bc1663854fe820a94c9e5c3970cbf872e13b37ab1ab95794ece36412c38d7b2aa21836b91ce56816e574987f8e804e2e193ae76bbeec9606bf37945198b35a71dea111fe233f924ef3ebd5c258981a9186a6266f384906073030da1c81b0df5a3142147ae598e4ebc00250fdf92be4a91baa3ff184c1c578b4671120f24b8b64ac08b5a336016ceff8efbfe19416ab192a4ee01248e6b5b3cc8b132e395e5f48c6b2f4c96f4eaea1bd723ad755b2d6f5180cba0a79d434a074c4ee2b5ac7c02e858572d16ad4a9ea52e85e1fbd7f0dee009dd5cc1288bf2e72ad046862ccb228089a7c59a4fdb3cd3caf6402480e1dc9aa66d74eb5bc0f0b34cbe30c694cd2be2786d466abbf28587063511910578bdf272be5eb8e472c8b9c641eb8c7eebf447ae0fe2f94ebdb383181e82ec696fdfe83721085019e676219ad7de864e8ac668fa1f0b7befb40b079d5ac784c0304ccfad40923886bf76bed3383e0cf2d609fdc2adb49649cc747e64c077cb72db6f78ad0c32cffeb6eed334be272229b23aab94b2eafbedd4033e9eae4eef3ed6117739dd0575fbc227b0c6dc3387e6940ff7d9610befd7313548655af3831ac5b3f071c31c4c05390b9ffe7d82aa8fcfdab53b1d68d353877b53c9b0c48da9663bfb5323d606ae17e28f8ae38d66fe96d38d6f15772b4be06d0c3d1ef8370b7123c0f31596e49da6e453f40c19f893d4e669a5c1946f6eef0a97dd154d9767a4c3acadac414b8349e120f68aa8ecdd89c8d3385dd0e30f5e264d43aef1197e08d540cff6ffb507ebcd463d21b4acff8a7b5b21dee60b3d95cd668c55665c44e6336d9a4911f6840ad26c62d524d630139c0e25d59590ba914440a4a6cf3acc7a041db13d5f602bc31b32a4b5fcb0a33585810c08adf1167015362ccca71f271c93ce5a1b7ec9b55e3ff6b7e3c7da14d5f3fb9849bf396f10a1667e2301bd199fac6a5a4054807037b4484617230e910068c811c96175ca53f51bb50e4d1568da5195593a35a4ffab12c1c4dbbfe9365fa10c86bd67362d6d07617b790cded1a039786b6049f596971d25cd6ff28e2d000d8ef04fac9bdf87c2cb779171751603367735567931b2a8e656d6cfdafa036a9d1c03cac2ee9621ef0fa6e87670edbc79d2b0851f097f0245412d9a251dd490995ef885813f9044cf983c7d56359edc2511c896ba41dc3e591a24cd1c0b2970d8bbdae0b3dde90991e8a174662a4eee060ecc848e7a03835b1a8280334e16b0b1b22d9436ae2def46335137a26620731dccb21468b7e79ca1a01dfb42f599fd758ddd65976e8dc055dd518f68980a6195913c2a7245f8d5cf849eac3ff493138d6f181ed6ae4cf4b61908cde295e9f08915c45489602cb93729c9ec2076c79385f65834262378f2e9a16013caeecf47c6ead98c2352f8452dde4dbef0e362d19802e977501136dbef8280c0f31d43e0f08f520c8ba1c4eb27c1390a3bf134f0b871949e39ccb93dfcb007ab4d84504f65e04fd9d1610678a169f3345f7517b139d8e827b05ae9ec0e726025d1209f08618c649f7a2ee684a8b3945665ea1a7545dae36d061920d6d6262f625473bfed2d76681c3c4717da3a88734a6143b407c13e5c9d779dd839c09eb98399a146fc0181a92d593e99eb25835505e491e09bde3f9b981fa65da4f33df5745787dbcd6b1fd6ff5c1b79602cb8a27655a8ab966fcb66c1cb3cd74d26742b6dd6fc6e97313eac778f027168376adef57e95db7f81852e62559fd031ff53e670fb57835b51d001c70deb71b8f9a18537edefc4b3435f3498b59273a9bbabf14f6c1a830f4bf2433df7c058eb1435a9a3cf941dbca91248c38255f5b9f6eccf861f94db868601abca432977cbffc19bb78483d4014becadb71ffede0dda1cd2f00321254139a549322d46f20711dbd252b40e20ac8751cc112b49a6a940104515db8bfd50fc7b316c9eb8b2172dbce60a5c67ee4d0921412b0ac26906e9e170f9cb4f002dea71c37b96e6901d8afe38dea17e31d04b0a172a5cf983598351f0bb4b736e05bd96d645d9ebd4b6bf27fb117f7108b48935f09add35250b48ce3d18a0a496a1a52c4ff54bdeb03257b8f45eabfdbd20496ed2d315ace1b79b8892715baf18e93c43a9872a3d3c71d20d5f29768544f8e93f35a9358bbbd7864b20fdcff8415a547f89b6eebe78432e4a4821340f3e007e541129ec44c50f042d038c49b994a6c27d76d223af0f2ce3c0c8fffce728518cee45d1edcc2c617d6fe566a653dbaaec1568c11a1843fbec17cbd3e37602bd44131c99535422e199a29cd56ff7ef212be95e57b2f024ce6a892a8107007ca5c281196b3957f6bed72558338ebca7443d590b129c013b0a60dd15d06ed3004a06c2a983d680c2ae8feb240a0f3076936cbfa98149337e2c0d17b8669555f8a3d0a103dc6f0ac2aaecee8a4f852f6e262ae1522cd1f50f5f93bc189e5c54bc57e001c9b793140880c1113c9e0ff2f9ceb1e29c2c11bf88073ae09e77034c3ae728c7dbb92d87d23fafd771b6b15252a018c03e91b4aeebd89038c186966b8ea125cb3154e3c5fb9eb759b82f1da2966f4f2adb902c5dacfc69d32282122529163be0efcc71f3d0fe80ca41b44780428a319eb543cd6f85160"], 0xfe93)

43.337877ms ago: executing program 1 (id=17321):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000380)={0x1, &(0x7f0000000300)=[{0x8, 0x4, 0x9}]})
wait4(0x0, 0x0, 0x0, 0x0)
wait4(0x0, 0x0, 0x40000000, 0x0)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000020000000100000000000001e5ff0000400000000000000001000084080000000000000001"], 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, r1, 0x1, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001f85236ccc4ce75fa61b6d6978d0", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0x6, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x1, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r4, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x0, 'queue0\x00'})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r3}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffeb2, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r5}, 0x10)
syz_emit_ethernet(0x7e, &(0x7f0000001a40)={@random="0f539af21094", @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "1200b0", 0x48, 0x3a, 0x0, @empty, @mcast2, {[], @dest_unreach={0x3, 0x2, 0x0, 0x0, '\x00', {0x0, 0x6, "277382", 0x0, 0x2c, 0x0, @private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [@hopopts={0x2f, 0x1, '\x00', [@calipso={0x7, 0x8, {0x22ebffff, 0x0, 0xfc}}]}]}}}}}}}, 0x0)
mbind(&(0x7f0000ff4000/0xc000)=nil, 0xc000, 0x1, &(0x7f0000000000)=0x800000000101, 0x29, 0x0)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x3)

27.986658ms ago: executing program 0 (id=17322):
r0 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="18010000000000200000000000000000181900", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x39)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
sendmsg$SMC_PNETID_ADD(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x34, r0, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'geneve1\x00'}]}, 0x34}}, 0x0)

18.948468ms ago: executing program 3 (id=17323):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f0000000240), 0x25, 0x4b6, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvvW1pKYUWJfFHVBBRNISZdoCGsMKNxhASI3HlAmo7NE1nOk1nirSyKP+DiSSu9E9wYeLChJV7d7pzgwsTVOILfclbzMudmZZSOm3fo8x96Xw+ycm9555hvt/D9J4zPW3nBNC3LkTERkSciIgHETHeuZ50Stxul+xxr189md189WQ2iWbz3n+TVnt2LXb8m8ypznOORMTPfhzxy+TduPW19cWZSqW80qkXG9XlYn1t/epCdWa+PF9eKpWmp6Ynb167UTqyvp6v/vHljxbu/Pwvf/7mi79t/ODXWVpjnbad/ThK7a4PbcfJDEbEnQ8RLAcDnf6cyDsRPpc0Ir4UERez+7+ZdzYAQC80m+PRHN9ZBwCOu7S1Bpakhc5awFikaaHQXsM7F6NppVZvXHlYW12aa6+VTcRQ+nChUp7srBVOxFCS1ada52/qpV31axFxNiJ+M3yyVS/M1ipzeb7xAYA+dmrX/P/RcHv+BwCOuZG8EwAAes78DwD9x/wPAP3H/A8A/cf8DwD9x/wPAP3H/A8AfeWnd+9mpbnZ+fzruUdrq4u1R1fnyvXFQnV1tjBbW1kuzNdq863P7Kke9HyVWm156nqsPi42yvVGsb62fr9aW11q3G99rvf98lBPegUA7Ofs+ef/SCJi49bJVokdezmYq+F4S/NOAMjNQN4JALkZzDsBIDe+xwf22KL3LV1/RejZ0ecC9Mblr1n/h35l/R/6l/V/6F/W/6F/NZuJPf8BoM9Y4wf8/B8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+u7FWSdJCZy/wsUjTQiHidERMxFDycKFSnoyIMxHx9+Gh4aw+lXfSAMB7Sv+ddPb/ujx+aWx364nk4+HWMSJ+9bt7v30802isTGXX/7d9vfGsc72UR/4AwEG25umteXzL61dPZrdKL/N5+cP25qJZ3M1OabcMxmDrOBJDETH6/6RTb8verwwcQfyNpxHx1b36n7TWRiY6O5/ujp/FPt3T+Olb8dNWW/uY/V98+QhygX7zPBt/bu91/6VxoXXc+/4faY1Q729r/Nt8Z/xLt8e/gS7j34XDxrj+1590bXsa8fXBveIn2/GTLvEvHTL+P7/xrYvd2pq/j7gce8ffGavYqC4X62vrVxeqM/Pl+fJSqTQ9NT1589qNUrG1Rl3cWql+139uXTmzX/9Hu8QfOaD/3z1k///wyYNffHuf+N//zt6v/7l94mdz4vcOGX9m9E9dt+/O4s916f9Br/+VQ8Z/8a/1uUM+FADogfra+uJMpVJecdKzk+y92xcgDSe5nWRfAUfxPF/5gKnmPTIBH9qbmz7vTAAAAAAAAAAAAAAAgG568QdPefcRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA4+vTAAAA//+0tdao")
fspick(0xffffffffffffff9c, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0b000000050000000200000004000000"], 0x48)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000480)='./binderfs/binder1\x00', 0x800, 0x0)
ioctl$BINDER_THREAD_EXIT(r0, 0x40046208, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x0, 0x0)
inotify_init()

14.171389ms ago: executing program 0 (id=17324):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000031c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf7cf39e3100c8acaa47684f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d7559f3b14820ed58b15627c95aa0b784625704f07372c29184ff7f4a7c0000070015006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e000000000000041201baa80b0b8ed8fb1ec577c377f627daaf787a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bdeda7be586602d985430cea080000000000fb1a26abfb0767192361448279b05d96a703a660587a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aab926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb155481ef836eb0f8c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaed2b25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec0271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761036eafed1fb2b98b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe514283707c70600000000000000b7561301bb997316db01ee601f2c9659db9bc04f7089a660d8dcc3ae83169cf331efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a515d83129cd857c775f9e7d6101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbe3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562e00e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb2214209ed2d5d776e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b55ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f608ce27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e30400000000000000000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a95d32f46ed9bd1f00fb8191bbab2dc599dda61ee2010000294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bfe2777e808fcba821a00e8c5c39609ff854256cb490000000000c1fee30a3f7a85d1b2b458c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd210819203828b202779d386ed295f023c67d867014d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff00004043060000005dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df40600000000000000e9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b0600b805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1202000000b59fed817072a0da60160761fd3dffda0f7c742eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7000000000000000542954c167dd9b4acd946ffffffffffffffff1389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c9e281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b630500163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f700400fa0c61d5fe6d8ff353f631080405547d65375ae04f44f0c2543c772c5ccb137be7dc87746e1785a8214454d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b036e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e010000005a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb3985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1428c0805b4031a667e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a9cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab9100781b9912160a3fd2a2e74dd690c57bdfdc1f069f9491bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c1227c8bed10591958c906321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b863af34bac64c247672a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677ec97c5c568a89d6e36b165c39132a0f27080ece2a94c360b002c77f82662675a7713c7067081cac1599a998c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc215a18ca0265400abf38e90000000000000000008faf2cddffbfa66bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942ce18e57bb7f337df5435bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de286553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c03f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c872a4882d21db2046a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265441d513a1294b8439276394945d94a589708e32a1cb30a8b07b391201385e0b92ecbb7b13d7a872841640"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000003c0)={'erspan0\x00', &(0x7f0000000340)={'syztnl1\x00', 0x0, 0x40, 0x7837, 0x1, 0x80000000, {{0xe, 0x4, 0x3, 0x3f, 0x38, 0x66, 0x0, 0x81, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}, @local, {[@timestamp_addr={0x44, 0x24, 0xd, 0x1, 0xf, [{@multicast2, 0xa}, {@private=0xa010101}, {@multicast2, 0x6}, {@loopback, 0xfffff801}]}]}}}}})
syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00')

818.19µs ago: executing program 3 (id=17325):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x3e}, 0x5}, 0x1c)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r2}, 0x18)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000001440)=ANY=[], 0xc0)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

0s ago: executing program 0 (id=17335):
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000380)={0x1, &(0x7f0000000300)=[{0x8, 0x4, 0x9}]})
wait4(0x0, 0x0, 0x0, 0x0)
wait4(0x0, 0x0, 0x40000000, 0x0)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000002800000028000000020000000100000000000001e5ff0000400000000000000001000084080000000000000001"], 0x0, 0x42, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1, 0x0, '\x00', 0x0, r1, 0x1, 0xffffffff, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000010001f85236ccc4ce75fa61b6d6978d0", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800e0001007769726567756172640000000400028008000a00b8"], 0x40}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0x6, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000340), 0x80a01)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x1, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r4, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x0, 'queue0\x00'})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r3}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffeb2, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r6}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet6(0x10, 0x2, 0x0)
syz_emit_ethernet(0x7e, &(0x7f0000001a40)={@random="0f539af21094", @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "1200b0", 0x48, 0x3a, 0x0, @empty, @mcast2, {[], @dest_unreach={0x3, 0x2, 0x0, 0x0, '\x00', {0x0, 0x6, "277382", 0x0, 0x2c, 0x0, @private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [@hopopts={0x2f, 0x1, '\x00', [@calipso={0x7, 0x8, {0x22ebffff, 0x0, 0xfc}}]}]}}}}}}}, 0x0)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x3)

kernel console output (not intermixed with test programs):

[T19780] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  813.937509][T20260] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  813.946716][T20260] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  813.962924][T20260] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.16550: Invalid block bitmap block 0 in block_group 0
[  813.976796][T20260] EXT4-fs error (device loop4): ext4_acquire_dquot:6879: comm syz.4.16550: Failed to acquire dquot type 0
[  813.995439][T19780] 8021q: adding VLAN 0 to HW filter on device bond0
[  814.010749][T19780] 8021q: adding VLAN 0 to HW filter on device team0
[  814.022716][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  814.029782][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  814.041057][T14054] bridge0: port 2(bridge_slave_1) entered blocking state
[  814.048124][T14054] bridge0: port 2(bridge_slave_1) entered forwarding state
[  814.134459][T19780] 8021q: adding VLAN 0 to HW filter on device batadv0
[  814.217954][T19780] veth0_vlan: entered promiscuous mode
[  814.227142][T19780] veth1_vlan: entered promiscuous mode
[  814.285665][T20306] IPv6: Can't replace route, no match found
[  814.297804][T19780] veth0_macvtap: entered promiscuous mode
[  814.305561][T19780] veth1_macvtap: entered promiscuous mode
[  814.317263][T19780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  814.322528][T20311] loop1: detected capacity change from 0 to 512
[  814.327706][T19780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  814.343892][T19780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  814.354397][T19780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  814.364277][T19780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  814.373152][T20311] ext4 filesystem being mounted at /608/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  814.374702][T19780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  814.386096][   T29] kauditd_printk_skb: 1908 callbacks suppressed
[  814.386147][   T29] audit: type=1326 audit(2000000350.378:200824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20310 comm="syz.1.16561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7fb41dc990 code=0x7ffc0000
[  814.395001][T19780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  814.401201][   T29] audit: type=1326 audit(2000000350.378:200825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20310 comm="syz.1.16561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7f7fb41dcd77 code=0x7ffc0000
[  814.424937][T19780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  814.435271][   T29] audit: type=1326 audit(2000000350.378:200826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20310 comm="syz.1.16561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7fb41dc990 code=0x7ffc0000
[  814.435295][   T29] audit: type=1326 audit(2000000350.378:200827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20310 comm="syz.1.16561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fb41ddff9 code=0x7ffc0000
[  814.458900][T19780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  814.468722][   T29] audit: type=1326 audit(2000000350.378:200828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20310 comm="syz.1.16561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fb41ddff9 code=0x7ffc0000
[  814.521612][   T29] audit: type=1326 audit(2000000350.508:200829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20310 comm="syz.1.16561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7f7fb41ddff9 code=0x7ffc0000
[  814.526740][T19780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  814.550433][   T29] audit: type=1326 audit(2000000350.508:200830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20310 comm="syz.1.16561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fb41ddff9 code=0x7ffc0000
[  814.550469][   T29] audit: type=1326 audit(2000000350.508:200831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20310 comm="syz.1.16561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fb41ddff9 code=0x7ffc0000
[  814.552225][   T29] audit: type=1326 audit(2000000350.538:200832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20310 comm="syz.1.16561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7fb41ddff9 code=0x7ffc0000
[  814.574187][T19780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  814.583972][   T29] audit: type=1326 audit(2000000350.538:200833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20310 comm="syz.1.16561" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fb41ddff9 code=0x7ffc0000
[  814.607655][T19780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  814.682409][T19780] batman_adv: batadv0: Interface activated: batadv_slave_0
[  814.714659][T19780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  814.725140][T19780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  814.728862][T20316] loop2: detected capacity change from 0 to 2048
[  814.734951][T19780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  814.751741][T19780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  814.761701][T19780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  814.772120][T19780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  814.781942][T19780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  814.792386][T19780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  814.802271][T19780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  814.812713][T19780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  814.822520][T19780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  814.833073][T19780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  814.843961][T19780] batman_adv: batadv0: Interface activated: batadv_slave_1
[  814.859302][T19780] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  814.868112][T19780] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  814.876885][T19780] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  814.885814][T19780] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  814.889122][T20316]  loop2: unable to read partition table
[  814.900434][T20316] loop2: partition table beyond EOD, truncated
[  814.906748][T20316] loop_reread_partitions: partition scan of loop2 () failed (rc=-5)
[  814.917515][   T11] EXT4-fs error (device loop4): ext4_release_dquot:6902: comm kworker/u8:0: Failed to release dquot type 0
[  814.956359][T20324] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=20324 comm=syz.4.16563
[  814.994827][T20328] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  815.003153][T20328] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  815.059022][T20346] IPv6: Can't replace route, no match found
[  815.103281][T20355] lo speed is unknown, defaulting to 1000
[  815.110239][T20360] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=0 sclass=netlink_audit_socket pid=20360 comm=syz.2.16574
[  815.146240][T20374] loop2: detected capacity change from 0 to 512
[  815.165529][T20374] ext4 filesystem being mounted at /90/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  815.318390][T20404] loop2: detected capacity change from 0 to 512
[  815.356331][T20404] ext4 filesystem being mounted at /93/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  815.517718][T20415] netlink: 'syz.0.16581': attribute type 29 has an invalid length.
[  815.564732][T20401] lo speed is unknown, defaulting to 1000
[  815.722779][T20401] chnl_net:caif_netlink_parms(): no params data found
[  815.751312][   T11] netdevsim netdevsim1 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  815.776758][T20529] lo speed is unknown, defaulting to 1000
[  815.851901][   T11] netdevsim netdevsim1 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  815.902398][   T11] netdevsim netdevsim1 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  815.935401][T20586] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=83 sclass=netlink_audit_socket pid=20586 comm=syz.3.16585
[  815.971052][T20401] bridge0: port 1(bridge_slave_0) entered blocking state
[  815.978256][T20401] bridge0: port 1(bridge_slave_0) entered disabled state
[  815.985598][T20401] bridge_slave_0: entered allmulticast mode
[  815.991959][T20401] bridge_slave_0: entered promiscuous mode
[  816.018738][   T11] netdevsim netdevsim1 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  816.034710][T20401] bridge0: port 2(bridge_slave_1) entered blocking state
[  816.041845][T20401] bridge0: port 2(bridge_slave_1) entered disabled state
[  816.056431][T20401] bridge_slave_1: entered allmulticast mode
[  816.065709][T20401] bridge_slave_1: entered promiscuous mode
[  816.095141][T20401] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  816.120731][T20401] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  816.138418][T20640] bpf_get_probe_write_proto: 17 callbacks suppressed
[  816.138432][T20640] syz.3.16591[20640] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  816.145797][T20640] syz.3.16591[20640] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  816.157471][T20640] syz.3.16591[20640] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  816.170181][T18248] EXT4-fs unmount: 15 callbacks suppressed
[  816.170205][T18248] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  816.200840][T20401] team0: Port device team_slave_0 added
[  816.207870][   T11] bridge0: port 3(team0) entered disabled state
[  816.223506][   T11] bridge_slave_1: left allmulticast mode
[  816.229198][   T11] bridge_slave_1: left promiscuous mode
[  816.234912][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  816.243661][   T11] bridge_slave_0: left allmulticast mode
[  816.249310][   T11] bridge_slave_0: left promiscuous mode
[  816.255039][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  816.294913][T15411] SELinux: failure in sel_netif_sid_slow(), invalid network interface (13)
[  816.316395][T20695] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=83 sclass=netlink_audit_socket pid=20695 comm=syz.2.16595
[  816.503944][T20401] team0: Port device team_slave_1 added
[  816.568726][T20692] lo speed is unknown, defaulting to 1000
[  816.575126][T20401] batman_adv: batadv0: Adding interface: batadv_slave_0
[  816.582101][T20401] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  816.608252][T20401] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  816.620664][T20401] batman_adv: batadv0: Adding interface: batadv_slave_1
[  816.627724][T20401] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  816.653841][T20401] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  816.790795][   T11] hsr_slave_0: left promiscuous mode
[  816.796623][   T11] hsr_slave_1: left promiscuous mode
[  816.985445][   T11] team_slave_1 (unregistering): left promiscuous mode
[  816.992381][   T11] team_slave_1 (unregistering): left allmulticast mode
[  817.000531][   T11] team0 (unregistering): Port device team_slave_1 removed
[  817.022592][   T11] team_slave_0 (unregistering): left promiscuous mode
[  817.029376][   T11] team_slave_0 (unregistering): left allmulticast mode
[  817.037108][   T11] team0 (unregistering): Port device team_slave_0 removed
[  817.216953][T20401] hsr_slave_0: entered promiscuous mode
[  817.224381][T20401] hsr_slave_1: entered promiscuous mode
[  817.230631][T20401] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  817.238317][T20401] Cannot create hsr debugfs directory
[  817.243853][T20794] netlink: 'syz.4.16602': attribute type 29 has an invalid length.
[  817.315171][T20823] Process accounting resumed
[  817.413827][T20868] netlink: 16186 bytes leftover after parsing attributes in process `syz.2.16606'.
[  817.485951][T20873] netlink: 4 bytes leftover after parsing attributes in process `syz.4.16609'.
[  817.506033][T20873] netlink: 4 bytes leftover after parsing attributes in process `syz.4.16609'.
[  817.534888][T20891] Process accounting resumed
[  817.845449][T20401] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  817.857491][T20401] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  817.869478][T20401] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  817.878612][T20401] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  817.894903][T20920] syz.3.16616[20920] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  817.895009][T20920] syz.3.16616[20920] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  817.906754][T20920] syz.3.16616[20920] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  817.932670][T20401] 8021q: adding VLAN 0 to HW filter on device bond0
[  817.959726][T20401] 8021q: adding VLAN 0 to HW filter on device team0
[  817.969353][  T157] bridge0: port 1(bridge_slave_0) entered blocking state
[  817.976455][  T157] bridge0: port 1(bridge_slave_0) entered forwarding state
[  817.987829][T14270] bridge0: port 2(bridge_slave_1) entered blocking state
[  817.995101][T14270] bridge0: port 2(bridge_slave_1) entered forwarding state
[  818.060196][T20401] 8021q: adding VLAN 0 to HW filter on device batadv0
[  818.121251][T20401] veth0_vlan: entered promiscuous mode
[  818.129378][T20401] veth1_vlan: entered promiscuous mode
[  818.147338][T20401] veth0_macvtap: entered promiscuous mode
[  818.154702][T20401] veth1_macvtap: entered promiscuous mode
[  818.165766][T20401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  818.176294][T20401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  818.186153][T20401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  818.196578][T20401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  818.206429][T20401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  818.216893][T20401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  818.226690][T20401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  818.237111][T20401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  818.246937][T20401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  818.257364][T20401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  818.267283][T20401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  818.277716][T20401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  818.287511][T20401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  818.297964][T20401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  818.310134][T20401] batman_adv: batadv0: Interface activated: batadv_slave_0
[  818.320846][T20401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  818.331373][T20401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  818.341180][T20401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  818.347348][T20944] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16630'.
[  818.351646][T20401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  818.362248][T20944] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16630'.
[  818.370380][T20401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  818.389775][T20401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  818.399679][T20401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  818.410180][T20401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  818.420039][T20401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  818.430447][T20401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  818.440250][T20401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  818.450653][T20401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  818.460493][T20401] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  818.471010][T20401] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  818.484292][T20401] batman_adv: batadv0: Interface activated: batadv_slave_1
[  818.492529][T20401] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  818.501224][T20401] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  818.509975][T20401] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  818.518686][T20401] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  818.539268][T20949] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  818.548150][T20949] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  818.557003][T20949] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  818.565881][T20949] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  818.575776][T20949] geneve2: entered promiscuous mode
[  818.580994][T20949] geneve2: entered allmulticast mode
[  818.633689][T20957] lo speed is unknown, defaulting to 1000
[  818.708834][T20984] loop1: detected capacity change from 0 to 128
[  818.750163][  T157] kworker/u8:5: attempt to access beyond end of device
[  818.750163][  T157] loop1: rw=1, sector=145, nr_sectors = 896 limit=128
[  818.803406][T20992] loop1: detected capacity change from 0 to 512
[  818.814355][T20992] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  818.827056][T20992] ext4 filesystem being mounted at /4/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  818.863786][T20401] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  818.881940][T20401] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  818.935372][T20999] syz.1.16627[20999] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  818.935500][T20999] syz.1.16627[20999] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  818.947760][T20999] syz.1.16627[20999] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  818.966595][T20999] loop1: detected capacity change from 0 to 164
[  818.985669][T20999] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  819.027582][T21005] loop1: detected capacity change from 0 to 128
[  819.076881][  T157] kworker/u8:5: attempt to access beyond end of device
[  819.076881][  T157] loop1: rw=1, sector=145, nr_sectors = 896 limit=128
[  819.126567][T21009] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  819.134846][T21009] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  819.173371][T21015] IPv6: Can't replace route, no match found
[  819.242208][T21021] loop1: detected capacity change from 0 to 2048
[  819.330156][T21021]  loop1: unable to read partition table
[  819.340646][T21027] syz.3.16640[21027] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  819.341707][T21021] loop1: partition table beyond EOD, truncated
[  819.359364][T21021] loop_reread_partitions: partition scan of loop1 () failed (rc=-5)
[  819.416498][   T29] kauditd_printk_skb: 1312 callbacks suppressed
[  819.416570][   T29] audit: type=1326 audit(2000000355.408:202145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21031 comm="syz.1.16641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa6da5dff9 code=0x7ffc0000
[  819.446679][   T29] audit: type=1326 audit(2000000355.408:202146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21031 comm="syz.1.16641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa6da5dff9 code=0x7ffc0000
[  819.490729][   T29] audit: type=1326 audit(2000000355.448:202147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21031 comm="syz.1.16641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffa6da5dff9 code=0x7ffc0000
[  819.514715][   T29] audit: type=1326 audit(2000000355.448:202148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21031 comm="syz.1.16641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa6da5dff9 code=0x7ffc0000
[  819.538516][   T29] audit: type=1326 audit(2000000355.448:202149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21031 comm="syz.1.16641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa6da5dff9 code=0x7ffc0000
[  819.562344][   T29] audit: type=1326 audit(2000000355.448:202150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21031 comm="syz.1.16641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffa6da5dff9 code=0x7ffc0000
[  819.586189][   T29] audit: type=1326 audit(2000000355.448:202151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21031 comm="syz.1.16641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa6da5dff9 code=0x7ffc0000
[  819.609967][   T29] audit: type=1326 audit(2000000355.448:202152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21031 comm="syz.1.16641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa6da5dff9 code=0x7ffc0000
[  819.633687][   T29] audit: type=1326 audit(2000000355.448:202153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21031 comm="syz.1.16641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffa6da5dff9 code=0x7ffc0000
[  819.657499][   T29] audit: type=1326 audit(2000000355.448:202154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21031 comm="syz.1.16641" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa6da5dff9 code=0x7ffc0000
[  819.717897][T21032] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  819.726294][T21032] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  819.733126][T21049] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16646'.
[  819.745118][T21049] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16646'.
[  819.808269][T21058] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  819.816513][T21058] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  819.819780][T21063] loop1: detected capacity change from 0 to 512
[  819.844206][T21063] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  819.856965][T21063] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  819.891568][T20401] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  819.910506][T20401] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  819.934099][T21076] loop1: detected capacity change from 0 to 512
[  819.944303][T21076] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  819.944382][T21064] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  819.944435][T21064] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  819.957677][T21076] ext4 filesystem being mounted at /15/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  819.965673][T21064] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  819.993645][T21064] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  820.002789][T21064] geneve2: entered promiscuous mode
[  820.008183][T21064] geneve2: entered allmulticast mode
[  820.334515][T21104] netlink: 'syz.4.16659': attribute type 29 has an invalid length.
[  820.473156][T21113] loop4: detected capacity change from 0 to 128
[  820.504727][  T157] kworker/u8:5: attempt to access beyond end of device
[  820.504727][  T157] loop4: rw=1, sector=145, nr_sectors = 896 limit=128
[  820.548659][T21119] loop4: detected capacity change from 0 to 2048
[  820.618579][T21119]  loop4: unable to read partition table
[  820.635318][T21119] loop4: partition table beyond EOD, truncated
[  820.641547][T21119] loop_reread_partitions: partition scan of loop4 () failed (rc=-5)
[  820.780942][T20401] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  820.826665][T21167] loop1: detected capacity change from 0 to 164
[  820.833909][T21167] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  820.881741][T21175] loop4: detected capacity change from 0 to 2048
[  820.902763][T21183] loop2: detected capacity change from 0 to 164
[  820.912102][T21183] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  820.993669][T21175]  loop4: unable to read partition table
[  821.005716][T21175] loop4: partition table beyond EOD, truncated
[  821.007012][T21198] loop1: detected capacity change from 0 to 512
[  821.011956][T21175] loop_reread_partitions: partition scan of loop4 () failed (rc=-5)
[  821.035917][T21198] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  821.046479][T21206] netlink: 16178 bytes leftover after parsing attributes in process `syz.2.16692'.
[  821.058043][T21198] ext4 filesystem being mounted at /22/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  821.082377][T21210] FAULT_INJECTION: forcing a failure.
[  821.082377][T21210] name failslab, interval 1, probability 0, space 0, times 0
[  821.095032][T21210] CPU: 0 UID: 0 PID: 21210 Comm: syz.4.16693 Tainted: G        W          6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0
[  821.107399][T21210] Tainted: [W]=WARN
[  821.111221][T21210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  821.121265][T21210] Call Trace:
[  821.124591][T21210]  <TASK>
[  821.127546][T21210]  dump_stack_lvl+0xf2/0x150
[  821.132213][T21210]  dump_stack+0x15/0x20
[  821.136437][T21210]  should_fail_ex+0x223/0x230
[  821.141234][T21210]  ? __alloc_skb+0x10b/0x310
[  821.145850][T21210]  should_failslab+0x8f/0xb0
[  821.150491][T21210]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  821.156372][T21210]  __alloc_skb+0x10b/0x310
[  821.160852][T21210]  audit_log_start+0x368/0x6b0
[  821.165615][T21210]  audit_seccomp+0x4b/0x130
[  821.170108][T21210]  __seccomp_filter+0x6fa/0x1180
[  821.175093][T21210]  ? proc_fail_nth_write+0x12a/0x150
[  821.180373][T21210]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  821.186002][T21210]  ? vfs_write+0x580/0x910
[  821.190479][T21210]  ? __fget_files+0x1d4/0x210
[  821.195198][T21210]  __secure_computing+0x9f/0x1c0
[  821.200205][T21210]  syscall_trace_enter+0xd1/0x1f0
[  821.205228][T21210]  ? fpregs_assert_state_consistent+0x83/0xa0
[  821.211320][T21210]  do_syscall_64+0xaa/0x1c0
[  821.215834][T21210]  ? clear_bhb_loop+0x55/0xb0
[  821.220613][T21210]  ? clear_bhb_loop+0x55/0xb0
[  821.225290][T21210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  821.231188][T21210] RIP: 0033:0x7f7fb59edff9
[  821.235645][T21210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  821.255269][T21210] RSP: 002b:00007f7fb4667038 EFLAGS: 00000246 ORIG_RAX: 000000000000001d
[  821.263830][T21210] RAX: ffffffffffffffda RBX: 00007f7fb5ba5f80 RCX: 00007f7fb59edff9
[  821.271993][T21210] RDX: 0000000000000800 RSI: 0000000000004000 RDI: 00000000798dd826
[  821.280028][T21210] RBP: 00007f7fb4667090 R08: 0000000000000000 R09: 0000000000000000
[  821.288100][T21210] R10: 0000000020ffa000 R11: 0000000000000246 R12: 0000000000000001
[  821.296063][T21210] R13: 0000000000000000 R14: 00007f7fb5ba5f80 R15: 00007fffb020bef8
[  821.304033][T21210]  </TASK>
[  821.337341][T21217] loop4: detected capacity change from 0 to 128
[  821.406325][   T11] kworker/u8:0: attempt to access beyond end of device
[  821.406325][   T11] loop4: rw=1, sector=145, nr_sectors = 896 limit=128
[  821.478921][T21238] loop4: detected capacity change from 0 to 512
[  821.510287][T21238] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  821.526919][T21238] ext4 filesystem being mounted at /228/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  821.566432][T15006] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  821.587316][T15006] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  821.629694][T21249] loop4: detected capacity change from 0 to 2048
[  821.694490][T21249]  loop4: unable to read partition table
[  821.700167][T21249] loop4: partition table beyond EOD, truncated
[  821.706430][T21249] loop_reread_partitions: partition scan of loop4 () failed (rc=-5)
[  821.730799][T21253] netlink: 16178 bytes leftover after parsing attributes in process `syz.4.16705'.
[  821.761476][T21257] netlink: 132 bytes leftover after parsing attributes in process `syz.4.16707'.
[  821.772632][T21257] netlink: 'syz.4.16707': attribute type 10 has an invalid length.
[  821.784114][T21257] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  821.839026][T21264] loop4: detected capacity change from 0 to 128
[  821.847207][T20401] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  821.875691][   T11] kworker/u8:0: attempt to access beyond end of device
[  821.875691][   T11] loop4: rw=1, sector=145, nr_sectors = 896 limit=128
[  821.894847][T21272] loop1: detected capacity change from 0 to 128
[  821.936023][  T157] kworker/u8:5: attempt to access beyond end of device
[  821.936023][  T157] loop1: rw=1, sector=145, nr_sectors = 896 limit=128
[  821.961200][T21284] pim6reg1: entered promiscuous mode
[  821.966662][T21284] pim6reg1: entered allmulticast mode
[  822.303968][T21306] lo speed is unknown, defaulting to 1000
[  822.437119][T21342] Process accounting resumed
[  822.474239][T21341] bpf_get_probe_write_proto: 5 callbacks suppressed
[  822.474254][T21341] syz.0.16726[21341] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  822.480980][T21341] syz.0.16726[21341] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  822.494266][T21341] syz.0.16726[21341] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  822.528897][T21345] __nla_validate_parse: 3 callbacks suppressed
[  822.528910][T21345] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.16728'.
[  823.104407][T21381] loop4: detected capacity change from 0 to 512
[  823.123818][T21381] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  823.124637][T21379] syz.2.16739[21379] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  823.136522][T21379] syz.2.16739[21379] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  823.148159][T21379] syz.2.16739[21379] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  823.154804][T21381] ext4 filesystem being mounted at /240/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  823.209918][T21379] loop2: detected capacity change from 0 to 164
[  823.217688][T21379] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  823.255663][T15006] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  823.282937][T15006] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  823.312652][T21405] netlink: 4 bytes leftover after parsing attributes in process `syz.2.16748'.
[  823.322827][T21405] netlink: 4 bytes leftover after parsing attributes in process `syz.2.16748'.
[  823.578414][T21423] lo speed is unknown, defaulting to 1000
[  823.602428][T21438] program syz.0.16753 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  823.736802][T21457] syz.0.16756[21457] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  823.736879][T21457] syz.0.16756[21457] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  823.754570][T21457] syz.0.16756[21457] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  824.133924][T21486] Process accounting resumed
[  824.218106][T21491] syz.3.16771[21491] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  824.368640][T21528] netlink: 4 bytes leftover after parsing attributes in process `syz.1.16781'.
[  824.374059][T21530] loop2: detected capacity change from 0 to 128
[  824.397939][T21528] netlink: 4 bytes leftover after parsing attributes in process `syz.1.16781'.
[  824.410763][T21530] Process accounting resumed
[  824.423446][   T29] kauditd_printk_skb: 1936 callbacks suppressed
[  824.423457][   T29] audit: type=1326 audit(2000000360.418:204089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21529 comm="syz.2.16782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12156dff9 code=0x7ffc0000
[  824.453890][   T29] audit: type=1326 audit(2000000360.448:204090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21529 comm="syz.2.16782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa12156dff9 code=0x7ffc0000
[  824.477761][   T29] audit: type=1326 audit(2000000360.448:204091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21529 comm="syz.2.16782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12156dff9 code=0x7ffc0000
[  824.501602][   T29] audit: type=1326 audit(2000000360.448:204092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21529 comm="syz.2.16782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12156dff9 code=0x7ffc0000
[  824.525381][   T29] audit: type=1326 audit(2000000360.448:204093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21527 comm="syz.1.16781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7ffa6da54fa7 code=0x7ffc0000
[  824.549357][   T29] audit: type=1326 audit(2000000360.448:204094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21527 comm="syz.1.16781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7ffa6d9f9959 code=0x7ffc0000
[  824.573088][   T29] audit: type=1326 audit(2000000360.448:204095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21527 comm="syz.1.16781" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7ffa6da5dff9 code=0x7ffc0000
[  824.596939][   T29] audit: type=1326 audit(2000000360.448:204096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21529 comm="syz.2.16782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa12156dff9 code=0x7ffc0000
[  824.620724][   T29] audit: type=1326 audit(2000000360.448:204097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21529 comm="syz.2.16782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12156dff9 code=0x7ffc0000
[  824.644489][   T29] audit: type=1326 audit(2000000360.448:204098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21529 comm="syz.2.16782" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa12156dff9 code=0x7ffc0000
[  824.739770][T21547] bond1: entered promiscuous mode
[  824.744930][T21547] bond1: entered allmulticast mode
[  824.750401][T21547] 8021q: adding VLAN 0 to HW filter on device bond1
[  824.766912][T21547] bond1 (unregistering): Released all slaves
[  824.784732][T21550] netlink: 'syz.2.16785': attribute type 1 has an invalid length.
[  824.792581][T21550] netlink: 'syz.2.16785': attribute type 2 has an invalid length.
[  824.819920][T21617] loop4: detected capacity change from 0 to 164
[  824.828323][T21617] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  824.839408][T21622] netlink: 92 bytes leftover after parsing attributes in process `syz.2.16787'.
[  824.963456][T21629] loop4: detected capacity change from 0 to 164
[  824.972596][T21629] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  824.997475][T21640] Process accounting resumed
[  825.017819][T21637] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16790'.
[  825.084668][T21656] netlink: 224 bytes leftover after parsing attributes in process `syz.4.16796'.
[  825.106600][T21651] loop4: detected capacity change from 0 to 1024
[  825.115372][T21651] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  825.127253][T21651] EXT4-fs error (device loop4): ext4_ext_check_inode:524: inode #11: comm syz.4.16796: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  825.147994][T21651] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.16796: couldn't read orphan inode 11 (err -117)
[  825.160650][T21651] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  825.176024][T21651] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  825.190274][T21651] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  825.199292][T21651] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.16796: Invalid block bitmap block 0 in block_group 0
[  825.213456][T21651] EXT4-fs error (device loop4): ext4_acquire_dquot:6879: comm syz.4.16796: Failed to acquire dquot type 0
[  825.268340][T21671] loop1: detected capacity change from 0 to 164
[  825.275434][T21671] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  825.358484][T21684] loop1: detected capacity change from 0 to 2048
[  825.427266][T21684]  loop1: unable to read partition table
[  825.433098][T21684] loop1: partition table beyond EOD, truncated
[  825.439382][T21684] loop_reread_partitions: partition scan of loop1 () failed (rc=-5)
[  825.478250][T21691] loop1: detected capacity change from 0 to 128
[  825.508263][T14054] kworker/u8:15: attempt to access beyond end of device
[  825.508263][T14054] loop1: rw=1, sector=145, nr_sectors = 896 limit=128
[  825.560659][T21697] loop1: detected capacity change from 0 to 512
[  825.573591][T21697] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  825.586178][T21697] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  825.796899][T21707] loop2: detected capacity change from 0 to 164
[  825.803949][T21707] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  825.922618][T15006] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  825.941410][T14270] EXT4-fs error (device loop4): ext4_release_dquot:6902: comm kworker/u8:18: Failed to release dquot type 0
[  825.969801][T21729] FAULT_INJECTION: forcing a failure.
[  825.969801][T21729] name failslab, interval 1, probability 0, space 0, times 0
[  825.982763][T21729] CPU: 0 UID: 0 PID: 21729 Comm: +}[@ Tainted: G        W          6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0
[  825.994505][T21729] Tainted: [W]=WARN
[  825.998333][T21729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  826.008365][T21729] Call Trace:
[  826.011689][T21729]  <TASK>
[  826.014634][T21729]  dump_stack_lvl+0xf2/0x150
[  826.019305][T21729]  dump_stack+0x15/0x20
[  826.023483][T21729]  should_fail_ex+0x223/0x230
[  826.028147][T21729]  ? perf_event_alloc+0x154/0x1750
[  826.033280][T21729]  should_failslab+0x8f/0xb0
[  826.037853][T21729]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  826.043664][T21729]  perf_event_alloc+0x154/0x1750
[  826.048648][T21729]  __se_sys_perf_event_open+0x5e8/0x21f0
[  826.054296][T21729]  ? proc_fail_nth_write+0x12a/0x150
[  826.059605][T21729]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  826.065325][T21729]  ? __fget_files+0x1d4/0x210
[  826.070062][T21729]  __x64_sys_perf_event_open+0x67/0x80
[  826.075536][T21729]  x64_sys_call+0x18d7/0x2d60
[  826.080202][T21729]  do_syscall_64+0xc9/0x1c0
[  826.084716][T21729]  ? clear_bhb_loop+0x55/0xb0
[  826.089379][T21729]  ? clear_bhb_loop+0x55/0xb0
[  826.094092][T21729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  826.099975][T21729] RIP: 0033:0x7f7fb59edff9
[  826.104367][T21729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  826.124058][T21729] RSP: 002b:00007f7fb4667038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  826.132451][T21729] RAX: ffffffffffffffda RBX: 00007f7fb5ba5f80 RCX: 00007f7fb59edff9
[  826.140457][T21729] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000000
[  826.148412][T21729] RBP: 00007f7fb4667090 R08: 000000000000000d R09: 0000000000000000
[  826.156376][T21729] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  826.164336][T21729] R13: 0000000000000000 R14: 00007f7fb5ba5f80 R15: 00007fffb020bef8
[  826.172314][T21729]  </TASK>
[  826.217142][T21733] loop4: detected capacity change from 0 to 2048
[  826.257988][T21739] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.16819'.
[  826.310611][T21733]  loop4: unable to read partition table
[  826.316876][T21733] loop4: partition table beyond EOD, truncated
[  826.323093][T21733] loop_reread_partitions: partition scan of loop4 () failed (rc=-5)
[  826.348552][T21745] loop2: detected capacity change from 0 to 164
[  826.363828][T21745] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  826.421904][T20401] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  826.507780][T21766] lo speed is unknown, defaulting to 1000
[  826.514698][T21773] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.16831'.
[  826.561942][T21777] FAULT_INJECTION: forcing a failure.
[  826.561942][T21777] name failslab, interval 1, probability 0, space 0, times 0
[  826.574602][T21777] CPU: 1 UID: 0 PID: 21777 Comm: syz.1.16827 Tainted: G        W          6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0
[  826.586935][T21777] Tainted: [W]=WARN
[  826.590733][T21777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  826.600882][T21777] Call Trace:
[  826.604152][T21777]  <TASK>
[  826.607081][T21777]  dump_stack_lvl+0xf2/0x150
[  826.611675][T21777]  dump_stack+0x15/0x20
[  826.615822][T21777]  should_fail_ex+0x223/0x230
[  826.620503][T21777]  ? __alloc_skb+0x10b/0x310
[  826.625179][T21777]  should_failslab+0x8f/0xb0
[  826.629842][T21777]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  826.635663][T21777]  __alloc_skb+0x10b/0x310
[  826.640133][T21777]  audit_log_start+0x368/0x6b0
[  826.644959][T21777]  audit_seccomp+0x4b/0x130
[  826.649463][T21777]  __seccomp_filter+0x6fa/0x1180
[  826.654429][T21777]  ? proc_fail_nth_write+0x12a/0x150
[  826.659718][T21777]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  826.665352][T21777]  ? vfs_write+0x580/0x910
[  826.669854][T21777]  __secure_computing+0x9f/0x1c0
[  826.674887][T21777]  syscall_trace_enter+0xd1/0x1f0
[  826.679929][T21777]  do_syscall_64+0xaa/0x1c0
[  826.684482][T21777]  ? clear_bhb_loop+0x55/0xb0
[  826.689172][T21777]  ? clear_bhb_loop+0x55/0xb0
[  826.693891][T21777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  826.699845][T21777] RIP: 0033:0x7ffa6da5dff9
[  826.704258][T21777] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  826.723869][T21777] RSP: 002b:00007ffa6c6b0038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  826.732303][T21777] RAX: ffffffffffffffda RBX: 00007ffa6dc16058 RCX: 00007ffa6da5dff9
[  826.740264][T21777] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000000020001000
[  826.748227][T21777] RBP: 00007ffa6c6b0090 R08: 0000000000000000 R09: 0000000000000002
[  826.756202][T21777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  826.764169][T21777] R13: 0000000000000000 R14: 00007ffa6dc16058 R15: 00007ffe0b2bc6a8
[  826.772176][T21777]  </TASK>
[  826.863088][T21804] lo speed is unknown, defaulting to 1000
[  826.873069][T21809] loop1: detected capacity change from 0 to 164
[  826.885208][T21809] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  826.921453][T21836] loop1: detected capacity change from 0 to 512
[  826.934389][T21836] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  826.955474][T21836] ext4 filesystem being mounted at /45/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  827.095619][T21859] loop4: detected capacity change from 0 to 164
[  827.109402][T21859] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  827.215793][T21870] loop4: detected capacity change from 0 to 2048
[  827.255805][T21873] lo speed is unknown, defaulting to 1000
[  827.302080][T21881] lo speed is unknown, defaulting to 1000
[  827.352150][T21870]  loop4: unable to read partition table
[  827.364657][T21870] loop4: partition table beyond EOD, truncated
[  827.370893][T21870] loop_reread_partitions: partition scan of loop4 () failed (rc=-5)
[  827.473984][T21939] loop4: detected capacity change from 0 to 128
[  827.525202][   T11] kworker/u8:0: attempt to access beyond end of device
[  827.525202][   T11] loop4: rw=1, sector=145, nr_sectors = 896 limit=128
[  827.579132][T21941] bpf_get_probe_write_proto: 35 callbacks suppressed
[  827.579184][T21941] syz.3.16858[21941] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  827.594382][T21941] syz.3.16858[21941] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  827.624427][T21941] syz.3.16858[21941] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  827.723801][T21956] __nla_validate_parse: 3 callbacks suppressed
[  827.723813][T21956] netlink: 40 bytes leftover after parsing attributes in process `syz.3.16864'.
[  827.779998][T20401] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  827.823285][T21967] loop1: detected capacity change from 0 to 512
[  827.846776][T21967] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  827.871952][T21967] ext4 filesystem being mounted at /46/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  827.923427][T21973] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.16867'.
[  827.959292][T20401] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  828.007208][T20401] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  828.124658][T21989] netlink: 224 bytes leftover after parsing attributes in process `syz.1.16872'.
[  828.142652][T21985] loop1: detected capacity change from 0 to 1024
[  828.149478][T21985] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  828.160293][T21990] netlink: 224 bytes leftover after parsing attributes in process `syz.0.16873'.
[  828.162256][T21985] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #11: comm syz.1.16872: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  828.186362][T21987] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  828.196960][T21985] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.16872: couldn't read orphan inode 11 (err -117)
[  828.210065][T21985] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  828.228699][T21985] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  828.234408][T21987] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  828.245008][T21985] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  828.254114][T21985] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.16872: Invalid block bitmap block 0 in block_group 0
[  828.268998][T21985] EXT4-fs error (device loop1): ext4_acquire_dquot:6879: comm syz.1.16872: Failed to acquire dquot type 0
[  828.270868][T21994] syz.3.16874[21994] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  828.280713][T21994] syz.3.16874[21994] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  828.292725][T21994] syz.3.16874[21994] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  828.413023][T22007] loop2: detected capacity change from 0 to 512
[  828.431227][T22007] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  828.443354][T22007] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  828.458163][T22007] EXT4-fs (loop2): 1 truncate cleaned up
[  828.464268][T22007] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  828.489743][T18248] EXT4-fs error (device loop2): ext4_inlinedir_to_tree:1404: inode #12: block 7: comm syz-executor: path /144/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0
[  828.508484][T22011] loop4: detected capacity change from 0 to 512
[  828.514406][T18248] EXT4-fs error (device loop2): empty_inline_dir:1850: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0
[  828.539095][T18248] EXT4-fs warning (device loop2): empty_inline_dir:1857: bad inline directory (dir #12) - inode 2147483648, rec_len 0, name_len 0inline size 60
[  828.554740][T18248] EXT4-fs error (device loop2): ext4_inlinedir_to_tree:1404: inode #12: block 7: comm syz-executor: path /144/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0
[  828.577486][T18248] EXT4-fs error (device loop2): empty_inline_dir:1850: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0
[  828.580187][T22011] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  828.599386][T18248] EXT4-fs warning (device loop2): empty_inline_dir:1857: bad inline directory (dir #12) - inode 2147483648, rec_len 0, name_len 0inline size 60
[  828.610154][T22011] ext4 filesystem being mounted at /265/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  828.626521][T18248] EXT4-fs error (device loop2): ext4_inlinedir_to_tree:1404: inode #12: block 7: comm syz-executor: path /144/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0
[  828.659270][T18248] EXT4-fs error (device loop2): empty_inline_dir:1850: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0
[  828.679545][T18248] EXT4-fs warning (device loop2): empty_inline_dir:1857: bad inline directory (dir #12) - inode 2147483648, rec_len 0, name_len 0inline size 60
[  828.692229][T15006] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  828.694295][T18248] EXT4-fs error (device loop2): ext4_inlinedir_to_tree:1404: inode #12: block 7: comm syz-executor: path /144/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0
[  828.731700][T18248] EXT4-fs error (device loop2): empty_inline_dir:1850: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0
[  828.751899][T18248] EXT4-fs warning (device loop2): empty_inline_dir:1857: bad inline directory (dir #12) - inode 2147483648, rec_len 0, name_len 0inline size 60
[  828.752676][T15006] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  828.767663][T18248] EXT4-fs error (device loop2): ext4_inlinedir_to_tree:1404: inode #12: block 7: comm syz-executor: path /144/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0
[  828.799090][T18248] EXT4-fs error (device loop2): empty_inline_dir:1850: inode #12: block 7: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0
[  828.819388][T18248] EXT4-fs warning (device loop2): empty_inline_dir:1857: bad inline directory (dir #12) - inode 2147483648, rec_len 0, name_len 0inline size 60
[  828.827860][T22017] netlink: 16186 bytes leftover after parsing attributes in process `syz.4.16880'.
[  828.835687][T18248] EXT4-fs warning (device loop2): empty_inline_dir:1857: bad inline directory (dir #12) - inode 2147483648, rec_len 0, name_len 0inline size 60
[  828.859974][T18248] EXT4-fs warning (device loop2): empty_inline_dir:1857: bad inline directory (dir #12) - inode 2147483648, rec_len 0, name_len 0inline size 60
[  828.877106][T18248] EXT4-fs warning (device loop2): empty_inline_dir:1857: bad inline directory (dir #12) - inode 2147483648, rec_len 0, name_len 0inline size 60
[  828.892953][T18248] EXT4-fs warning (device loop2): empty_inline_dir:1857: bad inline directory (dir #12) - inode 2147483648, rec_len 0, name_len 0inline size 60
[  828.908082][T18248] EXT4-fs warning (device loop2): empty_inline_dir:1857: bad inline directory (dir #12) - inode 2147483648, rec_len 0, name_len 0inline size 60
[  828.917107][T22020] lo speed is unknown, defaulting to 1000
[  829.073913][T22051] Process accounting resumed
[  829.116723][T20401] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  829.131529][T14854] EXT4-fs error (device loop1): ext4_release_dquot:6902: comm kworker/u8:22: Failed to release dquot type 0
[  829.152699][T18248] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  829.209324][T14054] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  829.219691][T14054] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  829.281870][T14054] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  829.292221][T14054] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  829.309434][T22059] syz.0.16886[22059] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  829.309487][T22059] syz.0.16886[22059] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  829.321246][T22065] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.16891'.
[  829.350353][T22066] syz.1.16890[22066] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  829.350445][T22066] syz.1.16890[22066] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  829.380893][T14054] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  829.402707][T14054] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  829.419061][T22066] loop1: detected capacity change from 0 to 164
[  829.430188][T22076] FAULT_INJECTION: forcing a failure.
[  829.430188][T22076] name failslab, interval 1, probability 0, space 0, times 0
[  829.442969][T22076] CPU: 1 UID: 0 PID: 22076 Comm: syz.0.16893 Tainted: G        W          6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0
[  829.443153][   T29] kauditd_printk_skb: 1257 callbacks suppressed
[  829.443165][   T29] audit: type=1326 audit(2000000365.418:205348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22073 comm="syz.3.16892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1afedff9 code=0x7ffc0000
[  829.455357][T22076] Tainted: [W]=WARN
[  829.455364][T22076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  829.455376][T22076] Call Trace:
[  829.455382][T22076]  <TASK>
[  829.461600][   T29] audit: type=1326 audit(2000000365.418:205349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22073 comm="syz.3.16892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1afedff9 code=0x7ffc0000
[  829.485264][T22076]  dump_stack_lvl+0xf2/0x150
[  829.490825][   T29] audit: type=1326 audit(2000000365.438:205350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22073 comm="syz.3.16892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=25 compat=0 ip=0x7f8f1afedff9 code=0x7ffc0000
[  829.499106][T22076]  dump_stack+0x15/0x20
[  829.499128][T22076]  should_fail_ex+0x223/0x230
[  829.502401][   T29] audit: type=1326 audit(2000000365.438:205351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22073 comm="syz.3.16892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1afedff9 code=0x7ffc0000
[  829.505300][T22076]  ? ipv6_flowlabel_opt+0x702/0x11e0
[  829.529033][   T29] audit: type=1326 audit(2000000365.438:205352): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22073 comm="syz.3.16892" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1afedff9 code=0x7ffc0000
[  829.533514][T22076]  should_failslab+0x8f/0xb0
[  829.561225][T22076]  __kmalloc_cache_noprof+0x4b/0x2a0
[  829.628694][T22076]  ipv6_flowlabel_opt+0x702/0x11e0
[  829.633868][T22076]  ? mntput_no_expire+0x70/0x3c0
[  829.638802][T22076]  ? common_interrupt+0x13/0x90
[  829.643648][T22076]  ? _raw_spin_unlock_bh+0x36/0x40
[  829.648751][T22076]  ? lock_sock_nested+0x10f/0x140
[  829.653768][T22076]  ? lock_sock_nested+0xb/0x140
[  829.658759][T22076]  do_ipv6_setsockopt+0xc33/0x2250
[  829.663866][T22076]  ? __rcu_read_unlock+0x4e/0x70
[  829.668840][T22076]  ? avc_has_perm_noaudit+0x1cc/0x210
[  829.674214][T22076]  ? selinux_netlbl_socket_setsockopt+0xe5/0x2d0
[  829.680623][T22076]  ipv6_setsockopt+0x57/0x130
[  829.685293][T22076]  udpv6_setsockopt+0x95/0xb0
[  829.689969][T22076]  sock_common_setsockopt+0x64/0x80
[  829.695168][T22076]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  829.701133][T22076]  __sys_setsockopt+0x1cc/0x240
[  829.705984][T22076]  __x64_sys_setsockopt+0x66/0x80
[  829.711005][T22076]  x64_sys_call+0x278d/0x2d60
[  829.715753][T22076]  do_syscall_64+0xc9/0x1c0
[  829.720243][T22076]  ? clear_bhb_loop+0x55/0xb0
[  829.724980][T22076]  ? clear_bhb_loop+0x55/0xb0
[  829.729712][T22076]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  829.735661][T22076] RIP: 0033:0x7fe26caddff9
[  829.740063][T22076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  829.759662][T22076] RSP: 002b:00007fe26b757038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  829.768121][T22076] RAX: ffffffffffffffda RBX: 00007fe26cc95f80 RCX: 00007fe26caddff9
[  829.776103][T22076] RDX: 0000000000000020 RSI: 0000000000000029 RDI: 0000000000000003
[  829.784063][T22076] RBP: 00007fe26b757090 R08: 0000000000000021 R09: 0000000000000000
[  829.792042][T22076] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001
[  829.800002][T22076] R13: 0000000000000000 R14: 00007fe26cc95f80 R15: 00007ffe25440588
[  829.807976][T22076]  </TASK>
[  829.814794][T22066] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  829.847202][T22084] loop1: detected capacity change from 0 to 128
[  829.858058][   T29] audit: type=1400 audit(2000000365.848:205353): avc:  denied  { bind } for  pid=22083 comm="syz.1.16895" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  829.887386][   T29] audit: type=1326 audit(2000000365.868:205354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22090 comm="syz.3.16898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1afedff9 code=0x7ffc0000
[  829.890808][T14054] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  829.911238][   T29] audit: type=1326 audit(2000000365.868:205355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22090 comm="syz.3.16898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1afedff9 code=0x7ffc0000
[  829.921452][T14054] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  829.945166][   T29] audit: type=1326 audit(2000000365.868:205356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22090 comm="syz.3.16898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f1afedff9 code=0x7ffc0000
[  829.963261][T22094] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16898'.
[  829.979229][   T29] audit: type=1326 audit(2000000365.868:205357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22090 comm="syz.3.16898" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1afedff9 code=0x7ffc0000
[  829.988614][T22096] netlink: 224 bytes leftover after parsing attributes in process `syz.0.16896'.
[  830.033659][T22089] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  830.036286][T22091] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16898'.
[  830.051139][T22089] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  830.083092][T22068] lo speed is unknown, defaulting to 1000
[  830.088516][T22105] loop1: detected capacity change from 0 to 2048
[  830.103325][T22109] loop4: detected capacity change from 0 to 512
[  830.127400][T14054] bridge_slave_1: left allmulticast mode
[  830.133080][T14054] bridge_slave_1: left promiscuous mode
[  830.138832][T14054] bridge0: port 2(bridge_slave_1) entered disabled state
[  830.147088][T14054] bridge_slave_0: left allmulticast mode
[  830.147717][T22109] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  830.152738][T14054] bridge_slave_0: left promiscuous mode
[  830.152853][T14054] bridge0: port 1(bridge_slave_0) entered disabled state
[  830.174449][T22109] ext4 filesystem being mounted at /269/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  830.181167][T22105]  loop1: unable to read partition table
[  830.194449][T22105] loop1: partition table beyond EOD, truncated
[  830.200610][T22105] loop_reread_partitions: partition scan of loop1 () failed (rc=-5)
[  830.356818][T14054] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  830.367558][T14054] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  830.377542][T14054] bond0 (unregistering): Released all slaves
[  830.387635][T22150] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.16903'.
[  830.430054][T22068] chnl_net:caif_netlink_parms(): no params data found
[  830.448719][T14054] tipc: Left network mode
[  830.468822][T14054] hsr_slave_0: left promiscuous mode
[  830.474575][T14054] hsr_slave_1: left promiscuous mode
[  830.480475][T14054] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  830.487889][T14054] batman_adv: batadv0: Removing interface: batadv_slave_0
[  830.495474][T14054] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  830.502945][T14054] batman_adv: batadv0: Removing interface: batadv_slave_1
[  830.512350][T14054] veth1_macvtap: left promiscuous mode
[  830.517860][T14054] veth0_macvtap: left promiscuous mode
[  830.523472][T14054] veth1_vlan: left promiscuous mode
[  830.528657][T14054] veth0_vlan: left promiscuous mode
[  830.691173][T14054] team0 (unregistering): Port device team_slave_1 removed
[  830.710165][T14054] team0 (unregistering): Port device team_slave_0 removed
[  830.882017][T22298] Process accounting resumed
[  830.883110][T22068] bridge0: port 1(bridge_slave_0) entered blocking state
[  830.893839][T22068] bridge0: port 1(bridge_slave_0) entered disabled state
[  830.904714][T22068] bridge_slave_0: entered allmulticast mode
[  830.912150][T22068] bridge_slave_0: entered promiscuous mode
[  830.929236][T22068] bridge0: port 2(bridge_slave_1) entered blocking state
[  830.936385][T22068] bridge0: port 2(bridge_slave_1) entered disabled state
[  830.949075][T22068] bridge_slave_1: entered allmulticast mode
[  830.956581][T15006] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  830.967589][T22068] bridge_slave_1: entered promiscuous mode
[  831.000627][T22068] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  831.011683][T22068] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  831.050409][T22068] team0: Port device team_slave_0 added
[  831.057930][T22068] team0: Port device team_slave_1 added
[  831.077569][T22068] batman_adv: batadv0: Adding interface: batadv_slave_0
[  831.084572][T22068] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  831.111064][T22068] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  831.124017][T22068] batman_adv: batadv0: Adding interface: batadv_slave_1
[  831.129194][T22388] loop4: detected capacity change from 0 to 1024
[  831.130960][T22068] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  831.148014][T22388] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  831.163282][T22068] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  831.196205][T22388] EXT4-fs error (device loop4): ext4_ext_check_inode:524: inode #11: comm syz.4.16916: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  831.219728][T22388] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.16916: couldn't read orphan inode 11 (err -117)
[  831.233424][T22388] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  831.259456][T22355] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  831.270109][T22355] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  831.280971][T22355] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.16916: Invalid block bitmap block 0 in block_group 0
[  831.296433][T22355] EXT4-fs error (device loop4): ext4_acquire_dquot:6879: comm syz.4.16916: Failed to acquire dquot type 0
[  831.310395][T22068] hsr_slave_0: entered promiscuous mode
[  831.316782][T22068] hsr_slave_1: entered promiscuous mode
[  831.342487][T22425] loop1: detected capacity change from 0 to 164
[  831.350103][T22425] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  831.434075][T22497] loop1: detected capacity change from 0 to 512
[  831.475401][T22497] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  831.491652][T22497] ext4 filesystem being mounted at /60/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  831.508159][T22507] Process accounting resumed
[  831.777904][T22068] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  831.787971][T22068] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  831.797776][T22068] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  831.806250][T22068] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  831.841937][T22068] 8021q: adding VLAN 0 to HW filter on device bond0
[  831.855456][T22068] 8021q: adding VLAN 0 to HW filter on device team0
[  831.865008][T14054] bridge0: port 1(bridge_slave_0) entered blocking state
[  831.872090][T14054] bridge0: port 1(bridge_slave_0) entered forwarding state
[  831.883518][T14270] bridge0: port 2(bridge_slave_1) entered blocking state
[  831.890607][T14270] bridge0: port 2(bridge_slave_1) entered forwarding state
[  831.946007][T22068] 8021q: adding VLAN 0 to HW filter on device batadv0
[  832.022912][T15006] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  832.025826][T22068] veth0_vlan: entered promiscuous mode
[  832.032422][T14054] EXT4-fs error (device loop4): ext4_release_dquot:6902: comm kworker/u8:15: Failed to release dquot type 0
[  832.041643][T22068] veth1_vlan: entered promiscuous mode
[  832.065155][T22068] veth0_macvtap: entered promiscuous mode
[  832.076071][T22068] veth1_macvtap: entered promiscuous mode
[  832.089175][T22068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  832.099672][T22068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  832.109540][T22068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  832.120018][T22068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  832.129840][T22068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  832.130620][T22570] FAULT_INJECTION: forcing a failure.
[  832.130620][T22570] name failslab, interval 1, probability 0, space 0, times 0
[  832.140433][T22068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  832.152824][T22570] CPU: 0 UID: 0 PID: 22570 Comm: syz.4.16933 Tainted: G        W          6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0
[  832.152857][T22570] Tainted: [W]=WARN
[  832.152863][T22570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  832.152874][T22570] Call Trace:
[  832.152880][T22570]  <TASK>
[  832.152886][T22570]  dump_stack_lvl+0xf2/0x150
[  832.152914][T22570]  dump_stack+0x15/0x20
[  832.152979][T22570]  should_fail_ex+0x223/0x230
[  832.162953][T22068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  832.175173][T22570]  ? __inet_hash_connect+0x5f5/0x1170
[  832.175199][T22570]  should_failslab+0x8f/0xb0
[  832.179100][T22068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  832.189051][T22570]  kmem_cache_alloc_noprof+0x4c/0x290
[  832.189082][T22570]  ? __inet_hash_connect+0x1109/0x1170
[  832.192438][T22068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  832.195276][T22570]  __inet_hash_connect+0x5f5/0x1170
[  832.199836][T22068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  832.199850][T22068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  832.199864][T22068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  832.203991][T22570]  ? __pfx___inet6_check_established+0x10/0x10
[  832.208666][T22068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  832.219038][T22570]  ? secure_ipv6_port_ephemeral+0xa4/0x130
[  832.219069][T22570]  inet6_hash_connect+0x72/0x80
[  832.219108][T22570]  dccp_v6_connect+0x6d4/0x8a0
[  832.224547][T22068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  832.229020][T22570]  __inet_stream_connect+0x162/0x790
[  832.243957][T22068] batman_adv: batadv0: Interface activated: batadv_slave_0
[  832.244131][T22570]  ? _raw_spin_unlock_bh+0x36/0x40
[  832.253068][T22068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  832.259959][T22570]  ? release_sock+0x117/0x150
[  832.265186][T22068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  832.274912][T22570]  ? _raw_spin_unlock_bh+0x36/0x40
[  832.285354][T22068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  832.295158][T22570]  ? lock_sock_nested+0x10f/0x140
[  832.295183][T22570]  ? selinux_netlbl_socket_connect+0x113/0x130
[  832.295215][T22570]  inet_stream_connect+0x48/0x70
[  832.301438][T22068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  832.311746][T22570]  ? __pfx_inet_stream_connect+0x10/0x10
[  832.311771][T22570]  __sys_connect+0x19d/0x1b0
[  832.317560][T22068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  832.322384][T22570]  __x64_sys_connect+0x41/0x50
[  832.327131][T22068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  832.336918][T22570]  x64_sys_call+0x2220/0x2d60
[  832.342231][T22068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  832.349368][T22570]  do_syscall_64+0xc9/0x1c0
[  832.354502][T22068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  832.364820][T22570]  ? clear_bhb_loop+0x55/0xb0
[  832.369497][T22068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  832.369509][T22068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  832.369520][T22068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  832.379289][T22570]  ? clear_bhb_loop+0x55/0xb0
[  832.379320][T22570]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  832.384716][T22068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  832.394815][T22570] RIP: 0033:0x7f7fb59edff9
[  832.394833][T22570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  832.394929][T22570] RSP: 002b:00007f7fb4667038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  832.394948][T22570] RAX: ffffffffffffffda RBX: 00007f7fb5ba5f80 RCX: 00007f7fb59edff9
[  832.395048][T22570] RDX: 000000000000001c RSI: 0000000020000000 RDI: 0000000000000007
[  832.395061][T22570] RBP: 00007f7fb4667090 R08: 0000000000000000 R09: 0000000000000000
[  832.395074][T22570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  832.395160][T22570] R13: 0000000000000000 R14: 00007f7fb5ba5f80 R15: 00007fffb020bef8
[  832.395180][T22570]  </TASK>
[  832.619006][T22068] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  832.629702][T22068] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  832.640279][T20401] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  832.644342][T22068] batman_adv: batadv0: Interface activated: batadv_slave_1
[  832.662847][T22578] lo speed is unknown, defaulting to 1000
[  832.687203][T22068] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  832.695993][T22068] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  832.704776][T22068] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  832.713625][T22068] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  832.734807][T22592] bpf_get_probe_write_proto: 11 callbacks suppressed
[  832.734827][T22592] syz.4.16939[22592] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  832.754695][T22592] syz.4.16939[22592] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  832.788524][T22619] loop4: detected capacity change from 0 to 164
[  832.790284][T22617] lo speed is unknown, defaulting to 1000
[  832.812267][T22592] syz.4.16939[22592] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  832.816456][T22623] Process accounting resumed
[  832.838954][T22619] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  833.026744][T22655] loop2: detected capacity change from 0 to 512
[  833.064830][T22655] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  833.114590][T22655] ext4 filesystem being mounted at /1/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  833.379079][T22673] __nla_validate_parse: 8 callbacks suppressed
[  833.379102][T22673] netlink: 16186 bytes leftover after parsing attributes in process `syz.3.16948'.
[  833.497656][T22684] syz.0.16953[22684] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  833.497752][T22684] syz.0.16953[22684] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  833.501542][T22687] syz.3.16955[22687] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  833.511265][T22684] syz.0.16953[22684] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  833.520949][T22687] syz.3.16955[22687] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  833.544944][T22687] syz.3.16955[22687] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  833.644530][T22697] x_tables: duplicate underflow at hook 2
[  833.682139][T22704] loop1: detected capacity change from 0 to 128
[  833.735869][T14854] kworker/u8:22: attempt to access beyond end of device
[  833.735869][T14854] loop1: rw=1, sector=145, nr_sectors = 896 limit=128
[  833.762731][T22717] netlink: 16186 bytes leftover after parsing attributes in process `syz.1.16961'.
[  833.784085][T22719] loop4: detected capacity change from 0 to 1024
[  833.797981][T22719] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  833.822123][T22719] EXT4-fs (loop4): shut down requested (0)
[  833.871975][T22068] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  833.899130][T22068] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  833.923504][T22740] loop1: detected capacity change from 0 to 128
[  833.930223][T15006] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  833.939616][T22736] program syz.0.16969 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  833.952700][T22732] syz.3.16967[22732] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  833.981036][T22752] netlink: 'syz.0.16974': attribute type 1 has an invalid length.
[  834.000321][T22752] netlink: 'syz.0.16974': attribute type 2 has an invalid length.
[  834.008152][T22752] netlink: 16074 bytes leftover after parsing attributes in process `syz.0.16974'.
[  834.020021][   T11] kworker/u8:0: attempt to access beyond end of device
[  834.020021][   T11] loop1: rw=1, sector=145, nr_sectors = 896 limit=128
[  834.104198][T22769] loop1: detected capacity change from 0 to 512
[  834.134474][T22769] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  834.150299][T22769] ext4 filesystem being mounted at /71/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  834.284710][T22793] loop2: detected capacity change from 0 to 164
[  834.303872][T22793] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  834.314384][T22800] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(18)
[  834.321046][T22800] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  834.328488][T22800] vhci_hcd vhci_hcd.0: Device attached
[  834.337006][T22795] netlink: 'syz.3.16985': attribute type 30 has an invalid length.
[  834.345048][T22795] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  834.349817][T22803] Process accounting resumed
[  834.354187][T22795] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  834.374301][T22801] vhci_hcd: connection closed
[  834.374440][   T11] vhci_hcd: stop threads
[  834.383446][   T11] vhci_hcd: release socket
[  834.387886][   T11] vhci_hcd: disconnect device
[  834.441770][T22812] netlink: 'syz.0.16988': attribute type 1 has an invalid length.
[  834.449633][T22812] netlink: 'syz.0.16988': attribute type 2 has an invalid length.
[  834.457534][T22812] netlink: 16074 bytes leftover after parsing attributes in process `syz.0.16988'.
[  834.467129][T22813] netlink: 'syz.2.16987': attribute type 3 has an invalid length.
[  834.474820][T22810] netlink: 'syz.2.16987': attribute type 3 has an invalid length.
[  834.475023][T22813] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.16987'.
[  834.482755][T22810] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.16987'.
[  834.636015][   T29] kauditd_printk_skb: 1534 callbacks suppressed
[  834.636030][   T29] audit: type=1326 audit(2000000370.628:206889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22815 comm="syz.0.16989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe26caddff9 code=0x7ffc0000
[  834.666058][   T29] audit: type=1326 audit(2000000370.628:206890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22815 comm="syz.0.16989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=461 compat=0 ip=0x7fe26caddff9 code=0x7ffc0000
[  834.689816][   T29] audit: type=1326 audit(2000000370.628:206891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22815 comm="syz.0.16989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe26caddff9 code=0x7ffc0000
[  834.713664][   T29] audit: type=1326 audit(2000000370.628:206892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22815 comm="syz.0.16989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe26caddff9 code=0x7ffc0000
[  834.737473][   T29] audit: type=1326 audit(2000000370.628:206893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22815 comm="syz.0.16989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe26caddff9 code=0x7ffc0000
[  834.761295][   T29] audit: type=1326 audit(2000000370.628:206894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22815 comm="syz.0.16989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7fe26caddff9 code=0x7ffc0000
[  834.817984][T22834] FAULT_INJECTION: forcing a failure.
[  834.817984][T22834] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  834.831113][T22834] CPU: 1 UID: 0 PID: 22834 Comm: syz.4.16995 Tainted: G        W          6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0
[  834.843495][T22834] Tainted: [W]=WARN
[  834.847283][T22834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  834.857378][T22834] Call Trace:
[  834.860648][T22834]  <TASK>
[  834.863570][T22834]  dump_stack_lvl+0xf2/0x150
[  834.868268][T22834]  dump_stack+0x15/0x20
[  834.872414][T22834]  should_fail_ex+0x223/0x230
[  834.877100][T22834]  should_fail+0xb/0x10
[  834.881314][T22834]  should_fail_usercopy+0x1a/0x20
[  834.886349][T22834]  _copy_from_user+0x1e/0xd0
[  834.890937][T22834]  copy_msghdr_from_user+0x54/0x2a0
[  834.896134][T22834]  __sys_sendmsg+0x171/0x270
[  834.900821][T22834]  __x64_sys_sendmsg+0x46/0x50
[  834.905637][T22834]  x64_sys_call+0x2689/0x2d60
[  834.910310][T22834]  do_syscall_64+0xc9/0x1c0
[  834.914806][T22834]  ? clear_bhb_loop+0x55/0xb0
[  834.919484][T22834]  ? clear_bhb_loop+0x55/0xb0
[  834.924168][T22834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  834.930102][T22834] RIP: 0033:0x7f7fb59edff9
[  834.934504][T22834] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  834.954106][T22834] RSP: 002b:00007f7fb4667038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  834.962646][T22834] RAX: ffffffffffffffda RBX: 00007f7fb5ba5f80 RCX: 00007f7fb59edff9
[  834.970609][T22834] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000006
[  834.978568][T22834] RBP: 00007f7fb4667090 R08: 0000000000000000 R09: 0000000000000000
[  834.986566][T22834] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  834.994525][T22834] R13: 0000000000000000 R14: 00007f7fb5ba5f80 R15: 00007fffb020bef8
[  835.002638][T22834]  </TASK>
[  835.017677][T20401] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  835.034710][T20401] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  835.060422][T22840] loop2: detected capacity change from 0 to 128
[  835.066074][T22844] netlink: 'syz.4.16999': attribute type 1 has an invalid length.
[  835.074579][T22844] netlink: 'syz.4.16999': attribute type 2 has an invalid length.
[  835.082476][T22844] netlink: 16074 bytes leftover after parsing attributes in process `syz.4.16999'.
[  835.085232][   T29] audit: type=1326 audit(2000000371.068:206895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22839 comm="syz.2.16998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feffb4fdff9 code=0x7ffc0000
[  835.115576][   T29] audit: type=1326 audit(2000000371.068:206896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22839 comm="syz.2.16998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feffb4fdff9 code=0x7ffc0000
[  835.139523][   T29] audit: type=1326 audit(2000000371.068:206897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22839 comm="syz.2.16998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=256 compat=0 ip=0x7feffb4fdff9 code=0x7ffc0000
[  835.176895][T22842] loop1: detected capacity change from 0 to 164
[  835.185919][   T29] audit: type=1326 audit(2000000371.158:206898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22839 comm="syz.2.16998" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feffb4fdff9 code=0x7ffc0000
[  835.213119][T14270] kworker/u8:18: attempt to access beyond end of device
[  835.213119][T14270] loop2: rw=1, sector=145, nr_sectors = 896 limit=128
[  835.256903][T22842] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  835.358597][T22869] loop1: detected capacity change from 0 to 512
[  835.395055][T22869] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  835.407878][T22869] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  835.453076][T22885] loop4: detected capacity change from 0 to 128
[  835.486628][T22893] netlink: 224 bytes leftover after parsing attributes in process `syz.0.17011'.
[  835.496935][  T157] kworker/u8:5: attempt to access beyond end of device
[  835.496935][  T157] loop4: rw=1, sector=145, nr_sectors = 896 limit=128
[  835.523700][T22883] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  835.532435][T22883] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  835.628249][T22912] loop2: detected capacity change from 0 to 128
[  835.651915][T22912] netlink: 132 bytes leftover after parsing attributes in process `syz.2.17017'.
[  835.669085][T22905] loop4: detected capacity change from 0 to 512
[  835.676119][T22905] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  835.693509][T22905] EXT4-fs error (device loop4): ext4_orphan_get:1388: inode #17: comm syz.4.17014: iget: bad i_size value: -6917529027641081756
[  835.707120][T22905] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.17014: couldn't read orphan inode 17 (err -117)
[  835.719782][T22905] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  835.733816][T22905] FAULT_INJECTION: forcing a failure.
[  835.733816][T22905] name failslab, interval 1, probability 0, space 0, times 0
[  835.746512][T22905] CPU: 0 UID: 0 PID: 22905 Comm: syz.4.17014 Tainted: G        W          6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0
[  835.758908][T22905] Tainted: [W]=WARN
[  835.762701][T22905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  835.772743][T22905] Call Trace:
[  835.776063][T22905]  <TASK>
[  835.778983][T22905]  dump_stack_lvl+0xf2/0x150
[  835.783643][T22905]  dump_stack+0x15/0x20
[  835.787795][T22905]  should_fail_ex+0x223/0x230
[  835.792477][T22905]  ? mq_init+0xb8/0x380
[  835.796623][T22905]  should_failslab+0x8f/0xb0
[  835.801285][T22905]  __kmalloc_noprof+0xa5/0x370
[  835.806171][T22905]  ? dev_ioctl+0x7fa/0xab0
[  835.810645][T22905]  mq_init+0xb8/0x380
[  835.814618][T22905]  ? qdisc_alloc+0x3d1/0x450
[  835.819315][T22905]  qdisc_create_dflt+0xce/0x280
[  835.824299][T22905]  dev_activate+0xd9/0x9e0
[  835.828752][T22905]  ? dev_set_rx_mode+0x189/0x1a0
[  835.833682][T22905]  __dev_open+0x263/0x2e0
[  835.838039][T22905]  __dev_change_flags+0x155/0x410
[  835.843115][T22905]  dev_change_flags+0x59/0xd0
[  835.847854][T22905]  dev_ifsioc+0x67f/0xa10
[  835.852236][T22905]  dev_ioctl+0x7fa/0xab0
[  835.856474][T22905]  sock_do_ioctl+0x11c/0x260
[  835.861093][T22905]  sock_ioctl+0x46a/0x640
[  835.865534][T22905]  ? __pfx_sock_ioctl+0x10/0x10
[  835.870429][T22905]  __se_sys_ioctl+0xcd/0x140
[  835.875030][T22905]  __x64_sys_ioctl+0x43/0x50
[  835.879619][T22905]  x64_sys_call+0x15cc/0x2d60
[  835.884293][T22905]  do_syscall_64+0xc9/0x1c0
[  835.888787][T22905]  ? clear_bhb_loop+0x55/0xb0
[  835.893471][T22905]  ? clear_bhb_loop+0x55/0xb0
[  835.898276][T22905]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  835.904171][T22905] RIP: 0033:0x7f7fb59edff9
[  835.908574][T22905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  835.928173][T22905] RSP: 002b:00007f7fb4667038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  835.936590][T22905] RAX: ffffffffffffffda RBX: 00007f7fb5ba5f80 RCX: 00007f7fb59edff9
[  835.944571][T22905] RDX: 0000000020000080 RSI: 0000000000008914 RDI: 000000000000000b
[  835.952593][T22905] RBP: 00007f7fb4667090 R08: 0000000000000000 R09: 0000000000000000
[  835.960554][T22905] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  835.968571][T22905] R13: 0000000000000000 R14: 00007f7fb5ba5f80 R15: 00007fffb020bef8
[  835.976539][T22905]  </TASK>
[  835.979632][T22905] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  835.990280][T22905] syzkaller0: entered promiscuous mode
[  835.995877][T22905] syzkaller0: entered allmulticast mode
[  836.006666][T22919] loop2: detected capacity change from 0 to 164
[  836.013950][T22919] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  836.194874][T20401] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  836.212770][T20401] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  836.291619][T22144] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 65: padding at end of block bitmap is not set
[  836.337806][T22946] Process accounting resumed
[  836.398321][T22954] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  836.409376][T22954] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=22954 comm=syz.3.17025
[  836.422736][T22954] netlink: 'syz.3.17025': attribute type 1 has an invalid length.
[  836.435332][T22954] 8021q: adding VLAN 0 to HW filter on device bond2
[  836.449033][T22954] bond2: (slave bridge1): making interface the new active one
[  836.457308][T22954] bond2: (slave bridge1): Enslaving as an active interface with an up link
[  836.478227][T15006] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  836.498079][T22998] netlink: 4 bytes leftover after parsing attributes in process `syz.4.17029'.
[  836.629322][T23011] lo speed is unknown, defaulting to 1000
[  836.718336][T23039] loop1: detected capacity change from 0 to 512
[  836.751189][T23039] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  836.764593][T23039] ext4 filesystem being mounted at /80/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  836.808663][T20401] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  836.826399][T20401] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  836.845839][T23047] loop1: detected capacity change from 0 to 128
[  836.885382][   T11] kworker/u8:0: attempt to access beyond end of device
[  836.885382][   T11] loop1: rw=1, sector=145, nr_sectors = 896 limit=128
[  837.159252][T23065] loop2: detected capacity change from 0 to 1024
[  837.166471][T23065] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  837.178561][T23065] EXT4-fs error (device loop2): ext4_ext_check_inode:524: inode #11: comm syz.2.17040: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  837.197911][T23065] EXT4-fs error (device loop2): ext4_orphan_get:1393: comm syz.2.17040: couldn't read orphan inode 11 (err -117)
[  837.211110][T23065] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  837.226225][T23065] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  837.235489][T23065] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  837.245097][T23065] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:483: comm syz.2.17040: Invalid block bitmap block 0 in block_group 0
[  837.259028][T23065] EXT4-fs error (device loop2): ext4_acquire_dquot:6879: comm syz.2.17040: Failed to acquire dquot type 0
[  837.368735][T23071] loop4: detected capacity change from 0 to 2048
[  837.394198][T23071] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  837.516581][T15006] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  837.700288][T23103] loop4: detected capacity change from 0 to 512
[  837.725614][T23108] IPv6: Can't replace route, no match found
[  837.726144][T23103] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  837.748257][T23103] ext4 filesystem being mounted at /293/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  837.779915][T15006] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  837.800332][T15006] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  837.839279][T23121] loop4: detected capacity change from 0 to 128
[  837.853615][T23121] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[  837.866784][T23121] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  838.003636][T22068] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  838.021416][  T157] EXT4-fs error (device loop2): ext4_release_dquot:6902: comm kworker/u8:5: Failed to release dquot type 0
[  838.067158][T23136] lo speed is unknown, defaulting to 1000
[  838.157569][T23121] EXT4-fs error (device loop4): __ext4_find_entry:1652: inode #2: comm syz.4.17057: checksumming directory block 0
[  838.334993][T23121] EXT4-fs error (device loop4): __ext4_find_entry:1652: inode #2: comm syz.4.17057: checksumming directory block 0
[  838.362316][T23173] loop2: detected capacity change from 0 to 512
[  838.374994][T15006] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  838.401171][T23173] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  838.408859][T23182] loop4: detected capacity change from 0 to 512
[  838.420422][T23173] ext4 filesystem being mounted at /31/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  838.434915][T23177] bpf_get_probe_write_proto: 17 callbacks suppressed
[  838.434929][T23177] syz.3.17073[23177] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  838.447004][T23177] syz.3.17073[23177] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  838.458694][T23177] syz.3.17073[23177] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  838.470575][T23182] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  838.494645][T23182] ext4 filesystem being mounted at /295/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  838.537067][T15006] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  838.559885][T15006] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  838.629854][T23211] __nla_validate_parse: 5 callbacks suppressed
[  838.629866][T23211] netlink: 224 bytes leftover after parsing attributes in process `syz.4.17076'.
[  838.645658][T23205] lo speed is unknown, defaulting to 1000
[  838.678029][T23202] loop4: detected capacity change from 0 to 1024
[  838.686550][T23231] Process accounting resumed
[  838.698065][T23202] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  838.723140][T23202] EXT4-fs error (device loop4): ext4_ext_check_inode:524: inode #11: comm syz.4.17076: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  838.743373][T23202] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.17076: couldn't read orphan inode 11 (err -117)
[  838.758553][T23202] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  838.788289][T23202] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  838.794938][T23234] loop1: detected capacity change from 0 to 512
[  838.805209][T23202] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  838.821100][T23202] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.17076: Invalid block bitmap block 0 in block_group 0
[  838.834998][T23202] EXT4-fs error (device loop4): ext4_acquire_dquot:6879: comm syz.4.17076: Failed to acquire dquot type 0
[  838.848229][T23234] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  838.863160][T23234] ext4 filesystem being mounted at /87/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  838.865408][T23238] syz.0.17084[23238] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  838.873870][T23238] syz.0.17084[23238] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  838.886241][T23238] syz.0.17084[23238] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  839.189960][T22068] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  839.301092][T23273] loop2: detected capacity change from 0 to 128
[  839.343549][   T11] kworker/u8:0: attempt to access beyond end of device
[  839.343549][   T11] loop2: rw=1, sector=145, nr_sectors = 896 limit=128
[  839.405333][T23278] syz.2.17095[23278] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  839.405417][T23278] syz.2.17095[23278] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  839.418239][T23278] syz.2.17095[23278] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  839.435844][T23278] loop2: detected capacity change from 0 to 164
[  839.464743][T23278] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  839.468846][T23280] netdevsim netdevsim3: loading /lib/firmware/. failed with error -22
[  839.482856][T23280] netdevsim netdevsim3: Direct firmware load for . failed with error -22
[  839.527817][T23286] loop2: detected capacity change from 0 to 512
[  839.543514][T23286] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  839.557349][T23286] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  839.569552][T15006] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  839.582233][ T4048] EXT4-fs error (device loop4): ext4_release_dquot:6902: comm kworker/u8:28: Failed to release dquot type 0
[  839.590403][T22068] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  839.612213][T22068] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  839.635355][T20401] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  839.691895][   T29] kauditd_printk_skb: 5639 callbacks suppressed
[  839.691969][   T29] audit: type=1326 audit(2000000375.678:212532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23314 comm="syz.1.17107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa6da5dff9 code=0x7ffc0000
[  839.695307][T23315] loop1: detected capacity change from 0 to 512
[  839.703763][   T29] audit: type=1326 audit(2000000375.678:212533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23314 comm="syz.1.17107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa6da5dff9 code=0x7ffc0000
[  839.752010][   T29] audit: type=1326 audit(2000000375.678:212534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23314 comm="syz.1.17107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ffa6da5dff9 code=0x7ffc0000
[  839.775876][   T29] audit: type=1326 audit(2000000375.678:212535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23314 comm="syz.1.17107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ffa6da5e033 code=0x7ffc0000
[  839.799627][   T29] audit: type=1326 audit(2000000375.678:212536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23314 comm="syz.1.17107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ffa6da5cadf code=0x7ffc0000
[  839.823241][   T29] audit: type=1326 audit(2000000375.678:212537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23314 comm="syz.1.17107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7ffa6da5e087 code=0x7ffc0000
[  839.847102][   T29] audit: type=1326 audit(2000000375.678:212538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23314 comm="syz.1.17107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ffa6da5c990 code=0x7ffc0000
[  839.855371][T23315] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  839.870853][   T29] audit: type=1326 audit(2000000375.678:212539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23314 comm="syz.1.17107" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ffa6da5dbfb code=0x7ffc0000
[  839.883557][T23315] ext4 filesystem being mounted at /91/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  839.917855][   T29] audit: type=1326 audit(2000000375.708:212540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23316 comm="syz.4.17108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fb59edff9 code=0x7ffc0000
[  839.919519][T23325] lo speed is unknown, defaulting to 1000
[  839.941595][   T29] audit: type=1326 audit(2000000375.708:212541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23316 comm="syz.4.17108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7fb59edff9 code=0x7ffc0000
[  839.971396][T23324] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  839.979608][T23324] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  839.991539][T20401] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  840.089768][T23358] netlink: 224 bytes leftover after parsing attributes in process `syz.1.17109'.
[  840.108639][T23353] loop1: detected capacity change from 0 to 1024
[  840.116383][T23353] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  840.138339][T23353] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #11: comm syz.1.17109: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  840.157436][T23353] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.17109: couldn't read orphan inode 11 (err -117)
[  840.181083][T23353] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  840.194101][T23353] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  840.205252][T23353] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.17109: Invalid block bitmap block 0 in block_group 0
[  840.210687][T23375] validate_nla: 2 callbacks suppressed
[  840.210699][T23375] netlink: 'syz.0.17115': attribute type 29 has an invalid length.
[  840.235254][T23353] EXT4-fs error (device loop1): ext4_acquire_dquot:6879: comm syz.1.17109: Failed to acquire dquot type 0
[  840.321252][T23384] loop4: detected capacity change from 0 to 512
[  840.334582][T23384] ext4 filesystem being mounted at /303/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  840.411971][T15006] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  840.460266][T23405] netlink: 'syz.0.17127': attribute type 29 has an invalid length.
[  840.493834][T23406] Process accounting resumed
[  840.889547][T23455] netlink: 4 bytes leftover after parsing attributes in process `syz.0.17143'.
[  840.908106][T23455] netlink: 4 bytes leftover after parsing attributes in process `syz.0.17143'.
[  840.919913][T23453] syz.2.17144[23453] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  840.923797][T23453] loop2: detected capacity change from 0 to 164
[  840.942411][T23453] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  840.959703][ T4048] EXT4-fs error (device loop1): ext4_release_dquot:6902: comm kworker/u8:28: Failed to release dquot type 0
[  840.998204][T23464] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  841.006473][T23464] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  841.074598][T23479] loop1: detected capacity change from 0 to 512
[  841.094093][T23479] ext4 filesystem being mounted at /96/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  841.095994][T23483] loop2: detected capacity change from 0 to 512
[  841.123766][T23483] ext4 filesystem being mounted at /46/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  841.131607][T20401] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  841.147563][T22068] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  841.174465][T23494] netlink: 'syz.1.17153': attribute type 29 has an invalid length.
[  841.179388][T23495] loop2: detected capacity change from 0 to 512
[  841.192750][T23495] ext4 filesystem being mounted at /47/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  841.234655][T22068] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  841.265521][T23505] netlink: 224 bytes leftover after parsing attributes in process `syz.1.17155'.
[  841.287492][T23499] loop1: detected capacity change from 0 to 1024
[  841.295901][T23499] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  841.310412][T23499] EXT4-fs error (device loop1): ext4_ext_check_inode:524: inode #11: comm syz.1.17155: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  841.343547][T23499] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.17155: couldn't read orphan inode 11 (err -117)
[  841.361025][T23499] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  841.363773][T23513] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  841.377548][T23513] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  841.386374][T23499] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  841.408322][T23499] EXT4-fs error (device loop1): ext4_read_block_bitmap_nowait:483: comm syz.1.17155: Invalid block bitmap block 0 in block_group 0
[  841.423667][T23499] EXT4-fs error (device loop1): ext4_acquire_dquot:6879: comm syz.1.17155: Failed to acquire dquot type 0
[  841.446489][T23528] loop2: detected capacity change from 0 to 128
[  841.468020][T23522] loop4: detected capacity change from 0 to 164
[  841.475381][T23522] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  841.486494][T14270] kworker/u8:18: attempt to access beyond end of device
[  841.486494][T14270] loop2: rw=1, sector=145, nr_sectors = 896 limit=128
[  841.513074][T23534] loop4: detected capacity change from 0 to 512
[  841.514778][T23536] loop2: detected capacity change from 0 to 512
[  841.544545][T23536] ext4 filesystem being mounted at /56/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  841.558311][T23534] ext4 filesystem being mounted at /307/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  841.604467][T15006] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  841.662971][T23554] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  841.671221][T23554] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  841.759610][T23562] loop4: detected capacity change from 0 to 164
[  841.766740][T23562] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  841.833159][T23579] Process accounting resumed
[  841.923523][T23587] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  841.931780][T23587] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  842.152866][   T11] EXT4-fs error (device loop1): ext4_release_dquot:6902: comm kworker/u8:0: Failed to release dquot type 0
[  842.200706][T23615] loop1: detected capacity change from 0 to 128
[  842.233610][   T11] kworker/u8:0: attempt to access beyond end of device
[  842.233610][   T11] loop1: rw=1, sector=145, nr_sectors = 896 limit=128
[  842.297142][T23623] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  842.305410][T23623] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  842.368974][T23633] loop2: detected capacity change from 0 to 512
[  842.389849][T23629] loop1: detected capacity change from 0 to 164
[  842.397483][T23629] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  842.397828][T23633] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  842.466247][T22068] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  842.546643][T23656] netlink: 224 bytes leftover after parsing attributes in process `syz.3.17201'.
[  842.551488][T23658] loop2: detected capacity change from 0 to 128
[  842.574170][T23648] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  842.583592][T23648] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  842.622343][T14854] kworker/u8:22: attempt to access beyond end of device
[  842.622343][T14854] loop2: rw=1, sector=145, nr_sectors = 896 limit=128
[  842.726092][T23676] netlink: 'syz.2.17207': attribute type 29 has an invalid length.
[  842.784590][T23681] loop2: detected capacity change from 0 to 512
[  842.814552][T23681] ext4 filesystem being mounted at /63/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  842.865563][T22068] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  842.934794][T23700] loop4: detected capacity change from 0 to 128
[  843.005182][   T11] kworker/u8:0: attempt to access beyond end of device
[  843.005182][   T11] loop4: rw=1, sector=145, nr_sectors = 896 limit=128
[  843.034881][T23709] netlink: 'syz.0.17219': attribute type 29 has an invalid length.
[  843.089781][T23719] loop1: detected capacity change from 0 to 512
[  843.124123][T23719] ext4 filesystem being mounted at /114/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  843.173947][T20401] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  843.236371][T23738] loop1: detected capacity change from 0 to 164
[  843.243678][T23738] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  843.326124][T23754] netlink: 'syz.3.17231': attribute type 29 has an invalid length.
[  843.334243][T23750] loop1: detected capacity change from 0 to 128
[  843.403862][ T4048] kworker/u8:28: attempt to access beyond end of device
[  843.403862][ T4048] loop1: rw=1, sector=145, nr_sectors = 896 limit=128
[  843.473997][T23770] bpf_get_probe_write_proto: 11 callbacks suppressed
[  843.474012][T23770] syz.3.17236[23770] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  843.480808][T23770] syz.3.17236[23770] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  843.492370][T23770] syz.3.17236[23770] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  843.501905][T23771] lo speed is unknown, defaulting to 1000
[  843.647192][T23808] loop4: detected capacity change from 0 to 512
[  843.662858][T23808] ext4 filesystem being mounted at /325/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  843.683547][T15006] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  843.698522][T23812] netlink: 224 bytes leftover after parsing attributes in process `syz.3.17242'.
[  843.724621][T23816] loop4: detected capacity change from 0 to 128
[  843.734110][T23807] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  843.743922][T23807] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  843.781927][ T4048] kworker/u8:28: attempt to access beyond end of device
[  843.781927][ T4048] loop4: rw=1, sector=145, nr_sectors = 896 limit=128
[  843.843905][T23824] netdevsim netdevsim4: loading /lib/firmware/. failed with error -22
[  843.852181][T23824] netdevsim netdevsim4: Direct firmware load for . failed with error -22
[  843.886389][T23831] syz.2.17248[23831] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  843.886445][T23831] syz.2.17248[23831] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  843.899581][T23831] syz.2.17248[23831] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  843.917540][T23831] loop2: detected capacity change from 0 to 164
[  843.920006][T23836] syz.4.17250[23836] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  843.935540][T23836] syz.4.17250[23836] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  843.947742][T23836] syz.4.17250[23836] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  843.973203][T23831] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  843.976438][T23836] loop4: detected capacity change from 0 to 164
[  843.990668][T23836] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  844.024276][T23841] loop2: detected capacity change from 0 to 512
[  844.049754][T23841] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  844.074285][T23851] lo speed is unknown, defaulting to 1000
[  844.093404][T22068] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  844.143506][T23880] loop2: detected capacity change from 0 to 512
[  844.148284][T23883] netlink: 4 bytes leftover after parsing attributes in process `syz.0.17256'.
[  844.167146][T23880] ext4 filesystem being mounted at /70/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  844.171908][T23883] netlink: 4 bytes leftover after parsing attributes in process `syz.0.17256'.
[  844.264968][T23897] loop2: detected capacity change from 0 to 512
[  844.296742][T23897] ext4 filesystem being mounted at /72/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  844.373886][T23907] syz.1.17264[23907] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  844.376901][T23907] loop1: detected capacity change from 0 to 164
[  844.395739][T23907] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  844.470653][T23922] lo speed is unknown, defaulting to 1000
[  844.709428][   T29] kauditd_printk_skb: 2672 callbacks suppressed
[  844.709440][   T29] audit: type=1326 audit(2000000380.688:215208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23881 comm="syz.0.17256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe26cad4fa7 code=0x7ffc0000
[  844.739687][   T29] audit: type=1326 audit(2000000380.688:215209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23881 comm="syz.0.17256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe26ca79959 code=0x7ffc0000
[  844.763509][   T29] audit: type=1326 audit(2000000380.688:215210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23881 comm="syz.0.17256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fe26caddff9 code=0x7ffc0000
[  844.787288][   T29] audit: type=1326 audit(2000000380.698:215211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23881 comm="syz.0.17256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe26cad4fa7 code=0x7ffc0000
[  844.811056][   T29] audit: type=1326 audit(2000000380.698:215212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23881 comm="syz.0.17256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe26ca79959 code=0x7ffc0000
[  844.834753][   T29] audit: type=1326 audit(2000000380.698:215213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23881 comm="syz.0.17256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fe26caddff9 code=0x7ffc0000
[  844.858501][   T29] audit: type=1326 audit(2000000380.708:215214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23881 comm="syz.0.17256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe26cad4fa7 code=0x7ffc0000
[  844.882210][   T29] audit: type=1326 audit(2000000380.708:215215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23881 comm="syz.0.17256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe26ca79959 code=0x7ffc0000
[  844.905943][   T29] audit: type=1326 audit(2000000380.708:215216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23881 comm="syz.0.17256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fe26caddff9 code=0x7ffc0000
[  844.929814][   T29] audit: type=1326 audit(2000000380.718:215217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23881 comm="syz.0.17256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe26cad4fa7 code=0x7ffc0000
[  845.026692][T23976] loop1: detected capacity change from 0 to 164
[  845.033696][T23976] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  845.058420][T23986] loop1: detected capacity change from 0 to 512
[  845.068657][T23987] netlink: 224 bytes leftover after parsing attributes in process `syz.4.17278'.
[  845.084926][T23986] ext4 filesystem being mounted at /132/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  845.090552][T23982] loop4: detected capacity change from 0 to 1024
[  845.106857][T23991] lo speed is unknown, defaulting to 1000
[  845.114441][T23982] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  845.135935][T23982] EXT4-fs error (device loop4): ext4_ext_check_inode:524: inode #11: comm syz.4.17278: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  845.159426][T23982] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.17278: couldn't read orphan inode 11 (err -117)
[  845.174377][T20401] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  845.190668][T23982] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  845.205760][T23982] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  845.232083][T23982] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:483: comm syz.4.17278: Invalid block bitmap block 0 in block_group 0
[  845.263923][T23982] EXT4-fs error (device loop4): ext4_acquire_dquot:6879: comm syz.4.17278: Failed to acquire dquot type 0
[  845.325637][T24035] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  845.333875][T24035] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  845.390361][T24053] loop2: detected capacity change from 0 to 512
[  845.433986][T24053] ext4 filesystem being mounted at /79/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  845.443517][T24062] lo speed is unknown, defaulting to 1000
[  845.494573][T22068] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  845.576355][T24112] loop2: detected capacity change from 0 to 512
[  845.615150][T24108] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  845.623423][T24108] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  845.624511][T24112] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  845.758295][T24137] lo speed is unknown, defaulting to 1000
[  845.907639][T24166] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  845.915889][T24166] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  845.991845][T24190] ==================================================================
[  845.999950][T24190] BUG: KCSAN: data-race in do_notify_parent_cldstop / wait_consider_task
[  846.008386][T24190] 
[  846.010696][T24190] write to 0xffff888121e7851c of 4 bytes by task 24188 on cpu 0:
[  846.018399][T24190]  wait_consider_task+0xaa8/0x1680
[  846.023509][T24190]  __do_wait+0x13e/0x500
[  846.027740][T24190]  do_wait+0xaf/0x270
[  846.031799][T24190]  kernel_wait4+0x164/0x1d0
[  846.036293][T24190]  __x64_sys_wait4+0x94/0x120
[  846.040961][T24190]  x64_sys_call+0x2529/0x2d60
[  846.045626][T24190]  do_syscall_64+0xc9/0x1c0
[  846.050115][T24190]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  846.056000][T24190] 
[  846.058317][T24190] read to 0xffff888121e7851c of 4 bytes by task 24190 on cpu 1:
[  846.065929][T24190]  do_notify_parent_cldstop+0x1a8/0x2a0
[  846.071469][T24190]  ptrace_stop+0x327/0x5a0
[  846.075877][T24190]  ptrace_signal+0x52/0x240
[  846.080369][T24190]  get_signal+0x820/0x1070
[  846.084776][T24190]  arch_do_signal_or_restart+0x95/0x4b0
[  846.090308][T24190]  syscall_exit_to_user_mode+0x59/0x130
[  846.095845][T24190]  ret_from_fork_asm+0x1a/0x30
[  846.100596][T24190] 
[  846.102899][T24190] value changed: 0x00000013 -> 0x00000000
[  846.108596][T24190] 
[  846.110902][T24190] Reported by Kernel Concurrency Sanitizer on:
[  846.117032][T24190] CPU: 1 UID: 0 PID: 24190 Comm: syz.0.17335 Tainted: G        W          6.12.0-rc2-syzkaller-00307-g36c254515dc6 #0
[  846.129340][T24190] Tainted: [W]=WARN
[  846.133123][T24190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  846.143159][T24190] ==================================================================
[  846.166582][T14854] EXT4-fs error (device loop4): ext4_release_dquot:6902: comm kworker/u8:22: Failed to release dquot type 0
[  846.412900][T22068] EXT4-fs unmount: 38 callbacks suppressed
[  846.412911][T22068] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.