last executing test programs:

4m41.132499959s ago: executing program 2 (id=30):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000800000000000070000000900010073797a30000000007c000000090a010400000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d38001280140001800c000100636f756e7465720004000280200001800e000100636f6e6e6c696d69740000000c00028008000140000000080800034000000110"], 0xc4}}, 0x20050800)

4m41.030944796s ago: executing program 2 (id=33):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = perf_event_open(&(0x7f00000004c0)={0x2, 0x80, 0xfe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x4, 0x4}, 0x40db, 0x0, 0x4, 0x8, 0xa, 0x100, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$PERF_EVENT_IOC_SET_FILTER(r3, 0x40082406, &(0x7f0000000000)='cpu~=0||!')
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x18}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='mem_disconnect\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x4, &(0x7f0000000300)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000a000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f0000000080)={r6, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={r0, 0x0, &(0x7f0000001700)=""/53}, 0x20)
r7 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, r7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r9}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r10}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x11, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_freezer_state(0xffffffffffffffff, 0x0, 0x2, 0x0)
io_destroy(0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000002900000005"], 0x48)
socket(0x1e, 0x805, 0x0)

4m40.814112152s ago: executing program 2 (id=38):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
perf_event_open(&(0x7f0000000000)={0x8, 0x80, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x2, 0x12062, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000080)}, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x15bd}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)

4m40.449636788s ago: executing program 2 (id=43):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x81, 0x7aa, &(0x7f0000001740)="$eJzs3ctrXNUfAPDvnbyatL9fIghaVwFBA6UTU2Or4KLiQgQLBV3bhsk01EwyJTMpTQi0RQQ3gooLQTdd+6g7tz62+l+4kJaqabDiQiJ3MpNMmpk0aTMzwXw+cHPPuY8555tzH2fmHmYCOLCG0z+ZiKMR8WESMVhdnkRETyXVHXF6bbt7y0u5dEpidfXN35PKNivLS7mo2yd1uJp5MiJ+eC/iWGZruaWFxemJQiE/V82PlmcujZYWFo9fnJmYyk/lZ0+OjY+fOPXCqZN7F+ufPy8euf3Ra89+ffrvd5+4+cGPSZyOI9V19XHsleEYrv5PetJ/4Sav7nVhHZZ0ugI8lPTU7Fo7y+NoDEZXJdVEfztrBgC0ytWIWAUADpjE/R8ADpja5wAry0u52tTZTyTa684rEXFoLf7a8821Nd3VZ3aHKs9BB1aSTU9GkogY2oPyhyPi82/f/jKdokXPIQEauXY9Is4PDa8sL3VFRN31P9kyZmG3nttmXVf0VebD9y13/YP2+S7t/7zYqP+XWe//RIP+T1+Dc/dhPPj8z9zag2KaSvt/L9eNbbtXF3/VUFc1979Kn68nuXCxkE+vbf+PiJHo6UvzY5VNG4+CGrn7z91m5df3//74+J0v0vLT+cYWmVvdfZv3mZwoTzxq3DV3rkc81d0o/mS9/ZMm/d+zOyzj9Zfe/6zZujT+NN7atDX+1lq9EfFMw/bfaMtk2/GJo5XDYbR2UDTwzS+fDjQrf6P9+yrztPzae4F2SNt/YPv4h5L68Zql3Zfx043B7ze/5Ib6479x/I2P/97krUq6t7rsykS5PDcW0Zu8sXX5iY19a/na9mn8I083Pv+bHf+Z6tjY8+u57XXf/u2r6ks1jL/iWrP4WyuNf3JX7b9NYrW6z32rbt6b7mpW/s7af7ySGqku2cn17wE1fYSjGQAAAAAAAAAAAAAAAAAAAAAAAAB2LxMRRyLJZNfTmUw2u/Yb3o/HQKZQLJWPXSjOz05G5beyh6InU/uqy8G670Mdq34ffi1/4r788xHxWER80tdfyWdzxcJkp4MHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKrDm3///2o6y2bX1v3a1+naAQAtc6jTFQAA2s79HwAOnt3d//tbVg8AoH12/f5/NWlNRQCAttnx/f98a+sBALSP5/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC02NkzZ9Jp9a/lpVyan7y8MD9dvHx8Ml+azs7M57K54tyl7FSxOFXIZ3PFmaYvdG1tVigWL43H7PyV0XK+VB4tLSyemynOz5bPXZyZmMqfy/e0LTIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2LnSwuL0RKGQn5PYNtG/P6qxbxLdsS+q8Z9P9Has9PqrRH/nLlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+9y/AQAA//9EhyGH")
r0 = syz_open_dev$loop(&(0x7f0000000180), 0x7, 0x2480)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180))
setxattr$system_posix_acl(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000340)=ANY=[@ANYBLOB="020000000100070000e600000400000000000000100003000000000020"], 0x24, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00000014000800000000000000007f"}})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x591)

4m39.804635985s ago: executing program 2 (id=48):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
statfs(&(0x7f0000000980)='./file0\x00', 0x0)

4m37.81032243s ago: executing program 2 (id=77):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0a000000010000000900000008"], 0x50)
unshare(0x22020600)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x8002, 0x58f81f86, &(0x7f0000000040))
rt_sigpending(0x0, 0x0)
rt_sigsuspend(&(0x7f0000000080)={[0x91b]}, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000700000001ae3a427a4839200ead6d"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000380)='kfree\x00', r1}, 0x10)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$FOU_CMD_DEL(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2c, r4, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@FOU_ATTR_IPPROTO={0x5, 0x3, 0x62}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e24}, @FOU_ATTR_PEER_V4={0x8, 0x8, @local}]}, 0x2c}, 0x1, 0x0, 0x0, 0x810}, 0x10)
connect$vsock_stream(r2, &(0x7f00000002c0)={0x28, 0x0, 0x0, @hyper}, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x800000000003}, 0x1100, 0x5dd8, 0x3, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
connect$vsock_stream(r2, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
openat$dir(0xffffffffffffff9c, &(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x200c1, 0x128)

4m37.809904419s ago: executing program 32 (id=77):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0a000000010000000900000008"], 0x50)
unshare(0x22020600)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x8002, 0x58f81f86, &(0x7f0000000040))
rt_sigpending(0x0, 0x0)
rt_sigsuspend(&(0x7f0000000080)={[0x91b]}, 0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b0000000700000001ae3a427a4839200ead6d"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000380)='kfree\x00', r1}, 0x10)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$fou(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$FOU_CMD_DEL(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2c, r4, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@FOU_ATTR_IPPROTO={0x5, 0x3, 0x62}, @FOU_ATTR_PORT={0x6, 0x1, 0x4e24}, @FOU_ATTR_PEER_V4={0x8, 0x8, @local}]}, 0x2c}, 0x1, 0x0, 0x0, 0x810}, 0x10)
connect$vsock_stream(r2, &(0x7f00000002c0)={0x28, 0x0, 0x0, @hyper}, 0x10)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3e, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x2, 0x800000000003}, 0x1100, 0x5dd8, 0x3, 0x5, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
connect$vsock_stream(r2, &(0x7f0000000080)={0x28, 0x0, 0x0, @local}, 0x10)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
openat$dir(0xffffffffffffff9c, &(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x200c1, 0x128)

1m43.936736581s ago: executing program 4 (id=4232):
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
open(&(0x7f00000001c0)='./file0\x00', 0x80ff, 0x88)
r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000000000)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
r3 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
readv(r3, &(0x7f0000000080)=[{&(0x7f0000000380)=""/79, 0x4f}], 0x1) (fail_nth: 3)

1m43.638437212s ago: executing program 4 (id=4236):
r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000070000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x24, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000080)="390000001300090468fe0700000000000000ff3f08000000480100100000000019002b000a0001000500000000000072080003000500000000", 0x39}], 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, @void, @value}, 0x94)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="18000000151403"], 0x18}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='page_pool_release\x00'}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r2, 0xf, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})

1m43.572052368s ago: executing program 4 (id=4240):
iopl(0x3)
r0 = socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000540)='kfree\x00', r1}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000cc0)=@newqdisc={0x4c, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x10, 0x3, 0x1, 0x3, 0x400, 0x8}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)

1m43.530593491s ago: executing program 4 (id=4242):
iopl(0x3)
r0 = socket(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000800000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000540)='kfree\x00', r2}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000cc0)=@newqdisc={0x4c, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0x2}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x10, 0x3, 0x1, 0x3, 0x400, 0x8}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40001d4}, 0x8840)

1m43.476966894s ago: executing program 4 (id=4243):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f00000003c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{0x2, 0x4e21, @remote}, {0x306, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3f}}, 0x10, {0x2, 0x4e21, @rand_addr=0x64010101}, 'veth0_virt_wifi\x00'})
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000300)=ANY=[@ANYBLOB="1808000063a9829c000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000b7020000000000007b9a00fe00000000b5090800000000007baaf0ff00000000be9800000000000004080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018280000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7050000080000004600000076000000bf9100000000000076080000000000008500000084000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg=0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0x0, 0x10, 0x10, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

1m43.346853064s ago: executing program 4 (id=4244):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) (async)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xc97c, 0x0, @perf_bp={0x0, 0x764922f6ef795283}, 0x8, 0x0, 0x409, 0x4, 0x0, 0x40, 0xfffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000044", @ANYRES32], 0x48)
mkdir(&(0x7f0000002880)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80000) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
open(&(0x7f0000000300)='.\x00', 0x0, 0x0) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) (async, rerun: 32)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (rerun: 32)
write$binfmt_script(r5, &(0x7f0000000180), 0xfea7) (async, rerun: 64)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000b, 0x11, r4, 0x0) (async, rerun: 64)
r6 = socket$rxrpc(0x21, 0x2, 0xa)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c010000", @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb08000300", @ANYRES16], 0x2c}}, 0x0) (async)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r9, @ANYBLOB="ff830500000700ffffff", @ANYRES32=r6], 0x4}}, 0x0)
sendfile(r8, r7, 0x0, 0x100000002)
write$P9_RVERSION(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) (async)
r10 = dup(r3)
write$P9_RLERRORu(r10, &(0x7f00000000c0)=ANY=[@ANYBLOB='S\x00\x00\x00\a'], 0x53) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB="2c7748ca3e2276c39600"/21, @ANYRESHEX=r10, @ANYBLOB=',k'])

1m28.23238886s ago: executing program 33 (id=4244):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) (async)
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xc97c, 0x0, @perf_bp={0x0, 0x764922f6ef795283}, 0x8, 0x0, 0x409, 0x4, 0x0, 0x40, 0xfffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000044", @ANYRES32], 0x48)
mkdir(&(0x7f0000002880)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80000) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000003200)=ANY=[@ANYBLOB="1e0000000000000004000000ff"], 0x48)
open(&(0x7f0000000300)='.\x00', 0x0, 0x0) (async)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) (async, rerun: 32)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0) (rerun: 32)
write$binfmt_script(r5, &(0x7f0000000180), 0xfea7) (async, rerun: 64)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000b, 0x11, r4, 0x0) (async, rerun: 64)
r6 = socket$rxrpc(0x21, 0x2, 0xa)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c010000", @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb08000300", @ANYRES16], 0x2c}}, 0x0) (async)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r9, @ANYBLOB="ff830500000700ffffff", @ANYRES32=r6], 0x4}}, 0x0)
sendfile(r8, r7, 0x0, 0x100000002)
write$P9_RVERSION(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1500000065ffff018000000800395032303030"], 0x15) (async)
r10 = dup(r3)
write$P9_RLERRORu(r10, &(0x7f00000000c0)=ANY=[@ANYBLOB='S\x00\x00\x00\a'], 0x53) (async)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB="2c7748ca3e2276c39600"/21, @ANYRESHEX=r10, @ANYBLOB=',k'])

3.010329181s ago: executing program 3 (id=6339):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000006c0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
times(0xffffffffffffffff)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x80801c, &(0x7f0000000580), 0x1, 0x503, &(0x7f0000000880)="$eJzs3c9vI1cdAPDvOL+cNG3S0gMgoEspLGi1TuJto6oHWE4IoUqIHkHahsQbRbHjKHZKE/aQ/g9IVOIER/4Azj1x54LgxmU5IPEjAm1W4mA040nWm7U3ZpPYUfz5SKN5b2bs73trzXv21xu/AEbWjYg4iIjJiPgwIuby40m+xd32ll736PDB6tHhg9UkWq0P/plk59Nj0fGY1Ev5cxYj4kffi/hp8mzcxt7+5kq1WtlpV6cXmrXthcbe/u2N2sp6Zb2yVS4vLy0vvnvnnfKF9fWN2mRe+vLDPxx86+dps2bzI539uEjtrk+cxEmNR8QPLiPYEIzl/ZkcdkN4IYWIeC0i3szu/7kYy15NAOA6a7XmojXXWQcArrtClgNLCqU8FzAbhUKp1M7hvR4zhWq90bx1v767tdbOlc3HROH+RrWymOcK52MiSetLWflJvXyqficiXo2IX0xNZ/XSar26Nsw3PgAwwl46Nf//Z6o9/wMA11xx2A0AAAbO/A8Ao8f8DwCjx/wPAKPnyfx/d6jtAAAGx+d/ABg95n8AGCk/fP/9dGsd5b9/vfbR3u5m/aPba5XGZqm2u1pare9sl9br9fXsN3tqZz1ftV7fXno7dj+e//Z2o7nQ2Nu/V6vvbjXvZb/rfa8yMZBeAQDP8+obn/05iYiD96azLTrWcjBXw/VWGHYDgKEZG3YDgKGx2heMrnN8xpcegGuiyxK9TylGxPTpg61Wq3V5TQIu2c0vyP/DqOrI//tfwDBi5P9hdMn/w+hqtZJ+1/yPfi8EAK42OX6gx/f/r+X73+ZfDvxk7fQVn15mqwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBqO17/t5SvBT4bhUKpFPFyRMzHRHJ/o1pZjIhXIuJPUxNTaX1pyG0GAM6r8LckX//r5txbs6fPTiaPp7J9RPzsVx/88uOVZnPnj+nxf50cb36aHy8Po/0AwFmO5+ls3/FB/tHhg9XjbZDt+ft3I6LYjn90OBlHJ/HHYzzbF2MiImb+neT1tqQjd3EeB59ExOe79T+J2SwH0l759HT8NPbLA41feCp+ITvX3qf/Fp+7gLbAqPksHX/udrv/CnEj23e//4vZCHV++fiXPtXqUTYGPol/PP6N9Rj/bvQb4+3ff79dmn723CcRXxyPOI591DH+HMdPesR/q8/4f/nSV97sda7164ib0T1+Z6yFZm17obG3f3ujtrJeWa9slcvLS8uL7955p7yQ5agXes8G/3jv1itZocslaf9nesQvntH/r/fZ/9/898Mff7XHuTT+N7/WLX4hXn9O/HRO/Eaf8VdmflfsdS6Nv9aj/2e9/rf6jP/wr/vPLBsOAAxPY29/c6VarewMsnD8RmKgQRX6K0zlL85Vac9ThSvbsM2V6ncGFWsy/q9HtVovFKvXiHERWTfgKji56SPi8bAbAwAAAAAAAAAAAAAAdHWpf6iUtAvD7iMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADX1/8CAAD//8jOyzo=")
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000000f1ff007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r5, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})

2.359698949s ago: executing program 0 (id=6358):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0, 0x0, 0x4}, 0x18)
r1 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="7f454c4604030003000000000000000002003e00000000000103000038000000000000000f000000000020000100040000000000000000000300000008000000f30000008100000004"], 0x58)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000c"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, &(0x7f0000000680)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x10, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000003c0)='kfree\x00', r2}, 0x18)
request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd)
close(r1)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200410, &(0x7f00000005c0)={[{@nodiscard}, {}, {}, {@nomblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@dioread_lock}, {@auto_da_alloc}, {@norecovery}]}, 0x5, 0x591, &(0x7f0000000f80)="$eJzs3V1rFFcfAPD/bBKNL89jBJHaiyJ4UYt1Y5LWFyjUXpZWKrT3dknWINm4kt2ISYXqRb3pTZFCKRVKP0Dveyn9Av0UQitIkdBSpJAyu7PJmuzmzdVd3d8PRs+Zmew5Z8/8Z8+ZmWUD6FtH039yEUci4psk4kDTtsHINh6t77f0+OZkuiSxvPzpn0kk2brG/kn2/74s81pE/PpVxIlcff1Q02tXFhZnCqVScS7Lj1Znr41WFhZPXpktTBeni1fHJybOvjs8fu7M6Y619a2Lf3//yf0Ph78+tvTdzw8P3k3ifOzPtjW34xncas4cLfybpYbi/JodxzpQWC9Jul0BdmQgi/M0No/EgRjIoh549X0ZEctAn0rEP/SpxjigMbfv0Dz4pfHog/oEaH37B+vXRmK4Njfau5Q8NTNK57sjHSg/LeOXP+7dTZfY+DrEnk3yANty63ZEnBocXH/+S7Lz386dql083tjaMvrt8we66X46/nm71fgntzL+iRbjn30tYncnNo//3MOnsh2+0ZCO/95rOf5dOXWNDGS5/9XGfEPJ5Sul4qmI+H9EHI+h3Wl+o/s5Z5ceLLfb1jz+S5e0/MZYMKvHw8Hdtcv0K6YK1cKztXrVo9sRr7cc/yYr/Z+06P/0/bi44SuvdtTh4r032u21efufr+WfIt5s2f+r9U/a3p+cGD935vRo7XgYbRwV6/115/Bv7crvdvvT/t+7cftHkub7tZXtl/Hj8JNiu21bPP6fkh7/u5LPauld2bobhWp1bixiV/Lx+vXjq3/byDf2T9t//NjG579Wx386+fp8i+2/c+hO2117of+nttX/2088+OiLH9qVv7X+f6eWOp6tWXP+e7LmUkbNVivYobcRAAAAAAAAekIuIvZHksuvpHO5fL7+fMeh2JsrlSvVE5fL81enovZd2ZEYyjXudB+o3YKtPw8xlj0P23g+YnxNfiIiDkbEtwN7avn8ZLk01e3GAwAAAAAAAAAAAAAAAAAAQI/Y1+b7/6nfB7pdO+C5q/2wwe5u1wLohk1/8r8Tv/QE9KRN4x94ZYl/6F/iH/qX+If+Jf6hf4l/6F+t49/TP9APfP4DAAAAAAAAAAAAAAAAAAAAAAAAAABAR128cCFdlpce35xM81PXF+ZnytdPThUrM/nZ+cn8ZHnuWn66XJ4uFfOT5dnNXq9ULl8bG4/5G6PVYqU6WllYvDRbnr9avXRltjBdvFQceiGtAgAAAAAAAAAAAAAAAAAAgJdLZWFxplAqFedecGIwulDoDhPvR09U43k2sG5Hfz64ftM/EdEL7ZJ4hkSXT0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0OS/AAAA//8Umzy+")
chdir(&(0x7f0000000380)='./file0\x00')
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x857, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{}, &(0x7f0000000400), 0x0}, 0x20)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000020000000000000", @ANYRES32, @ANYBLOB="000400"/18, @ANYRES32], 0x50)
setitimer(0x4, &(0x7f0000000500)={{}, {0x0, 0x2710}}, 0x0)
pipe2$9p(&(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r6, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r7 = dup(r6)
write$P9_RLERRORu(r7, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r7, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r7, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r7])
creat(&(0x7f0000000380)='./file0\x00', 0x80)

2.216246559s ago: executing program 0 (id=6361):
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

2.141117894s ago: executing program 3 (id=6362):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000400)='kfree\x00', r0, 0x0, 0x4}, 0x18)
r1 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="7f454c4604030003000000000000000002003e00000000000103000038000000000000000f000000000020000100040000000000000000000300000008000000f30000008100000004"], 0x58)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000c"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, &(0x7f0000000680)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x10, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000003c0)='kfree\x00', r2}, 0x18)
request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd)
close(r1)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200410, &(0x7f00000005c0)={[{@nodiscard}, {}, {}, {@nomblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@dioread_lock}, {@auto_da_alloc}, {@norecovery}]}, 0x5, 0x591, &(0x7f0000000f80)="$eJzs3V1rFFcfAPD/bBKNL89jBJHaiyJ4UYt1Y5LWFyjUXpZWKrT3dknWINm4kt2ISYXqRb3pTZFCKRVKP0Dveyn9Av0UQitIkdBSpJAyu7PJmuzmzdVd3d8PRs+Zmew5Z8/8Z8+ZmWUD6FtH039yEUci4psk4kDTtsHINh6t77f0+OZkuiSxvPzpn0kk2brG/kn2/74s81pE/PpVxIlcff1Q02tXFhZnCqVScS7Lj1Znr41WFhZPXpktTBeni1fHJybOvjs8fu7M6Y619a2Lf3//yf0Ph78+tvTdzw8P3k3ifOzPtjW34xncas4cLfybpYbi/JodxzpQWC9Jul0BdmQgi/M0No/EgRjIoh549X0ZEctAn0rEP/SpxjigMbfv0Dz4pfHog/oEaH37B+vXRmK4Njfau5Q8NTNK57sjHSg/LeOXP+7dTZfY+DrEnk3yANty63ZEnBocXH/+S7Lz386dql083tjaMvrt8we66X46/nm71fgntzL+iRbjn30tYncnNo//3MOnsh2+0ZCO/95rOf5dOXWNDGS5/9XGfEPJ5Sul4qmI+H9EHI+h3Wl+o/s5Z5ceLLfb1jz+S5e0/MZYMKvHw8Hdtcv0K6YK1cKztXrVo9sRr7cc/yYr/Z+06P/0/bi44SuvdtTh4r032u21efufr+WfIt5s2f+r9U/a3p+cGD935vRo7XgYbRwV6/115/Bv7crvdvvT/t+7cftHkub7tZXtl/Hj8JNiu21bPP6fkh7/u5LPauld2bobhWp1bixiV/Lx+vXjq3/byDf2T9t//NjG579Wx386+fp8i+2/c+hO2117of+nttX/2088+OiLH9qVv7X+f6eWOp6tWXP+e7LmUkbNVivYobcRAAAAAAAAekIuIvZHksuvpHO5fL7+fMeh2JsrlSvVE5fL81enovZd2ZEYyjXudB+o3YKtPw8xlj0P23g+YnxNfiIiDkbEtwN7avn8ZLk01e3GAwAAAAAAAAAAAAAAAAAAQI/Y1+b7/6nfB7pdO+C5q/2wwe5u1wLohk1/8r8Tv/QE9KRN4x94ZYl/6F/iH/qX+If+Jf6hf4l/6F+t49/TP9APfP4DAAAAAAAAAAAAAAAAAAAAAAAAAABAR128cCFdlpce35xM81PXF+ZnytdPThUrM/nZ+cn8ZHnuWn66XJ4uFfOT5dnNXq9ULl8bG4/5G6PVYqU6WllYvDRbnr9avXRltjBdvFQceiGtAgAAAAAAAAAAAAAAAAAAgJdLZWFxplAqFedecGIwulDoDhPvR09U43k2sG5Hfz64ftM/EdEL7ZJ4hkSXT0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0OS/AAAA//8Umzy+")
chdir(&(0x7f0000000380)='./file0\x00')
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{}, &(0x7f0000000400), 0x0}, 0x20)
pipe2$9p(&(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r5 = dup(r4)
write$P9_RLERRORu(r5, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r5, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
creat(&(0x7f0000000380)='./file0\x00', 0x80)

1.969407747s ago: executing program 3 (id=6365):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000380)=0xff)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f0000000040)={0x2, {0x2, 0x9, 0x3, 0xf57, 0x8001, 0x10}})
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000080)=0x9)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x7f)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={<r4=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000280)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000240), r4, 0x0, 0x2, 0x1}}, 0x20)

1.941049699s ago: executing program 0 (id=6366):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/rt_acct\x00')
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x3d, 0x1, 0x0, 0x0, 0x0, 0x5, 0x62000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, @perf_bp={0x0}, 0x100020, 0x0, 0x0, 0x6, 0x3, 0x0, 0x7}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r1 = socket(0x18, 0x3, 0x0)
connect$pppoe(r1, &(0x7f0000000100)={0x18, 0x0, {0x2, @broadcast, 'vxcan1\x00'}}, 0x1e)
sendfile(r1, r0, 0x0, 0x8) (fail_nth: 5)

1.626066892s ago: executing program 0 (id=6368):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x18)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
chdir(&(0x7f0000000380)='./file0\x00')
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{}, &(0x7f0000000400), 0x0}, 0x20)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, 0x0, 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
creat(&(0x7f0000000380)='./file0\x00', 0x80)

1.256256448s ago: executing program 0 (id=6371):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000006c0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
times(0xffffffffffffffff)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000000f1ff007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r5, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})

1.256038468s ago: executing program 3 (id=6372):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000006c0f00000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
times(0xffffffffffffffff)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x80801c, &(0x7f0000000580), 0x1, 0x503, &(0x7f0000000880)="$eJzs3c9vI1cdAPDvOL+cNG3S0gMgoEspLGi1TuJto6oHWE4IoUqIHkHahsQbRbHjKHZKE/aQ/g9IVOIER/4Azj1x54LgxmU5IPEjAm1W4mA040nWm7U3ZpPYUfz5SKN5b2bs73trzXv21xu/AEbWjYg4iIjJiPgwIuby40m+xd32ll736PDB6tHhg9UkWq0P/plk59Nj0fGY1Ev5cxYj4kffi/hp8mzcxt7+5kq1WtlpV6cXmrXthcbe/u2N2sp6Zb2yVS4vLy0vvnvnnfKF9fWN2mRe+vLDPxx86+dps2bzI539uEjtrk+cxEmNR8QPLiPYEIzl/ZkcdkN4IYWIeC0i3szu/7kYy15NAOA6a7XmojXXWQcArrtClgNLCqU8FzAbhUKp1M7hvR4zhWq90bx1v767tdbOlc3HROH+RrWymOcK52MiSetLWflJvXyqficiXo2IX0xNZ/XSar26Nsw3PgAwwl46Nf//Z6o9/wMA11xx2A0AAAbO/A8Ao8f8DwCjx/wPAKPnyfx/d6jtAAAGx+d/ABg95n8AGCk/fP/9dGsd5b9/vfbR3u5m/aPba5XGZqm2u1pare9sl9br9fXsN3tqZz1ftV7fXno7dj+e//Z2o7nQ2Nu/V6vvbjXvZb/rfa8yMZBeAQDP8+obn/05iYiD96azLTrWcjBXw/VWGHYDgKEZG3YDgKGx2heMrnN8xpcegGuiyxK9TylGxPTpg61Wq3V5TQIu2c0vyP/DqOrI//tfwDBi5P9hdMn/w+hqtZJ+1/yPfi8EAK42OX6gx/f/r+X73+ZfDvxk7fQVn15mqwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBqO17/t5SvBT4bhUKpFPFyRMzHRHJ/o1pZjIhXIuJPUxNTaX1pyG0GAM6r8LckX//r5txbs6fPTiaPp7J9RPzsVx/88uOVZnPnj+nxf50cb36aHy8Po/0AwFmO5+ls3/FB/tHhg9XjbZDt+ft3I6LYjn90OBlHJ/HHYzzbF2MiImb+neT1tqQjd3EeB59ExOe79T+J2SwH0l759HT8NPbLA41feCp+ITvX3qf/Fp+7gLbAqPksHX/udrv/CnEj23e//4vZCHV++fiXPtXqUTYGPol/PP6N9Rj/bvQb4+3ff79dmn723CcRXxyPOI591DH+HMdPesR/q8/4f/nSV97sda7164ib0T1+Z6yFZm17obG3f3ujtrJeWa9slcvLS8uL7955p7yQ5agXes8G/3jv1itZocslaf9nesQvntH/r/fZ/9/898Mff7XHuTT+N7/WLX4hXn9O/HRO/Eaf8VdmflfsdS6Nv9aj/2e9/rf6jP/wr/vPLBsOAAxPY29/c6VarewMsnD8RmKgQRX6K0zlL85Vac9ThSvbsM2V6ncGFWsy/q9HtVovFKvXiHERWTfgKji56SPi8bAbAwAAAAAAAAAAAAAAdHWpf6iUtAvD7iMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADX1/8CAAD//8jOyzo=")
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000000f1ff007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r5, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29}, './file0\x00'})

1.246215929s ago: executing program 5 (id=6373):
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x4)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)=ANY=[@ANYBLOB='\f\x00'], &(0x7f0000000500), 0x600)

1.199964372s ago: executing program 1 (id=6374):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x0, &(0x7f0000000040)})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000018c0)={0x5, 0xb, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)
bpf$MAP_LOOKUP_ELEM(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./file0\x00', 0x10, &(0x7f0000000a80)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e0500001e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba0", @ANYRES16], 0x1, 0x11dc, &(0x7f0000001280)="$eJzs3MGLG1UcB/Bf19rW1N2sWqstiA+96GVo9uBFL0G2IA0obSO0gjB1JxoyJiETFiJi9eTVv0M8ehPEm1724t/gbS8eexBHTNR2l3hYdDewfD6X/OD3vuQ9BgbeMG/23/jq40Gvynr5NNbOnIm1cUR6kCLFWvzt83j19R9/euHWnbs32p3O9s2Urrdvt15LKW28+P17n37z0g/Ti+9+u/Hd+djbfH//161f9i7vXdn//fZH/Sr1qzQcTVOe7o1G0/xeWaSdfjXIUnqnLPKqSP1hVUwO9HvlaDyepXy4s94YT4qqSvlwlgbFLE1HaTqZpfzDvD9MWZal9UbwX3S/flDXdURdPx7noq7r+oloxMV4MtZjI5qxGU/F0/FMXIpn43I8F8/HlfmoVc8bAAAAAAAAAAAAAAAAAAAAThfn/wEAAAAAAAAAAAAAAAAAAGD1bt25e6Pd6WzfTOlCRPnlbne3u/hd9Nu96EcZRVyLZvwW89P/C4v6+lud7WtpbjO+KO//lb+/233sYL41/5zA0nxrkU8H8+ej8Wh+K5pxaXl+a2n+Qrzy8iP5LJrx8wcxijJ24s/sw/xnrZTefLtzKH91Pg4AAABOgyz9Y+n+Pcv+rb/IH+H5wKH99dm4ena1ayeimn0yyMuymBxbcS6O/S8UCsX/XKz6zsRJeHjRVz0TAAAAAAAAAAAAjuIkXidc9RoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA/2IFjAQAAAABh/tZpdGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBVAAAA//8xgdSv")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000c80)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r2}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0, r3}, 0x18)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/asound/seq/clients\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
arch_prctl$ARCH_FORCE_TAGGED_SVA(0x4004)
getrandom(0x0, 0x0, 0x2)
readv(r5, &(0x7f00000038c0)=[{&(0x7f0000004980)=""/4096, 0x1000}], 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x18)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
close(0xffffffffffffffff)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x1, 0x6000, @fd_index=0x2, 0x8, &(0x7f0000002680)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x5, 0x1c, 0x1, {0x1}})
r6 = syz_open_dev$sg(&(0x7f00000013c0), 0x0, 0x48202)
ioctl$SCSI_IOCTL_GET_PCI(r6, 0x5393, &(0x7f0000000000))

1.176742854s ago: executing program 5 (id=6376):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00')
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1801000000001f00000000000000ea1f850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xec, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18)
connect$netlink(0xffffffffffffffff, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x30, 0x829, 0x0, 0x1, {}, [{0x4}]}, 0x18}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={0x0, 0x13}, 0x400, 0xffffffff, 0x6, 0x4, 0x0, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setregid(0xee01, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
write$binfmt_script(r0, &(0x7f0000000240)={'#! ', './bus', [{0x20, '*'}, {0x20, '/dev/input/event#\x00'}, {0x20, '@+'}, {0x20, 'GPL\x00'}, {0x20, '}'}, {0x20, ']'}], 0xa, "49c80913d2edc06f2a258f1921831b05976d8e6c6c61d07dfbf06d1076f638e847dc68f7424d730e4c9a2fb86c239c0438453008dbc76c6970191a9004f42a4d9e9c87ee47a5f820c13bd361a81b4515aa1853ff1d707d15e48f28d78f5fa5ef20d2b59d8cd073b0c16d79c86a9c2dedf9476bf31037a24452ebdfc95ac25183eca4a9"}, 0xad)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
syz_open_dev$evdev(&(0x7f0000000040), 0x3d, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000200)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000001600)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU")
creat(&(0x7f0000000000)='./bus\x00', 0x26)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$GTP_CMD_DELPDP(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000a00", @ANYRES16=r6, @ANYBLOB="0101000800000000000001000000"], 0x14}}, 0x0)
prlimit64(0x0, 0xc, &(0x7f0000000400)={0xc, 0xa9e}, &(0x7f0000000440))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r7, 0x107, 0x18, &(0x7f0000000000)={0x0, 0x9004}, 0x4)
write(r4, &(0x7f0000004200)='t', 0x1)
sendfile(r4, r3, 0x0, 0x3ffff)
sendfile(r4, r3, 0x0, 0x7ffff000)
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)

761.131065ms ago: executing program 1 (id=6380):
socket$kcm(0x29, 0x2, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cf84ded40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c86e00f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec231fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895012f1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae091f75cd9701ffa62891f686bfbb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c3405000000000000003875c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d37261774cc5a3bf6b466cb72812da518ff602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d50a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a31b16ac5fb73fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953f88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a5fe1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9d66ebbc8bab4ea81232fbef665f6212f875b2a00000000000000aceb111b66a500ca52fd8f848088c67ee65dfdcc4c580e9bc18c1699dca07d019bf1bf9dd3da480d6c155d7e60674ce88ab5ae07a9d16e22792d99986b531ab4e592ab5925da779e700cf20309a2137877690dc5c07956fc82d7b3bb46d3138041af18508938c9be4e5d0a98073463a5cff6c146d020743da474cb81677a6f389f0e00c33b70b7f8bab95435c27167f365a29fb09cbf35bf192f6a65616fa2ad9a6c7ca3a3ecd96aaecd993e8badb40e7eb8a22b0015e70c885cd519e28448168c6d914265998bff74ea1b0e651a6cae9419096248a0e41573827ad60fafce6e6540734c1f23f75337d836c31497e8112969a039d65aa297e2b046b5f4d11116a89f9f65693d4dc3e70fbfe0b2044fdb3f87e887d1daae8e38a0c19f668f776e19a02bb2449ee4384f6536879c85d7e41bc0276ee2b125d41ff358323311703ec01d64a573bdeb75bdcc87d01de38365ab9222713d2d1640a742d62fefb5403b2ed9969c32a0841e8c36b0107bb888eb14ac62e6d4bdfaeb9ee7436b97bf3825a19d6c8997ce285edf1d277ed703f560460417bfe702af833e83c5b987befb6d1fcf765ab7ea537d9d"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001880)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0x33, &(0x7f0000000200)={@random="e90c610faca2", @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x25, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x0, 0x11, 0x0, @gue={{0x2, 0x1, 0x2, 0xc, 0x100}, '\t'}}}}}}, 0x0)
syz_emit_ethernet(0x3a, &(0x7f0000000000)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x2, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x7, 0x18, 0x0, @wg=@data={0x4, 0x80, 0x3}}}}}}, 0x0)

747.063726ms ago: executing program 5 (id=6381):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x18)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
chdir(&(0x7f0000000380)='./file0\x00')
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{}, &(0x7f0000000400), 0x0}, 0x20)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, 0x0, 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
creat(&(0x7f0000000380)='./file0\x00', 0x80)

721.983068ms ago: executing program 1 (id=6383):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c250000000000202020"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f00000007c0)='skb_copy_datagram_iovec\x00'}, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000500000000000000", @ANYRES32, @ANYBLOB="000000fc954200"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)

699.859789ms ago: executing program 6 (id=6384):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
personality(0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x89fe, &(0x7f0000000300)={'ip6gre0\x00', @multicast})
socket$nl_route(0x10, 0x3, 0x0)
r4 = io_uring_setup(0x7691, &(0x7f0000000140)={0x0, 0x58fb, 0x10, 0x801, 0x23f})
r5 = signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a000000020000000900000008"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYRES32=r6], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000000)='kfree\x00', r7}, 0x18)
unshare(0x20000400)
open_by_handle_at(r2, 0x0, 0xc8000)
close(0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r8}, &(0x7f0000000000), &(0x7f00000002c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000001c0)='sched_switch\x00', r5, 0x0, 0x4}, 0x18)
creat(&(0x7f0000000100)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
preadv2(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000001200)=""/4096, 0xfffffdef}], 0x1, 0x0, 0x0, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)

662.412852ms ago: executing program 1 (id=6385):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='kmem_cache_free\x00', r1}, 0x18)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="757466382c626c6f636b3d307830303030303030303030303030323030006e6f726f636b2c63727566742c6d61703d6f66662c646d6f64653d3078303430303030303030303030303063664173657373696f6e3d3078303030303030303030303030303033382c756e686964652c756e686964652c6769643d29e0cd5c372ab078c28fb05c6421428d066455368833565fd726743513f4466efa8d4fba06d57341875f5775ab343c0f6bc59fbde784ec3597e0e286d8d0dbf360afa3bc5c145b6e4f8b0305932fb55ff13f9fcb5035769f5fca33ac02bdeacb24c58103edc3d8b46df7614aa493952584ee662174309b11a4ad19e64dcdeeca1c148170b8d1aaf26082364b0d90d63d8502ffa63dde945e4612ac134315f389af667a04931ad25ff10b9b5107e517dbbcf5dcb60f564f54b344218d9325b53e829c38c96c69adc9e745202923a1b8124333cce0a8f1c748d42a272eb3e5502051090f1ac34fe5e8f038", @ANYRESHEX=0x0, @ANYRESOCT], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
r2 = memfd_create(&(0x7f0000000840)='[\v\xdbX\xae[\x1a\xa9\xe5\xfa\xad\xd1md\xc8\x85HX\xa9%V\xdd\xf2ZA\x1c)\x16G\x1aZ\x11%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x1af\xdeD\"!=F\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\x80\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\x81\x00r\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x00\x00\x00\x00', 0x0)
write$binfmt_script(r2, &(0x7f0000000900)={'#! ', './file0'}, 0xb)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

630.633334ms ago: executing program 1 (id=6386):
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x4)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)=ANY=[@ANYBLOB='\f\x00'], &(0x7f0000000500), 0x600)

603.394296ms ago: executing program 5 (id=6387):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/rt_acct\x00')
r1 = socket(0x18, 0x3, 0x0)
connect$pppoe(r1, &(0x7f0000000100)={0x18, 0x0, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, 'veth0_to_batadv\x00'}}, 0x1e)
sendfile(r1, r0, 0x0, 0x8)

598.955086ms ago: executing program 1 (id=6388):
openat$selinux_avc_cache_threshold(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r2, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000280)={0x11, 0x7, r3, 0x1, 0xdf, 0x6, @local}, 0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x101800, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x70bd2a, 0x8000000, {0x0, 0x0, 0x0, r3, {0x1f, 0x3}}}, 0x24}, 0x1, 0x0, 0x0, 0x20008040}, 0x4000000)

580.337418ms ago: executing program 5 (id=6389):
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

527.838081ms ago: executing program 6 (id=6390):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000340)=ANY=[@ANYBLOB="380000004900010000000000fedbdf250a001c00", @ANYRES32=0x0, @ANYBLOB="000000000800020007000000140001"], 0x38}}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454da, &(0x7f00000001c0)={'bond_slave_0\x00'})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'dvmrp1\x00', 0x1})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454da, &(0x7f0000000140)={'bond0\x00'})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r3}, 0x10)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000100)={'nicvf0\x00', 0x1432})

173.259747ms ago: executing program 6 (id=6391):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
lstat(&(0x7f00000002c0)='./file0\x00', 0x0) (fail_nth: 4)

165.899397ms ago: executing program 0 (id=6392):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/ptype\x00')
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="1801000000001f00000000000000ea1f850000007b00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xec, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18)
connect$netlink(0xffffffffffffffff, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000), 0xc, &(0x7f0000000040)={&(0x7f0000001540)=@newtaction={0x18, 0x30, 0x829, 0x0, 0x1, {}, [{0x4}]}, 0x18}}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x8, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, @perf_bp={0x0, 0x13}, 0x400, 0xffffffff, 0x6, 0x4, 0x0, 0x1, 0xfff9, 0x0, 0x0, 0x0, 0x6}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setregid(0xee01, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1088d8b8588d72ec29c48f0af5f2d9f51c4b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465ad32b77a74e802a0dc6bf25cca242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767042361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae645ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1fb8f72cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa7956488bef241875f3b4b6ab7929a57affe760e797724f4fce1093b62d7e8c7123d890decacec55bf404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f870b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f154772f514216bdf57d2a40d40b51ab67903ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1594e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c471c784ae7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec30cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89f0000377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f0059161c5e0000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe34124172e436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f491d8e97c862e29e457060000007ac691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104ebc1581848f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426ca85e82ccf821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ad6acf5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bdc4a60d637545ed4c8a1c649c3ce54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c5140200000054d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a3bc38613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b9e6626f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f14eafe4b28ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1bfeef448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae0040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483f02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e9180100000000000000654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732e74dd690c57bdfdc1f069f9491bca7a8c59363799be70018c25ece5ad7307dc7a95c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2cdfb7fea73ca18874664d60a4b9423f3297bc8eb91b4ee1d73272ab28a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece98c077b358e752b439132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae2676384ff799783f55d7e5a1a092a01b965dc99cb7a9d98440c355927629f2bcf9dc2396eb2f5d25829715b24327642ac48f1201014a95e0e65e12cdf27e19043e3c5d3e798375cead35b9a93190a52cdecaaccc854a1d41ef365303f0e9b4fc969c9dab6df5e8a795b140fcc09e8a7b694d12932917facd8ceaa4e2d0d16bb0b95387fcd5ff136d8abddf94daf442bbff744591931872a36cf921ad69f2127386e8b0f9afee4da8d3fbec809fbb3ca0fded2859cf25d4c6155d396c5b9bd1a928923123f63f4c40688eae69990a9419456247bbaeb7948de84d2ff875414883bb1e503d4bfebc01bc12a53ea06bf38e571157bd642dac25dbee7832c58378374a39483d6721eec96c28911db21c0c006b42afc90000000000000000000000700000000000000000008ce4ea442c1a207108b35511186c5e860278f6463f52f3990ce08b1bfccc3cff4b5ae27b610aa9ba11b47d4f94c439e055cdbb2b12c983885c93ea4ab4ca1e02d831ae162ee104"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
write$binfmt_script(r0, &(0x7f0000000240)={'#! ', './bus', [{0x20, '*'}, {0x20, '/dev/input/event#\x00'}, {0x20, '@+'}, {0x20, 'GPL\x00'}, {0x20, '}'}, {0x20, ']'}], 0xa, "49c80913d2edc06f2a258f1921831b05976d8e6c6c61d07dfbf06d1076f638e847dc68f7424d730e4c9a2fb86c239c0438453008dbc76c6970191a9004f42a4d9e9c87ee47a5f820c13bd361a81b4515aa1853ff1d707d15e48f28d78f5fa5ef20d2b59d8cd073b0c16d79c86a9c2dedf9476bf31037a24452ebdfc95ac25183eca4a9"}, 0xad)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
syz_open_dev$evdev(&(0x7f0000000040), 0x3d, 0x0)
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000200)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000001600)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU")
creat(&(0x7f0000000000)='./bus\x00', 0x26)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$GTP_CMD_DELPDP(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="14000a00", @ANYRES16=r6, @ANYBLOB="0101000800000000000001000000"], 0x14}}, 0x0)
prlimit64(0x0, 0xc, &(0x7f0000000400)={0xc, 0xa9e}, &(0x7f0000000440))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r7, 0x107, 0x18, &(0x7f0000000000)={0x0, 0x9004}, 0x4)
write(r4, &(0x7f0000004200)='t', 0x1)
sendfile(r4, r3, 0x0, 0x3ffff)
sendfile(r4, r3, 0x0, 0x7ffff000)

150.666598ms ago: executing program 3 (id=6393):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x1c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x3}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x64}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0) (async)
r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x34f}, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000100)=0xfffffffc, 0x0, 0x4) (async)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x24, 0x4, 0x8, 0x5, 0x0, 0x0, {0xa, 0x0, 0x1}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x86dd}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000004}, 0x0) (async, rerun: 32)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) (rerun: 32)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_POLL_ADD={0x6, 0x5, 0x0, @fd_index=0xa, 0x0, 0x0, 0x0, {0xa8}})
io_uring_enter(r1, 0x47bc, 0x0, 0x0, 0x0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x14, 0x2, 0x6, 0x801, 0xa}, 0x14}}, 0x0)
sendmsg$IPSET_CMD_FLUSH(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x28, 0x4, 0x6, 0x201, 0x0, 0x0, {0x3, 0x0, 0x9}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000080}, 0x0) (async, rerun: 64)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newlink={0x48, 0x10, 0x40d, 0x70bd28, 0x25ffdbfc, {0x0, 0x0, 0x0, 0x0, 0x10}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_QUERIER={0x5, 0x19, 0x84}, @IFLA_BR_MCAST_LAST_MEMBER_INTVL={0xc, 0x1e, 0x3ff}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0) (async, rerun: 64)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000001e00100000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000fcffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r5}, 0x18) (async, rerun: 64)
socket$inet6(0xa, 0x2, 0x0) (rerun: 64)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
syz_read_part_table(0x1057, &(0x7f0000000000)="$eJzsz8FNxEAMBdCfhGSGE51QCVfOVAKiA/qgQQQCGY2StLC7h/cOI439Zcvhuub8VFXN53/7Tqb0POYorclv7XKXakvqvTJCQ7W/kUjyWm9b5vax5iVZ749x01PrSd9XLeN9+OpnL8+flzwVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG7VfwAAAP//HxEZQg==") (async)
write$binfmt_script(r6, &(0x7f00000004c0), 0x208e24b) (async)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r6, 0x0)
getrandom(&(0x7f0000000040)=""/133, 0xfffffffffffffdde, 0x2) (async)
lsm_get_self_attr(0x65, &(0x7f0000000040)={0x0, 0x0, 0x2e, 0xe, ""/14}, &(0x7f0000000100)=0x2e, 0x0) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)

150.519129ms ago: executing program 6 (id=6394):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
getdents(r0, &(0x7f0000000080)=""/65, 0x41)

119.968571ms ago: executing program 6 (id=6395):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000400)='kfree\x00', r0, 0x0, 0x4}, 0x18)
r1 = creat(0x0, 0xecf86c37d53049cc)
write$binfmt_elf32(r1, &(0x7f0000000740)=ANY=[@ANYBLOB="7f454c4604030003000000000000000002003e00000000000103000038000000000000000f000000000020000100040000000000000000000300000008000000f30000008100000004"], 0x58)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000c"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xd, &(0x7f0000000680)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x10, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000003c0)='kfree\x00', r2}, 0x18)
request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)='\x00', 0xfffffffffffffffd)
close(r1)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200410, &(0x7f00000005c0)={[{@nodiscard}, {}, {}, {@nomblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@dioread_lock}, {@auto_da_alloc}, {@norecovery}]}, 0x5, 0x591, &(0x7f0000000f80)="$eJzs3V1rFFcfAPD/bBKNL89jBJHaiyJ4UYt1Y5LWFyjUXpZWKrT3dknWINm4kt2ISYXqRb3pTZFCKRVKP0Dveyn9Av0UQitIkdBSpJAyu7PJmuzmzdVd3d8PRs+Zmew5Z8/8Z8+ZmWUD6FtH039yEUci4psk4kDTtsHINh6t77f0+OZkuiSxvPzpn0kk2brG/kn2/74s81pE/PpVxIlcff1Q02tXFhZnCqVScS7Lj1Znr41WFhZPXpktTBeni1fHJybOvjs8fu7M6Y619a2Lf3//yf0Ph78+tvTdzw8P3k3ifOzPtjW34xncas4cLfybpYbi/JodxzpQWC9Jul0BdmQgi/M0No/EgRjIoh549X0ZEctAn0rEP/SpxjigMbfv0Dz4pfHog/oEaH37B+vXRmK4Njfau5Q8NTNK57sjHSg/LeOXP+7dTZfY+DrEnk3yANty63ZEnBocXH/+S7Lz386dql083tjaMvrt8we66X46/nm71fgntzL+iRbjn30tYncnNo//3MOnsh2+0ZCO/95rOf5dOXWNDGS5/9XGfEPJ5Sul4qmI+H9EHI+h3Wl+o/s5Z5ceLLfb1jz+S5e0/MZYMKvHw8Hdtcv0K6YK1cKztXrVo9sRr7cc/yYr/Z+06P/0/bi44SuvdtTh4r032u21efufr+WfIt5s2f+r9U/a3p+cGD935vRo7XgYbRwV6/115/Bv7crvdvvT/t+7cftHkub7tZXtl/Hj8JNiu21bPP6fkh7/u5LPauld2bobhWp1bixiV/Lx+vXjq3/byDf2T9t//NjG579Wx386+fp8i+2/c+hO2117of+nttX/2088+OiLH9qVv7X+f6eWOp6tWXP+e7LmUkbNVivYobcRAAAAAAAAekIuIvZHksuvpHO5fL7+fMeh2JsrlSvVE5fL81enovZd2ZEYyjXudB+o3YKtPw8xlj0P23g+YnxNfiIiDkbEtwN7avn8ZLk01e3GAwAAAAAAAAAAAAAAAAAAQI/Y1+b7/6nfB7pdO+C5q/2wwe5u1wLohk1/8r8Tv/QE9KRN4x94ZYl/6F/iH/qX+If+Jf6hf4l/6F+t49/TP9APfP4DAAAAAAAAAAAAAAAAAAAAAAAAAABAR128cCFdlpce35xM81PXF+ZnytdPThUrM/nZ+cn8ZHnuWn66XJ4uFfOT5dnNXq9ULl8bG4/5G6PVYqU6WllYvDRbnr9avXRltjBdvFQceiGtAgAAAAAAAAAAAAAAAAAAgJdLZWFxplAqFedecGIwulDoDhPvR09U43k2sG5Hfz64ftM/EdEL7ZJ4hkSXT0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0OS/AAAA//8Umzy+")
chdir(&(0x7f0000000380)='./file0\x00')
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000ffffffff000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x857, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{}, &(0x7f0000000400), 0x0}, 0x20)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000020000000000000", @ANYRES32, @ANYBLOB="000400"/18, @ANYRES32], 0x50)
setitimer(0x4, &(0x7f0000000500)={{}, {0x0, 0x2710}}, 0x0)
pipe2$9p(&(0x7f0000000000)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r6, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r7 = dup(r6)
write$P9_RLERRORu(r7, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r7, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r7, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r7])
creat(&(0x7f0000000380)='./file0\x00', 0x80)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

70.234784ms ago: executing program 5 (id=6396):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
timerfd_settime(0xffffffffffffffff, 0x0, 0x0, 0x0)
dup(0xffffffffffffffff)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getrlimit(0xb, &(0x7f0000000080))
r3 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSW(r3, 0x5403, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r3, 0x5412, &(0x7f0000000600)=0xd)
ioctl$TIOCSTI(r3, 0x5412, 0x0)
r4 = socket$caif_stream(0x25, 0x1, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000b40)='cpuacct.usage_sys\x00', 0x275a, 0x0)
shmat(0x0, &(0x7f0000ffc000/0x3000)=nil, 0x4000)
recvmmsg(r4, &(0x7f0000000140)=[{{0x0, 0x0, 0x0}, 0x6}], 0x1, 0x40, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x740, 0x140)
r6 = syz_io_uring_setup(0x2194, &(0x7f00000001c0)={0x0, 0xfffffffb, 0x8000, 0x4, 0x194}, &(0x7f0000000240), 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="616e733d66642c7266057ad0900000", @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r6, @ANYBLOB=',\x00'])
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x20008850)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r9}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r8}, &(0x7f0000000000), &(0x7f0000000200)}, 0x20)
sendmsg$nl_route_sched(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000006080)=@newtfilter={0x478, 0x2c, 0xd27, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0x7}, {}, {0x7}}, [@filter_kind_options=@f_route={{0xa}, {0x448, 0x2, [@TCA_ROUTE4_POLICE={0x444, 0x5, [@TCA_POLICE_TBF={0x3c, 0x1, {0x2, 0x20000000, 0x7, 0x3, 0x0, {0x1, 0x0, 0x4, 0x5, 0x7ff, 0x8b5}, {0x9, 0x2, 0x2, 0x73, 0x394d, 0x80000001}, 0x9}}, @TCA_POLICE_RATE={0x404, 0x2, [0x0, 0xfe6f, 0xfffffff9, 0x10, 0x4, 0x3ff, 0x6, 0xff, 0x9, 0x1, 0x4, 0x4, 0x1, 0x7, 0x6, 0x6, 0x8, 0x473, 0x6, 0x2, 0x3, 0x0, 0x5, 0xff, 0x5, 0xfbff, 0x2, 0xfc, 0x3, 0x9, 0x7, 0xc, 0xe, 0x2, 0x7, 0x81, 0x3, 0xb5, 0x2, 0x9, 0x5, 0x3, 0xff, 0x3, 0x800, 0x1, 0x0, 0x9, 0x1ff, 0x5, 0xfff, 0x51, 0x8, 0x0, 0x3, 0x6d, 0x9, 0x80000001, 0x6, 0x3, 0x6, 0x101, 0xffffffff, 0x97c, 0x6, 0xe3, 0x0, 0x8, 0x2, 0x5, 0x4, 0x7, 0x3, 0x3d, 0x0, 0x8, 0x9, 0x1ff, 0xbb, 0x1, 0x3, 0x200, 0x9, 0x2f1, 0x8, 0x9, 0x9, 0x1, 0xa, 0x8000, 0x3, 0x1, 0x7, 0xc4c, 0x7, 0x3, 0x0, 0x12e4, 0x3, 0x4, 0x0, 0x6, 0x400, 0x7f, 0x5, 0x371, 0xb611, 0x4, 0x0, 0x6, 0x200, 0x2, 0x1, 0x5, 0x2, 0x1fa7b6b5, 0x7fffffff, 0xde, 0x9, 0x80000000, 0xe0, 0x9, 0xa, 0x5, 0x7ff, 0xff, 0x7, 0x75, 0x8, 0x400, 0x400, 0xe, 0x2fc, 0x230e, 0x3ff, 0x7fffffff, 0x6, 0x5, 0x81, 0x7, 0x5, 0x4, 0x3, 0x7, 0x564d, 0x10, 0x8, 0x7f, 0x2, 0x3, 0xd, 0x3, 0x1, 0x7c93, 0x10, 0x8, 0x5, 0x7ff, 0x2, 0x710, 0x7, 0x7fffffff, 0x9, 0x40, 0x6, 0x9, 0x5000000, 0xb8a4, 0x8, 0x81, 0x4, 0x6, 0x4, 0x7f, 0x3, 0x3, 0x7, 0x9, 0x1, 0x71f, 0x7, 0x5ea8, 0x90951675, 0x42, 0xd1a3, 0x8, 0xffffffff, 0x5, 0x1, 0x5, 0x0, 0x8, 0x2, 0x3, 0x3, 0xfffffffd, 0x5, 0x80, 0x1, 0x7051, 0x6, 0x3, 0x7, 0x7, 0x7ff, 0x65, 0xa3cd, 0x3, 0xc3ae, 0xfffff208, 0x0, 0x136, 0x1, 0x5, 0xd81, 0x7, 0x1000, 0x5, 0x6, 0x401, 0x1, 0x4, 0xa3b2, 0xe0f, 0x2e, 0xd, 0x8, 0xc4, 0xcd, 0x40, 0x5b9, 0x394d, 0xfffffffd, 0x7b, 0x1, 0x1, 0x4, 0x7ff, 0x547, 0x3, 0xffffffff, 0x1, 0x4, 0x2, 0x6, 0x7466, 0x20000000, 0x4, 0x6, 0x2, 0x3, 0x0, 0x13, 0x4, 0xffff, 0x5]}]}]}}]}, 0x478}, 0x1, 0x0, 0x0, 0x80}, 0x20000800)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)

476.56µs ago: executing program 3 (id=6397):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0x4}, 0x18)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
chdir(&(0x7f0000000380)='./file0\x00')
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{}, &(0x7f0000000400), 0x0}, 0x20)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, 0x0, 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
creat(&(0x7f0000000380)='./file0\x00', 0x80)

0s ago: executing program 6 (id=6398):
openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x4)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)=ANY=[@ANYBLOB='\f\x00'], &(0x7f0000000500), 0x600)

kernel console output (not intermixed with test programs):

hange from 0 to 512
[  289.887600][T20722] loop5: detected capacity change from 0 to 1024
[  289.894901][T20722] EXT4-fs: Ignoring removed nomblk_io_submit option
[  289.903724][T20718] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  289.912462][T20718] EXT4-fs (loop3): orphan cleanup on readonly fs
[  289.919112][T20718] EXT4-fs warning (device loop3): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  289.934404][T20718] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  289.941760][T20718] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.5914: bg 0: block 40: padding at end of block bitmap is not set
[  289.957232][T20718] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  289.967704][T20718] EXT4-fs (loop3): 1 truncate cleaned up
[  289.974865][T19982] EXT4-fs (loop0): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  289.991085][T20718] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  290.011240][T20718] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #16: comm syz.3.5914: corrupted xattr block 31: invalid header
[  290.011803][T20722] EXT4-fs (loop5): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.025162][T20718] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=16
[  290.053491][T20729] lo speed is unknown, defaulting to 1000
[  290.075134][T20733] loop0: detected capacity change from 0 to 1024
[  290.091715][T20735] loop1: detected capacity change from 0 to 2048
[  290.099006][T13124] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.108492][T20733] EXT4-fs: Ignoring removed nomblk_io_submit option
[  290.131739][T20735]  loop1: p1 < > p4
[  290.136927][T19171] EXT4-fs error (device loop5): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /100/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  290.138625][T20735] loop1: p4 size 8388608 extends beyond EOD, truncated
[  290.175566][T20733] EXT4-fs (loop0): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.221071][T19982] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /36/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  290.255585][T20751] loop6: detected capacity change from 0 to 512
[  290.263455][T20751] EXT4-fs (loop6): orphan cleanup on readonly fs
[  290.279273][T20751] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.5926: bg 0: block 248: padding at end of block bitmap is not set
[  290.297271][T19171] EXT4-fs (loop5): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  290.297593][T20751] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.5926: Failed to acquire dquot type 1
[  290.318227][T20751] EXT4-fs (loop6): 1 truncate cleaned up
[  290.324563][T20751] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  290.343514][T19982] EXT4-fs (loop0): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  290.367222][T20751] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  290.425152][T20751] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w. Quota mode: writeback.
[  290.445309][T20768] loop5: detected capacity change from 0 to 1024
[  290.459869][T20768] EXT4-fs: Ignoring removed nomblk_io_submit option
[  290.484532][T16684] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.504499][T20768] EXT4-fs (loop5): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.518769][T20773] lo speed is unknown, defaulting to 1000
[  290.546761][T20775] loop6: detected capacity change from 0 to 512
[  290.557454][T20777] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5930'.
[  290.597090][T20780] loop3: detected capacity change from 0 to 1024
[  290.607471][T19171] EXT4-fs error (device loop5): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /102/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  290.610756][T20780] EXT4-fs: Ignoring removed nomblk_io_submit option
[  290.639163][T20775] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  290.647313][T20775] EXT4-fs (loop6): orphan cleanup on readonly fs
[  290.658488][T20775] EXT4-fs warning (device loop6): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  290.662608][T20785] loop0: detected capacity change from 0 to 164
[  290.673906][T20775] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  290.688229][T20780] EXT4-fs (loop3): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.702546][T20775] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.5931: bg 0: block 40: padding at end of block bitmap is not set
[  290.715554][T20785] rock: directory entry would overflow storage
[  290.722985][T20785] rock: sig=0x4f50, size=4, remaining=3
[  290.728585][T20785] iso9660: Corrupted directory entry in block 4 of inode 1792
[  290.737543][T19171] EXT4-fs (loop5): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  290.753247][T20775] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  290.775663][T13124] EXT4-fs error (device loop3): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /537/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  290.797050][T20775] EXT4-fs (loop6): 1 truncate cleaned up
[  290.820569][T20775] EXT4-fs error (device loop6): ext4_xattr_block_get:596: inode #16: comm syz.6.5931: corrupted xattr block 31: invalid header
[  290.845927][T20775] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=16
[  290.905870][T20800] loop0: detected capacity change from 0 to 512
[  290.941270][T20800] EXT4-fs (loop0): orphan cleanup on readonly fs
[  290.949857][T20800] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.5941: bg 0: block 248: padding at end of block bitmap is not set
[  290.976961][T20800] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.5941: Failed to acquire dquot type 1
[  291.009498][T20805] loop3: detected capacity change from 0 to 1024
[  291.016368][T20805] EXT4-fs: Ignoring removed nomblk_io_submit option
[  291.020261][T20800] EXT4-fs (loop0): 1 truncate cleaned up
[  291.053970][T20812] loop1: detected capacity change from 0 to 1024
[  291.060638][T20812] EXT4-fs: Ignoring removed nomblk_io_submit option
[  291.078410][T13124] EXT4-fs error (device loop3): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /538/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  291.118262][T20820] lo speed is unknown, defaulting to 1000
[  291.128562][T12891] EXT4-fs error (device loop1): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /553/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  291.173236][T20826] loop6: detected capacity change from 0 to 764
[  291.179685][T20822] loop0: detected capacity change from 0 to 2048
[  291.189166][T20824] loop1: detected capacity change from 0 to 512
[  291.217938][T20824] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  291.227232][T20822]  loop0: p1 < > p4
[  291.235520][T20831] lo speed is unknown, defaulting to 1000
[  291.241449][T20824] EXT4-fs (loop1): orphan cleanup on readonly fs
[  291.251679][T20822] loop0: p4 size 8388608 extends beyond EOD, truncated
[  291.261001][T20833] loop3: detected capacity change from 0 to 512
[  291.267429][T20824] EXT4-fs warning (device loop1): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  291.324642][T20833] EXT4-fs (loop3): orphan cleanup on readonly fs
[  291.336007][T20824] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  291.343835][T20834] loop6: detected capacity change from 0 to 2048
[  291.350553][T20837] loop5: detected capacity change from 0 to 164
[  291.363085][T20833] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.5949: bg 0: block 248: padding at end of block bitmap is not set
[  291.378423][T20824] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.5950: bg 0: block 40: padding at end of block bitmap is not set
[  291.393295][T20833] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.5949: Failed to acquire dquot type 1
[  291.403877][T20839] loop0: detected capacity change from 0 to 164
[  291.404896][T20824] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  291.422947][T20824] EXT4-fs (loop1): 1 truncate cleaned up
[  291.429748][T20834]  loop6: p1 < > p4
[  291.440941][T20834] loop6: p4 size 8388608 extends beyond EOD, truncated
[  291.456368][T20824] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #16: comm syz.1.5950: corrupted xattr block 31: invalid header
[  291.467732][T20833] EXT4-fs (loop3): 1 truncate cleaned up
[  291.476517][T20824] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[  291.489122][T20847] bio_check_eod: 12243 callbacks suppressed
[  291.489139][T20847] syz.5.5952: attempt to access beyond end of device
[  291.489139][T20847] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  291.533263][T20847] syz.5.5952: attempt to access beyond end of device
[  291.533263][T20847] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[  291.600061][T20857] loop0: detected capacity change from 0 to 128
[  291.648631][T20857] SELinux: failed to load policy
[  291.655903][T20861] lo speed is unknown, defaulting to 1000
[  291.700287][T20864] loop6: detected capacity change from 0 to 2048
[  291.728219][T20866] loop1: detected capacity change from 0 to 1024
[  291.737766][T20869] loop5: detected capacity change from 0 to 512
[  291.739530][T20857] syz.0.5956: attempt to access beyond end of device
[  291.739530][T20857] loop0: rw=2049, sector=145, nr_sectors = 896 limit=128
[  291.758951][T20866] EXT4-fs: Ignoring removed nomblk_io_submit option
[  291.790462][T12891] EXT4-fs error (device loop1): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /557/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  291.816110][T20857] syz.0.5956: attempt to access beyond end of device
[  291.816110][T20857] loop0: rw=524288, sector=145, nr_sectors = 896 limit=128
[  291.831225][T20864]  loop6: p1 < > p4
[  291.835410][T20869] EXT4-fs (loop5): orphan cleanup on readonly fs
[  291.840960][T20864] loop6: p4 size 8388608 extends beyond EOD, truncated
[  291.842571][T20869] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.5960: bg 0: block 248: padding at end of block bitmap is not set
[  291.864817][T20869] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.5960: Failed to acquire dquot type 1
[  291.876933][T20869] EXT4-fs (loop5): 1 truncate cleaned up
[  292.000779][T20883] EXT4-fs error (device loop3): ext4_lookup:1817: inode #2: comm syz.3.5949: deleted inode referenced: 12
[  292.013518][T20881] lo speed is unknown, defaulting to 1000
[  292.026020][T20885] loop6: detected capacity change from 0 to 164
[  292.039459][T20883] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  292.082610][T20888] loop6: detected capacity change from 0 to 512
[  292.092655][T20888] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  292.100839][T20888] EXT4-fs (loop6): orphan cleanup on readonly fs
[  292.107532][T20888] EXT4-fs warning (device loop6): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  292.155561][T20888] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  292.170834][T20888] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.5965: bg 0: block 40: padding at end of block bitmap is not set
[  292.210090][T20888] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  292.239379][T20888] EXT4-fs (loop6): 1 truncate cleaned up
[  292.248485][T20888] EXT4-fs error (device loop6): ext4_xattr_block_get:596: inode #16: comm syz.6.5965: corrupted xattr block 31: invalid header
[  292.290729][T20888] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=16
[  292.411746][T20905] loop3: detected capacity change from 0 to 1024
[  292.418582][T20905] EXT4-fs: Ignoring removed nomblk_io_submit option
[  292.427948][T20901] loop1: detected capacity change from 0 to 128
[  292.435265][T20901] FAT-fs (loop1): bogus number of reserved sectors
[  292.441811][T20901] FAT-fs (loop1): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  292.451305][T20901] FAT-fs (loop1): Can't find a valid FAT filesystem
[  292.461220][T13124] EXT4-fs error (device loop3): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /540/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  292.485689][   T29] kauditd_printk_skb: 904 callbacks suppressed
[  292.485708][   T29] audit: type=1326 audit(1739708013.582:58617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20911 comm="syz.0.5973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6eaeefcde9 code=0x7ffc0000
[  292.517887][   T29] audit: type=1326 audit(1739708013.582:58618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20911 comm="syz.0.5973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6eaeefcde9 code=0x7ffc0000
[  292.541726][   T29] audit: type=1326 audit(1739708013.582:58619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20911 comm="syz.0.5973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6eaeefcde9 code=0x7ffc0000
[  292.565515][   T29] audit: type=1326 audit(1739708013.582:58620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20911 comm="syz.0.5973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6eaeefcde9 code=0x7ffc0000
[  292.589273][   T29] audit: type=1326 audit(1739708013.582:58621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20911 comm="syz.0.5973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6eaeefcde9 code=0x7ffc0000
[  292.613104][   T29] audit: type=1326 audit(1739708013.582:58622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20911 comm="syz.0.5973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6eaeefcde9 code=0x7ffc0000
[  292.637067][   T29] audit: type=1326 audit(1739708013.582:58623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20911 comm="syz.0.5973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6eaeefcde9 code=0x7ffc0000
[  292.660842][   T29] audit: type=1326 audit(1739708013.582:58624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20911 comm="syz.0.5973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6eaeefcde9 code=0x7ffc0000
[  292.684536][   T29] audit: type=1326 audit(1739708013.582:58625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20911 comm="syz.0.5973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6eaeefcde9 code=0x7ffc0000
[  292.708254][   T29] audit: type=1326 audit(1739708013.582:58626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20911 comm="syz.0.5973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6eaeefcde9 code=0x7ffc0000
[  292.738199][T20915] loop0: detected capacity change from 0 to 164
[  292.784264][T20918] loop5: detected capacity change from 0 to 1024
[  292.790909][T20918] EXT4-fs: Ignoring removed nomblk_io_submit option
[  292.817697][T20928] loop0: detected capacity change from 0 to 512
[  292.827617][T20923] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5978'.
[  292.868468][T19171] EXT4-fs error (device loop5): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /110/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  292.889472][T20928] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  292.889618][T20928] EXT4-fs (loop0): orphan cleanup on readonly fs
[  292.907372][T20928] EXT4-fs warning (device loop0): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  292.925845][T20928] EXT4-fs (loop0): Cannot turn on quotas: error -117
[  292.933030][T20928] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.5977: bg 0: block 40: padding at end of block bitmap is not set
[  292.954086][T20928] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  292.963510][T20928] EXT4-fs (loop0): 1 truncate cleaned up
[  292.974797][T20928] EXT4-fs error (device loop0): ext4_xattr_block_get:596: inode #16: comm syz.0.5977: corrupted xattr block 31: invalid header
[  292.974958][T20939] loop3: detected capacity change from 0 to 512
[  292.988198][T20928] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=16
[  293.005715][T20939] EXT4-fs (loop3): orphan cleanup on readonly fs
[  293.012267][T20940] loop1: detected capacity change from 0 to 512
[  293.012729][T20939] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.5983: bg 0: block 248: padding at end of block bitmap is not set
[  293.033523][T20939] EXT4-fs error (device loop3): ext4_acquire_dquot:6927: comm syz.3.5983: Failed to acquire dquot type 1
[  293.046535][T20939] EXT4-fs (loop3): 1 truncate cleaned up
[  293.076281][T20947] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5982'.
[  293.086448][T20940] ext4 filesystem being mounted at /562/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  293.109303][T20949] loop0: detected capacity change from 0 to 512
[  293.126333][T20951] loop6: detected capacity change from 0 to 164
[  293.133821][T20949] EXT4-fs (loop0): orphan cleanup on readonly fs
[  293.147032][T20949] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.5984: bg 0: block 248: padding at end of block bitmap is not set
[  293.162476][T20949] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.5984: Failed to acquire dquot type 1
[  293.182050][T20949] EXT4-fs (loop0): 1 truncate cleaned up
[  293.257977][T20960] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5989'.
[  293.305978][T20964] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5991'.
[  293.327727][T20966] loop6: detected capacity change from 0 to 512
[  293.362589][T20966] ext4 filesystem being mounted at /243/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  293.453021][T20970] loop0: detected capacity change from 0 to 128
[  293.460167][T20970] FAT-fs (loop0): bogus number of reserved sectors
[  293.466825][T20970] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  293.476162][T20970] FAT-fs (loop0): Can't find a valid FAT filesystem
[  293.680658][T20975] loop0: detected capacity change from 0 to 512
[  293.689328][T20975] EXT4-fs (loop0): orphan cleanup on readonly fs
[  293.701176][T20975] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.5993: bg 0: block 248: padding at end of block bitmap is not set
[  293.731498][T20975] EXT4-fs error (device loop0): ext4_acquire_dquot:6927: comm syz.0.5993: Failed to acquire dquot type 1
[  293.745774][T20975] EXT4-fs (loop0): 1 truncate cleaned up
[  293.810592][T20986] loop1: detected capacity change from 0 to 512
[  293.819805][T20986] EXT4-fs (loop1): orphan cleanup on readonly fs
[  293.829029][T20986] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.5996: bg 0: block 248: padding at end of block bitmap is not set
[  293.846407][T20986] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.5996: Failed to acquire dquot type 1
[  293.858458][T20986] EXT4-fs (loop1): 1 truncate cleaned up
[  293.891871][T20989] loop1: detected capacity change from 0 to 1024
[  293.898869][T20989] EXT4-fs: Ignoring removed nomblk_io_submit option
[  293.950320][T20996] loop0: detected capacity change from 0 to 164
[  293.967556][T20996] rock: directory entry would overflow storage
[  293.973776][T20996] rock: sig=0x4f50, size=4, remaining=3
[  293.979418][T20996] iso9660: Corrupted directory entry in block 4 of inode 1792
[  294.003036][T12891] EXT4-fs error (device loop1): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /565/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  294.024428][T20952] Process accounting resumed
[  294.038998][T20998] loop5: detected capacity change from 0 to 764
[  294.065587][T21000] loop0: detected capacity change from 0 to 164
[  294.074403][T21000] syz.0.6003: attempt to access beyond end of device
[  294.074403][T21000] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  294.088480][T21000] syz.0.6003: attempt to access beyond end of device
[  294.088480][T21000] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164
[  294.143270][T21008] loop6: detected capacity change from 0 to 512
[  294.157906][T21010] lo speed is unknown, defaulting to 1000
[  294.176248][T21014] loop3: detected capacity change from 0 to 512
[  294.186667][T21008] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  294.212039][T21017] loop1: detected capacity change from 0 to 2048
[  294.258302][T21008] EXT4-fs (loop6): orphan cleanup on readonly fs
[  294.266628][T21008] EXT4-fs warning (device loop6): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  294.281972][T21008] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  294.289054][T21008] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.6006: bg 0: block 40: padding at end of block bitmap is not set
[  294.303645][T21008] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  294.312881][T21017]  loop1: p1 < > p4
[  294.314655][T21008] EXT4-fs (loop6): 1 truncate cleaned up
[  294.320594][T21017] loop1: p4 size 8388608 extends beyond EOD, truncated
[  294.329974][T21014] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  294.338483][T21014] EXT4-fs (loop3): orphan cleanup on readonly fs
[  294.353968][T21008] EXT4-fs error (device loop6): ext4_xattr_block_get:596: inode #16: comm syz.6.6006: corrupted xattr block 31: invalid header
[  294.382295][T21014] EXT4-fs warning (device loop3): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  294.426824][T21024] loop5: detected capacity change from 0 to 764
[  294.427974][T21008] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=16
[  294.442413][T21028] loop1: detected capacity change from 0 to 1024
[  294.449279][T21014] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  294.483012][T21014] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.6008: bg 0: block 40: padding at end of block bitmap is not set
[  294.499122][T21014] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  294.512192][T21028] ext4 filesystem being mounted at /567/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  294.515824][T21014] EXT4-fs (loop3): 1 truncate cleaned up
[  294.539520][T21014] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #16: comm syz.3.6008: corrupted xattr block 31: invalid header
[  294.554056][T21037] loop5: detected capacity change from 0 to 164
[  294.576158][T21037] rock: directory entry would overflow storage
[  294.582418][T21037] rock: sig=0x4f50, size=4, remaining=3
[  294.587985][T21037] iso9660: Corrupted directory entry in block 4 of inode 1792
[  294.596044][T21014] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=16
[  294.619229][T21043] 9pnet_fd: Insufficient options for proto=fd
[  294.695635][T21053] lo speed is unknown, defaulting to 1000
[  294.775642][T21056] loop1: detected capacity change from 0 to 2048
[  294.786761][T21060] loop3: detected capacity change from 0 to 1024
[  294.802748][T21060] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  294.814634][T21060] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[  294.827941][T21056]  loop1: p1 < > p4
[  294.845917][T21056] loop1: p4 size 8388608 extends beyond EOD, truncated
[  294.856275][T21060] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  294.876858][T21060] EXT4-fs (loop3): invalid journal inode
[  294.930187][T21060] EXT4-fs (loop3): can't get journal size
[  294.955255][T21060] EXT4-fs error (device loop3): ext4_protect_reserved_inode:182: inode #3: comm syz.3.6023: blocks 2-2 from inode overlap system zone
[  294.986107][T21070] loop1: detected capacity change from 0 to 764
[  294.992715][T21060] EXT4-fs (loop3): failed to initialize system zone (-117)
[  295.012972][T21060] EXT4-fs (loop3): mount failed
[  295.032654][T21072] loop1: detected capacity change from 0 to 512
[  295.057125][T21072] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  295.070206][T21072] EXT4-fs (loop1): orphan cleanup on readonly fs
[  295.077026][T21072] EXT4-fs warning (device loop1): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  295.093565][T21072] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  295.100638][T21078] loop3: detected capacity change from 0 to 1024
[  295.107526][T21072] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.6027: bg 0: block 40: padding at end of block bitmap is not set
[  295.125572][T21080] loop0: detected capacity change from 0 to 164
[  295.133826][T21072] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  295.142142][T21078] ext4 filesystem being mounted at /550/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  295.143795][T21080] rock: directory entry would overflow storage
[  295.154257][T21072] EXT4-fs (loop1): 1 truncate cleaned up
[  295.159146][T21080] rock: sig=0x4f50, size=4, remaining=3
[  295.170476][T21080] iso9660: Corrupted directory entry in block 4 of inode 1792
[  295.170641][T21084] loop5: detected capacity change from 0 to 164
[  295.184969][T21072] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #16: comm syz.1.6027: corrupted xattr block 31: invalid header
[  295.200191][T21072] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[  295.211371][T21084] syz.5.6031: attempt to access beyond end of device
[  295.211371][T21084] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  295.239369][T21084] syz.5.6031: attempt to access beyond end of device
[  295.239369][T21084] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[  295.321746][T21099] lo speed is unknown, defaulting to 1000
[  295.328270][T21101] loop0: detected capacity change from 0 to 764
[  295.347477][T21102] loop5: detected capacity change from 0 to 512
[  295.374917][T21104] loop3: detected capacity change from 0 to 2048
[  295.394106][T21102] ext4 filesystem being mounted at /120/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  295.405102][T21105] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6039'.
[  295.421240][T21104]  loop3: p1 < > p4
[  295.428935][T21104] loop3: p4 size 8388608 extends beyond EOD, truncated
[  295.442178][T21062] Process accounting resumed
[  295.534622][T21122] loop1: detected capacity change from 0 to 512
[  295.549512][T21119] loop6: detected capacity change from 0 to 1024
[  295.558263][T21119] EXT4-fs: Ignoring removed nomblk_io_submit option
[  295.586855][T21124] loop0: detected capacity change from 0 to 1024
[  295.593807][T21124] EXT4-fs: Ignoring removed nomblk_io_submit option
[  295.593992][T21122] EXT4-fs (loop1): orphan cleanup on readonly fs
[  295.608786][T21122] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.6044: bg 0: block 248: padding at end of block bitmap is not set
[  295.624241][T21122] EXT4-fs error (device loop1): ext4_acquire_dquot:6927: comm syz.1.6044: Failed to acquire dquot type 1
[  295.645876][T16684] EXT4-fs error (device loop6): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /247/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  295.677052][T21122] EXT4-fs (loop1): 1 truncate cleaned up
[  295.695902][T19982] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /72/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  295.785877][T21140] netlink: 68 bytes leftover after parsing attributes in process `syz.1.6051'.
[  295.816957][T21139] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=35 sclass=netlink_route_socket pid=21139 comm=syz.1.6051
[  295.839166][T21144] loop0: detected capacity change from 0 to 764
[  295.869715][T21139] loop1: detected capacity change from 0 to 512
[  295.886674][T21153] loop6: detected capacity change from 0 to 164
[  295.895389][T21153] rock: directory entry would overflow storage
[  295.901712][T21153] rock: sig=0x4f50, size=4, remaining=3
[  295.907330][T21153] iso9660: Corrupted directory entry in block 4 of inode 1792
[  295.913091][T21159] loop0: detected capacity change from 0 to 164
[  295.916016][T21139] ext4 filesystem being mounted at /575/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  295.953014][T21159] rock: directory entry would overflow storage
[  295.959381][T21159] rock: sig=0x4f50, size=4, remaining=3
[  295.964997][T21159] iso9660: Corrupted directory entry in block 4 of inode 1792
[  295.976779][T21163] lo speed is unknown, defaulting to 1000
[  296.016791][T21165] lo speed is unknown, defaulting to 1000
[  296.046106][T21166] loop1: detected capacity change from 0 to 2048
[  296.091677][T21166]  loop1: p1 < > p4
[  296.099377][T21166] loop1: p4 size 8388608 extends beyond EOD, truncated
[  296.174766][T21177] loop5: detected capacity change from 0 to 512
[  296.181736][T21177] EXT4-fs: Ignoring removed oldalloc option
[  296.200957][T21180] loop3: detected capacity change from 0 to 1024
[  296.230815][T21177] EXT4-fs error (device loop5): ext4_find_inline_data_nolock:164: inode #15: comm syz.5.6061: inline data xattr refers to an external xattr inode
[  296.254765][T21180] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  296.265818][T21180] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[  296.267128][T21177] EXT4-fs error (device loop5): ext4_orphan_get:1394: comm syz.5.6061: couldn't read orphan inode 15 (err -117)
[  296.293390][T21180] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  296.310508][T21180] EXT4-fs (loop3): invalid journal inode
[  296.327525][T21188] lo speed is unknown, defaulting to 1000
[  296.335272][T21180] EXT4-fs (loop3): can't get journal size
[  296.371991][T21180] EXT4-fs error (device loop3): ext4_protect_reserved_inode:182: inode #3: comm syz.3.6062: blocks 2-2 from inode overlap system zone
[  296.394979][T21180] EXT4-fs (loop3): failed to initialize system zone (-117)
[  296.402042][T21192] loop0: detected capacity change from 0 to 2048
[  296.402558][T21180] EXT4-fs (loop3): mount failed
[  296.419020][T21195] loop5: detected capacity change from 0 to 512
[  296.438356][T21195] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  296.446779][T21192]  loop0: p1 < > p4
[  296.454925][T21195] EXT4-fs (loop5): orphan cleanup on readonly fs
[  296.467665][T21192] loop0: p4 size 8388608 extends beyond EOD, truncated
[  296.467688][T21195] EXT4-fs warning (device loop5): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  296.501297][T21195] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  296.510340][T21195] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.6067: bg 0: block 40: padding at end of block bitmap is not set
[  296.541953][T21205] loop3: detected capacity change from 0 to 512
[  296.549753][T21195] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  296.559912][T21205] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  296.568379][T21205] EXT4-fs (loop3): orphan cleanup on readonly fs
[  296.578414][T21195] EXT4-fs (loop5): 1 truncate cleaned up
[  296.584366][T21205] EXT4-fs warning (device loop3): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  296.599615][T21205] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  296.609950][T21205] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.6070: bg 0: block 40: padding at end of block bitmap is not set
[  296.624307][T21195] EXT4-fs error (device loop5): ext4_xattr_block_get:596: inode #16: comm syz.5.6067: corrupted xattr block 31: invalid header
[  296.625231][T21205] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  296.646815][T21205] EXT4-fs (loop3): 1 truncate cleaned up
[  296.646916][T21195] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=16
[  296.669323][T21205] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #16: comm syz.3.6070: corrupted xattr block 31: invalid header
[  296.679514][T21213] loop0: detected capacity change from 0 to 164
[  296.697389][T21205] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=16
[  296.734276][T21215] FAULT_INJECTION: forcing a failure.
[  296.734276][T21215] name failslab, interval 1, probability 0, space 0, times 0
[  296.747055][T21215] CPU: 1 UID: 0 PID: 21215 Comm: syz.5.6073 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0
[  296.747092][T21215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  296.747121][T21215] Call Trace:
[  296.747129][T21215]  <TASK>
[  296.747140][T21215]  dump_stack_lvl+0xf2/0x150
[  296.747178][T21215]  dump_stack+0x15/0x1a
[  296.747208][T21215]  should_fail_ex+0x24a/0x260
[  296.747249][T21215]  should_failslab+0x8f/0xb0
[  296.747312][T21215]  kmem_cache_alloc_node_noprof+0x59/0x320
[  296.747343][T21215]  ? __alloc_skb+0x10b/0x310
[  296.747385][T21215]  ? ida_alloc_range+0x6c3/0x6f0
[  296.747510][T21215]  __alloc_skb+0x10b/0x310
[  296.747570][T21215]  create_monitor_ctrl_open+0x103/0x490
[  296.747675][T21215]  hci_sock_bind+0x72a/0x9b0
[  296.747786][T21215]  __sys_bind+0x10c/0x190
[  296.747846][T21215]  __x64_sys_bind+0x41/0x50
[  296.747884][T21215]  x64_sys_call+0x20ab/0x2dc0
[  296.747911][T21215]  do_syscall_64+0xc9/0x1c0
[  296.747939][T21215]  ? clear_bhb_loop+0x55/0xb0
[  296.748013][T21215]  ? clear_bhb_loop+0x55/0xb0
[  296.748084][T21215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  296.748118][T21215] RIP: 0033:0x7fc29ed9cde9
[  296.748134][T21215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  296.748152][T21215] RSP: 002b:00007fc29d401038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  296.748178][T21215] RAX: ffffffffffffffda RBX: 00007fc29efb5fa0 RCX: 00007fc29ed9cde9
[  296.748193][T21215] RDX: 0000000000000006 RSI: 0000400000000000 RDI: 0000000000000005
[  296.748208][T21215] RBP: 00007fc29d401090 R08: 0000000000000000 R09: 0000000000000000
[  296.748223][T21215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  296.748237][T21215] R13: 0000000000000000 R14: 00007fc29efb5fa0 R15: 00007ffcf3ea5a68
[  296.748260][T21215]  </TASK>
[  296.973928][T21222] loop6: detected capacity change from 0 to 1024
[  296.978673][T21225] loop0: detected capacity change from 0 to 1024
[  296.983255][T21222] EXT4-fs: Ignoring removed nomblk_io_submit option
[  296.994030][T21229] loop5: detected capacity change from 0 to 1024
[  296.994248][T21225] EXT4-fs: Ignoring removed nomblk_io_submit option
[  297.040144][T21229] ext4 filesystem being mounted at /124/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  297.058038][T19982] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /81/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  297.080507][T16684] EXT4-fs error (device loop6): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /251/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  297.128999][T21246] loop3: detected capacity change from 0 to 164
[  297.135730][T21248] loop5: detected capacity change from 0 to 512
[  297.160836][T21248] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  297.173430][T21248] EXT4-fs (loop5): orphan cleanup on readonly fs
[  297.181081][T21254] FAULT_INJECTION: forcing a failure.
[  297.181081][T21254] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  297.194175][T21254] CPU: 0 UID: 0 PID: 21254 Comm: syz.3.6085 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0
[  297.194248][T21254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  297.194262][T21254] Call Trace:
[  297.194270][T21254]  <TASK>
[  297.194278][T21254]  dump_stack_lvl+0xf2/0x150
[  297.194306][T21254]  dump_stack+0x15/0x1a
[  297.194328][T21254]  should_fail_ex+0x24a/0x260
[  297.194398][T21254]  should_fail+0xb/0x10
[  297.194424][T21254]  should_fail_usercopy+0x1a/0x20
[  297.194455][T21254]  _copy_to_user+0x20/0xa0
[  297.194513][T21254]  simple_read_from_buffer+0xa0/0x110
[  297.194541][T21254]  proc_fail_nth_read+0xf9/0x140
[  297.194573][T21254]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  297.194601][T21254]  vfs_read+0x19b/0x6f0
[  297.194629][T21254]  ? __rcu_read_unlock+0x4e/0x70
[  297.194653][T21254]  ? __fget_files+0x17c/0x1c0
[  297.194706][T21254]  ksys_read+0xe8/0x1b0
[  297.194733][T21254]  __x64_sys_read+0x42/0x50
[  297.194792][T21254]  x64_sys_call+0x2874/0x2dc0
[  297.194819][T21254]  do_syscall_64+0xc9/0x1c0
[  297.194926][T21254]  ? clear_bhb_loop+0x55/0xb0
[  297.194953][T21254]  ? clear_bhb_loop+0x55/0xb0
[  297.194981][T21254]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.195009][T21254] RIP: 0033:0x7f6a2123b7fc
[  297.195068][T21254] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  297.195087][T21254] RSP: 002b:00007f6a1f8a7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  297.195107][T21254] RAX: ffffffffffffffda RBX: 00007f6a21455fa0 RCX: 00007f6a2123b7fc
[  297.195119][T21254] RDX: 000000000000000f RSI: 00007f6a1f8a70a0 RDI: 0000000000000004
[  297.195131][T21254] RBP: 00007f6a1f8a7090 R08: 0000000000000000 R09: 0000000000000000
[  297.195144][T21254] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  297.195182][T21254] R13: 0000000000000000 R14: 00007f6a21455fa0 R15: 00007ffdf55a0b48
[  297.195201][T21254]  </TASK>
[  297.195287][T21248] EXT4-fs warning (device loop5): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  297.196217][T21256] FAULT_INJECTION: forcing a failure.
[  297.196217][T21256] name failslab, interval 1, probability 0, space 0, times 0
[  297.230551][T21248] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  297.231456][T21256] CPU: 1 UID: 0 PID: 21256 Comm: syz.0.6081 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0
[  297.231487][T21256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  297.231505][T21256] Call Trace:
[  297.231513][T21256]  <TASK>
[  297.231577][T21256]  dump_stack_lvl+0xf2/0x150
[  297.231614][T21256]  dump_stack+0x15/0x1a
[  297.231707][T21256]  should_fail_ex+0x24a/0x260
[  297.231818][T21256]  should_failslab+0x8f/0xb0
[  297.231869][T21256]  kmem_cache_alloc_node_noprof+0x59/0x320
[  297.231913][T21256]  ? __alloc_skb+0x10b/0x310
[  297.231979][T21256]  __alloc_skb+0x10b/0x310
[  297.232043][T21256]  ? audit_log_start+0x34c/0x6b0
[  297.232099][T21256]  audit_log_start+0x368/0x6b0
[  297.232145][T21256]  audit_seccomp+0x4b/0x130
[  297.232234][T21256]  __seccomp_filter+0x6fa/0x1180
[  297.232337][T21256]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  297.232376][T21256]  ? vfs_write+0x644/0x920
[  297.232484][T21256]  ? __schedule+0x75b/0x990
[  297.232545][T21256]  __secure_computing+0x9f/0x1c0
[  297.232575][T21256]  syscall_trace_enter+0xd1/0x1f0
[  297.232617][T21256]  do_syscall_64+0xaa/0x1c0
[  297.232689][T21256]  ? clear_bhb_loop+0x55/0xb0
[  297.232730][T21256]  ? clear_bhb_loop+0x55/0xb0
[  297.232765][T21256]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.232811][T21256] RIP: 0033:0x7f6eaeefcde9
[  297.232830][T21256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.232902][T21256] RSP: 002b:00007f6ead567038 EFLAGS: 00000246 ORIG_RAX: 0000000000000103
[  297.232949][T21256] RAX: ffffffffffffffda RBX: 00007f6eaf115fa0 RCX: 00007f6eaeefcde9
[  297.233041][T21256] RDX: 0000000000002000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  297.233058][T21256] RBP: 00007f6ead567090 R08: 0000000000000000 R09: 0000000000000000
[  297.233074][T21256] R10: 0000000000000103 R11: 0000000000000246 R12: 0000000000000001
[  297.233089][T21256] R13: 0000000000000000 R14: 00007f6eaf115fa0 R15: 00007fff85f9bcf8
[  297.233112][T21256]  </TASK>
[  297.261237][T21258] loop3: detected capacity change from 0 to 164
[  297.270591][T21248] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.6083: bg 0: block 40: padding at end of block bitmap is not set
[  297.339128][T21258] rock: directory entry would overflow storage
[  297.477515][T21248] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  297.478777][T21258] rock: sig=0x4f50, size=4, remaining=3
[  297.478794][T21258] iso9660: Corrupted directory entry in block 4 of inode 1792
[  297.500703][T21248] EXT4-fs (loop5): 1 truncate cleaned up
[  297.541257][T21270] loop6: detected capacity change from 0 to 764
[  297.576450][T21272] loop0: detected capacity change from 0 to 1024
[  297.612412][   T29] kauditd_printk_skb: 1262 callbacks suppressed
[  297.612431][   T29] audit: type=1326 audit(1739708018.682:59870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21247 comm="syz.5.6083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc29ed9b750 code=0x7ffc0000
[  297.629976][T21248] EXT4-fs error (device loop5): ext4_xattr_block_get:596: inode #16: comm syz.5.6083: corrupted xattr block 31: invalid header
[  297.643706][   T29] audit: type=1326 audit(1739708018.682:59871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21247 comm="syz.5.6083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7fc29ed9bb37 code=0x7ffc0000
[  297.643737][   T29] audit: type=1326 audit(1739708018.682:59872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21247 comm="syz.5.6083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc29ed9b750 code=0x7ffc0000
[  297.650093][T21248] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=16
[  297.658800][   T29] audit: type=1326 audit(1739708018.682:59873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21247 comm="syz.5.6083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc29ed9cde9 code=0x7ffc0000
[  297.696349][   T29] audit: type=1326 audit(1739708018.682:59874): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21247 comm="syz.5.6083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc29ed9cde9 code=0x7ffc0000
[  297.729206][T21275] loop3: detected capacity change from 0 to 1024
[  297.733320][   T29] audit: type=1326 audit(1739708018.682:59875): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21247 comm="syz.5.6083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=303 compat=0 ip=0x7fc29ed9cde9 code=0x7ffc0000
[  297.798069][T21275] EXT4-fs: Ignoring removed nomblk_io_submit option
[  297.837017][   T29] audit: type=1326 audit(1739708018.762:59876): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21247 comm="syz.5.6083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc29ed9cde9 code=0x7ffc0000
[  297.897999][   T29] audit: type=1326 audit(1739708018.762:59877): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21247 comm="syz.5.6083" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc29ed9cde9 code=0x7ffc0000
[  297.898564][T21272] ext4 filesystem being mounted at /85/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  297.944182][T21286] loop6: detected capacity change from 0 to 512
[  297.955637][   T29] audit: type=1326 audit(1739708019.052:59878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21274 comm="syz.3.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2123cde9 code=0x7ffc0000
[  297.979489][   T29] audit: type=1326 audit(1739708019.052:59879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21274 comm="syz.3.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a2123cde9 code=0x7ffc0000
[  298.011884][T21286] EXT4-fs (loop6): orphan cleanup on readonly fs
[  298.019118][T21286] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.6096: bg 0: block 248: padding at end of block bitmap is not set
[  298.019393][T13124] EXT4-fs error (device loop3): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /566/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  298.057281][T21286] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.6096: Failed to acquire dquot type 1
[  298.078038][T21286] EXT4-fs (loop6): 1 truncate cleaned up
[  298.098150][T21300] loop1: detected capacity change from 0 to 512
[  298.112132][T21302] loop0: detected capacity change from 0 to 164
[  298.121875][T21302] rock: directory entry would overflow storage
[  298.128074][T21302] rock: sig=0x4f50, size=4, remaining=3
[  298.128490][T21300] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  298.133736][T21302] iso9660: Corrupted directory entry in block 4 of inode 1792
[  298.141922][T21300] EXT4-fs (loop1): orphan cleanup on readonly fs
[  298.156315][T21300] EXT4-fs warning (device loop1): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  298.171495][T21300] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  298.182661][T21300] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.6101: bg 0: block 40: padding at end of block bitmap is not set
[  298.250074][T21313] loop0: detected capacity change from 0 to 512
[  298.259714][T21316] lo speed is unknown, defaulting to 1000
[  298.265898][T21317] loop6: detected capacity change from 0 to 164
[  298.278091][T21300] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  298.294429][T21313] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  298.315894][T21322] loop3: detected capacity change from 0 to 2048
[  298.323836][T21313] EXT4-fs (loop0): orphan cleanup on readonly fs
[  298.330679][T21300] EXT4-fs (loop1): 1 truncate cleaned up
[  298.336398][T21313] EXT4-fs warning (device loop0): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  298.360487][T21313] EXT4-fs (loop0): Cannot turn on quotas: error -117
[  298.371632][T21300] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #16: comm syz.1.6101: corrupted xattr block 31: invalid header
[  298.388233][T21313] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.6105: bg 0: block 40: padding at end of block bitmap is not set
[  298.391191][T21322]  loop3: p1 < > p4
[  298.417531][T21300] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[  298.426707][T21313] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  298.427852][T21322] loop3: p4 size 8388608 extends beyond EOD, truncated
[  298.445187][T21313] EXT4-fs (loop0): 1 truncate cleaned up
[  298.457968][T21328] loop5: detected capacity change from 0 to 1024
[  298.470756][T21328] EXT4-fs: Ignoring removed nomblk_io_submit option
[  298.488047][T21313] EXT4-fs error (device loop0): ext4_xattr_block_get:596: inode #16: comm syz.0.6105: corrupted xattr block 31: invalid header
[  298.522199][T19171] EXT4-fs error (device loop5): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /130/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  298.537721][T21313] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=16
[  298.578280][T21340] FAULT_INJECTION: forcing a failure.
[  298.578280][T21340] name failslab, interval 1, probability 0, space 0, times 0
[  298.591065][T21340] CPU: 1 UID: 0 PID: 21340 Comm: syz.3.6116 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0
[  298.591091][T21340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  298.591134][T21340] Call Trace:
[  298.591142][T21340]  <TASK>
[  298.591151][T21340]  dump_stack_lvl+0xf2/0x150
[  298.591187][T21340]  dump_stack+0x15/0x1a
[  298.591214][T21340]  should_fail_ex+0x24a/0x260
[  298.591252][T21340]  should_failslab+0x8f/0xb0
[  298.591307][T21340]  kmem_cache_alloc_node_noprof+0x59/0x320
[  298.591337][T21340]  ? __alloc_skb+0x10b/0x310
[  298.591381][T21340]  __alloc_skb+0x10b/0x310
[  298.591442][T21340]  netlink_alloc_large_skb+0xad/0xe0
[  298.591487][T21340]  netlink_sendmsg+0x3b4/0x6e0
[  298.591527][T21340]  ? __pfx_netlink_sendmsg+0x10/0x10
[  298.591557][T21340]  __sock_sendmsg+0x140/0x180
[  298.591654][T21340]  ____sys_sendmsg+0x326/0x4b0
[  298.591687][T21340]  __sys_sendmsg+0x19d/0x230
[  298.591730][T21340]  __x64_sys_sendmsg+0x46/0x50
[  298.591829][T21340]  x64_sys_call+0x2734/0x2dc0
[  298.591857][T21340]  do_syscall_64+0xc9/0x1c0
[  298.591978][T21340]  ? clear_bhb_loop+0x55/0xb0
[  298.592013][T21340]  ? clear_bhb_loop+0x55/0xb0
[  298.592040][T21340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  298.592067][T21340] RIP: 0033:0x7f6a2123cde9
[  298.592146][T21340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  298.592169][T21340] RSP: 002b:00007f6a1f8a7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  298.592190][T21340] RAX: ffffffffffffffda RBX: 00007f6a21455fa0 RCX: 00007f6a2123cde9
[  298.592205][T21340] RDX: 0000000000000000 RSI: 0000400000001200 RDI: 0000000000000006
[  298.592220][T21340] RBP: 00007f6a1f8a7090 R08: 0000000000000000 R09: 0000000000000000
[  298.592235][T21340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  298.592250][T21340] R13: 0000000000000000 R14: 00007f6a21455fa0 R15: 00007ffdf55a0b48
[  298.592272][T21340]  </TASK>
[  298.595227][T21342] loop0: detected capacity change from 0 to 128
[  298.833147][T21348] loop3: detected capacity change from 0 to 164
[  298.855451][T21349] loop0: detected capacity change from 0 to 164
[  298.870292][T21361] loop6: detected capacity change from 0 to 764
[  298.875820][T21356] loop1: detected capacity change from 0 to 512
[  298.885545][T21356] EXT4-fs: dax option not supported
[  298.962670][T21368] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6123'.
[  299.051222][T21383] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6128'.
[  299.081023][T21389] loop3: detected capacity change from 0 to 512
[  299.091929][T21389] ext4 filesystem being mounted at /573/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  299.156382][T21398] loop0: detected capacity change from 0 to 164
[  299.196626][T21400] loop3: detected capacity change from 0 to 764
[  299.208743][T21402] FAULT_INJECTION: forcing a failure.
[  299.208743][T21402] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  299.221973][T21402] CPU: 1 UID: 0 PID: 21402 Comm: syz.0.6135 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0
[  299.222004][T21402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  299.222020][T21402] Call Trace:
[  299.222028][T21402]  <TASK>
[  299.222036][T21402]  dump_stack_lvl+0xf2/0x150
[  299.222127][T21402]  dump_stack+0x15/0x1a
[  299.222152][T21402]  should_fail_ex+0x24a/0x260
[  299.222185][T21402]  should_fail+0xb/0x10
[  299.222220][T21402]  should_fail_usercopy+0x1a/0x20
[  299.222254][T21402]  strncpy_from_user+0x25/0x210
[  299.222337][T21402]  ? kmem_cache_alloc_noprof+0x18e/0x320
[  299.222364][T21402]  ? getname_flags+0x81/0x3b0
[  299.222402][T21402]  getname_flags+0xb0/0x3b0
[  299.222439][T21402]  __x64_sys_mknodat+0x50/0x70
[  299.222464][T21402]  x64_sys_call+0x27de/0x2dc0
[  299.222497][T21402]  do_syscall_64+0xc9/0x1c0
[  299.222531][T21402]  ? clear_bhb_loop+0x55/0xb0
[  299.222565][T21402]  ? clear_bhb_loop+0x55/0xb0
[  299.222661][T21402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.222694][T21402] RIP: 0033:0x7f6eaeefcde9
[  299.222712][T21402] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.222734][T21402] RSP: 002b:00007f6ead567038 EFLAGS: 00000246 ORIG_RAX: 0000000000000103
[  299.222757][T21402] RAX: ffffffffffffffda RBX: 00007f6eaf115fa0 RCX: 00007f6eaeefcde9
[  299.222803][T21402] RDX: 0000000000002000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  299.222816][T21402] RBP: 00007f6ead567090 R08: 0000000000000000 R09: 0000000000000000
[  299.222831][T21402] R10: 0000000000000103 R11: 0000000000000246 R12: 0000000000000001
[  299.222845][T21402] R13: 0000000000000000 R14: 00007f6eaf115fa0 R15: 00007fff85f9bcf8
[  299.222880][T21402]  </TASK>
[  299.334436][T21408] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6138'.
[  299.422466][T21406] loop6: detected capacity change from 0 to 164
[  299.429054][T21412] loop0: detected capacity change from 0 to 512
[  299.439524][T21406] syz.6.6137: attempt to access beyond end of device
[  299.439524][T21406] loop6: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  299.456055][T21406] syz.6.6137: attempt to access beyond end of device
[  299.456055][T21406] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  299.470046][T21412] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  299.478343][T21412] EXT4-fs (loop0): orphan cleanup on readonly fs
[  299.485017][T21412] EXT4-fs warning (device loop0): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  299.500167][T21412] EXT4-fs (loop0): Cannot turn on quotas: error -117
[  299.507531][T21412] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.6139: bg 0: block 40: padding at end of block bitmap is not set
[  299.521999][T21412] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  299.531023][T21412] EXT4-fs (loop0): 1 truncate cleaned up
[  299.540539][T21412] EXT4-fs error (device loop0): ext4_xattr_block_get:596: inode #16: comm syz.0.6139: corrupted xattr block 31: invalid header
[  299.554026][T21412] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=16
[  299.578960][T21420] loop6: detected capacity change from 0 to 512
[  299.601283][T21420] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  299.609528][T21420] EXT4-fs (loop6): orphan cleanup on readonly fs
[  299.616601][T21420] EXT4-fs warning (device loop6): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  299.631647][T21420] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  299.633191][T21426] lo speed is unknown, defaulting to 1000
[  299.638856][T21420] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.6141: bg 0: block 40: padding at end of block bitmap is not set
[  299.658625][T21420] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  299.668271][T21420] EXT4-fs (loop6): 1 truncate cleaned up
[  299.681707][T21420] EXT4-fs error (device loop6): ext4_xattr_block_get:596: inode #16: comm syz.6.6141: corrupted xattr block 31: invalid header
[  299.720316][T21427] loop0: detected capacity change from 0 to 2048
[  299.724606][T21420] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop6 ino=16
[  299.753369][T21432] loop5: detected capacity change from 0 to 164
[  299.771013][T21427]  loop0: p1 < > p4
[  299.775388][T21427] loop0: p4 size 8388608 extends beyond EOD, truncated
[  299.901795][T21441] loop1: detected capacity change from 0 to 764
[  299.953547][T21443] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6149'.
[  299.991569][T21453] lo speed is unknown, defaulting to 1000
[  300.042573][T21452] @: renamed from vlan0 (while UP)
[  300.048015][T21460] loop3: detected capacity change from 0 to 2048
[  300.077247][T21457] loop0: detected capacity change from 0 to 164
[  300.104543][T21460]  loop3: p1 < > p4
[  300.117681][T21460] loop3: p4 size 8388608 extends beyond EOD, truncated
[  300.174664][T21470] loop5: detected capacity change from 0 to 1024
[  300.238804][T21470] ext4 filesystem being mounted at /136/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  300.481604][T21487] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6166'.
[  300.538813][T21496] FAULT_INJECTION: forcing a failure.
[  300.538813][T21496] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  300.552141][T21496] CPU: 0 UID: 0 PID: 21496 Comm: syz.5.6170 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0
[  300.552174][T21496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  300.552249][T21496] Call Trace:
[  300.552257][T21496]  <TASK>
[  300.552264][T21496]  dump_stack_lvl+0xf2/0x150
[  300.552294][T21496]  dump_stack+0x15/0x1a
[  300.552345][T21496]  should_fail_ex+0x24a/0x260
[  300.552383][T21496]  should_fail+0xb/0x10
[  300.552415][T21496]  should_fail_usercopy+0x1a/0x20
[  300.552455][T21496]  _copy_to_user+0x20/0xa0
[  300.552530][T21496]  pagemap_read+0x3af/0x610
[  300.552568][T21496]  ? __pfx_pagemap_read+0x10/0x10
[  300.552600][T21496]  vfs_read+0x19b/0x6f0
[  300.552629][T21496]  ? __fget_files+0x17c/0x1c0
[  300.552672][T21496]  ? __rcu_read_unlock+0x4e/0x70
[  300.552700][T21496]  ? __fget_files+0x17c/0x1c0
[  300.552742][T21496]  __x64_sys_pread64+0xf6/0x150
[  300.552777][T21496]  x64_sys_call+0x26ee/0x2dc0
[  300.552867][T21496]  do_syscall_64+0xc9/0x1c0
[  300.552983][T21496]  ? clear_bhb_loop+0x55/0xb0
[  300.553029][T21496]  ? clear_bhb_loop+0x55/0xb0
[  300.553084][T21496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.553114][T21496] RIP: 0033:0x7fc29ed9cde9
[  300.553132][T21496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  300.553154][T21496] RSP: 002b:00007fc29d401038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  300.553177][T21496] RAX: ffffffffffffffda RBX: 00007fc29efb5fa0 RCX: 00007fc29ed9cde9
[  300.553218][T21496] RDX: 0000000000200000 RSI: 0000400000001240 RDI: 0000000000000003
[  300.553233][T21496] RBP: 00007fc29d401090 R08: 0000000000000000 R09: 0000000000000000
[  300.553245][T21496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  300.553257][T21496] R13: 0000000000000000 R14: 00007fc29efb5fa0 R15: 00007ffcf3ea5a68
[  300.553275][T21496]  </TASK>
[  300.728647][T21501] loop6: detected capacity change from 0 to 164
[  300.852204][T21507] lo speed is unknown, defaulting to 1000
[  300.922325][T21512] loop3: detected capacity change from 0 to 2048
[  300.952894][T21512]  loop3: p1 < > p4
[  300.962711][T21512] loop3: p4 size 8388608 extends beyond EOD, truncated
[  301.232114][T21524] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6180'.
[  301.309028][T21528] loop3: detected capacity change from 0 to 1024
[  301.320918][T21528] EXT4-fs: Ignoring removed nomblk_io_submit option
[  301.381185][T13124] EXT4-fs error (device loop3): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /589/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  301.682982][T21548] lo speed is unknown, defaulting to 1000
[  301.699748][T21551] loop3: detected capacity change from 0 to 2048
[  301.740909][T21551]  loop3: p1 < > p4
[  301.745337][T21551] loop3: p4 size 8388608 extends beyond EOD, truncated
[  301.783870][T21558] loop0: detected capacity change from 0 to 164
[  301.796049][T21558] rock: directory entry would overflow storage
[  301.802347][T21558] rock: sig=0x4f50, size=4, remaining=3
[  301.807991][T21558] iso9660: Corrupted directory entry in block 4 of inode 1792
[  301.878963][T21565] lo speed is unknown, defaulting to 1000
[  301.951762][T21567] loop0: detected capacity change from 0 to 2048
[  301.970024][T21566] loop5: detected capacity change from 0 to 2048
[  302.011122][T21567]  loop0: p1 < > p4
[  302.021968][T21563] lo speed is unknown, defaulting to 1000
[  302.040529][T21567] loop0: p4 size 8388608 extends beyond EOD, truncated
[  302.060950][T21566]  loop5: p1 < > p4
[  302.075121][T21571] loop6: detected capacity change from 0 to 512
[  302.081661][T21566] loop5: p4 size 8388608 extends beyond EOD, truncated
[  302.100148][T21571] EXT4-fs (loop6): orphan cleanup on readonly fs
[  302.107311][T21571] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.6195: bg 0: block 248: padding at end of block bitmap is not set
[  302.130650][T21571] EXT4-fs error (device loop6): ext4_acquire_dquot:6927: comm syz.6.6195: Failed to acquire dquot type 1
[  302.142447][T21571] EXT4-fs (loop6): 1 truncate cleaned up
[  302.323421][T21584] lo speed is unknown, defaulting to 1000
[  302.352789][T21592] loop6: detected capacity change from 0 to 1024
[  302.361975][T21590] loop3: detected capacity change from 0 to 164
[  302.368562][T21592] EXT4-fs: Ignoring removed nomblk_io_submit option
[  302.418714][T16684] EXT4-fs error (device loop6): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /278/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  302.457130][T21590] rock: directory entry would overflow storage
[  302.463363][T21590] rock: sig=0x4f50, size=4, remaining=3
[  302.468926][T21590] iso9660: Corrupted directory entry in block 4 of inode 1792
[  302.561905][T21600] loop5: detected capacity change from 0 to 512
[  302.609854][T21600] EXT4-fs (loop5): orphan cleanup on readonly fs
[  302.634088][   T29] kauditd_printk_skb: 9882 callbacks suppressed
[  302.634105][   T29] audit: type=1326 audit(1739708023.722:69754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21465 comm="syz.1.6161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f483019cde9 code=0x50000
[  302.663988][   T29] audit: type=1326 audit(1739708023.722:69755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21601 comm="syz.3.6208" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6a2123cde9 code=0x7ffc0000
[  302.687669][   T29] audit: type=1326 audit(1739708023.722:69756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21465 comm="syz.1.6161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f483019cde9 code=0x50000
[  302.711012][   T29] audit: type=1326 audit(1739708023.722:69757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21465 comm="syz.1.6161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f483019cde9 code=0x50000
[  302.718245][T21600] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.6207: bg 0: block 248: padding at end of block bitmap is not set
[  302.734363][   T29] audit: type=1326 audit(1739708023.722:69758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21465 comm="syz.1.6161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f483019cde9 code=0x50000
[  302.734396][   T29] audit: type=1326 audit(1739708023.722:69759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21465 comm="syz.1.6161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f483019cde9 code=0x50000
[  302.734422][   T29] audit: type=1326 audit(1739708023.722:69760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21465 comm="syz.1.6161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f483019cde9 code=0x50000
[  302.748921][T21600] Quota error (device loop5): write_blk: dquota write failed
[  302.772019][   T29] audit: type=1326 audit(1739708023.722:69761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21465 comm="syz.1.6161" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f483019cde9 code=0x50000
[  302.795354][T21600] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  302.859340][T21600] EXT4-fs error (device loop5): ext4_acquire_dquot:6927: comm syz.5.6207: Failed to acquire dquot type 1
[  302.892349][T21613] loop6: detected capacity change from 0 to 2048
[  302.903571][T21600] EXT4-fs (loop5): 1 truncate cleaned up
[  302.908177][T21611] lo speed is unknown, defaulting to 1000
[  302.939764][T21617] loop0: detected capacity change from 0 to 1024
[  302.947865][T21613]  loop6: p1 < > p4
[  302.974067][T21621] syz_tun: entered allmulticast mode
[  302.974991][T21617] ext4 filesystem being mounted at /114/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  302.983644][T21613] loop6: p4 size 8388608 extends beyond EOD, truncated
[  302.996770][T21621] syz_tun: left allmulticast mode
[  303.282399][T21627] loop0: detected capacity change from 0 to 8192
[  303.386804][T21633] loop1: detected capacity change from 0 to 1024
[  303.440297][T21633] EXT4-fs: Ignoring removed nomblk_io_submit option
[  303.629943][T12891] EXT4-fs error (device loop1): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /597/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  303.755472][T21652] lo speed is unknown, defaulting to 1000
[  303.793224][T21655] lo speed is unknown, defaulting to 1000
[  303.827228][T21658] loop6: detected capacity change from 0 to 2048
[  303.907988][T21658]  loop6: p1 < > p4
[  303.925289][T21658] loop6: p4 size 8388608 extends beyond EOD, truncated
[  303.987435][T21665] lo speed is unknown, defaulting to 1000
[  304.048105][T21672] loop1: detected capacity change from 0 to 2048
[  304.077838][T21677] loop6: detected capacity change from 0 to 512
[  304.093433][T21672]  loop1: p1 < > p4
[  304.107527][T21677] ext4 filesystem being mounted at /283/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  304.119362][T21672] loop1: p4 size 8388608 extends beyond EOD, truncated
[  304.136091][T21683] loop5: detected capacity change from 0 to 164
[  304.152238][   T28] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.156373][T21683] syz.5.6229: attempt to access beyond end of device
[  304.156373][T21683] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  304.176465][T21683] syz.5.6229: attempt to access beyond end of device
[  304.176465][T21683] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[  304.190313][T21666] lo speed is unknown, defaulting to 1000
[  304.205223][T21685] loop0: detected capacity change from 0 to 1024
[  304.223994][T21685] EXT4-fs: Ignoring removed nomblk_io_submit option
[  304.232180][   T28] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.270969][T21691] loop5: detected capacity change from 0 to 512
[  304.278780][T19982] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /121/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  304.301128][T21691] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  304.309387][T21691] EXT4-fs (loop5): orphan cleanup on readonly fs
[  304.318548][T21691] EXT4-fs warning (device loop5): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  304.337457][   T28] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.349558][T21691] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  304.356964][T21691] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.6232: bg 0: block 40: padding at end of block bitmap is not set
[  304.377843][T21691] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  304.386681][T21699] loop1: detected capacity change from 0 to 164
[  304.393776][T21691] EXT4-fs (loop5): 1 truncate cleaned up
[  304.404314][T21691] EXT4-fs error (device loop5): ext4_xattr_block_get:596: inode #16: comm syz.5.6232: corrupted xattr block 31: invalid header
[  304.405786][T21699] rock: directory entry would overflow storage
[  304.422319][T21691] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=16
[  304.423689][T21699] rock: sig=0x4f50, size=4, remaining=3
[  304.438299][T21699] iso9660: Corrupted directory entry in block 4 of inode 1792
[  304.455075][T21666] chnl_net:caif_netlink_parms(): no params data found
[  304.486748][   T28] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  304.540264][T21703] lo speed is unknown, defaulting to 1000
[  304.559480][T21666] bridge0: port 1(bridge_slave_0) entered blocking state
[  304.566758][T21666] bridge0: port 1(bridge_slave_0) entered disabled state
[  304.574914][T21666] bridge_slave_0: entered allmulticast mode
[  304.582113][T21666] bridge_slave_0: entered promiscuous mode
[  304.599904][T21666] bridge0: port 2(bridge_slave_1) entered blocking state
[  304.607137][T21666] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.614524][T21666] bridge_slave_1: entered allmulticast mode
[  304.620991][T21666] bridge_slave_1: entered promiscuous mode
[  304.631414][   T28] bridge_slave_1: left allmulticast mode
[  304.637093][   T28] bridge_slave_1: left promiscuous mode
[  304.642895][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.653394][   T28] bridge_slave_0: left allmulticast mode
[  304.659181][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  304.762476][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  304.773103][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  304.782617][   T28] bond0 (unregistering): Released all slaves
[  304.807319][T21666] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  304.820179][T21666] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  304.843813][T21723] lo speed is unknown, defaulting to 1000
[  304.862259][T21666] team0: Port device team_slave_0 added
[  304.876786][T21666] team0: Port device team_slave_1 added
[  304.885466][T21725] loop1: detected capacity change from 0 to 2048
[  304.907825][T21727] loop6: detected capacity change from 0 to 164
[  304.931800][T21725]  loop1: p1 < > p4
[  304.943177][T21725] loop1: p4 size 8388608 extends beyond EOD, truncated
[  304.955121][T21729] loop0: detected capacity change from 0 to 1024
[  304.962433][T21729] EXT4-fs: Ignoring removed nomblk_io_submit option
[  304.988199][T21666] batman_adv: batadv0: Adding interface: batadv_slave_0
[  304.995253][T21666] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  305.021365][T21666] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  305.032920][T21666] batman_adv: batadv0: Adding interface: batadv_slave_1
[  305.039960][T21666] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  305.047881][T19982] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /125/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  305.065976][T21666] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  305.142762][   T28] hsr_slave_0: left promiscuous mode
[  305.148414][   T28] hsr_slave_1: left promiscuous mode
[  305.155699][   T28] veth1_macvtap: left promiscuous mode
[  305.161444][   T28] veth0_macvtap: left promiscuous mode
[  305.167141][   T28] veth1_vlan: left promiscuous mode
[  305.172675][   T28] veth0_vlan: left promiscuous mode
[  305.189617][T21745] loop0: detected capacity change from 0 to 1024
[  305.202532][T21745] ext4 filesystem being mounted at /126/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  305.215970][T21745] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  305.231071][T21745] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 1 with error 28
[  305.243500][T21745] EXT4-fs (loop0): This should not happen!! Data will be lost
[  305.243500][T21745] 
[  305.253250][T21745] EXT4-fs (loop0): Total free blocks count 0
[  305.259225][T21745] EXT4-fs (loop0): Free/Dirty block details
[  305.265393][T21745] EXT4-fs (loop0): free_blocks=4293918720
[  305.271396][T21745] EXT4-fs (loop0): dirty_blocks=16
[  305.276582][T21745] EXT4-fs (loop0): Block reservation details
[  305.282790][T21745] EXT4-fs (loop0): i_reserved_data_blocks=1
[  305.291475][T21751] loop6: detected capacity change from 0 to 2048
[  305.314712][   T28] team0 (unregistering): Port device team_slave_1 removed
[  305.324413][   T28] team0 (unregistering): Port device team_slave_0 removed
[  305.333088][T21751]  loop6: p1 < > p4
[  305.338530][T21751] loop6: p4 size 8388608 extends beyond EOD, truncated
[  305.377104][T21753] loop0: detected capacity change from 0 to 512
[  305.393454][T21753] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  305.402731][T21753] EXT4-fs (loop0): orphan cleanup on readonly fs
[  305.410545][T21753] EXT4-fs warning (device loop0): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  305.411993][T21666] hsr_slave_0: entered promiscuous mode
[  305.432041][T21753] EXT4-fs (loop0): Cannot turn on quotas: error -117
[  305.432278][T21666] hsr_slave_1: entered promiscuous mode
[  305.440075][T21753] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.6249: bg 0: block 40: padding at end of block bitmap is not set
[  305.445303][T21666] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  305.458996][T21753] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  305.475143][T21666] Cannot create hsr debugfs directory
[  305.480643][T21749] lo speed is unknown, defaulting to 1000
[  305.483588][T21753] EXT4-fs (loop0): 1 truncate cleaned up
[  305.531171][T21753] EXT4-fs error (device loop0): ext4_xattr_block_get:596: inode #16: comm syz.0.6249: corrupted xattr block 31: invalid header
[  305.547355][T21753] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=16
[  305.564496][T21761] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6251'.
[  305.576738][T21764] loop1: detected capacity change from 0 to 512
[  305.594396][T21764] ext4 filesystem being mounted at /605/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  305.599517][T21767] loop0: detected capacity change from 0 to 1024
[  305.615822][T21767] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  305.626832][T21767] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[  305.636506][T21767] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  305.648799][T21767] EXT4-fs (loop0): invalid journal inode
[  305.654738][T21767] EXT4-fs (loop0): can't get journal size
[  305.661652][T21767] EXT4-fs error (device loop0): ext4_protect_reserved_inode:182: inode #3: comm syz.0.6252: blocks 2-2 from inode overlap system zone
[  305.681422][T21767] EXT4-fs (loop0): failed to initialize system zone (-117)
[  305.693637][T21767] EXT4-fs (loop0): mount failed
[  305.708373][T21774] loop5: detected capacity change from 0 to 1024
[  305.717425][T21774] EXT4-fs: Ignoring removed nomblk_io_submit option
[  305.725033][T21777] loop6: detected capacity change from 0 to 164
[  305.759183][T21781] loop0: detected capacity change from 0 to 512
[  305.784330][T19171] EXT4-fs error (device loop5): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /154/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  305.820004][T21781] EXT4-fs (loop0): corrupt root inode, run e2fsck
[  305.828174][T21781] EXT4-fs (loop0): mount failed
[  305.872847][T21789] loop6: detected capacity change from 0 to 2048
[  305.884042][T21786] lo speed is unknown, defaulting to 1000
[  305.931355][T21789]  loop6: p1 < > p4
[  305.935967][T21789] loop6: p4 size 8388608 extends beyond EOD, truncated
[  306.082213][T21794] lo speed is unknown, defaulting to 1000
[  306.117237][T21666] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  306.162907][T21666] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  306.205872][T21666] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  306.227568][T21795] loop5: detected capacity change from 0 to 2048
[  306.238114][T21666] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  306.360952][T21666] 8021q: adding VLAN 0 to HW filter on device bond0
[  306.367084][T21795]  loop5: p1 < > p4
[  306.372370][T21666] 8021q: adding VLAN 0 to HW filter on device team0
[  306.386560][T15507] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.393667][T15507] bridge0: port 1(bridge_slave_0) entered forwarding state
[  306.401046][T21795] loop5: p4 size 8388608 extends beyond EOD, truncated
[  306.432850][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.439963][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[  306.443028][T21799] loop1: detected capacity change from 0 to 1024
[  306.454276][T21799] EXT4-fs: Ignoring removed nomblk_io_submit option
[  306.513215][T12891] EXT4-fs error (device loop1): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /606/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  306.580151][T21808] lo speed is unknown, defaulting to 1000
[  306.582331][T21666] 8021q: adding VLAN 0 to HW filter on device batadv0
[  306.686992][T21813] loop6: detected capacity change from 0 to 2048
[  306.698130][T21818] loop0: detected capacity change from 0 to 1024
[  306.705929][T21817] loop5: detected capacity change from 0 to 164
[  306.717019][T21818] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  306.722059][T21822] lo speed is unknown, defaulting to 1000
[  306.728112][T21818] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[  306.764726][T21818] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  306.775287][T21813]  loop6: p1 < > p4
[  306.780349][T21827] loop5: detected capacity change from 0 to 1024
[  306.787095][T21813] loop6: p4 size 8388608 extends beyond EOD, truncated
[  306.788696][T21666] veth0_vlan: entered promiscuous mode
[  306.803060][T21827] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  306.805393][T21818] EXT4-fs (loop0): invalid journal inode
[  306.814000][T21827] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[  306.832002][T21666] veth1_vlan: entered promiscuous mode
[  306.834347][T21825] loop1: detected capacity change from 0 to 2048
[  306.843570][T21818] EXT4-fs (loop0): can't get journal size
[  306.849867][T21818] EXT4-fs error (device loop0): ext4_protect_reserved_inode:182: inode #3: comm syz.0.6265: blocks 2-2 from inode overlap system zone
[  306.850803][T21827] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  306.875914][T21666] veth0_macvtap: entered promiscuous mode
[  306.890820][T21818] EXT4-fs (loop0): failed to initialize system zone (-117)
[  306.892728][T21666] veth1_macvtap: entered promiscuous mode
[  306.910435][T21818] EXT4-fs (loop0): mount failed
[  306.915037][T21827] EXT4-fs (loop5): invalid journal inode
[  306.921099][T21827] EXT4-fs (loop5): can't get journal size
[  306.929276][T21827] EXT4-fs error (device loop5): ext4_protect_reserved_inode:182: inode #3: comm syz.5.6267: blocks 2-2 from inode overlap system zone
[  306.934952][T21825]  loop1: p1 < > p4
[  306.949715][T21825] loop1: p4 size 8388608 extends beyond EOD, truncated
[  306.961772][T21666] batman_adv: batadv0: Interface activated: batadv_slave_0
[  306.972455][T21666] batman_adv: batadv0: Interface activated: batadv_slave_1
[  306.980569][T21827] EXT4-fs (loop5): failed to initialize system zone (-117)
[  306.982658][T21666] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  306.987877][T21827] EXT4-fs (loop5): mount failed
[  306.996608][T21666] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  307.010229][T21666] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  307.018969][T21666] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  307.118671][T21835] loop6: detected capacity change from 0 to 764
[  307.154127][T21840] loop5: detected capacity change from 0 to 764
[  307.213792][T21847] loop6: detected capacity change from 0 to 512
[  307.220667][T21842] loop1: detected capacity change from 0 to 512
[  307.233063][T21842] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  307.242309][T21842] EXT4-fs (loop1): orphan cleanup on readonly fs
[  307.248889][T21848] loop3: detected capacity change from 0 to 512
[  307.256294][T21847] EXT4-fs (loop6): corrupt root inode, run e2fsck
[  307.262857][T21842] EXT4-fs warning (device loop1): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  307.266486][T21847] EXT4-fs (loop6): mount failed
[  307.305415][T21842] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  307.310777][T21848] EXT4-fs (loop3): corrupt root inode, run e2fsck
[  307.312785][T21842] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.6270: bg 0: block 40: padding at end of block bitmap is not set
[  307.333547][T21842] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  307.375102][T21848] EXT4-fs (loop3): mount failed
[  307.384688][T21842] EXT4-fs (loop1): 1 truncate cleaned up
[  307.395007][T21842] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #16: comm syz.1.6270: corrupted xattr block 31: invalid header
[  307.408661][T21842] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[  307.456707][T21861] lo speed is unknown, defaulting to 1000
[  307.467899][T21859] loop0: detected capacity change from 0 to 164
[  307.611674][T21859] rock: directory entry would overflow storage
[  307.617891][T21859] rock: sig=0x4f50, size=4, remaining=3
[  307.623519][T21859] iso9660: Corrupted directory entry in block 4 of inode 1792
[  308.226436][   T28] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.245001][T21864] loop5: detected capacity change from 0 to 2048
[  308.293770][   T29] kauditd_printk_skb: 1344 callbacks suppressed
[  308.293784][   T29] audit: type=1326 audit(1739708029.392:71103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21873 comm="syz.3.6281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5a3d5cde9 code=0x7ffc0000
[  308.325227][   T29] audit: type=1326 audit(1739708029.422:71104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21873 comm="syz.3.6281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7fd5a3d5cde9 code=0x7ffc0000
[  308.329990][T21872] loop6: detected capacity change from 0 to 2048
[  308.349038][   T29] audit: type=1326 audit(1739708029.422:71105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21873 comm="syz.3.6281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5a3d5cde9 code=0x7ffc0000
[  308.380282][   T28] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.393293][   T29] audit: type=1326 audit(1739708029.422:71106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21873 comm="syz.3.6281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=114 compat=0 ip=0x7fd5a3d5cde9 code=0x7ffc0000
[  308.417133][   T29] audit: type=1326 audit(1739708029.422:71107): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21873 comm="syz.3.6281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5a3d5cde9 code=0x7ffc0000
[  308.417417][T21874] loop3: detected capacity change from 0 to 8192
[  308.441092][   T29] audit: type=1326 audit(1739708029.422:71108): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21873 comm="syz.3.6281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd5a3d5cde9 code=0x7ffc0000
[  308.441139][   T29] audit: type=1326 audit(1739708029.422:71109): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21873 comm="syz.3.6281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5a3d5cde9 code=0x7ffc0000
[  308.441174][   T29] audit: type=1326 audit(1739708029.422:71110): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21873 comm="syz.3.6281" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fd5a3d5cde9 code=0x7ffc0000
[  308.491211][T21868] lo speed is unknown, defaulting to 1000
[  308.495239][   T29] audit: type=1326 audit(1739708029.422:71111): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21873 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5a3d5cde9 code=0x7ffc0000
[  308.495269][   T29] audit: type=1326 audit(1739708029.422:71112): auid=4294967295 uid=0 gid=60929 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=21873 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd5a3d5cde9 code=0x7ffc0000
[  308.527371][T21864]  loop5: p1 < > p4
[  308.584262][T21864] loop5: p4 size 8388608 extends beyond EOD, truncated
[  308.593778][T21882]  loop6: p1 < > p4
[  308.602919][   T28] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.626767][T21882] loop6: p4 size 8388608 extends beyond EOD, truncated
[  308.663782][T21872]  loop6: p1 < > p4
[  308.668500][T21872] loop6: p4 size 8388608 extends beyond EOD, truncated
[  308.688741][T21890] lo speed is unknown, defaulting to 1000
[  308.700187][T21893] loop3: detected capacity change from 0 to 1024
[  308.708106][T21893] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  308.719072][T21893] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[  308.729123][T21893] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  308.742064][T21893] EXT4-fs (loop3): invalid journal inode
[  308.747792][T21893] EXT4-fs (loop3): can't get journal size
[  308.751607][   T28] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.764670][T21893] EXT4-fs error (device loop3): ext4_protect_reserved_inode:182: inode #3: comm syz.3.6282: blocks 2-2 from inode overlap system zone
[  308.776398][T21895] loop0: detected capacity change from 0 to 2048
[  308.795219][T21893] EXT4-fs (loop3): failed to initialize system zone (-117)
[  308.802579][T21893] EXT4-fs (loop3): mount failed
[  308.850993][T21895]  loop0: p1 < > p4
[  308.855497][T21895] loop0: p4 size 8388608 extends beyond EOD, truncated
[  308.864733][T21875] lo speed is unknown, defaulting to 1000
[  308.871694][   T28] bridge_slave_1: left allmulticast mode
[  308.877363][   T28] bridge_slave_1: left promiscuous mode
[  308.877551][T21899] loop5: detected capacity change from 0 to 764
[  308.883070][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.901496][   T28] bridge_slave_0: left allmulticast mode
[  308.907280][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.944881][T21903] Invalid ELF header magic: != ELF
[  308.986677][T21906] loop5: detected capacity change from 0 to 164
[  309.020047][T21908] loop5: detected capacity change from 0 to 512
[  309.033192][T21908] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  309.041795][T21908] EXT4-fs (loop5): orphan cleanup on readonly fs
[  309.048470][T21908] EXT4-fs warning (device loop5): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  309.063816][T21908] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  309.071138][T21908] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.6287: bg 0: block 40: padding at end of block bitmap is not set
[  309.086012][T21908] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  309.095206][T21908] EXT4-fs (loop5): 1 truncate cleaned up
[  309.101436][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  309.102789][T21908] EXT4-fs error (device loop5): ext4_xattr_block_get:596: inode #16: comm syz.5.6287: corrupted xattr block 31: invalid header
[  309.123319][T21908] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=16
[  309.132639][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  309.142976][   T28] bond0 (unregistering): Released all slaves
[  309.173229][T21903] lo speed is unknown, defaulting to 1000
[  309.180362][T21913] loop5: detected capacity change from 0 to 512
[  309.221438][T21913] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  309.237251][T21913] EXT4-fs (loop5): orphan cleanup on readonly fs
[  309.244144][   T28] hsr_slave_0: left promiscuous mode
[  309.244564][T21913] EXT4-fs warning (device loop5): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  309.265267][   T28] hsr_slave_1: left promiscuous mode
[  309.270448][T21913] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  309.277493][   T28] veth1_macvtap: left promiscuous mode
[  309.284841][   T28] veth0_macvtap: left promiscuous mode
[  309.287845][T21913] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.6288: bg 0: block 40: padding at end of block bitmap is not set
[  309.301366][   T28] veth1_vlan: left promiscuous mode
[  309.306784][T21913] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  309.320694][   T28] veth0_vlan: left promiscuous mode
[  309.326314][T21913] EXT4-fs (loop5): 1 truncate cleaned up
[  309.350798][T21913] EXT4-fs error (device loop5): ext4_xattr_block_get:596: inode #16: comm syz.5.6288: corrupted xattr block 31: invalid header
[  309.356733][T21918] loop0: detected capacity change from 0 to 1024
[  309.364440][T21913] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=16
[  309.392272][T21918] ext4 filesystem being mounted at /135/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  309.408600][T21918] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  309.431280][T21918] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 1 with error 28
[  309.443791][T21918] EXT4-fs (loop0): This should not happen!! Data will be lost
[  309.443791][T21918] 
[  309.453474][T21918] EXT4-fs (loop0): Total free blocks count 0
[  309.459520][T21918] EXT4-fs (loop0): Free/Dirty block details
[  309.465507][T21918] EXT4-fs (loop0): free_blocks=4293918720
[  309.471260][T21918] EXT4-fs (loop0): dirty_blocks=16
[  309.476389][T21918] EXT4-fs (loop0): Block reservation details
[  309.482512][T21918] EXT4-fs (loop0): i_reserved_data_blocks=1
[  309.489082][   T28] team0 (unregistering): Port device team_slave_1 removed
[  309.511501][   T28] team0 (unregistering): Port device team_slave_0 removed
[  309.609394][T21933] loop5: detected capacity change from 0 to 1024
[  309.616859][T21933] EXT4-fs: Ignoring removed nomblk_io_submit option
[  309.645814][T21939] loop6: detected capacity change from 0 to 128
[  309.654170][T19171] EXT4-fs error (device loop5): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /168/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  309.688867][T21939] syz.6.6295: attempt to access beyond end of device
[  309.688867][T21939] loop6: rw=0, sector=121, nr_sectors = 920 limit=128
[  309.707711][T21875] chnl_net:caif_netlink_parms(): no params data found
[  309.756798][T21875] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.763978][T21875] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.774484][T21875] bridge_slave_0: entered allmulticast mode
[  309.789387][T21875] bridge_slave_0: entered promiscuous mode
[  309.794535][T21948] loop5: detected capacity change from 0 to 764
[  309.796367][T21875] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.808712][T21875] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.810539][T21949] loop6: detected capacity change from 0 to 1024
[  309.816172][T21875] bridge_slave_1: entered allmulticast mode
[  309.828797][T21875] bridge_slave_1: entered promiscuous mode
[  309.846544][T21951] loop0: detected capacity change from 0 to 164
[  309.855319][T21949] EXT4-fs (loop6): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  309.866400][T21949] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (14919!=20869)
[  309.876070][T21949] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  309.877165][T21951] syz.0.6299: attempt to access beyond end of device
[  309.877165][T21951] loop0: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  309.887851][T21949] EXT4-fs (loop6): invalid journal inode
[  309.900359][T21951] syz.0.6299: attempt to access beyond end of device
[  309.900359][T21951] loop0: rw=0, sector=263328, nr_sectors = 4 limit=164
[  309.925184][T21949] EXT4-fs (loop6): can't get journal size
[  309.932763][T21875] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  309.942641][T21949] EXT4-fs error (device loop6): ext4_protect_reserved_inode:182: inode #3: comm syz.6.6298: blocks 2-2 from inode overlap system zone
[  309.944839][T21875] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  310.003658][T21949] EXT4-fs (loop6): failed to initialize system zone (-117)
[  310.013717][T21956] loop0: detected capacity change from 0 to 164
[  310.027307][T21956] rock: directory entry would overflow storage
[  310.033541][T21956] rock: sig=0x4f50, size=4, remaining=3
[  310.039114][T21956] iso9660: Corrupted directory entry in block 4 of inode 1792
[  310.039178][T21949] EXT4-fs (loop6): mount failed
[  310.061684][T21875] team0: Port device team_slave_0 added
[  310.068648][T21875] team0: Port device team_slave_1 added
[  310.104403][T21875] batman_adv: batadv0: Adding interface: batadv_slave_0
[  310.111405][T21875] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  310.137428][T21875] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  310.175861][T21875] batman_adv: batadv0: Adding interface: batadv_slave_1
[  310.183332][T21875] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  310.209607][T21875] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  310.264737][T21964] loop0: detected capacity change from 0 to 8192
[  310.277764][T21970] loop5: detected capacity change from 0 to 164
[  310.286102][T21970] syz.5.6307: attempt to access beyond end of device
[  310.286102][T21970] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  310.305001][T21970] syz.5.6307: attempt to access beyond end of device
[  310.305001][T21970] loop5: rw=0, sector=263328, nr_sectors = 4 limit=164
[  310.332054][T21875] hsr_slave_0: entered promiscuous mode
[  310.338995][T21972] loop6: detected capacity change from 0 to 164
[  310.343071][T21875] hsr_slave_1: entered promiscuous mode
[  310.351677][T21875] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  310.359757][T21875] Cannot create hsr debugfs directory
[  310.372574][T21972] syz.6.6308: attempt to access beyond end of device
[  310.372574][T21972] loop6: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  310.394135][T21972] syz.6.6308: attempt to access beyond end of device
[  310.394135][T21972] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  310.427881][T21974] loop3: detected capacity change from 0 to 512
[  310.439964][T21976] loop5: detected capacity change from 0 to 1024
[  310.448289][T21976] EXT4-fs: Ignoring removed nomblk_io_submit option
[  310.464599][T21974] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  310.473536][T21974] EXT4-fs (loop3): orphan cleanup on readonly fs
[  310.484978][T21974] EXT4-fs warning (device loop3): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  310.504134][T21984] loop6: detected capacity change from 0 to 164
[  310.516258][T21974] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  310.523690][T21974] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.6309: bg 0: block 40: padding at end of block bitmap is not set
[  310.530775][T21984] syz.6.6312: attempt to access beyond end of device
[  310.530775][T21984] loop6: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  310.538695][T21974] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  310.560814][T21974] EXT4-fs (loop3): 1 truncate cleaned up
[  310.563294][T19171] EXT4-fs error (device loop5): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /173/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  310.572528][T21974] EXT4-fs error (device loop3): ext4_xattr_block_get:596: inode #16: comm syz.3.6309: corrupted xattr block 31: invalid header
[  310.592472][T21984] syz.6.6312: attempt to access beyond end of device
[  310.592472][T21984] loop6: rw=0, sector=263328, nr_sectors = 4 limit=164
[  310.601635][T21974] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop3 ino=16
[  310.692727][T21988] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6315'.
[  310.722550][T21996] loop0: detected capacity change from 0 to 1024
[  310.729213][T21996] EXT4-fs: Ignoring removed nomblk_io_submit option
[  310.760656][T19982] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /144/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  310.763436][T22001] loop3: detected capacity change from 0 to 512
[  310.802525][T22001] ext4 filesystem being mounted at /6/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  310.941520][T22011] loop0: detected capacity change from 0 to 8192
[  310.953270][T22016] loop5: detected capacity change from 0 to 512
[  310.964554][T21875] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  310.974004][T21875] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  310.983331][T21875] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  310.983986][T22016] ext4 filesystem being mounted at /175/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  311.003716][T21875] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  311.047931][T22020] loop6: detected capacity change from 0 to 1024
[  311.047944][T21875] 8021q: adding VLAN 0 to HW filter on device bond0
[  311.053651][T21875] 8021q: adding VLAN 0 to HW filter on device team0
[  311.069661][T22020] EXT4-fs: Ignoring removed nomblk_io_submit option
[  311.080478][T15514] bridge0: port 1(bridge_slave_0) entered blocking state
[  311.087613][T15514] bridge0: port 1(bridge_slave_0) entered forwarding state
[  311.102482][T15514] bridge0: port 2(bridge_slave_1) entered blocking state
[  311.109621][T15514] bridge0: port 2(bridge_slave_1) entered forwarding state
[  311.124321][T16684] EXT4-fs error (device loop6): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /307/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  311.165075][T22027] loop0: detected capacity change from 0 to 512
[  311.193231][T22027] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  311.205262][T22027] EXT4-fs (loop0): orphan cleanup on readonly fs
[  311.212694][T21875] 8021q: adding VLAN 0 to HW filter on device batadv0
[  311.212901][T22027] EXT4-fs warning (device loop0): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  311.234869][T22027] EXT4-fs (loop0): Cannot turn on quotas: error -117
[  311.244060][T22027] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.6325: bg 0: block 40: padding at end of block bitmap is not set
[  311.250574][T22035] loop6: detected capacity change from 0 to 1024
[  311.258677][T22027] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  311.274211][T22027] EXT4-fs (loop0): 1 truncate cleaned up
[  311.275360][T22035] EXT4-fs: Ignoring removed nomblk_io_submit option
[  311.285562][T22027] EXT4-fs error (device loop0): ext4_xattr_block_get:596: inode #16: comm syz.0.6325: corrupted xattr block 31: invalid header
[  311.300592][T22027] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=16
[  311.337612][T21875] veth0_vlan: entered promiscuous mode
[  311.350101][T22045] loop0: detected capacity change from 0 to 1024
[  311.358286][T16684] EXT4-fs error (device loop6): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /308/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  311.359002][T21875] veth1_vlan: entered promiscuous mode
[  311.387589][T22045] EXT4-fs: Ignoring removed nomblk_io_submit option
[  311.399807][T21875] veth0_macvtap: entered promiscuous mode
[  311.407009][T21875] veth1_macvtap: entered promiscuous mode
[  311.417360][T21875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  311.428091][T21875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.438848][T21875] batman_adv: batadv0: Interface activated: batadv_slave_0
[  311.442728][T19982] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /149/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  311.447850][T21875] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  311.478036][T21875] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  311.489579][T21875] batman_adv: batadv0: Interface activated: batadv_slave_1
[  311.504374][T21875] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  311.513188][T21875] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  311.521946][T21875] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  311.530838][T21875] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  311.601146][T22059] lo speed is unknown, defaulting to 1000
[  311.648752][T22066] loop3: detected capacity change from 0 to 2048
[  311.664437][T22065] lo speed is unknown, defaulting to 1000
[  311.702362][T22066]  loop3: p1 < > p4
[  311.707946][T22066] loop3: p4 size 8388608 extends beyond EOD, truncated
[  311.714970][T22069] loop1: detected capacity change from 0 to 2048
[  311.740650][T22068] loop0: detected capacity change from 0 to 8192
[  311.792132][T22069]  loop1: p1 < > p4
[  311.796512][T22069] loop1: p4 size 8388608 extends beyond EOD, truncated
[  311.816026][T22075] FAULT_INJECTION: forcing a failure.
[  311.816026][T22075] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  311.829179][T22075] CPU: 0 UID: 0 PID: 22075 Comm: syz.5.6334 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0
[  311.829205][T22075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  311.829223][T22075] Call Trace:
[  311.829231][T22075]  <TASK>
[  311.829240][T22075]  dump_stack_lvl+0xf2/0x150
[  311.829305][T22075]  dump_stack+0x15/0x1a
[  311.829326][T22075]  should_fail_ex+0x24a/0x260
[  311.829357][T22075]  should_fail+0xb/0x10
[  311.829387][T22075]  should_fail_usercopy+0x1a/0x20
[  311.829483][T22075]  strncpy_from_user+0x25/0x210
[  311.829509][T22075]  ? kmem_cache_alloc_noprof+0x18e/0x320
[  311.829531][T22075]  ? getname_flags+0x81/0x3b0
[  311.829572][T22075]  getname_flags+0xb0/0x3b0
[  311.829605][T22075]  user_path_at+0x26/0x120
[  311.829676][T22075]  __se_sys_mount+0x24b/0x2d0
[  311.829712][T22075]  ? fput+0x1c4/0x200
[  311.829733][T22075]  __x64_sys_mount+0x67/0x80
[  311.829764][T22075]  x64_sys_call+0x2c84/0x2dc0
[  311.829803][T22075]  do_syscall_64+0xc9/0x1c0
[  311.829859][T22075]  ? clear_bhb_loop+0x55/0xb0
[  311.829889][T22075]  ? clear_bhb_loop+0x55/0xb0
[  311.829922][T22075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.829955][T22075] RIP: 0033:0x7fc29ed9cde9
[  311.830004][T22075] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.830023][T22075] RSP: 002b:00007fc29d401038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  311.830041][T22075] RAX: ffffffffffffffda RBX: 00007fc29efb5fa0 RCX: 00007fc29ed9cde9
[  311.830055][T22075] RDX: 00004000000002c0 RSI: 0000400000000080 RDI: 0000000000000000
[  311.830075][T22075] RBP: 00007fc29d401090 R08: 0000400000000400 R09: 0000000000000000
[  311.830090][T22075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  311.830104][T22075] R13: 0000000000000000 R14: 00007fc29efb5fa0 R15: 00007ffcf3ea5a68
[  311.830125][T22075]  </TASK>
[  312.049725][T22079] loop5: detected capacity change from 0 to 164
[  312.066523][T22077] loop0: detected capacity change from 0 to 512
[  312.091552][T22079] syz.5.6338: attempt to access beyond end of device
[  312.091552][T22079] loop5: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  312.142578][T22077] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  312.160811][T22077] EXT4-fs (loop0): orphan cleanup on readonly fs
[  312.179208][T22077] EXT4-fs warning (device loop0): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  312.195031][T22081] loop1: detected capacity change from 0 to 8192
[  312.204144][T22095] loop3: detected capacity change from 0 to 512
[  312.213276][T22077] EXT4-fs (loop0): Cannot turn on quotas: error -117
[  312.238802][T22077] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.6336: bg 0: block 40: padding at end of block bitmap is not set
[  312.258492][T22077] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  312.274761][T22077] EXT4-fs (loop0): 1 truncate cleaned up
[  312.283154][T22077] EXT4-fs error (device loop0): ext4_xattr_block_get:596: inode #16: comm syz.0.6336: corrupted xattr block 31: invalid header
[  312.298340][T22077] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=16
[  312.299891][T22095] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  312.433570][T22107] loop1: detected capacity change from 0 to 1024
[  312.440343][T22107] EXT4-fs: Ignoring removed nomblk_io_submit option
[  312.498063][T21875] EXT4-fs error (device loop1): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /3/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  312.574590][T22121] loop6: detected capacity change from 0 to 1024
[  312.583741][T22121] EXT4-fs: Ignoring removed nomblk_io_submit option
[  312.591920][T21875] EXT4-fs unmount: 155 callbacks suppressed
[  312.591935][T21875] EXT4-fs (loop1): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  312.602539][T22121] EXT4-fs (loop6): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  312.671072][T22134] loop5: detected capacity change from 0 to 512
[  312.679494][T16684] EXT4-fs (loop6): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  312.682148][T22134] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  312.696671][T22134] EXT4-fs (loop5): orphan cleanup on readonly fs
[  312.713836][T22134] EXT4-fs warning (device loop5): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  312.731283][T22134] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  312.738425][T22134] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.6356: bg 0: block 40: padding at end of block bitmap is not set
[  312.753401][T22134] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  312.753621][T22143] loop0: detected capacity change from 0 to 1024
[  312.762700][T22134] EXT4-fs (loop5): 1 truncate cleaned up
[  312.768915][T22143] EXT4-fs: Ignoring removed nomblk_io_submit option
[  312.775362][T22134] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  312.799366][T22134] EXT4-fs error (device loop5): ext4_xattr_block_get:596: inode #16: comm syz.5.6356: corrupted xattr block 31: invalid header
[  312.812933][T22134] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop5 ino=16
[  312.826723][T22143] EXT4-fs (loop0): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  312.840162][T19171] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.874674][T19982] EXT4-fs error (device loop0): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /156/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  312.905380][T22149] loop6: detected capacity change from 0 to 1024
[  312.913133][T22149] EXT4-fs: Ignoring removed nomblk_io_submit option
[  312.923018][T22149] EXT4-fs (loop6): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  312.937130][T19982] EXT4-fs (loop0): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  312.948237][T21666] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.981605][T16684] EXT4-fs error (device loop6): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /319/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  313.024130][T22159] loop3: detected capacity change from 0 to 1024
[  313.030867][T22159] EXT4-fs: Ignoring removed nomblk_io_submit option
[  313.069281][T22159] EXT4-fs (loop3): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  313.097212][T21666] EXT4-fs error (device loop3): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /9/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  313.124294][T16684] EXT4-fs (loop6): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  313.155140][T22171] FAULT_INJECTION: forcing a failure.
[  313.155140][T22171] name failslab, interval 1, probability 0, space 0, times 0
[  313.167923][T22171] CPU: 0 UID: 0 PID: 22171 Comm: syz.0.6366 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0
[  313.167954][T22171] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  313.167970][T22171] Call Trace:
[  313.167978][T22171]  <TASK>
[  313.167987][T22171]  dump_stack_lvl+0xf2/0x150
[  313.168026][T22171]  dump_stack+0x15/0x1a
[  313.168045][T22171]  should_fail_ex+0x24a/0x260
[  313.168071][T22171]  should_failslab+0x8f/0xb0
[  313.168098][T22171]  __kmalloc_node_noprof+0xad/0x410
[  313.168150][T22171]  ? __kvmalloc_node_noprof+0x72/0x170
[  313.168175][T22171]  ? should_fail_ex+0xd7/0x260
[  313.168201][T22171]  __kvmalloc_node_noprof+0x72/0x170
[  313.168240][T22171]  seq_read_iter+0x144/0x930
[  313.168265][T22171]  proc_reg_read_iter+0x118/0x190
[  313.168355][T22171]  copy_splice_read+0x383/0x5b0
[  313.168381][T22171]  ? __pfx_copy_splice_read+0x10/0x10
[  313.168477][T22171]  splice_direct_to_actor+0x269/0x670
[  313.168499][T22171]  ? __pfx_direct_splice_actor+0x10/0x10
[  313.168659][T22171]  do_splice_direct+0xd7/0x150
[  313.168680][T22171]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  313.168712][T22171]  do_sendfile+0x398/0x660
[  313.168733][T22171]  __x64_sys_sendfile64+0x110/0x150
[  313.168831][T22171]  x64_sys_call+0xfbd/0x2dc0
[  313.168854][T22171]  do_syscall_64+0xc9/0x1c0
[  313.168879][T22171]  ? clear_bhb_loop+0x55/0xb0
[  313.168967][T22171]  ? clear_bhb_loop+0x55/0xb0
[  313.168991][T22171]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.169015][T22171] RIP: 0033:0x7f6eaeefcde9
[  313.169028][T22171] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  313.169120][T22171] RSP: 002b:00007f6ead567038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  313.169136][T22171] RAX: ffffffffffffffda RBX: 00007f6eaf115fa0 RCX: 00007f6eaeefcde9
[  313.169147][T22171] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000005
[  313.169158][T22171] RBP: 00007f6ead567090 R08: 0000000000000000 R09: 0000000000000000
[  313.169168][T22171] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[  313.169179][T22171] R13: 0000000000000000 R14: 00007f6eaf115fa0 R15: 00007fff85f9bcf8
[  313.169195][T22171]  </TASK>
[  313.407342][T22169] loop6: detected capacity change from 0 to 512
[  313.416156][   T29] kauditd_printk_skb: 1295 callbacks suppressed
[  313.416173][   T29] audit: type=1326 audit(1739708034.512:72402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22173 comm="syz.5.6367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc29ed9cde9 code=0x7ffc0000
[  313.452967][T21666] EXT4-fs (loop3): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  313.462599][T22174] loop5: detected capacity change from 0 to 164
[  313.471768][   T29] audit: type=1326 audit(1739708034.512:72403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22173 comm="syz.5.6367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc29ed9cde9 code=0x7ffc0000
[  313.495465][   T29] audit: type=1326 audit(1739708034.552:72404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22173 comm="syz.5.6367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc29ed9cde9 code=0x7ffc0000
[  313.519124][   T29] audit: type=1326 audit(1739708034.552:72405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22173 comm="syz.5.6367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc29ed9cde9 code=0x7ffc0000
[  313.542985][   T29] audit: type=1326 audit(1739708034.552:72406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22173 comm="syz.5.6367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc29ed9cde9 code=0x7ffc0000
[  313.553616][T22179] loop1: detected capacity change from 0 to 512
[  313.566843][   T29] audit: type=1326 audit(1739708034.552:72407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22173 comm="syz.5.6367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc29ed9cde9 code=0x7ffc0000
[  313.588028][T22169] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.596625][   T29] audit: type=1326 audit(1739708034.552:72408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22173 comm="syz.5.6367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc29ed9cde9 code=0x7ffc0000
[  313.609590][T22179] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  313.632606][   T29] audit: type=1326 audit(1739708034.552:72409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22173 comm="syz.5.6367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc29ed9cde9 code=0x7ffc0000
[  313.641455][T22179] EXT4-fs (loop1): orphan cleanup on readonly fs
[  313.664014][   T29] audit: type=1326 audit(1739708034.552:72410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22173 comm="syz.5.6367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc29ed9cde9 code=0x7ffc0000
[  313.670959][T22169] ext4 filesystem being mounted at /320/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  313.693947][   T29] audit: type=1326 audit(1739708034.552:72411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22173 comm="syz.5.6367" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc29ed9cde9 code=0x7ffc0000
[  313.728451][T22179] EXT4-fs warning (device loop1): ext4_enable_quotas:7145: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  313.744784][T22179] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  313.752072][T22179] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.6369: bg 0: block 40: padding at end of block bitmap is not set
[  313.770869][T22179] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6550: Corrupt filesystem
[  313.780703][T22179] EXT4-fs (loop1): 1 truncate cleaned up
[  313.806582][T22186] loop5: detected capacity change from 0 to 8192
[  313.808516][T22179] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  313.852604][T22179] EXT4-fs error (device loop1): ext4_xattr_block_get:596: inode #16: comm syz.1.6369: corrupted xattr block 31: invalid header
[  313.866545][T22179] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop1 ino=16
[  313.888521][T21875] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.899107][T16684] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.900552][T22194] loop3: detected capacity change from 0 to 512
[  313.928845][T22194] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.930354][T22203] usb usb1: usbfs: process 22203 (syz.6.6375) did not claim interface 0 before use
[  313.980511][T22194] ext4 filesystem being mounted at /11/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  314.001950][T22197] loop5: detected capacity change from 0 to 8192
[  314.032488][T22205] loop6: detected capacity change from 0 to 8192
[  314.042686][T22202] loop1: detected capacity change from 0 to 8192
[  314.108618][T22210] FAULT_INJECTION: forcing a failure.
[  314.108618][T22210] name failslab, interval 1, probability 0, space 0, times 0
[  314.121405][T22210] CPU: 1 UID: 0 PID: 22210 Comm: syz.6.6378 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0
[  314.121430][T22210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  314.121443][T22210] Call Trace:
[  314.121451][T22210]  <TASK>
[  314.121459][T22210]  dump_stack_lvl+0xf2/0x150
[  314.121525][T22210]  dump_stack+0x15/0x1a
[  314.121550][T22210]  should_fail_ex+0x24a/0x260
[  314.121626][T22210]  should_failslab+0x8f/0xb0
[  314.121663][T22210]  __kmalloc_noprof+0xab/0x3f0
[  314.121688][T22210]  ? sock_kmalloc+0x83/0xc0
[  314.121719][T22210]  sock_kmalloc+0x83/0xc0
[  314.121749][T22210]  ____sys_sendmsg+0x127/0x4b0
[  314.121819][T22210]  __sys_sendmmsg+0x227/0x4b0
[  314.121871][T22210]  __x64_sys_sendmmsg+0x57/0x70
[  314.121901][T22210]  x64_sys_call+0x29aa/0x2dc0
[  314.121984][T22210]  do_syscall_64+0xc9/0x1c0
[  314.122074][T22210]  ? clear_bhb_loop+0x55/0xb0
[  314.122108][T22210]  ? clear_bhb_loop+0x55/0xb0
[  314.122141][T22210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.122204][T22210] RIP: 0033:0x7f3af1a6cde9
[  314.122223][T22210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.122245][T22210] RSP: 002b:00007f3af00d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  314.122267][T22210] RAX: ffffffffffffffda RBX: 00007f3af1c85fa0 RCX: 00007f3af1a6cde9
[  314.122282][T22210] RDX: 0000000000000001 RSI: 0000400000000780 RDI: 0000000000000004
[  314.122348][T22210] RBP: 00007f3af00d1090 R08: 0000000000000000 R09: 0000000000000000
[  314.122364][T22210] R10: 0000000004008804 R11: 0000000000000246 R12: 0000000000000001
[  314.122378][T22210] R13: 0000000000000000 R14: 00007f3af1c85fa0 R15: 00007ffd08c41f48
[  314.122399][T22210]  </TASK>
[  314.406991][T22225] lo speed is unknown, defaulting to 1000
[  314.434987][T22227] loop1: detected capacity change from 0 to 164
[  314.521564][T22236] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6388'.
[  314.541321][T22236] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  314.548832][T22236] batman_adv: batadv0: Removing interface: batadv_slave_0
[  314.569344][T22236] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  314.577078][T22236] batman_adv: batadv0: Removing interface: batadv_slave_1
[  314.667500][T22242] FAULT_INJECTION: forcing a failure.
[  314.667500][T22242] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  314.680709][T22242] CPU: 0 UID: 0 PID: 22242 Comm: syz.6.6391 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0
[  314.680740][T22242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  314.680765][T22242] Call Trace:
[  314.680772][T22242]  <TASK>
[  314.680780][T22242]  dump_stack_lvl+0xf2/0x150
[  314.680812][T22242]  dump_stack+0x15/0x1a
[  314.680835][T22242]  should_fail_ex+0x24a/0x260
[  314.680870][T22242]  should_fail+0xb/0x10
[  314.680954][T22242]  should_fail_usercopy+0x1a/0x20
[  314.680987][T22242]  strncpy_from_user+0x25/0x210
[  314.681083][T22242]  ? filename_lookup+0x267/0x340
[  314.681106][T22242]  strncpy_from_user_nofault+0x66/0xe0
[  314.681166][T22242]  bpf_probe_read_compat_str+0xb3/0x130
[  314.681252][T22242]  bpf_prog_e42f6260c1b72fb3+0x3e/0x40
[  314.681271][T22242]  bpf_trace_run3+0x10c/0x1d0
[  314.681296][T22242]  ? putname+0xcf/0xf0
[  314.681329][T22242]  ? putname+0xcf/0xf0
[  314.681378][T22242]  __traceiter_kmem_cache_free+0x33/0x50
[  314.681404][T22242]  ? putname+0xcf/0xf0
[  314.681514][T22242]  kmem_cache_free+0x237/0x2d0
[  314.681567][T22242]  putname+0xcf/0xf0
[  314.681619][T22242]  __se_sys_newlstat+0x72/0x280
[  314.681656][T22242]  ? fput+0x1c4/0x200
[  314.681751][T22242]  ? ksys_write+0x176/0x1b0
[  314.681821][T22242]  __x64_sys_newlstat+0x31/0x40
[  314.681842][T22242]  x64_sys_call+0x1dad/0x2dc0
[  314.681870][T22242]  do_syscall_64+0xc9/0x1c0
[  314.681900][T22242]  ? clear_bhb_loop+0x55/0xb0
[  314.681930][T22242]  ? clear_bhb_loop+0x55/0xb0
[  314.681965][T22242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.681993][T22242] RIP: 0033:0x7f3af1a6cde9
[  314.682010][T22242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.682031][T22242] RSP: 002b:00007f3af00d1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000006
[  314.682056][T22242] RAX: ffffffffffffffda RBX: 00007f3af1c85fa0 RCX: 00007f3af1a6cde9
[  314.682070][T22242] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00004000000002c0
[  314.682083][T22242] RBP: 00007f3af00d1090 R08: 0000000000000000 R09: 0000000000000000
[  314.682096][T22242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  314.682109][T22242] R13: 0000000000000000 R14: 00007f3af1c85fa0 R15: 00007ffd08c41f48
[  314.682130][T22242]  </TASK>
[  314.954494][T21666] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.990253][T22244] loop0: detected capacity change from 0 to 8192
[  314.996989][T22249] loop6: detected capacity change from 0 to 1024
[  315.023800][T22249] EXT4-fs: Ignoring removed nomblk_io_submit option
[  315.054614][T22249] EXT4-fs (loop6): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  315.088312][T16684] EXT4-fs error (device loop6): ext4_readdir:261: inode #2: block 16: comm syz-executor: path /330/file1: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=21519, rec_len=0, size=1024 fake=0
[  315.127093][T22261] ==================================================================
[  315.135317][T22261] BUG: KCSAN: data-race in vfs_fsync_range / writeback_single_inode
[  315.143449][T22261] 
[  315.145786][T22261] write to 0xffff8881066b8d28 of 4 bytes by task 22244 on cpu 1:
[  315.153529][T22261]  writeback_single_inode+0x14f/0x3f0
[  315.158956][T22261]  sync_inode_metadata+0x5c/0x90
[  315.163937][T22261]  __generic_file_fsync+0xed/0x140
[  315.169088][T22261]  fat_file_fsync+0x46/0x100
[  315.173735][T22261]  vfs_fsync_range+0x116/0x130
[  315.178531][T22261]  generic_file_write_iter+0x1c3/0x310
[  315.184115][T22261]  iter_file_splice_write+0x5f1/0x980
[  315.189516][T22261]  direct_splice_actor+0x160/0x2c0
[  315.194683][T22261]  splice_direct_to_actor+0x302/0x670
[  315.200176][T22261]  do_splice_direct+0xd7/0x150
[  315.204970][T22261]  do_sendfile+0x398/0x660
[  315.209406][T22261]  __x64_sys_sendfile64+0x110/0x150
[  315.214813][T22261]  x64_sys_call+0xfbd/0x2dc0
[  315.219488][T22261]  do_syscall_64+0xc9/0x1c0
[  315.224027][T22261]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.229953][T22261] 
[  315.232285][T22261] read to 0xffff8881066b8d28 of 4 bytes by task 22261 on cpu 0:
[  315.239936][T22261]  vfs_fsync_range+0x9a/0x130
[  315.244692][T22261]  generic_file_write_iter+0x1c3/0x310
[  315.250178][T22261]  iter_file_splice_write+0x5f1/0x980
[  315.255586][T22261]  direct_splice_actor+0x160/0x2c0
[  315.260715][T22261]  splice_direct_to_actor+0x302/0x670
[  315.266107][T22261]  do_splice_direct+0xd7/0x150
[  315.270904][T22261]  do_sendfile+0x398/0x660
[  315.275340][T22261]  __x64_sys_sendfile64+0x110/0x150
[  315.280583][T22261]  x64_sys_call+0xfbd/0x2dc0
[  315.285195][T22261]  do_syscall_64+0xc9/0x1c0
[  315.289736][T22261]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  315.295670][T22261] 
[  315.298003][T22261] value changed: 0x00000038 -> 0x00000022
[  315.303719][T22261] 
[  315.306048][T22261] Reported by Kernel Concurrency Sanitizer on:
[  315.312202][T22261] CPU: 0 UID: 0 PID: 22261 Comm: syz.0.6392 Not tainted 6.14.0-rc2-syzkaller-00303-gad1b832bf1cf #0
[  315.322973][T22261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  315.333226][T22261] ==================================================================
[  315.387038][T16684] EXT4-fs (loop6): unmounting filesystem 00000000-0500-0000-0000-000000000000.