last executing test programs:

1m48.775074248s ago: executing program 0 (id=2866):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0xa26}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0xa0, 0x30, 0x9, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{}, {}, {0x6}, {}, {0x0, 0x0, 0xfe}, {}, {0x3}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x0)

1m48.736269189s ago: executing program 0 (id=2870):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00'}, 0x18)
r0 = socket$netlink(0x10, 0x3, 0xb)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r2 = openat$tun(0xffffffffffffff9c, 0x0, 0xc1842, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r3, 0x8914, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_read_part_table(0x60d, &(0x7f0000002240)="$eJzs3D9olHcYB/DvJbmcUTAdnFxqHDoJRXE0Q5XkqlgIp1IIDvYfIs0UIXDSw5Q4tBkUM0jHLlK4DhonYwYnRaFzEQeLkMGlYBepHXLl7l6SOyjF0oRS/HyGe353PDzf94F3/V34XxtIuTi1Kp3y/qd/298a3TzP50xzYvJ4q9VqnU5KOZtyxsq7l5MMpX9q9icZ7plz8/udq9/+9mG5+fTUq/fOPVgc2JhZyTtJdvU2Z+SvHqXyzzZlO9wafzi6cGW2erX9pdpYW/84uf1yorZycnFp+UT52Oft3y8nj4r+7osxkoup51K+zCdDbxz19eax1Jc/386vj194Um2sfdd8fnB9b3Xw7vkjr/etXrt/KJlrR0yl87JvGv6Xi/fkL/Tkz41dn15qHD1wZ8+Nw/V7j2svBn9vdRWR5a3JBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABge9xqf1yZrV6tj194Um2sffPzTx/dfjlRWzm5uLR8YvjYs6LvUVGHinox9VxKOclMZvJFZt88crrUmz/+cHRhI/+Pncnzg+t7q82754+8nly9dv9Qp6uUqXYZ2IqN+/XnN9bmxq5PLzWOHriz58bh+r3HtReD3b6ZSj7rrJuksvWPAQAAAAAAAAAAAAAAAAAAwFtuYvL4vqkPaqeTUs7uSPLrV51b9q3KyI/p3Lzv2l/UZ5Vkd5KbO7r/BdB8eurV8LkHi78Ul+LnU8l8kl0/rJxJ3t3IudwfW96czH/pzwAAAP//gTiR5w==")
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0xc082, 0x1db)
writev(r4, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x100000}], 0x1) (fail_nth: 1)
futex(0x0, 0x85, 0x0, 0x0, 0x0, 0xc5fffffd)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2fffffffd}, 0xc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
close(r0)
openat$selinux_context(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)}, 0x8001)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{}, &(0x7f0000000040), &(0x7f0000000140)}, 0x20)
socket(0x10, 0x3, 0x0)

1m48.618058421s ago: executing program 0 (id=2874):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r0}, &(0x7f0000000000), &(0x7f00000005c0)=r1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0xa26}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0xa0, 0x30, 0x9, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{}, {}, {0x6}, {}, {0x0, 0x0, 0xfe}, {}, {0x3}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x0)

1m48.610308971s ago: executing program 0 (id=2876):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x4, 0xfd, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x2000c16, &(0x7f0000000080)={[{@usrquota}, {@jqfmt_vfsv0}]}, 0xff, 0x257, &(0x7f0000000500)="$eJzs3U9oFFccB/DfzO42TbKUtL0USv9AKaUNhPRW6CW9tBAoIZRSaAsppfSiJEJM8JZ48uJBj6KSk5cg3oweJZfgRRE8Rc0hXgQNHgweVFjZnQTyTxOzmx1xPh+YzEzy5v3eMPN9ExaGDaCweiJiICJKEdEbEZWISDY2+DJbetZ2ZzoXRiJqtd8eJ4122X5m/bjuiJiOiB8iYj5N4lA5YnLur+Wni798c3Ki8vWFuT8723qSa1aWl35dPT904vLg95M3bz8cSmIgqpvOq/WSHX5XTiI+Oohib4mknPcI2IvhY5fu1HP/cUR81ch/JdLILt6p8ffmK/HduVcde/rRrU/bOVag9Wq1Sv0ZOF0DCieNiGokaV9EZNtp2teX/Q9/t9SVHh4bP9r7/9jE6H95z1RAq1Qjln6+2nGle0v+H5Sy/APvqOxDqaXfh2fv1TdWS3kPCGiLz7JV/fnf+8/UtyH/UDjyD8Ul/1Bc8g/FJf9QXPIPxSX/UFzyD8Ul/1Bc+87/mRcHNyigLTbmHwAollrHvt4abv2LyEDb5T3/AAAAAAAAAAAAAAAAAAAA2810LoysL63psbxri+tnI1Z+yppur19qfB9xxPuNn11Pkk09Jnuq8Hp/f9FkB026mPPb1x/cz7f+jc/zrT81GjF9PCL6y+Xt91+ydv/t34e7/L3yb5MF3lCyZf/HP9pbf6vns/nWH1yMuFaff/p3mn/S+KSx3nn+qdavX5P1jzxrsgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADa5mUAAAD//7FLbdg=")
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x10, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r2}, {}, {}, {0x7, 0x0, 0xb, 0x7}}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xffffffff}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
fcntl$setstatus(r1, 0x4, 0x6000)
io_setup(0x200, &(0x7f0000000140)=<r4=>0x0)
io_submit(r4, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r1, &(0x7f0000000000), 0x4000}])
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="02000000fdffffff0100"/28], 0x50)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000500003aab8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f00000002c0)={'wg2\x00', <r8=>0x0})
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r11 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r12 = syz_pidfd_open(r11, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r12, 0xff03, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r10}, 0x10)
sendmsg$WG_CMD_SET_DEVICE(r6, &(0x7f0000000340)={0x0, 0x100000, &(0x7f0000000300)={&(0x7f0000000380)=ANY=[@ANYBLOB="80020000", @ANYRES16=r7, @ANYBLOB="05002abd7000fddbdf2501000000080005000100000030020880f400008024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b24000100000000000000000000000000000000000000000000000000000000000000000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001171ee8da334a5099295af229a5d237a7f4102f01f28b34347d6cbbe135d83ec24000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c0800030007200000240002005da952055e5857d673cddd36909746c80efa3ff95c317de1063db32bc80a0b3e060005000200000008000300030000007800008024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff0600050005000000480009801c000080060001000200000008000200ffffffff050003000100000028000080060001000a00000014000200ff02000000000000000000000000000105000300020000003c00008024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b1400040002004e2200000000000000000000000078000080040009800800030002000000200004000a004e2000000005000000000000000000000000000000010400000024000100d1732899f611cd8994034d7f413dc957630e5493c285aca40065cb6311be696b240002000f1b8b82264208ab1a2dce776c03b9f348f500ef8e7606466943f5ba2ae2881e0c0000800800030006000000060006004e24000008000100", @ANYRES32=r8, @ANYBLOB="240003"], 0x280}, 0x1, 0x0, 0x0, 0x4000}, 0x40)

1m48.364059214s ago: executing program 0 (id=2881):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0xa26}, 0x18)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0xa0, 0x30, 0x9, 0x0, 0x0, {}, [{0x8c, 0x1, [@m_bpf={0x88, 0x1, 0x0, 0x0, {{0x8}, {0x60, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x7}, @TCA_ACT_BPF_OPS={0x3c, 0x4, [{}, {}, {0x6}, {}, {0x0, 0x0, 0xfe}, {}, {0x3}]}, @TCA_ACT_BPF_PARMS={0x18}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa0}}, 0x0)

1m47.302352251s ago: executing program 0 (id=2900):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)={0x1b, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x90, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
r1 = syz_open_procfs(0x0, &(0x7f0000000400)='task\x00')
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0x20, &(0x7f0000000080)={&(0x7f0000000000)=""/14, 0xe, <r3=>0x0, &(0x7f0000000380)=""/228, 0xe4}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0x20000000000000b5, &(0x7f0000000300)=ANY=[@ANYBLOB="1810f0000000000200000000e2897b", @ANYRES8=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000540)={{0x1, 0x1, 0x18, <r4=>0xffffffffffffffff, {0x800}}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xd, 0xf, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x53d7440e, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000180)='syzkaller\x00', 0xa, 0x1000, &(0x7f0000000f80)=""/4096, 0xc2d00, 0x1, '\x00', 0x0, @fallback=0x33, r1, 0x8, &(0x7f00000004c0)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000000500)={0x1, 0x5, 0x8a, 0x5}, 0x10, r3, r4, 0x2, 0x0, &(0x7f0000000580)=[{0x0, 0x3, 0xe, 0x4}, {0x2, 0x1, 0x2, 0x2}], 0x10, 0x6, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x18)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="d80000001c0081064e81f782db44b9040a1d08040e00000000000aa1180002000600142603600e1208000f0000810401a8001605200001400200000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a985162756aa5e8d7ce06bbace8017cbec4c2fe5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f76eb4edbb57a5025ccca9e00360db70100000040fad95667e006dc62d89e5bec34f9731f16b4ab583fdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a12954b43", 0xe6}, {&(0x7f0000000100)="348b1b00d0599a5f8db2786c58eb0ead344bb10d4a151758378e425cad670ff3443468bc9a9194afc6ec43505c871c3a3b9fe348911296f0", 0x38}], 0x2, 0x0, 0x0, 0x7400}, 0x0)

1m47.294856851s ago: executing program 32 (id=2900):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)={0x1b, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, 0x90, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x2, 0x0, @void, @value, @void, @value}, 0x50)
r1 = syz_open_procfs(0x0, &(0x7f0000000400)='task\x00')
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000480)={0xffffffffffffffff, 0x20, &(0x7f0000000080)={&(0x7f0000000000)=""/14, 0xe, <r3=>0x0, &(0x7f0000000380)=""/228, 0xe4}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x0, 0x20000000000000b5, &(0x7f0000000300)=ANY=[@ANYBLOB="1810f0000000000200000000e2897b", @ANYRES8=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000540)={{0x1, 0x1, 0x18, <r4=>0xffffffffffffffff, {0x800}}, './file0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0xd, 0xf, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x53d7440e, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000180)='syzkaller\x00', 0xa, 0x1000, &(0x7f0000000f80)=""/4096, 0xc2d00, 0x1, '\x00', 0x0, @fallback=0x33, r1, 0x8, &(0x7f00000004c0)={0x5, 0x3}, 0x8, 0x10, &(0x7f0000000500)={0x1, 0x5, 0x8a, 0x5}, 0x10, r3, r4, 0x2, 0x0, &(0x7f0000000580)=[{0x0, 0x3, 0xe, 0x4}, {0x2, 0x1, 0x2, 0x2}], 0x10, 0x6, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x18)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000000)="d80000001c0081064e81f782db44b9040a1d08040e00000000000aa1180002000600142603600e1208000f0000810401a8001605200001400200000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a985162756aa5e8d7ce06bbace8017cbec4c2fe5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f76eb4edbb57a5025ccca9e00360db70100000040fad95667e006dc62d89e5bec34f9731f16b4ab583fdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a12954b43", 0xe6}, {&(0x7f0000000100)="348b1b00d0599a5f8db2786c58eb0ead344bb10d4a151758378e425cad670ff3443468bc9a9194afc6ec43505c871c3a3b9fe348911296f0", 0x38}], 0x2, 0x0, 0x0, 0x7400}, 0x0)

1m0.692839847s ago: executing program 2 (id=3916):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) (fail_nth: 6)
writev(r0, 0x0, 0x0)

1m0.290190963s ago: executing program 2 (id=3918):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x3, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x20, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x10001}, [@ldst={0x1, 0x0, 0x4, 0x2, 0x1, 0x2}]}, &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb269, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xffffffffffffff31)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x63, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000080000000b"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000020001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6)
getsockname$packet(r6, &(0x7f0000000680)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r7, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x2, 0x4}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000006c0)=@newtfilter={0x68, 0x28, 0x575ac7824d421509, 0x70bd2d, 0x4, {0x0, 0x0, 0x0, r7, {0xa}, {0x6}, {0xfff1, 0x3d}}, [@filter_kind_options=@f_bpf={{0x8}, {0x3c, 0x2, [@TCA_BPF_ACT={0x38, 0x1, [@m_connmark={0x34, 0x5, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}}]}, 0x68}}, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000800000a90000000030a0300000000000000000002e000000c00020000000000000000010900010073797a30"], 0xb8}, 0x1, 0x0, 0x0, 0x20008011}, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

59.768651971s ago: executing program 2 (id=3926):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000001380)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r2)
sendmsg$NL80211_CMD_GET_WIPHY(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="0103000000000200000001000000080003"], 0x28}}, 0x40)

59.647483124s ago: executing program 2 (id=3929):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000ac0)={[{@noblock_validity}, {}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x578, &(0x7f0000002b40)="$eJzs3V9rW+UfAPDvSdt1/36/dTCGeiGFXTiZS9fWPxOEzUvR4UDvZ2jPymi6jCYdax1su3A33sgQRByIL8B7L4dvwFcx0MGQUfXCm8hJT9asbdq0iyaazwdO+zw5J33Ok+d8n37POQkJYGCNZz8KES9GxBdJxJGWdcORrxxf2271yc2ZbEmiXv/o1ySS/LHm9kn++1BeeSEifvws4lRhc7vV5ZX5UrmcLub1idrCtYnq8srpKwuluXQuvTo1PX32jempt996s2t9ffXiH19/+OC9s5+fWP3q+0dH7yVxPg7n61r78Rxut1bGYzx/TUbi/IYNJ7vQWD9Jer0D7MlQHucjkc0BR2Ioj3rgv+9WRNSBAZWIfxhQzTwgO//d19tUpCcev7t2AtS8trF+HWB47dpI7G+cGx1cTZ45M8rOd8e60H7Wxg+/3L+XLbHDdYhbXWgPoOn2nYg4Mzy8ef5L8vlv7840Lh5vb2Mbbea/+mg0pmKgix5k+c9rW+U/haf5T2yR/xzaInb3Yuf4LzzqQjNtZfnfO7F1/3NjQ3ntf42cbyS5fKWcnomI/0fEyRgZzerb3c85u/qw3m5da/6XLVn7zVww349Hw6PPPme2VCs9T59bPb4T8dJ6/pvEpvl/fyPX3Tj+2etxscM2jqf3X263buf+t+p+Blz/LuKVLcd//Y5Wsv39yYnG8TDRPCo2+/3u8Z/atb+7/ndfNv4Ht+//WNJ6v7a6+za+3f9n2m7dXo//fcnHjXLznPVGqVZbnIzYl3yw+fGp9ec2683ts/6fPLH9/LfV8X8gIj7psP93j91tu2k/jP/srsZ/94WH73/6Tbv2Oxv/1xulk/kjncx/ne7g87x2AAAAAAAA0G8KEXE4kkLxablQKBbX3t9xLA4WypVq7dTlytLV2Wh8VnYsRgrNO91HWt4PMZm/H7ZZn9pQn46IoxHx5dCBRr04UynP9rrzAAAAAAAAAAAAAAAAAAAA0CcOtfn8f+bnoV7vHfC385XfMLh2jP9ufNMT0Jf8/4fBJf5hcIl/GFziHwaX+IfBJf5hcIl/GFziHwAAAAAAAAAAAAAAAAAAAAAAAAAAALrq4oUL2VJffXJzJqvPXl9emq9cPz2bVueLC0szxZnK4rXiXKUyV06LM5WFnf5euVK5NjkVSzcmamm1NlFdXrm0UFm6Wrt0ZaE0l15KR/6RXgEAAAAAAAAAAAAAAAAAAMC/S3V5Zb5ULqeLCm0L56IvdmPPhWSnUT6XHwx7amK49x1U6LAw+lvnG/d4YgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAFn8FAAD//4WDL3k=")
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000400b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
io_setup(0x8, 0x0)
ioprio_set$uid(0x3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./file0\x00', 0x10010, &(0x7f0000000a80)=ANY=[], 0x1, 0x11dc, &(0x7f0000001280)="$eJzs3MGLG1UcB/Bf19rW1N2sWqstiA+96GVo9uBFL0G2IA0obSO0gjB1JxoyJiETFiJi9eTVv0M8ehPEm1724t/gbS8eexBHTNR2l3hYdDewfD6X/OD3vuQ9BgbeMG/23/jq40Gvynr5NNbOnIm1cUR6kCLFWvzt83j19R9/euHWnbs32p3O9s2Urrdvt15LKW28+P17n37z0g/Ti+9+u/Hd+djbfH//161f9i7vXdn//fZH/Sr1qzQcTVOe7o1G0/xeWaSdfjXIUnqnLPKqSP1hVUwO9HvlaDyepXy4s94YT4qqSvlwlgbFLE1HaTqZpfzDvD9MWZal9UbwX3S/flDXdURdPx7noq7r+oloxMV4MtZjI5qxGU/F0/FMXIpn43I8F8/HlfmoVc8bAAAAAAAAAAAAAAAAAAAAThfn/wEAAAAAAAAAAAAAAAAAAGD1bt25e6Pd6WzfTOlCRPnlbne3u/hd9Nu96EcZRVyLZvwW89P/C4v6+lud7WtpbjO+KO//lb+/233sYL41/5zA0nxrkU8H8+ej8Wh+K5pxaXl+a2n+Qrzy8iP5LJrx8wcxijJ24s/sw/xnrZTefLtzKH91Pg4AAABOgyz9Y+n+Pcv+rb/IH+H5wKH99dm4ena1ayeimn0yyMuymBxbcS6O/S8UCsX/XKz6zsRJeHjRVz0TAAAAAAAAAAAAjuIkXidc9RoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA/2IFjAQAAAABh/tZpdGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBVAAAA//8xgdSv")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x810408, 0x0, 0xff, 0x0, &(0x7f00000007c0))
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus/file0\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='rpc_stats_latency\x00', r0}, 0x18)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f00000003c0)={<r2=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(0xffffffffffffffff, 0x40182103, &(0x7f0000000240)={r2})

59.138449811s ago: executing program 2 (id=3939):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x3, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x20, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x10001}, [@ldst={0x1, 0x0, 0x4, 0x2, 0x1, 0x2}]}, &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb269, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xffffffffffffff31)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x63, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000080000000b"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000020001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xc, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x80, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r5)
getsockname$packet(r5, &(0x7f0000000680)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x2, 0x4}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000006c0)=@newtfilter={0x68, 0x28, 0x575ac7824d421509, 0x70bd2d, 0x4, {0x0, 0x0, 0x0, r6, {0xa}, {0x6}, {0xfff1, 0x3d}}, [@filter_kind_options=@f_bpf={{0x8}, {0x3c, 0x2, [@TCA_BPF_ACT={0x38, 0x1, [@m_connmark={0x34, 0x5, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}}]}, 0x68}}, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000800000a90000000030a0300000000000000000002e000000c00020000000000000000010900010073797a30"], 0xb8}, 0x1, 0x0, 0x0, 0x20008011}, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

58.734751308s ago: executing program 2 (id=3952):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000d00)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a0000000000000008000100020000000400"], 0x24}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=ANY=[@ANYBLOB="2000000069000305000000000000000000000000000000000800010002"], 0x20}}, 0x0)

58.709712578s ago: executing program 33 (id=3952):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000d00)={&(0x7f00000000c0)=ANY=[@ANYBLOB="240000006800010009000000000000000a0000000000000008000100020000000400"], 0x24}}, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=ANY=[@ANYBLOB="2000000069000305000000000000000000000000000000000800010002"], 0x20}}, 0x0)

20.239217609s ago: executing program 6 (id=4678):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
msgget$private(0x0, 0x240)

20.222566579s ago: executing program 6 (id=4679):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="01000000070000000100010005"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, 0x0, 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000008000000000000000000000181100", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0xb804, 0x0)
r4 = epoll_create1(0x0)
epoll_wait(r4, &(0x7f0000000000)=[{}], 0x1, 0xfffffe38)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000200)={0xa0000001})

20.15469084s ago: executing program 6 (id=4680):
openat2(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x7e, &(0x7f0000000580)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0xfffd, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010100, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x2c, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x800, @private, @local, {[@cipso={0x86, 0x21, 0x0, [{0x1, 0xb, "5e000000ff00000000"}, {0x0, 0x2}, {0x0, 0xe, "9606053d0006ff00800000b6"}]}, @timestamp_addr={0x44, 0x1c, 0xb0, 0x1, 0xa, [{@loopback, 0x2}, {@multicast1, 0xa6de}, {@loopback, 0xffff}]}]}}}}}}}, 0x0)

20.140211441s ago: executing program 6 (id=4681):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file2\x00', 0x280880f, &(0x7f0000000040), 0x3a, 0x527, &(0x7f0000000100)="$eJzs3c9vHFcdAPDvjL1tNnFZt/RQKtFWtMiOIGu7Jq3VQ6ESglOlQrkHY2+M5bU3stdpbBXqiD8ACSFAQkJwgQsSB46VUP4EhBSJ3BEgEIIEDhwCg3Z3NjjOrn80u57E/nyk8bx5O7vf79NoZ+e9Gc8EcGq9FBGTEZGlWXY+Iip5fZpPsdOZWuvduf3+QmtKIsve/Xs5kryu+1lP5vNz+dvORMRXvxzxjeTBuBtb2yvz9XptPV+eaq4md7Ns+8Ly6vxSbam2Njs789rc63MX56YH0s7xiHjzi3/+wXd/8aU3f/PZ9/5w6a+T3+40sGN3OwYpifIDdaMRsT6MYAVptaeUly8etPL14ecDAEB/reP9ZyLiUxFxPiox0j6aAwAAAE6S7PNjcTeJyAAAAIATK42IsUjSakRcfbZVTtNqtXMN77NxNq03NpqfySr3xgvGo5ReXq7XpvNrB8ajlLSWZ/JrbLvLr+5Zno2IpyPi+5Vye7m60KgvFjryAQAAAKfHuV39/zQi/lXp9P8BAACAE2b8iOuPDCkPAAAAYHiO2v8HAAAAHj9H7f+/tfnr2SGlAgAAAAzeO2+/3X5Yd/f514tXtzZXGlcvLNY2VqqrmwvVhcb6lepSo7HUvmff6kGfV280rnwu1javTTVrG82pja3tS6uNzbXmpeX248ABAACAAjz94o1bSUTsvFFOu3VP5PNSRNb9V/8Pf/6T54rJEBiW9Cgr/2l4eQDHz6184PQaLToBoDClohMACvfgfuD+I4O+F+/89uDPTu5m2UdMCwAAGKCJT9y41T3U33mj3J53z/8nHxSXFzB8+fn/JCk6EeDYOf8Pp1dn3P+b5aLzAI5fab8jAJ0COPHSQ3zVH+b8f4drAAAAoGhj7SlJq3k/YOzFNK1WI55qPxaglFxertemI+JjEfH7SunJ1vJM+52J4QEAAAAAAAAAAAAAAAAAAAAAAAAAOKQsSyIDAAAATrSI9C9JexxgJCYqr4ztHR94Ivl3pT2PiPd+/O4Pr803m+szrfp/3Ktv/iivf7WIEQwAAABgr24/vduPBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBBunP7/YXudJxx//ZWRIz3ij8aZ9rzM1GKiLP/TGJ01/uSiBgZQPyd6xHxXK/4SSutGM+z2Bs/jYhywfHPDSA+nGY3WvufL/T6/qXxUnve+/s3mk8Pq//+L723/xvps/976pAxnr/5q6m+8a9HPD/ae//TjZ/0if/yIeN//Wvb2/1ey34WMdHz9ye5L9ZUc/XK1MbW9oXl1fml2lJtbXZ25rW51+cuzk1PXV6u1/K/PWN875Mf/ne/9p/tE3/8gPa/csj2/+fmtdsf7xRLe14qxU+zbPLlXvG/9U7WVsn2xu/+9n06/x1oLU90yzud8m4v/PJ3L+zX/sU+7T9o+08esv3nv/KdPx5yVQDgGGxsba/M1+u19cep8Ew8Emk80oU038A9Xiofez7lXmkMqzAfj8gm+KD/JngMCgXulAAAgKH4/0H/fdVpYQkBAAAAAAAAAAAAAAAAAADAKXTQbcBiALcT2xtzp5imAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs638BAAD//2PM4P8=")
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
ptrace(0x10, r3)
ioctl$F2FS_IOC_DECOMPRESS_FILE(r1, 0xf517, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r4, &(0x7f0000000140)={0x0, 0xfffffec0, &(0x7f0000000040)={&(0x7f00000004c0)={0x3c, r2, 0x1, 0x1070bd2c, 0x4, {0x5}, [@L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x5}, @L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x5}, @L2TP_ATTR_SESSION_ID={0xfffffffffffffe7b, 0xb, 0xfffffffd}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x5}, @L2TP_ATTR_LNS_MODE={0x5, 0x14, 0x6}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20048000}, 0x30)

19.258088324s ago: executing program 6 (id=4696):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x10)
setreuid(0x0, 0xee00)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

18.87051764s ago: executing program 6 (id=4703):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="01000000070000000100010005"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, 0x0, 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000008000000000000000000000181100", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0xb804, 0x0)
r4 = epoll_create1(0x0)
epoll_wait(r4, &(0x7f0000000000)=[{}], 0x1, 0xfffffe38)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000200)={0xa0000001})

18.8415283s ago: executing program 34 (id=4703):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=ANY=[@ANYBLOB="01000000070000000100010005"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r0}, 0x0, 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000008000000000000000000000181100", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0xb804, 0x0)
r4 = epoll_create1(0x0)
epoll_wait(r4, &(0x7f0000000000)=[{}], 0x1, 0xfffffe38)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000200)={0xa0000001})

2.940138185s ago: executing program 7 (id=4976):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYRES32=<r1=>r0], 0x7c}}, 0x4040044)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a54000000060a0b0400000000000000000200000028000480240001800b000100736f636b6574000014000280080002400000000b08000140000000030900010073797a30000000009900020073797a3200000000140000001100010000000000000000000000000a"], 0x7c}}, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000500)=ANY=[@ANYRES16=r1], &(0x7f0000000100)='GPL\x00', 0xc4, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x17)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, 0x0, 0x0)
r4 = add_key(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, &(0x7f0000000140)="d8", 0x1, r4)
keyctl$search(0xa, r4, &(0x7f0000000080)='user\x00', &(0x7f0000000180)={'syz', 0x3}, r3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r7 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r7, 0xa, 0x13)
fcntl$setlease(r7, 0x400, 0x0)
timer_create(0x0, &(0x7f00000005c0)={0x0, 0x40, 0x2}, &(0x7f0000000280)=<r8=>0x0)
timer_settime(r8, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000000c0), 0x0)

2.179297217s ago: executing program 3 (id=4988):
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x90020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94) (async)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async, rerun: 64)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20) (async, rerun: 64)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
gettid()
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0) (async)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffff50, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r3}, 0x10) (async)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB="7f454c460403ad03000000000000000002003e00000000000103000038000000000000000ff30000000020"], 0x58) (async)
utime(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x7, 0x800}) (async)
close(r4) (async)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0)
write(r5, &(0x7f0000000000)='#', 0x1) (async, rerun: 32)
ioctl$TCSETA(r5, 0x5406, &(0x7f0000000340)={0xff05, 0x4f34, 0x800, 0x4, 0x0, "5f730000a9003f00"}) (rerun: 32)
ioctl$TIOCL_GETMOUSEREPORTING(r5, 0x5412, &(0x7f00000006c0)=0x5f) (async, rerun: 64)
r6 = add_key$keyring(&(0x7f0000000080), &(0x7f0000001100)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) (rerun: 64)
keyctl$describe(0x6, r6, &(0x7f0000000540)=""/166, 0xa6)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x300000c, 0x51031, 0xffffffffffffffff, 0x0) (async, rerun: 64)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (rerun: 64)
kexec_load(0x0, 0x0, 0x0, 0x0)

2.054625079s ago: executing program 5 (id=4990):
r0 = syz_io_uring_setup(0x34fc, &(0x7f0000000100)={0x0, 0x645e, 0x800, 0x400002, 0x250}, &(0x7f0000000400)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000240)=0xfffffc04, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_SENDMSG={0x9, 0x1c, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000005c0)=[{0x0}, {0x0}], 0x2}, 0x0, 0x4080})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

2.017207229s ago: executing program 3 (id=4991):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000400b70800000000396f7b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f00000003c0)={<r2=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000240)={r2, 0x0, r1})

1.991998159s ago: executing program 7 (id=4992):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYRES32=<r1=>r0], 0x7c}}, 0x4040044)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a54000000060a0b0400000000000000000200000028000480240001800b000100736f636b6574000014000280080002400000000b08000140000000030900010073797a30000000009900020073797a3200000000140000001100010000000000000000000000000a"], 0x7c}}, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000500)=ANY=[@ANYRES16=r1], &(0x7f0000000100)='GPL\x00', 0xc4, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x17)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, 0x0, 0x0)
r4 = add_key(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, &(0x7f0000000140)="d8", 0x1, r4)
keyctl$search(0xa, r4, &(0x7f0000000080)='user\x00', &(0x7f0000000180)={'syz', 0x3}, r3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
r7 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r7, 0xa, 0x13)
fcntl$setlease(r7, 0x400, 0x0)
timer_create(0x0, &(0x7f00000005c0)={0x0, 0x40, 0x2}, &(0x7f0000000280)=<r8=>0x0)
timer_settime(r8, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000000c0), 0x0)

1.369760429s ago: executing program 1 (id=5001):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000016c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14)
setsockopt$MRT_FLUSH(0xffffffffffffffff, 0x0, 0xd4, &(0x7f0000000100)=0xe, 0x4)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)

1.353506889s ago: executing program 5 (id=5002):
bpf$PROG_LOAD(0x5, 0x0, 0xa)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r0 = socket(0x10, 0x2, 0x0)
write(r0, 0x0, 0x0)
mq_open(0x0, 0x1, 0x40, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000380)='sched_switch\x00', r2, 0x0, 0x4}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x3, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x4c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r4, 0x0, 0x6}, 0x18)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a30000000005c000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000900120800014000000000140003007665746830"], 0xa4}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40080}, 0x8000)
sendmsg$NFT_BATCH(r3, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a09000000000002000000020000000900020073797a310000000008000440000000000900010073797a30000000000800034000000007"], 0x64}}, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = io_uring_setup(0x4332, &(0x7f0000000780)={0x0, 0x986d, 0x1000, 0xfffffffc})
r7 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r8, 0x0, r7, 0x0, 0x46)
close_range(r6, 0xffffffffffffffff, 0x0)

1.30578378s ago: executing program 1 (id=5003):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14)
close(r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x6}, 0x18)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r4, 0x0, 0xd4, &(0x7f0000000100)=0xe, 0x4)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file5\x00', 0x4)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)

1.30503279s ago: executing program 5 (id=5013):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000016c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14)
close(r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x6}, 0x18)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r4, 0x0, 0xd4, &(0x7f0000000100)=0xe, 0x4)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file5\x00', 0x4)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)

1.28083126s ago: executing program 4 (id=5004):
openat2(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x7e, &(0x7f0000000580)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0xfffd, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010100, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x2c, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x800, @private, @local, {[@cipso={0x86, 0x21, 0x0, [{0x1, 0xb, "5e000000ff00000000"}, {0x0, 0x2}, {0x0, 0xe, "9606053d0006ff00800000b6"}]}, @timestamp_addr={0x44, 0x1c, 0xb0, 0x1, 0xa, [{@loopback, 0x2}, {@multicast1, 0xa6de}, {@loopback, 0xffff}]}]}}}}}}}, 0x0)

1.2799031s ago: executing program 4 (id=5005):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x10000, 0x1}, 0x8002, 0x0, 0x1003, 0x2, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0x1}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0x0)

1.234809091s ago: executing program 4 (id=5006):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000016c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14)
close(r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x6}, 0x18)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r4, 0x0, 0xd4, &(0x7f0000000100)=0xe, 0x4)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file5\x00', 0x4)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)

1.225758221s ago: executing program 1 (id=5007):
syz_io_uring_setup(0x117, &(0x7f0000000100), 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000060000007c6e00000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x149882, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r6=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=ANY=[@ANYBLOB="540000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="15020000fe0f00001c00128009000100766c616e000000000c000280060001000000000008000500", @ANYRES32=r6, @ANYBLOB], 0x54}, 0x1, 0xba01, 0x0, 0x4010}, 0x4000000)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x90, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000040)='sys_enter\x00', r7}, 0x10)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r8, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r8, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, 0x0, 0x0, 0x43, 0x0, "0aaa8ff5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a7c1d13e6507e5a774ef95f2fc1b947e03d5c8379123f2f1d34b0882e83d41b67cb9ff147c6d33a097d2269351b3ed3"}, 0xd8)

1.107844183s ago: executing program 3 (id=5008):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x34}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x2c}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000000740)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x1c, r1, 0x10, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x1c}}, 0x40)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0900000003000000080000000400000002000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000090000000000cc482c6fb9d3898efe9212a9791e0c0d967f3b67fd15a67b3612f6d8fa5ef7365b08fab01711303dee4f8adab0573aa7719e922f0761e6a9d9057fad13ba5402dc004d3de06e872268fa35a936a172cb20f9ad72b975a5248e1d774e43a15823d8edbff692c782fedb3b7df50a3ab7082f88b4c56f2d4ae9b8739460f1f46f8ebf96ed348d4cad06912425e5fa09eabdeb88c4a0d980951e6c73db8fde03c314f7ba5b97ff073f518155ca67c3487cb1cda2c77624e6c037cc7ab5b8aa3e674e2eb3fad30c7f7b079a", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
io_setup(0x81, &(0x7f0000001440)=<r4=>0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
r5 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r5, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x5f, 0xffffffffffffffff, {0x29}}, './file0\x00'})
r6 = syz_io_uring_setup(0x6853, &(0x7f0000000380)={0x0, 0x0, 0x2}, &(0x7f0000000340), &(0x7f0000000080))
io_submit(r4, 0x1, &(0x7f00000008c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x5, 0x0, r6, 0x0}])
mknod$loop(&(0x7f0000000780)='./file0\x00', 0x2000, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000840)={'veth0_to_bond\x00', <r7=>0x0})
r8 = socket(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0x3fe3aa0262d8c783, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {0x0, 0xa}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x9a, 0x2, {{0x9, 0x0, 0x7ff, 0x1}, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x1, 0x7, 0x0, 0x0, 0x0, {0x0, 0x20000, 0xfffffffc, 0x0, 0xff}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x40}, 0x4000000)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000880)={'syztnl1\x00', &(0x7f0000000900)={'syztnl1\x00', <r11=>0x0, 0x2f, 0xf7, 0x7, 0x4, 0x20, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x700, 0x20, 0x9, 0x7a4}})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000a40)={'syztnl2\x00', &(0x7f0000000980)={'erspan0\x00', <r12=>0x0, 0x8000, 0x20, 0xce89, 0x8, {{0x21, 0x4, 0x3, 0x9, 0x84, 0x64, 0x0, 0xfa, 0x4, 0x0, @local, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@timestamp_prespec={0x44, 0x14, 0x70, 0x3, 0x9, [{@private=0xa010101, 0x2f}, {@rand_addr=0x64010102, 0x4}]}, @ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0x17, 0xf4, [@rand_addr=0x64010101, @local, @rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty]}, @cipso={0x86, 0x3f, 0x0, [{0x1, 0xc, "c460fd132af1a0a80ead"}, {0x7, 0x10, "b02a0b0fae3cc0004e9d33c68b6e"}, {0x6, 0xf, "5b3f7d043c5a78ed05e5dbc813"}, {0x2, 0x2}, {0x6, 0xa, "484a1d40fbe576b6"}, {0x5, 0x2}]}]}}}}})
sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000c00)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000a80)={0x108, 0x0, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x1}, @ETHTOOL_A_LINKINFO_HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}]}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x8}, @ETHTOOL_A_LINKINFO_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x6}]}, 0x108}, 0x1, 0x0, 0x0, 0x4000}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r13 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r13, &(0x7f0000000000)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000200)=ANY=[@ANYBLOB="0203ff030c00000000000000fddbdf25010009000000000003000600000000000200000000000000000000000000010002000100000000000000050b00000000030005000000000002000000ac141daa0000000000000000010014"], 0x60}, 0x1, 0x7}, 0x0)
r14 = socket$nl_generic(0x10, 0x3, 0x10)
r15 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r16 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r16, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001180)={0x38, r15, 0x10ada85e65c25359, 0xfffffffd, 0x8000000, {{0x6b}, {@val={0x8}, @val={0xc, 0x99, {0x2, 0x72}}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5}]}]}]}, 0x38}}, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r14, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000580)={0xa0, r15, 0x300, 0x70bd2c, 0x2, {{}, {@void, @val={0xc, 0x99, {0x6722, 0x73}}}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0xfffffd21}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x7}, @NL80211_ATTR_DURATION={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xc}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x2}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x380000}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x2}, @NL80211_ATTR_DURATION={0x8}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x15cc}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x383}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1608}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x9}]]}, 0xa0}, 0x1, 0x0, 0x0, 0x50}, 0x200000c0)

1.107581223s ago: executing program 5 (id=5009):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02})
r0 = socket$inet(0x2, 0x2, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
ioctl$KDSKBLED(r2, 0x4b65, 0xd)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000e40)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000043000000950000000000000091a0e3a1c2d366f04d1d428f5385db6cab6c3752e10172cbc9f28a79d457958bdb36ac8f971a6b9a3b4f2a009cfcea294bfb554da1e687f41ee40ceb"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r5}, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e000000080000000000180003801400038010"], 0x44}}, 0x0)
recvmsg$can_j1939(r2, &(0x7f0000000140)={&(0x7f00000000c0)=@can, 0x80, &(0x7f0000000000)=[{&(0x7f0000000780)=""/132, 0x84}, {&(0x7f0000000880)=""/183, 0xb7}], 0x2, &(0x7f0000000d80)=""/130, 0x82}, 0x2100)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x2c)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r8}, 0x10)
openat$rfkill(0xffffffffffffff9c, 0x0, 0x88281, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e00000027f0000010000000003"], 0x1c)
r9 = socket$netlink(0x10, 0x3, 0x0)
writev(r9, &(0x7f00000003c0)=[{&(0x7f0000000300)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
socket(0x29, 0x2e19621493e5494a, 0xb32)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000680)=ANY=[@ANYBLOB="4c000000020601080000000000000000000000400500010006000000050005000200000005000400000000000900020073797a310000000011000300686173683a69702c6d61726b"], 0x4c}}, 0x0)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000440)='./file2\x00', 0x404, &(0x7f0000000380)={[{@errors_remount}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@resgid}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r12 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r12, &(0x7f0000000040), 0x208e24b)
sendmsg$IPSET_CMD_ADD(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000f00)=ANY=[@ANYBLOB="480000000906010200000000000000000200ffff2000d9735c9f09e00000730208000a400000000205000300020000000900020073797a310000000005002c9ce3ae7a1eb5c669a86074c37e970bfb7d74766bb6b304a9441d25ae0d4b6cf5a3cb810d8bb1ae60b926f14aa9f98556999b61316820765484216910e5c3f9cbce8247ea1e6c803626770efd62918b677117e7c873d0f3d2262311011cf155d1d691694d0737121c704d73aad4e734845cbdaca5c123d3569c6e6e4e6ed56607195cd4a5828489a4d63e11e62269f9dd985c00630ab8212c28ec79ff7f66dc78eeef87884cb8b7a8ea54"], 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x40c0080)

1.106545593s ago: executing program 4 (id=5010):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$TOKEN_CREATE(0x24, &(0x7f00000001c0)={0x0, r1}, 0x8)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000940)={0xffffffffffffffff, 0xe0, &(0x7f0000000ac0)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300), ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x1, 0x8, &(0x7f0000000480)=[0x0], &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r6=>0x0, 0xaa, &(0x7f0000000740)=[{}, {}], 0x10, 0x10, &(0x7f0000000780), &(0x7f00000002c0), 0x8, 0x54, 0x8, 0x8, &(0x7f0000000800)}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000bc0)={0x18, 0x4, &(0x7f0000000c80)=ANY=[@ANYBLOB="18010000000000100000000000000000850000007d00000095", @ANYRES64=r6, @ANYRES8=r4, @ANYRES16=0x0, @ANYRESHEX=r5, @ANYRES8], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', r5, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x2000000000000175, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000300bfa20000000000f406020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r7}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
fchdir(r8)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xff, 0x7fff7ffc}]})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r10}, 0x10)
r11 = socket(0x10, 0x3, 0x9)
ioctl$USBDEVFS_IOCTL(r8, 0xc0105512, &(0x7f0000000340)=@usbdevfs_disconnect={0x7})
connect$netlink(r11, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
sendmsg$NFT_BATCH(r11, &(0x7f00000001c0)={&(0x7f0000000080), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000001000010000000101000000000300000a1400000011000100000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x2004c084}, 0x0)
close_range(r9, 0xffffffffffffffff, 0x0)
getcwd(&(0x7f0000000140)=""/178, 0xb2)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a48000000060a09040000000000000000020000001c0dfe6b78ab9563e7b62e745ea415cf000480180001800e000100696d6d656469617465000000040002800900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a"], 0x70}}, 0x0)
r12 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
writev(r12, &(0x7f0000000080)=[{&(0x7f0000000300)='4', 0x1}], 0x1)

789.491288ms ago: executing program 7 (id=5011):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x3, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x20, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x10001}, [@ldst={0x1, 0x0, 0x4, 0x2, 0x1, 0x2}]}, &(0x7f0000000040)='syzkaller\x00', 0x8, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb269, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000200)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xffffffffffffff31)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x63, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0900000004000000080000000b"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000020001801000020646c2100000000002020007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = socket(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6)
getsockname$packet(r6, &(0x7f0000000680)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r7, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x2, 0x4}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000006c0)=@newtfilter={0x68, 0x28, 0x575ac7824d421509, 0x70bd2d, 0x4, {0x0, 0x0, 0x0, r7, {0xa}, {0x6}, {0xfff1, 0x3d}}, [@filter_kind_options=@f_bpf={{0x8}, {0x3c, 0x2, [@TCA_BPF_ACT={0x38, 0x1, [@m_connmark={0x34, 0x5, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}}]}, 0x68}}, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
unlink(&(0x7f0000000180)='./file1\x00')

679.53273ms ago: executing program 3 (id=5012):
r0 = syz_io_uring_setup(0x34fc, &(0x7f0000000100)={0x0, 0x645e, 0x800, 0x400002, 0x250}, &(0x7f0000000400)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000240)=0xfffffc04, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000180)=@IORING_OP_SENDMSG={0x9, 0x1c, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000005c0)=[{0x0}, {0x0}], 0x2}, 0x0, 0x4080})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

648.97042ms ago: executing program 4 (id=5014):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x18, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000016c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14)
setsockopt$MRT_FLUSH(0xffffffffffffffff, 0x0, 0xd4, &(0x7f0000000100)=0xe, 0x4)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)

330.311165ms ago: executing program 5 (id=5015):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x34}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x2c}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x52)
r0 = open(0x0, 0x0, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r0, &(0x7f0000000740)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)={0x1c, r1, 0x10, 0x70bd28, 0x25dfdbfb, {}, [@NL80211_ATTR_REG_ALPHA2={0x7, 0x21, 'aa\x00'}]}, 0x1c}}, 0x40)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="0900000003000000080000000400000002000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000090000000000cc482c6fb9d3898efe9212a9791e0c0d967f3b67fd15a67b3612f6d8fa5ef7365b08fab01711303dee4f8adab0573aa7719e922f0761e6a9d9057fad13ba5402dc004d3de06e872268fa35a936a172cb20f9ad72b975a5248e1d774e43a15823d8edbff692c782fedb3b7df50a3ab7082f88b4c56f2d4ae9b8739460f1f46f8ebf96ed348d4cad06912425e5fa09eabdeb88c4a0d980951e6c73db8fde03c314f7ba5b97ff073f518155ca67c3487cb1cda2c77624e6c037cc7ab5b8aa3e674e2eb3fad30c7f7b079a", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
io_setup(0x81, &(0x7f0000001440)=<r4=>0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
r5 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r5, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x5f, 0xffffffffffffffff, {0x29}}, './file0\x00'})
r6 = syz_io_uring_setup(0x6853, &(0x7f0000000380)={0x0, 0x0, 0x2}, &(0x7f0000000340), &(0x7f0000000080))
io_submit(r4, 0x1, &(0x7f00000008c0)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x5, 0x0, r6, 0x0}])
mknod$loop(&(0x7f0000000780)='./file0\x00', 0x2000, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000840)={'veth0_to_bond\x00', <r7=>0x0})
r8 = socket(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0x3fe3aa0262d8c783, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {0x0, 0xa}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x9a, 0x2, {{0x9, 0x0, 0x7ff, 0x1}, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x1, 0x7, 0x0, 0x0, 0x0, {0x0, 0x20000, 0xfffffffc, 0x0, 0xff}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x40}, 0x4000000)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000880)={'syztnl1\x00', &(0x7f0000000900)={'syztnl1\x00', <r11=>0x0, 0x2f, 0xf7, 0x7, 0x4, 0x20, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x700, 0x20, 0x9, 0x7a4}})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000a40)={'syztnl2\x00', &(0x7f0000000980)={'erspan0\x00', <r12=>0x0, 0x8000, 0x20, 0xce89, 0x8, {{0x21, 0x4, 0x3, 0x9, 0x84, 0x64, 0x0, 0xfa, 0x4, 0x0, @local, @initdev={0xac, 0x1e, 0x1, 0x0}, {[@timestamp_prespec={0x44, 0x14, 0x70, 0x3, 0x9, [{@private=0xa010101, 0x2f}, {@rand_addr=0x64010102, 0x4}]}, @ra={0x94, 0x4, 0x1}, @lsrr={0x83, 0x17, 0xf4, [@rand_addr=0x64010101, @local, @rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty]}, @cipso={0x86, 0x3f, 0x0, [{0x1, 0xc, "c460fd132af1a0a80ead"}, {0x7, 0x10, "b02a0b0fae3cc0004e9d33c68b6e"}, {0x6, 0xf, "5b3f7d043c5a78ed05e5dbc813"}, {0x2, 0x2}, {0x6, 0xa, "484a1d40fbe576b6"}, {0x5, 0x2}]}]}}}}})
sendmsg$ETHTOOL_MSG_LINKINFO_SET(0xffffffffffffffff, &(0x7f0000000c00)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000a80)={0x108, 0x0, 0x200, 0x70bd2b, 0x25dfdbff, {}, [@ETHTOOL_A_LINKINFO_HEADER={0x68, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'dvmrp0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r11}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'geneve0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x1}, @ETHTOOL_A_LINKINFO_HEADER={0x60, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netpci0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'tunl0\x00'}]}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x8}, @ETHTOOL_A_LINKINFO_HEADER={0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r12}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5, 0x5, 0x6}]}, 0x108}, 0x1, 0x0, 0x0, 0x4000}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
r13 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r13, &(0x7f0000000000)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000200)=ANY=[@ANYBLOB="0203ff030c00000000000000fddbdf25010009000000000003000600000000000200000000000000000000000000010002000100000000000000050b00000000030005000000000002000000ac141daa0000000000000000010014"], 0x60}, 0x1, 0x7}, 0x0)
r14 = socket$nl_generic(0x10, 0x3, 0x10)
r15 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r16 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r16, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001180)={0x38, r15, 0x10ada85e65c25359, 0xfffffffd, 0x8000000, {{0x6b}, {@val={0x8}, @val={0xc, 0x99, {0x2, 0x72}}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5}]}]}]}, 0x38}}, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r14, &(0x7f0000000140)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000100)={&(0x7f0000000580)={0xa0, r15, 0x300, 0x70bd2c, 0x2, {{}, {@void, @val={0xc, 0x99, {0x6722, 0x73}}}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0xfffffd21}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x7}, @NL80211_ATTR_DURATION={0x8}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xc}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x2}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x380000}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x2}, @NL80211_ATTR_DURATION={0x8}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x5}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x15cc}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x383}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1608}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x9}]]}, 0xa0}, 0x1, 0x0, 0x0, 0x50}, 0x200000c0)

303.521635ms ago: executing program 1 (id=5016):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000016c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14)
close(r3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x6}, 0x18)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_FLUSH(r4, 0x0, 0xd4, &(0x7f0000000100)=0xe, 0x4)
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file5\x00', 0x4)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)

243.077256ms ago: executing program 7 (id=5017):
openat2(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000005000000020000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_emit_ethernet(0x7e, &(0x7f0000000580)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x70, 0xfffd, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010100, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x3, 0x2c, 0x0, {0x15, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x800, @private, @local, {[@cipso={0x86, 0x21, 0x0, [{0x1, 0xb, "5e000000ff00000000"}, {0x0, 0x2}, {0x0, 0xe, "9606053d0006ff00800000b6"}]}, @timestamp_addr={0x44, 0x1c, 0xb0, 0x1, 0xa, [{@loopback, 0x2}, {@multicast1, 0xa6de}, {@loopback, 0xffff}]}]}}}}}}}, 0x0)

218.696707ms ago: executing program 1 (id=5018):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x3f, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext={0x10000, 0x1}, 0x8002, 0x0, 0x1003, 0x2, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0x1}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB], 0x10b8}, 0x0)

201.098357ms ago: executing program 5 (id=5019):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000400b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f00000003c0)={<r2=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r1, 0x40182103, &(0x7f0000000240)={r2, 0x0, r1})

160.479378ms ago: executing program 4 (id=5020):
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r3, @ANYBLOB="0107000000000000000020000000040003"], 0x1c}, 0x1, 0x0, 0x0, 0x8041}, 0x0)
r4 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r6=>0x0})
r7 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc)=<r8=>0x0)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000940)='./file0\x00', 0x444, &(0x7f0000000580)=ANY=[@ANYRESOCT=r8, @ANYRESDEC, @ANYRES16=r6, @ANYRESDEC=r7], 0xfe, 0x66f, &(0x7f0000002fc0)="$eJzs3Utv29gZxvGHsnyJCwRFWwyCIBOfSTqAg6aKJE88MNJFWYqSOZVEgaQLezVIJ/YgiJxpkxRovJl60wvQfoHuZjOLfogCXXfdL9BlgUG7a9GNCpKiJOseW3GmM/+fkeiIfMnz8hK9oSUdCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyHIqxWLJUt1r7u2byZxK4DemzE/Xtqw7aePOzH4lK/6jtTVdSydd+05/9lvxX7d0I312Q2vxw5pOvvHWNx98O5/Llp+S0HnoVVf4/OXJk4ft9uGz8/XWsc6z3GsxkolycyxVc5te6HsNu+YaL/TNzvZ28d5uNTRVr+6GB2HkNowTuLnID8ymc8eUdna2jFs48PeatYpdd7OJ73+/XCxumw9Wu4f/3geF0Nn16nWvWUti4tlxzGrvDHHthjFHj9uHW7OSjINK8wSVZwWVi+VyqVQul7bv79x/v1jMj0woDtFIRP+k/fIcfFymBb1yAxeXi+v/3y2prjU1tad9mbE/jioK5KsxYX5XVv/fvedO7Xew/mdV/lp/9nUl9f9m+uzmpPo/IRcjkywwbo41Yfr5fp7rpU70RA/VVluHeraY9W4MtP/TSS0w68X91KS85CmUL08N2arJlelOMdrRtrZV1IfaVVWhjKryVJerUAcKFclVIzkmgVzZiuQrkNGmHN2RUUk72tGWjFwVdCBfe2qqpops/bvT6RzpcbLft6bkqCyoNE9QvncOjgZNqv8//TRd4tXqP756eufOHDHAG9fpXv9PtjRu4sbrywgAAAAAACyalfz23Ureu39bUkdVr+4W33RaAAAAAABggZJ3/m/ED8tx621ZE67/O5efGwAAAAAAWAwr+Y6dJWk9+VC/1f8m1IwPAeQuK0UAAAAAAHBByfv/N1ekTjK02oasea//AQAAAADA/4vfDoyxn8/G2O1kY/7lJIWtVevP/1xVsGydtva/ax3b8Rz7uBszMjxgVL1u5ZUO1JuM17siKXnmuDes7vjA3UEwrXRgX+mLo1lj/VvBUAIrS9mvL8YkcPVkIIHtfPeZfq930ph3uv0+OskpmZP2sl716m7B8esPSrLtq7nI3Y9+8fTxL6Wgt51Hj9uHhY8+aT9KcjmNJ50ex3l8eiad3KxcXiTjLSTfuRi3xVdUzbr8XbOxbiX9FrPtX5J9nBvsaL7t/7VupTG31tPH9ZPsCMj6VbdRKiSHrL/1yegQVj+L0vCWjzsQE7JYS7K4ncbc3rydPmT5pUdh7XtLUrkwegyCwSzKg1nM3hfWv0b2xYws4nNhK87iL/GKJmSx9WpZjBwRAHhTjvpVKBnEfHSM/eG6e55XudnV/Ydne3nxx076hcMlKd99byL9EuKkuqL4FX0zDVtJR3HPXx/zil7s1pU1TXhFL16gusV9/al/D6Ru2t05+V4W/+10Og9KSb9/GKqqn8ULfDax37BeXop34b0Xxz9LBsCPfXz48eHTcnlru/hesXi/rOVkM7oP1B4AwBiz77FzNmKtX896tfu93lX1o3+8m7bO1N1v9T5SUNBH+kRtPdLd7BYCG+P7XR/4GMLd0avWOPaKNBxb0t2JV3VJLR2ILfdil5Utcvb/C/3Yrdd9GAAAuFS3ZtTh4fo/7tr9bnbdvXl97HV3Vkd3k1o+fIfgSTW3dMl7AgCArw83+MJaj35jBYHX+rC0s1Oyo13XBL7zYxN4lZprvGbkBs6u3ay5phX4ke/4ddMKtOpV3NCEe62WH0Sm6gem5YfefnLnd9O99XvoNuxm5Dlhq+7aoWscvxnZTmQqXuiY1t6P6l646wbJwmHLdbyq59iR5zdN6F+R4xaMCV13INCruM3Iq3pxs2lagdewgwPzE7++13BNxQ2dwGtFfrrCrC+vWfWDRrLagjrTbnQIAMDXxvOXJ08ettuHz6Y0TpU2ss+jTQleGbfCN7yJAABgCFUaAAAAAAAAAAAAAAAAAAAAAIAvv3m+/ze1kX0pMJuyrDHBUm/Kz6/OtWZL/Smf/+1CGZ6jkRue0h1ptzN78b+mjfy4mCtxY0VSO9v9gzGnC92KjbmClTbyi9+HV6RxZ8Jra/zg6Ox5OBITzxw7a7V3LPIX/+cwrvH08wmzZp9Rq2f34cq0DTzbyEt6tnKBQ3D5r0UALtf/AgAA///rIkS/")
sendmsg$NL80211_CMD_SET_COALESCE(r5, &(0x7f0000000580)={&(0x7f0000000480)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="b0010000", @ANYRES16=r3, @ANYBLOB="00022abd7000fbdbdf2565000000080003", @ANYRES32=r6, @ANYBLOB="7c010380580000805300010080bb8116ae8716edbcf06313b9fc623eb95da6baa3c0ad6878e068036c0806ccd36466005f3a8a7644891532eb6645134d2061aec704190672bb085228b5c6ba0583d4f148f2f2e554eb8e078b4cda00a8000080a1000200a9825f3fcd44ddcc6cb62b956dc0a6a81f6252c9a6878559339e72d967003307ce5fbe42a25369af0e7bd9f03255c4e202c3ccb11fe116eaf3ec3d4455d8bc636634364363d42695c4e1c39dfae0968af3227bc687a2d7683cbc302ede3c9dd76bd4117d531e3a08299d16ce8eb9b4473d2616b38af4891a61bc109b06fedab288e2df289f3d518fb6ab25ef4b8299ea4bdd6f915defd8972587cb54390000007800008072000200f84a646bc98b754aa226d7a62716ab9537098d6b1469c6feaa1b2191721b4647dc2aa7e55e75198b27369c793980c10a4cedd4a3455705f031718053e6f2003a50ced895561640f3850feb8387bcc33756dfd74b57727e1f0d3d50d23f05bc1086a6b7dc205e2ce9acb0dc3546370000080002000000000008000100050000000800020000000000"], 0x1b0}, 0x1, 0x0, 0x0, 0x4001}, 0x4000000)
pwritev(r4, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r4)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000e40)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="bcf9ac2e00"/24, @ANYBLOB="9f0dab7ea2368bfc141149afdcae953ea1346d5f1b387a72473b7ea12a04", @ANYRES32, @ANYBLOB='\x00'/21], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xf, &(0x7f0000000d00)=ANY=[@ANYBLOB="180000000200000000e2000000000000181100007c65768bac8c622f33806d58fd9fc83ebde8bdedad3083d1aae6c7d67f2655185ea6cbe63c2cbf62ae00cebb07e31e0f77c852aa82ca328ce85767f34a294854a29e6ceaa43b2ec174709781326956a740ba20f7bfe3e6a2d76e1beb0258a13b3dd37028faea0c4e30d33df6bc5a434c1c1a2c7e16a2de8f3c87d69a586206f9940cca2eb4e6f9021e4e40045e97c4501d514f941ed95125905839b33f37bdf6", @ANYRES32=r9, @ANYBLOB="00000000a765dca1a50aa81414024cba2c024400000000b7020000141d0000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020100000000008500000085000000b7"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
ioctl$SIOCGSTAMPNS(r2, 0x8907, &(0x7f0000000380))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r10}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a90000000030a0300000000000000000002e000000c00020000"], 0xb8}}, 0x0)
sendfile(r0, r0, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x4, 0x0, 0x1, 0x18, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba7663c435aff94793ddd7aae07ef35f17bf01933bdb6fd7ecdd91b59ca8d541", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x6, 0x7]})
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000500)={<r11=>0xffffffffffffffff})
recvmsg(r11, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f00000005c0)=""/151, 0x84}, {&(0x7f00000003c0)=""/114}, {&(0x7f0000000240)=""/22}], 0x1, &(0x7f0000002f40)=""/244, 0x17}, 0x0)
r12 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmsg$inet6(r12, &(0x7f0000000800)={&(0x7f0000000140)={0xa, 0x4e21, 0x6, @private1, 0x98ae}, 0x1c, &(0x7f0000000780)=[{&(0x7f0000000380)='m', 0x1}], 0x1}, 0x8000)
shutdown(r12, 0x1)
getsockopt$inet_sctp6_SCTP_CONTEXT(r12, 0x84, 0x11, &(0x7f0000000040)={0x0, 0xe0}, &(0x7f0000000080)=0x8)
getsockopt$sock_cred(r11, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc)

132.979878ms ago: executing program 7 (id=5021):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback}, 0x1c) (async)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=@framed={{}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94) (async, rerun: 32)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (rerun: 32)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2}, 0x10) (async)
r3 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$UHID_CREATE2(r3, 0x0, 0x8) (async)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10) (async)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kmem_cache_free\x00', r6, 0x0, 0x9}, 0x18) (async)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0xfffffffe, @loopback}, 0x1c) (async)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000000c0), 0x4) (async)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f0000003100)=@gcm_128={{0x304}, "040000000048bd00", "0dd12f0d004fcf0000e8bfff1a8600", "cf0f00", "8657e2b7e63b34e4"}, 0x28) (async)
write$binfmt_script(r4, &(0x7f0000001300), 0x8f)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r4, 0x6, 0x23, &(0x7f00000013c0)={&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000001380)=0x40) (async, rerun: 64)
writev(r4, &(0x7f0000000080)=[{&(0x7f0000000380)="ac", 0x1}], 0x1) (async, rerun: 64)
sendto$inet6(r0, &(0x7f00000000c0)="3f0f72e72aebc49262de22ae60a522dd9645c8d0c11bdc8a27dd7063f396a77a7f4c9248b8f6d2a3e2b868421c3aa2c3d0605d097893ba265a0cd547c48855a87468b0796dcbf5f2a082e76589e1a6a2b16083043d37184673a5891058827762", 0x60, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x1000, @empty, 0x9}, 0x1c) (async)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='bic\x00', 0x4) (async)
shutdown(r0, 0x1)

130.115578ms ago: executing program 1 (id=5022):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYRES32=<r1=>r0], 0x7c}}, 0x4040044)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a54000000060a0b0400000000000000000200000028000480240001800b000100736f636b6574000014000280080002400000000b08000140000000030900010073797a30000000009900020073797a3200000000140000001100010000000000000000000000000a"], 0x7c}}, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000500)=ANY=[@ANYRES16=r1], &(0x7f0000000100)='GPL\x00', 0xc4, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x17)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x18)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r3, 0x0, 0x0)
r4 = add_key(&(0x7f00000002c0)='keyring\x00', &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
add_key$user(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x3}, &(0x7f0000000140)="d8", 0x1, r4)
keyctl$search(0xa, r4, &(0x7f0000000080)='user\x00', &(0x7f0000000180)={'syz', 0x3}, r3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
r8 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setsig(r8, 0xa, 0x13)
fcntl$setlease(r8, 0x400, 0x0)
timer_create(0x0, &(0x7f00000005c0)={0x0, 0x40, 0x2}, &(0x7f0000000280)=<r9=>0x0)
timer_settime(r9, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f00000000c0), 0x0)

45.431279ms ago: executing program 3 (id=5023):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000040), &(0x7f0000000280)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r1}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
msgget$private(0x0, 0x240)

356.03µs ago: executing program 7 (id=5024):
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0x20, &(0x7f0000000280)={&(0x7f00000001c0)=""/24, 0x18, <r0=>0x0, &(0x7f0000000240)=""/58, 0x3a}}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket(0x1e, 0x80004, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x7, 0x0, 0x1000004}, 0x10)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2, 0x5}, 0x10)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r4 = syz_open_procfs(0x0, &(0x7f00000006c0)='pagemap\x00')
lseek(r4, 0xfffffffffffffffe, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(0xffffffffffffffff, 0x80489439, &(0x7f0000000300))
dup3(r3, r2, 0x0)
ioctl$sock_FIOGETOWN(r2, 0x8903, &(0x7f0000000200))
perf_event_open$cgroup(&(0x7f00000000c0)={0xa, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3832, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, @perf_bp={0x0}, 0x102cc, 0x2}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
close(0x3)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000e80)={0x1e, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x50, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$rds(0x15, 0x5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
dup3(r2, r3, 0x0)

0s ago: executing program 3 (id=5025):
r0 = timerfd_create(0x0, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
readv(r0, &(0x7f0000000640)=[{0x0}], 0x1)

kernel console output (not intermixed with test programs):

[  217.000883][T13694] EXT4-fs: Ignoring removed bh option
[  217.015406][T13577] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  217.026315][T13577] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  217.034057][T13694] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  217.051030][T13694] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4113: comm syz.4.3995: Allocating blocks 385-513 which overlap fs metadata
[  217.069859][T13577] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  217.132361][T13702] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3998'.
[  217.148427][T13577] 8021q: adding VLAN 0 to HW filter on device bond0
[  217.162976][T13577] 8021q: adding VLAN 0 to HW filter on device team0
[  217.187840][ T1437] bridge0: port 1(bridge_slave_0) entered blocking state
[  217.194978][ T1437] bridge0: port 1(bridge_slave_0) entered forwarding state
[  217.217641][T13690] EXT4-fs (loop4): pa ffff8881065457e0: logic 16, phys. 129, len 24
[  217.222902][ T1437] bridge0: port 2(bridge_slave_1) entered blocking state
[  217.225688][T13690] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5364: group 0, 
[  217.232704][ T1437] bridge0: port 2(bridge_slave_1) entered forwarding state
[  217.232711][T13690] free 0, pa_free 8
[  217.254181][T13577] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  217.329630][T13577] 8021q: adding VLAN 0 to HW filter on device batadv0
[  217.380059][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.496780][T13734] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4005'.
[  217.514427][T13577] veth0_vlan: entered promiscuous mode
[  217.525709][T13577] veth1_vlan: entered promiscuous mode
[  217.544445][T13577] veth0_macvtap: entered promiscuous mode
[  217.552231][T13577] veth1_macvtap: entered promiscuous mode
[  217.564424][T13577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  217.575012][T13577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.584913][T13577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  217.595401][T13577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.605311][T13577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  217.615761][T13577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.625649][T13577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  217.636169][T13577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.649149][T13577] batman_adv: batadv0: Interface activated: batadv_slave_0
[  217.667719][T13577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  217.678209][T13577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.688171][T13577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  217.698654][T13577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.708571][T13577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  217.719174][T13577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.729102][T13577] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  217.739562][T13577] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  217.753156][T13577] batman_adv: batadv0: Interface activated: batadv_slave_1
[  217.764602][T13577] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  217.773442][T13577] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  217.782197][T13577] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  217.790929][T13577] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  217.800761][T13746] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4008'.
[  217.858205][T13752] netlink: 'syz.5.4009': attribute type 3 has an invalid length.
[  217.961112][T13763] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4014'.
[  217.977976][T13763] netlink: 100 bytes leftover after parsing attributes in process `syz.1.4014'.
[  218.012852][T13765] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4016'.
[  218.023418][T13767] loop6: detected capacity change from 0 to 1024
[  218.030549][T13767] EXT4-fs: Ignoring removed nobh option
[  218.036260][T13767] EXT4-fs: Ignoring removed bh option
[  218.068489][T13767] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  218.094447][T13767] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.4015: Allocating blocks 385-513 which overlap fs metadata
[  218.117459][T13766] EXT4-fs (loop6): pa ffff888106545850: logic 16, phys. 129, len 24
[  218.125562][T13766] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 8
[  218.196371][T13784] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4020'.
[  218.236235][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.308967][T13794] atomic_op ffff888119422528 conn xmit_atomic 0000000000000000
[  218.422640][T13800] loop4: detected capacity change from 0 to 512
[  218.430697][T13800] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  218.453255][T13800] EXT4-fs (loop4): 1 truncate cleaned up
[  218.459681][T13800] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  218.476037][T13800] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4027'.
[  218.492075][T13800] netlink: 100 bytes leftover after parsing attributes in process `syz.4.4027'.
[  218.541305][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.040853][T13818] loop6: detected capacity change from 0 to 2048
[  219.208086][T13829] netlink: 'syz.3.4036': attribute type 3 has an invalid length.
[  219.228626][T13818] Alternate GPT is invalid, using primary GPT.
[  219.235025][T13818]  loop6: p2 p3 p7
[  219.297166][T13832] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=13832 comm=syz.6.4037
[  219.309787][T13832] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=13832 comm=syz.6.4037
[  219.359262][T13834] loop6: detected capacity change from 0 to 512
[  219.366686][T13834] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  219.390232][T13834] EXT4-fs (loop6): 1 truncate cleaned up
[  219.397245][T13834] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  219.477756][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.509149][T13844] loop4: detected capacity change from 0 to 512
[  219.516474][T13844] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  219.529485][T13844] EXT4-fs (loop4): 1 truncate cleaned up
[  219.535729][T13844] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  219.634512][T13856] loop6: detected capacity change from 0 to 512
[  219.641770][T13856] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  219.657414][T13856] EXT4-fs (loop6): 1 truncate cleaned up
[  219.657915][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.672743][T13856] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  219.751733][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.976752][T13883] loop6: detected capacity change from 0 to 512
[  220.047522][T13891] SELinux:  policydb version 0 does not match my version range 15-34
[  220.055952][T13891] SELinux: failed to load policy
[  220.225693][T13917] netlink: 'syz.1.4072': attribute type 3 has an invalid length.
[  220.854829][ T3380] usb 3-1: enqueue for inactive port 0
[  220.860664][ T3380] usb 3-1: enqueue for inactive port 0
[  220.935904][ T3380] vhci_hcd: vhci_device speed not set
[  221.360798][   T29] kauditd_printk_skb: 242 callbacks suppressed
[  221.360818][   T29] audit: type=1400 audit(1745092571.580:14014): avc:  denied  { create } for  pid=13937 comm="syz.5.4080" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  221.493199][   T29] audit: type=1400 audit(1745092571.620:14015): avc:  denied  { watch watch_reads } for  pid=13937 comm="" path="/148" dev="tmpfs" ino=777 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  221.515712][   T29] audit: type=1400 audit(1745092571.620:14016): avc:  denied  { create } for  pid=13934 comm="syz.3.4079" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  221.535330][   T29] audit: type=1400 audit(1745092571.650:14017): avc:  denied  { create } for  pid=13934 comm="syz.3.4079" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  221.555158][   T29] audit: type=1400 audit(1745092571.650:14018): avc:  denied  { connect } for  pid=13934 comm="syz.3.4079" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  221.646603][   T29] audit: type=1326 audit(1745092571.860:14019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13943 comm="syz.4.4082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92e98ee169 code=0x7ffc0000
[  221.670673][   T29] audit: type=1326 audit(1745092571.860:14020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13943 comm="syz.4.4082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7f92e98ee169 code=0x7ffc0000
[  221.695085][   T29] audit: type=1326 audit(1745092571.860:14021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13943 comm="syz.4.4082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92e98ee169 code=0x7ffc0000
[  221.852250][T13957] loop4: detected capacity change from 0 to 2048
[  221.897153][T13957] Alternate GPT is invalid, using primary GPT.
[  221.903607][T13957]  loop4: p2 p3 p7
[  221.939906][   T29] audit: type=1400 audit(1745092572.160:14022): avc:  granted  { setsecparam } for  pid=13967 comm="syz.1.4092" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  222.014212][   T29] audit: type=1400 audit(1745092572.230:14023): avc:  denied  { write } for  pid=13970 comm="syz.6.4093" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  222.021007][T13973] __nla_validate_parse: 16 callbacks suppressed
[  222.021028][T13973] netlink: 76 bytes leftover after parsing attributes in process `syz.1.4094'.
[  222.063559][T13976] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4095'.
[  222.181233][T13981] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4097'.
[  222.196107][T13981] netlink: 100 bytes leftover after parsing attributes in process `syz.1.4097'.
[  222.257928][T13985] netlink: 'syz.1.4099': attribute type 3 has an invalid length.
[  222.445486][T13993] loop6: detected capacity change from 0 to 2048
[  222.487464][T13993] Alternate GPT is invalid, using primary GPT.
[  222.493930][T13993]  loop6: p2 p3 p7
[  222.557271][T13997] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4104'.
[  222.591326][T14001] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4105'.
[  222.610298][T14003] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4106'.
[  222.660603][T14009] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4109'.
[  222.677171][T14009] netlink: 100 bytes leftover after parsing attributes in process `syz.3.4109'.
[  222.682959][T14011] netlink: 76 bytes leftover after parsing attributes in process `syz.5.4110'.
[  222.737449][T14017] loop6: detected capacity change from 0 to 512
[  222.744534][T14017] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  222.766429][T14017] EXT4-fs (loop6): 1 truncate cleaned up
[  222.772334][T14017] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.828218][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.849954][T14028] loop6: detected capacity change from 0 to 1024
[  222.856929][T14028] EXT4-fs: Ignoring removed orlov option
[  222.862746][T14028] EXT4-fs: Ignoring removed nomblk_io_submit option
[  222.876616][T14028] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.014060][   T36] hid-generic 0000:0008:0001.0004: unknown main item tag 0x0
[  223.022681][   T36] hid-generic 0000:0008:0001.0004: hidraw0: <UNKNOWN> HID v0.80 Device [syz1] on syz0
[  223.070852][T14050] loop4: detected capacity change from 0 to 512
[  223.078025][T14050] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  223.130204][T14050] EXT4-fs (loop4): 1 truncate cleaned up
[  223.154339][T14050] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.170002][T14062] FAULT_INJECTION: forcing a failure.
[  223.170002][T14062] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  223.183842][T14062] CPU: 1 UID: 0 PID: 14062 Comm: syz.5.4129 Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(voluntary) 
[  223.183895][T14062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  223.183908][T14062] Call Trace:
[  223.183916][T14062]  <TASK>
[  223.183926][T14062]  dump_stack_lvl+0xf6/0x150
[  223.183956][T14062]  dump_stack+0x15/0x1a
[  223.183974][T14062]  should_fail_ex+0x261/0x270
[  223.184003][T14062]  should_fail+0xb/0x10
[  223.184040][T14062]  should_fail_usercopy+0x1a/0x20
[  223.184070][T14062]  _copy_from_user+0x1c/0xa0
[  223.184172][T14062]  copy_msghdr_from_user+0x54/0x2b0
[  223.184203][T14062]  ? __fget_files+0x186/0x1c0
[  223.184229][T14062]  __sys_sendmsg+0x141/0x240
[  223.184276][T14062]  __x64_sys_sendmsg+0x46/0x50
[  223.184381][T14062]  x64_sys_call+0x26f3/0x2e10
[  223.184406][T14062]  do_syscall_64+0xc9/0x1a0
[  223.184432][T14062]  ? clear_bhb_loop+0x25/0x80
[  223.184457][T14062]  ? clear_bhb_loop+0x25/0x80
[  223.184554][T14062]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.184579][T14062] RIP: 0033:0x7f72baf4e169
[  223.184598][T14062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  223.184620][T14062] RSP: 002b:00007f72b95b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  223.184685][T14062] RAX: ffffffffffffffda RBX: 00007f72bb175fa0 RCX: 00007f72baf4e169
[  223.184701][T14062] RDX: 0000000000048002 RSI: 0000200000000080 RDI: 0000000000000006
[  223.184716][T14062] RBP: 00007f72b95b7090 R08: 0000000000000000 R09: 0000000000000000
[  223.184730][T14062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.184748][T14062] R13: 0000000000000000 R14: 00007f72bb175fa0 R15: 00007fff29cd2c58
[  223.184771][T14062]  </TASK>
[  223.440460][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.707810][T14091] IPv6: Can't replace route, no match found
[  223.718548][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.918028][T14108] infiniband syz!: set active
[  223.922797][T14108] infiniband syz!: added team_slave_0
[  224.012557][T14108] RDS/IB: syz!: added
[  224.017318][T14108] smc: adding ib device syz! with port count 1
[  224.023508][T14108] smc:    ib device syz! port 1 has pnetid 
[  224.169255][T14123] netlink: 'syz.5.4155': attribute type 3 has an invalid length.
[  224.703674][T14158] vlan2: entered allmulticast mode
[  226.499198][   T29] kauditd_printk_skb: 226 callbacks suppressed
[  226.499218][   T29] audit: type=1400 audit(1745092576.710:14250): avc:  granted  { setsecparam } for  pid=14175 comm="syz.1.4174" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  226.638256][   T29] audit: type=1326 audit(1745092576.790:14251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14177 comm="syz.4.4176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92e98ee169 code=0x7ffc0000
[  226.661879][   T29] audit: type=1326 audit(1745092576.790:14252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14177 comm="syz.4.4176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92e98ee169 code=0x7ffc0000
[  226.685511][   T29] audit: type=1326 audit(1745092576.790:14253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14177 comm="syz.4.4176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7f92e98ee169 code=0x7ffc0000
[  226.709146][   T29] audit: type=1326 audit(1745092576.790:14254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14177 comm="syz.4.4176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92e98ee169 code=0x7ffc0000
[  226.732788][   T29] audit: type=1326 audit(1745092576.790:14255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14177 comm="syz.4.4176" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92e98ee169 code=0x7ffc0000
[  227.176137][T14195] __nla_validate_parse: 20 callbacks suppressed
[  227.176158][T14195] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4181'.
[  227.195240][T14195] vlan2: entered allmulticast mode
[  227.516423][T14197] loop6: detected capacity change from 0 to 512
[  227.580680][T14197] EXT4-fs error (device loop6): ext4_iget_extra_inode:4693: inode #15: comm syz.6.4182: corrupted in-inode xattr: invalid ea_ino
[  227.626659][   T29] audit: type=1326 audit(1745092577.020:14256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14180 comm="syz.4.4177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92e98ee169 code=0x7ffc0000
[  227.650386][   T29] audit: type=1326 audit(1745092577.020:14257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14180 comm="syz.4.4177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f92e98ee169 code=0x7ffc0000
[  227.673990][   T29] audit: type=1326 audit(1745092577.020:14258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14180 comm="syz.4.4177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92e98ee169 code=0x7ffc0000
[  227.697688][   T29] audit: type=1326 audit(1745092577.020:14259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14180 comm="syz.4.4177" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f92e98ee169 code=0x7ffc0000
[  227.866714][T14197] EXT4-fs error (device loop6): ext4_orphan_get:1395: comm syz.6.4182: couldn't read orphan inode 15 (err -117)
[  227.901390][T14214] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4188'.
[  227.922301][T14215] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=14215 comm=syz.5.4187
[  227.934931][T14215] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14215 comm=syz.5.4187
[  227.957276][T14197] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.030694][T14223] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4193'.
[  228.048935][T14223] netlink: 100 bytes leftover after parsing attributes in process `syz.5.4193'.
[  228.057927][T14221] loop4: detected capacity change from 0 to 4096
[  228.072408][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.093641][T14230] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4196'.
[  228.104704][T14221] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  228.152881][T14239] netlink: 100 bytes leftover after parsing attributes in process `syz.1.4199'.
[  228.171286][T14241] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=14241 comm=syz.6.4195
[  228.184829][T14241] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14241 comm=syz.6.4195
[  228.187226][T14221] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  228.248843][T14247] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4203'.
[  228.266212][T14247] netlink: 100 bytes leftover after parsing attributes in process `syz.1.4203'.
[  228.326116][T14253] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4205'.
[  228.336797][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.365056][T14256] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4207'.
[  228.416920][T14260] vlan2: entered allmulticast mode
[  229.636751][T14272] loop6: detected capacity change from 0 to 512
[  229.649932][T14274] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=14274 comm=syz.3.4212
[  229.662645][T14274] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14274 comm=syz.3.4212
[  229.774837][T14272] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  229.797362][T14279] siw: device registration error -23
[  229.803742][T14272] EXT4-fs (loop6): 1 truncate cleaned up
[  229.810935][T14272] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  229.831367][T14279] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(9)
[  229.837911][T14279] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  229.845576][T14279] vhci_hcd vhci_hcd.0: Device attached
[  229.957987][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.980656][T14296] loop4: detected capacity change from 0 to 512
[  230.031964][T14296] EXT4-fs error (device loop4): ext4_iget_extra_inode:4693: inode #15: comm syz.4.4220: corrupted in-inode xattr: invalid ea_ino
[  230.053291][T14296] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.4220: couldn't read orphan inode 15 (err -117)
[  230.075255][T14296] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  230.089159][T14305] loop6: detected capacity change from 0 to 1024
[  230.129711][T14305] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  230.150261][T14305] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  230.166231][T14305] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  230.178549][T14305] EXT4-fs (loop6): This should not happen!! Data will be lost
[  230.178549][T14305] 
[  230.188338][T14305] EXT4-fs (loop6): Total free blocks count 0
[  230.194446][T14305] EXT4-fs (loop6): Free/Dirty block details
[  230.201070][T14305] EXT4-fs (loop6): free_blocks=68451041280
[  230.206941][T14305] EXT4-fs (loop6): dirty_blocks=16
[  230.212070][T14305] EXT4-fs (loop6): Block reservation details
[  230.218249][T14305] EXT4-fs (loop6): i_reserved_data_blocks=1
[  230.224339][ T3380] usb 11-1: new high-speed USB device number 3 using vhci_hcd
[  230.240701][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.262175][T14305] SELinux:  policydb version 0 does not match my version range 15-34
[  230.273030][T14305] SELinux: failed to load policy
[  230.298878][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.484979][T14280] vhci_hcd: connection reset by peer
[  230.490678][ T3580] vhci_hcd: stop threads
[  230.495813][ T3580] vhci_hcd: release socket
[  230.500235][ T3580] vhci_hcd: disconnect device
[  231.196891][T14334] loop6: detected capacity change from 0 to 512
[  231.212740][T14334] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  231.226864][T14334] EXT4-fs (loop6): 1 truncate cleaned up
[  231.232889][T14334] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.280537][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.298989][T14338] loop4: detected capacity change from 0 to 512
[  231.313165][T14338] EXT4-fs error (device loop4): ext4_iget_extra_inode:4693: inode #15: comm syz.4.4237: corrupted in-inode xattr: invalid ea_ino
[  231.352415][T14338] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.4237: couldn't read orphan inode 15 (err -117)
[  231.372860][T14342] loop6: detected capacity change from 0 to 4096
[  231.410249][T14338] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.428479][T14342] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  231.477897][T14342] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  231.570865][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.660083][   T29] kauditd_printk_skb: 56 callbacks suppressed
[  231.660097][   T29] audit: type=1326 audit(1745092581.880:14316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14353 comm="syz.1.4242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd61e169 code=0x7ffc0000
[  231.704315][   T29] audit: type=1326 audit(1745092581.920:14317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14353 comm="syz.1.4242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=244 compat=0 ip=0x7f44cd61e169 code=0x7ffc0000
[  231.705101][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.727969][   T29] audit: type=1326 audit(1745092581.920:14318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14353 comm="syz.1.4242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd61e169 code=0x7ffc0000
[  231.728003][   T29] audit: type=1326 audit(1745092581.920:14319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14353 comm="syz.1.4242" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd61e169 code=0x7ffc0000
[  231.818606][T14364] netlink: 'syz.4.4244': attribute type 3 has an invalid length.
[  231.835176][   T29] audit: type=1400 audit(1745092582.050:14320): avc:  granted  { setsecparam } for  pid=14363 comm="syz.6.4246" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  231.858519][T14364] loop4: detected capacity change from 0 to 164
[  231.865271][T14364] iso9660: Unknown parameter '0177777777777777777777718446744073709551615ÿÿ00000000000000000009'
[  231.877403][   T29] audit: type=1400 audit(1745092582.090:14321): avc:  denied  { mounton } for  pid=14362 comm="syz.4.4244" path="/324/file0" dev="tmpfs" ino=1729 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  231.879401][T14367] netdevsim netdevsim3 : renamed from netdevsim0 (while UP)
[  231.902904][   T29] audit: type=1400 audit(1745092582.100:14322): avc:  denied  { bind } for  pid=14356 comm="syz.3.4243" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  231.927328][   T29] audit: type=1400 audit(1745092582.100:14323): avc:  denied  { setopt } for  pid=14356 comm="syz.3.4243" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  232.186166][   T29] audit: type=1326 audit(1745092582.400:14324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14387 comm="syz.5.4255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72baf4e169 code=0x7ffc0000
[  232.209827][   T29] audit: type=1326 audit(1745092582.400:14325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14387 comm="syz.5.4255" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f72baf4e169 code=0x7ffc0000
[  232.238673][T14390] FAULT_INJECTION: forcing a failure.
[  232.238673][T14390] name failslab, interval 1, probability 0, space 0, times 0
[  232.251365][T14390] CPU: 1 UID: 0 PID: 14390 Comm: syz.6.4254 Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(voluntary) 
[  232.251403][T14390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  232.251420][T14390] Call Trace:
[  232.251428][T14390]  <TASK>
[  232.251437][T14390]  dump_stack_lvl+0xf6/0x150
[  232.251466][T14390]  dump_stack+0x15/0x1a
[  232.251487][T14390]  should_fail_ex+0x261/0x270
[  232.251590][T14390]  should_failslab+0x8f/0xb0
[  232.251665][T14390]  kmem_cache_alloc_noprof+0x59/0x340
[  232.251841][T14390]  ? audit_log_start+0x37f/0x6e0
[  232.251873][T14390]  audit_log_start+0x37f/0x6e0
[  232.251902][T14390]  ? kstrtouint+0x7b/0xc0
[  232.251959][T14390]  audit_seccomp+0x49/0x100
[  232.251985][T14390]  __seccomp_filter+0x694/0x10e0
[  232.252008][T14390]  ? vfs_write+0x669/0x950
[  232.252034][T14390]  ? putname+0xe1/0x100
[  232.252062][T14390]  __secure_computing+0x7e/0x150
[  232.252081][T14390]  syscall_trace_enter+0xcf/0x1f0
[  232.252103][T14390]  ? fpregs_assert_state_consistent+0x83/0xa0
[  232.252182][T14390]  do_syscall_64+0xaa/0x1a0
[  232.252207][T14390]  ? clear_bhb_loop+0x25/0x80
[  232.252228][T14390]  ? clear_bhb_loop+0x25/0x80
[  232.252303][T14390]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.252323][T14390] RIP: 0033:0x7f9aeb63e169
[  232.252338][T14390] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  232.252399][T14390] RSP: 002b:00007f9ae9ca7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fd
[  232.252418][T14390] RAX: ffffffffffffffda RBX: 00007f9aeb865fa0 RCX: 00007f9aeb63e169
[  232.252430][T14390] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  232.252442][T14390] RBP: 00007f9ae9ca7090 R08: 0000000000000000 R09: 0000000000000000
[  232.252453][T14390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  232.252465][T14390] R13: 0000000000000000 R14: 00007f9aeb865fa0 R15: 00007ffea6ccb7a8
[  232.252487][T14390]  </TASK>
[  232.467676][T14397] __nla_validate_parse: 22 callbacks suppressed
[  232.467697][T14397] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4258'.
[  232.531159][T14407] netlink: 76 bytes leftover after parsing attributes in process `syz.6.4263'.
[  232.569112][T14411] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4264'.
[  232.731164][T14415] loop6: detected capacity change from 0 to 4096
[  232.758731][T14415] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  232.788789][T14424] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4270'.
[  232.798188][T14415] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  232.819371][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.828495][T14424] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4270'.
[  232.984118][T14433] netlink: 76 bytes leftover after parsing attributes in process `syz.1.4274'.
[  233.065406][T14439] loop6: detected capacity change from 0 to 512
[  233.074318][T14439] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  233.097058][T14439] EXT4-fs (loop6): 1 truncate cleaned up
[  233.103174][T14439] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.174362][T14443] netlink: 76 bytes leftover after parsing attributes in process `syz.5.4276'.
[  233.687060][T14466] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4285'.
[  234.144338][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.278706][T14497] netlink: 'syz.4.4298': attribute type 3 has an invalid length.
[  234.293969][T14497] loop4: detected capacity change from 0 to 164
[  234.302770][T14497] iso9660: Unknown parameter '0177777777777777777777718446744073709551615ÿÿ00000000000000000009'
[  234.533249][T14512] loop6: detected capacity change from 0 to 512
[  234.556997][T14512] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  234.591124][T14512] EXT4-fs (loop6): 1 truncate cleaned up
[  234.603758][T14512] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.632227][T14512] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4304'.
[  234.698191][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.743081][T14537] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4315'.
[  235.325514][ T3380] vhci_hcd: vhci_device speed not set
[  235.471199][T14604] loop4: detected capacity change from 0 to 512
[  235.480103][T14604] EXT4-fs error (device loop4): ext4_iget_extra_inode:4693: inode #15: comm syz.4.4345: corrupted in-inode xattr: invalid ea_ino
[  235.493918][T14604] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.4345: couldn't read orphan inode 15 (err -117)
[  235.506878][T14604] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.587438][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.617694][T14617] loop4: detected capacity change from 0 to 512
[  235.627091][T14614] bond1: entered promiscuous mode
[  235.632181][T14614] bond1: entered allmulticast mode
[  235.637814][T14614] 8021q: adding VLAN 0 to HW filter on device bond1
[  235.647132][T14617] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  235.661765][T14614] bond1 (unregistering): Released all slaves
[  235.673340][T14617] EXT4-fs (loop4): 1 truncate cleaned up
[  235.679528][T14617] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  235.768243][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.791612][T14631] netlink: 'syz.4.4353': attribute type 3 has an invalid length.
[  235.801892][T14631] loop4: detected capacity change from 0 to 164
[  235.808674][T14631] iso9660: Unknown parameter '0177777777777777777777718446744073709551615ÿÿ00000000000000000009'
[  236.600461][T14669] netlink: 'syz.6.4369': attribute type 3 has an invalid length.
[  236.610557][T14669] loop6: detected capacity change from 0 to 164
[  236.617624][T14669] iso9660: Unknown parameter '0177777777777777777777718446744073709551615ÿÿ00000000000000000008'
[  237.047104][T14676] loop4: detected capacity change from 0 to 1024
[  237.054086][T14676] EXT4-fs: Ignoring removed orlov option
[  237.059843][T14676] EXT4-fs: Ignoring removed nomblk_io_submit option
[  237.070813][   T29] kauditd_printk_skb: 133 callbacks suppressed
[  237.070830][   T29] audit: type=1400 audit(1745092587.290:14457): avc:  granted  { setsecparam } for  pid=14677 comm="syz.1.4372" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  237.089308][T14676] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  238.132018][T14701] __nla_validate_parse: 15 callbacks suppressed
[  238.132039][T14701] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4377'.
[  238.154435][   T29] audit: type=1400 audit(1745092587.650:14458): avc:  granted  { setsecparam } for  pid=14697 comm="syz.3.4379" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  238.200781][   T29] audit: type=1326 audit(1745092588.420:14459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14675 comm="syz.4.4371" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92e98ee169 code=0x7fc00000
[  238.248229][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.301893][T14705] atomic_op ffff88813432c128 conn xmit_atomic 0000000000000000
[  238.357438][T14712] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4385'.
[  238.455263][T14727] netlink: 'syz.5.4390': attribute type 3 has an invalid length.
[  238.524245][T14731] loop4: detected capacity change from 0 to 1024
[  238.531199][T14731] EXT4-fs: Ignoring removed orlov option
[  238.537000][T14731] EXT4-fs: Ignoring removed nomblk_io_submit option
[  238.548105][T14731] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.253384][T14746] atomic_op ffff888134327528 conn xmit_atomic 0000000000000000
[  239.272219][   T29] audit: type=1400 audit(1745092589.440:14460): avc:  granted  { setsecparam } for  pid=14743 comm="syz.6.4395" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  239.343147][   T29] audit: type=1326 audit(1745092589.560:14461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14730 comm="syz.4.4392" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92e98ee169 code=0x7fc00000
[  239.516984][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.990106][T14770] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4404'.
[  240.009377][T14771] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4399'.
[  240.184965][   T29] audit: type=1400 audit(1745092590.390:14462): avc:  granted  { setsecparam } for  pid=14773 comm="syz.3.4406" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security
[  240.394245][   T29] audit: type=1326 audit(1745092590.610:14463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14782 comm="syz.1.4409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd61e169 code=0x7ffc0000
[  240.443828][   T29] audit: type=1326 audit(1745092590.640:14464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14782 comm="syz.1.4409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd61e169 code=0x7ffc0000
[  240.467555][   T29] audit: type=1326 audit(1745092590.640:14465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14782 comm="syz.1.4409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f44cd61e169 code=0x7ffc0000
[  240.491158][   T29] audit: type=1326 audit(1745092590.640:14466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14782 comm="syz.1.4409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd61e169 code=0x7ffc0000
[  240.515362][T14785] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4409'.
[  240.566184][T14789] netlink: 100 bytes leftover after parsing attributes in process `syz.1.4410'.
[  240.697786][T14794] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=14794 comm=syz.4.4412
[  240.710369][T14794] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14794 comm=syz.4.4412
[  240.957408][T14821] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4423'.
[  240.957994][T14818] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4421'.
[  241.021161][T14825] loop4: detected capacity change from 0 to 512
[  241.030198][T14825] EXT4-fs error (device loop4): ext4_iget_extra_inode:4693: inode #15: comm syz.4.4425: corrupted in-inode xattr: invalid ea_ino
[  241.044264][T14825] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.4425: couldn't read orphan inode 15 (err -117)
[  241.058341][T14825] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  241.143754][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.214592][T14842] loop4: detected capacity change from 0 to 4096
[  241.227987][T14842] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  241.244832][T14844] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=14844 comm=syz.1.4433
[  241.257468][T14844] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14844 comm=syz.1.4433
[  241.272059][T14842] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  241.301317][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.309027][T14850] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4435'.
[  241.352655][T14853] netlink: 100 bytes leftover after parsing attributes in process `syz.3.4438'.
[  241.440942][T14865] loop4: detected capacity change from 0 to 512
[  241.454074][T14865] EXT4-fs error (device loop4): ext4_iget_extra_inode:4693: inode #15: comm syz.4.4443: corrupted in-inode xattr: invalid ea_ino
[  241.468246][T14865] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.4443: couldn't read orphan inode 15 (err -117)
[  241.482669][T14865] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  241.594015][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.786346][T14905] netlink: 'syz.6.4459': attribute type 3 has an invalid length.
[  241.800094][T14905] loop6: detected capacity change from 0 to 164
[  241.807262][T14905] iso9660: Unknown parameter '0177777777777777777777718446744073709551615ÿÿ00000000000000000009'
[  242.170421][   T29] kauditd_printk_skb: 284 callbacks suppressed
[  242.170437][   T29] audit: type=1400 audit(1745092592.390:14751): avc:  denied  { map } for  pid=14947 comm="syz.5.4477" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=53317 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  242.201123][   T29] audit: type=1400 audit(1745092592.390:14752): avc:  denied  { read write } for  pid=14947 comm="syz.5.4477" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=53317 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  242.237606][T14944] loop4: detected capacity change from 0 to 512
[  242.246415][T14944] EXT4-fs error (device loop4): ext4_iget_extra_inode:4693: inode #15: comm syz.4.4475: corrupted in-inode xattr: invalid ea_ino
[  242.261465][T14944] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.4475: couldn't read orphan inode 15 (err -117)
[  242.274405][T14944] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  242.365978][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.431612][   T29] audit: type=1400 audit(1745092592.650:14753): avc:  denied  { create } for  pid=14956 comm="syz.4.4480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  242.532967][   T29] audit: type=1400 audit(1745092592.680:14754): avc:  denied  { write } for  pid=14956 comm="syz.4.4480" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  242.991011][   T29] audit: type=1326 audit(1745092593.160:14755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14939 comm="syz.1.4473" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd61e169 code=0x7fc00000
[  243.159173][   T29] audit: type=1326 audit(1745092593.300:14756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14963 comm="syz.1.4481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd61e169 code=0x7ffc0000
[  243.183560][   T29] audit: type=1326 audit(1745092593.300:14757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14963 comm="syz.1.4481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd61e169 code=0x7ffc0000
[  243.207904][   T29] audit: type=1326 audit(1745092593.310:14758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14963 comm="syz.1.4481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f44cd61e169 code=0x7ffc0000
[  243.231472][   T29] audit: type=1326 audit(1745092593.310:14759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14963 comm="syz.1.4481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f44cd61e169 code=0x7ffc0000
[  243.276401][T14966] __nla_validate_parse: 6 callbacks suppressed
[  243.276420][T14966] netlink: 100 bytes leftover after parsing attributes in process `syz.1.4482'.
[  243.358674][T14968] netlink: 76 bytes leftover after parsing attributes in process `syz.5.4483'.
[  243.385624][   T29] audit: type=1400 audit(1745092593.510:14760): avc:  denied  { read } for  pid=14967 comm="syz.5.4483" name="autofs" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:autofs_device_t tclass=chr_file permissive=1
[  243.620495][T14978] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4485'.
[  244.166666][T14993] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=14993 comm=syz.5.4491
[  244.179291][T14993] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=14993 comm=syz.5.4491
[  244.195408][T14996] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4492'.
[  244.578783][T15006] atomic_op ffff888132b03128 conn xmit_atomic 0000000000000000
[  244.672716][T15012] netlink: 'syz.1.4499': attribute type 3 has an invalid length.
[  244.713114][T15015] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4500'.
[  244.757341][T15015] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4500'.
[  244.902960][T15019] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4501'.
[  244.987060][T15023] loop6: detected capacity change from 0 to 512
[  245.015955][T15027] netlink: 100 bytes leftover after parsing attributes in process `syz.5.4503'.
[  245.016735][T15023] EXT4-fs error (device loop6): ext4_iget_extra_inode:4693: inode #15: comm syz.6.4502: corrupted in-inode xattr: invalid ea_ino
[  245.045426][T15023] EXT4-fs error (device loop6): ext4_orphan_get:1395: comm syz.6.4502: couldn't read orphan inode 15 (err -117)
[  245.072389][T15023] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  245.156214][T15032] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15032 comm=syz.5.4505
[  245.168869][T15032] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15032 comm=syz.5.4505
[  245.302214][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.368208][T15036] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15036 comm=syz.6.4506
[  245.380879][T15036] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15036 comm=syz.6.4506
[  245.397387][T15034] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4516'.
[  245.448833][T15034] netlink: 100 bytes leftover after parsing attributes in process `syz.5.4516'.
[  246.360072][T15051] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15051 comm=syz.6.4512
[  246.372687][T15051] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15051 comm=syz.6.4512
[  246.476080][T15054] loop6: detected capacity change from 0 to 512
[  246.519318][T15054] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  246.571341][T15054] EXT4-fs (loop6): 1 truncate cleaned up
[  246.581945][T15054] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  246.664423][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.991030][T15094] vlan2: entered allmulticast mode
[  247.201090][   T29] kauditd_printk_skb: 283 callbacks suppressed
[  247.201104][   T29] audit: type=1400 audit(1745092597.420:15044): avc:  denied  { read write } for  pid=10617 comm="syz-executor" name="loop4" dev="devtmpfs" ino=647 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  247.316192][   T29] audit: type=1400 audit(1745092597.460:15045): avc:  denied  { open } for  pid=10617 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=647 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  247.339912][   T29] audit: type=1400 audit(1745092597.460:15046): avc:  denied  { ioctl } for  pid=10617 comm="syz-executor" path="/dev/loop4" dev="devtmpfs" ino=647 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  247.392447][   T29] audit: type=1400 audit(1745092597.610:15047): avc:  denied  { write } for  pid=15098 comm="syz.3.4532" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  247.415993][   T29] audit: type=1400 audit(1745092597.610:15048): avc:  denied  { read } for  pid=15098 comm="syz.3.4532" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  247.462332][   T29] audit: type=1400 audit(1745092597.680:15049): avc:  denied  { write } for  pid=15102 comm="syz.3.4534" name="fib_trie" dev="proc" ino=4026532735 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_net_t tclass=file permissive=1
[  247.512317][   T29] audit: type=1400 audit(1745092597.680:15050): avc:  denied  { create } for  pid=15104 comm="syz.3.4535" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  247.533538][   T29] audit: type=1400 audit(1745092597.710:15051): avc:  denied  { write } for  pid=15104 comm="syz.3.4535" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  247.554133][   T29] audit: type=1400 audit(1745092597.710:15052): avc:  denied  { nlmsg_write } for  pid=15104 comm="syz.3.4535" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  247.571571][T15112] loop4: detected capacity change from 0 to 512
[  247.576338][   T29] audit: type=1326 audit(1745092597.730:15053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15108 comm="syz.3.4537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5941c8e169 code=0x7ffc0000
[  247.607363][T15112] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  247.675462][T15112] EXT4-fs (loop4): 1 truncate cleaned up
[  247.695209][T15112] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  247.759742][T15124] loop6: detected capacity change from 0 to 512
[  247.798667][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.823909][T15124] EXT4-fs (loop6): orphan cleanup on readonly fs
[  247.831471][T15128] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15128 comm=syz.3.4544
[  247.844250][T15128] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15128 comm=syz.3.4544
[  247.864937][T15124] EXT4-fs error (device loop6): ext4_orphan_get:1416: comm syz.6.4542: bad orphan inode 13
[  247.876957][T15124] ext4_test_bit(bit=12, block=18) = 1
[  247.882365][T15124] is_bad_inode(inode)=0
[  247.887230][T15124] NEXT_ORPHAN(inode)=2130706432
[  247.892093][T15124] max_ino=32
[  247.895339][T15124] i_nlink=1
[  247.902763][T15124] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  247.969819][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.989173][T15139] loop4: detected capacity change from 0 to 512
[  248.016161][T15139] ext4: Bad value for 'auto_da_alloc'
[  248.024603][T15144] netlink: 'syz.6.4549': attribute type 3 has an invalid length.
[  248.048354][T15144] loop6: detected capacity change from 0 to 164
[  248.055199][T15144] iso9660: Unknown parameter '0177777777777777777777718446744073709551615ÿÿ00000000000000000009'
[  248.251591][T15168] FAULT_INJECTION: forcing a failure.
[  248.251591][T15168] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  248.264799][T15168] CPU: 1 UID: 0 PID: 15168 Comm: syz.3.4556 Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(voluntary) 
[  248.264842][T15168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  248.264857][T15168] Call Trace:
[  248.264865][T15168]  <TASK>
[  248.264874][T15168]  dump_stack_lvl+0xf6/0x150
[  248.264914][T15168]  dump_stack+0x15/0x1a
[  248.264929][T15168]  should_fail_ex+0x261/0x270
[  248.264958][T15168]  should_fail+0xb/0x10
[  248.264984][T15168]  should_fail_usercopy+0x1a/0x20
[  248.265014][T15168]  _copy_to_user+0x20/0xa0
[  248.265041][T15168]  simple_read_from_buffer+0xb2/0x130
[  248.265186][T15168]  proc_fail_nth_read+0x103/0x140
[  248.265222][T15168]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  248.265317][T15168]  vfs_read+0x1b2/0x710
[  248.265362][T15168]  ? __rcu_read_unlock+0x4e/0x70
[  248.265381][T15168]  ? __fget_files+0x186/0x1c0
[  248.265514][T15168]  ksys_read+0xeb/0x1b0
[  248.265532][T15168]  __x64_sys_read+0x42/0x50
[  248.265550][T15168]  x64_sys_call+0x2a3b/0x2e10
[  248.265577][T15168]  do_syscall_64+0xc9/0x1a0
[  248.265639][T15168]  ? clear_bhb_loop+0x25/0x80
[  248.265660][T15168]  ? clear_bhb_loop+0x25/0x80
[  248.265687][T15168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.265718][T15168] RIP: 0033:0x7f5941c8cb7c
[  248.265754][T15168] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  248.265788][T15168] RSP: 002b:00007f59402d6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  248.265809][T15168] RAX: ffffffffffffffda RBX: 00007f5941eb6080 RCX: 00007f5941c8cb7c
[  248.265827][T15168] RDX: 000000000000000f RSI: 00007f59402d60a0 RDI: 0000000000000007
[  248.265839][T15168] RBP: 00007f59402d6090 R08: 0000000000000000 R09: 0000000000000000
[  248.265880][T15168] R10: 00002000001c9fff R11: 0000000000000246 R12: 0000000000000001
[  248.265893][T15168] R13: 0000000000000000 R14: 00007f5941eb6080 R15: 00007ffd503a29a8
[  248.265911][T15168]  </TASK>
[  248.676946][T15183] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  248.736936][T15187] FAULT_INJECTION: forcing a failure.
[  248.736936][T15187] name failslab, interval 1, probability 0, space 0, times 0
[  248.749790][T15187] CPU: 0 UID: 0 PID: 15187 Comm: syz.3.4562 Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(voluntary) 
[  248.749888][T15187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  248.749903][T15187] Call Trace:
[  248.749912][T15187]  <TASK>
[  248.749921][T15187]  dump_stack_lvl+0xf6/0x150
[  248.749948][T15187]  dump_stack+0x15/0x1a
[  248.749970][T15187]  should_fail_ex+0x261/0x270
[  248.750022][T15187]  should_failslab+0x8f/0xb0
[  248.750049][T15187]  kmem_cache_alloc_noprof+0x59/0x340
[  248.750083][T15187]  ? audit_log_start+0x37f/0x6e0
[  248.750136][T15187]  audit_log_start+0x37f/0x6e0
[  248.750172][T15187]  ? audit_log_end+0x1d0/0x1e0
[  248.750243][T15187]  ? __rcu_read_unlock+0x4e/0x70
[  248.750275][T15187]  audit_seccomp+0x49/0x100
[  248.750305][T15187]  __seccomp_filter+0x694/0x10e0
[  248.750331][T15187]  ? file_has_perm+0x334/0x380
[  248.750357][T15187]  ? _raw_spin_unlock+0x26/0x50
[  248.750393][T15187]  ? alloc_fd+0x3b3/0x3e0
[  248.750451][T15187]  __secure_computing+0x7e/0x150
[  248.750476][T15187]  syscall_trace_enter+0xcf/0x1f0
[  248.750498][T15187]  ? fpregs_assert_state_consistent+0x83/0xa0
[  248.750559][T15187]  do_syscall_64+0xaa/0x1a0
[  248.750602][T15187]  ? clear_bhb_loop+0x25/0x80
[  248.750629][T15187]  ? clear_bhb_loop+0x25/0x80
[  248.750655][T15187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.750682][T15187] RIP: 0033:0x7f5941c8cb7c
[  248.750700][T15187] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  248.750721][T15187] RSP: 002b:00007f59402f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  248.750739][T15187] RAX: ffffffffffffffda RBX: 00007f5941eb5fa0 RCX: 00007f5941c8cb7c
[  248.750792][T15187] RDX: 000000000000000f RSI: 00007f59402f70a0 RDI: 0000000000000005
[  248.750804][T15187] RBP: 00007f59402f7090 R08: 0000000000000000 R09: 0000000000000000
[  248.750818][T15187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  248.750834][T15187] R13: 0000000000000000 R14: 00007f5941eb5fa0 R15: 00007ffd503a29a8
[  248.750904][T15187]  </TASK>
[  249.046215][T15192] FAULT_INJECTION: forcing a failure.
[  249.046215][T15192] name failslab, interval 1, probability 0, space 0, times 0
[  249.059105][T15192] CPU: 1 UID: 0 PID: 15192 Comm: syz.1.4564 Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(voluntary) 
[  249.059195][T15192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  249.059209][T15192] Call Trace:
[  249.059216][T15192]  <TASK>
[  249.059225][T15192]  dump_stack_lvl+0xf6/0x150
[  249.059265][T15192]  dump_stack+0x15/0x1a
[  249.059280][T15192]  should_fail_ex+0x261/0x270
[  249.059310][T15192]  should_failslab+0x8f/0xb0
[  249.059337][T15192]  __kmalloc_node_track_caller_noprof+0xaa/0x410
[  249.059498][T15192]  ? sidtab_sid2str_get+0xb8/0x140
[  249.059522][T15192]  kmemdup_noprof+0x2b/0x70
[  249.059593][T15192]  sidtab_sid2str_get+0xb8/0x140
[  249.059618][T15192]  security_sid_to_context_core+0x1eb/0x2f0
[  249.059712][T15192]  security_sid_to_context+0x27/0x30
[  249.059826][T15192]  avc_audit_post_callback+0x10f/0x540
[  249.059851][T15192]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  249.059903][T15192]  common_lsm_audit+0x1c6/0x230
[  249.059936][T15192]  ? __pfx_avc_audit_post_callback+0x10/0x10
[  249.059971][T15192]  slow_avc_audit+0xff/0x140
[  249.060017][T15192]  avc_has_perm+0x124/0x150
[  249.060041][T15192]  selinux_perf_event_open+0xda/0xf0
[  249.060177][T15192]  security_perf_event_open+0x31/0x70
[  249.060198][T15192]  __se_sys_perf_event_open+0xc8/0x2220
[  249.060219][T15192]  ? proc_fail_nth_write+0x12d/0x160
[  249.060339][T15192]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  249.060372][T15192]  ? vfs_write+0x669/0x950
[  249.060392][T15192]  ? putname+0xe1/0x100
[  249.060459][T15192]  __x64_sys_perf_event_open+0x67/0x80
[  249.060484][T15192]  x64_sys_call+0x27bb/0x2e10
[  249.060506][T15192]  do_syscall_64+0xc9/0x1a0
[  249.060532][T15192]  ? clear_bhb_loop+0x25/0x80
[  249.060573][T15192]  ? clear_bhb_loop+0x25/0x80
[  249.060599][T15192]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.060625][T15192] RIP: 0033:0x7f44cd61e169
[  249.060641][T15192] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  249.060658][T15192] RSP: 002b:00007f44cbc87038 EFLAGS: 00000246 ORIG_RAX: 000000000000012a
[  249.060676][T15192] RAX: ffffffffffffffda RBX: 00007f44cd845fa0 RCX: 00007f44cd61e169
[  249.060689][T15192] RDX: 0000000000000000 RSI: 000000000000033b RDI: 0000200000000000
[  249.060704][T15192] RBP: 00007f44cbc87090 R08: 0000000000000000 R09: 0000000000000000
[  249.060781][T15192] R10: ffffffffffffffff R11: 0000000000000246 R12: 0000000000000001
[  249.060793][T15192] R13: 0000000000000000 R14: 00007f44cd845fa0 R15: 00007ffc2391d338
[  249.060811][T15192]  </TASK>
[  249.324883][T15195] bridge0: port 2(bridge_slave_1) entered disabled state
[  249.332089][T15195] bridge0: port 1(bridge_slave_0) entered disabled state
[  249.366113][T15195] bridge0: entered allmulticast mode
[  249.679584][T15220] __nla_validate_parse: 20 callbacks suppressed
[  249.679603][T15220] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4573'.
[  249.688543][T15224] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4571'.
[  249.753119][T15227] netlink: 100 bytes leftover after parsing attributes in process `syz.6.4575'.
[  249.753279][T15231] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4577'.
[  249.781121][T15231] netlink: 100 bytes leftover after parsing attributes in process `syz.3.4577'.
[  249.827369][T15237] loop6: detected capacity change from 0 to 512
[  249.852333][T15237] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  249.870846][T15236] loop4: detected capacity change from 0 to 8192
[  249.877909][T15236] vfat: Unknown parameter '&ó #ó0»!T—.yÕ„¯÷—Ž£ÎÆ°*Æìì#Ë'
[  249.887811][T15237] EXT4-fs (loop6): 1 truncate cleaned up
[  249.894001][T15237] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  249.947553][T15237] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4578'.
[  249.952117][T15236] loop4: detected capacity change from 0 to 2048
[  249.972444][T15237] netlink: 100 bytes leftover after parsing attributes in process `syz.6.4578'.
[  249.982802][T15236] EXT4-fs (loop4): failed to initialize system zone (-117)
[  249.991802][T15236] EXT4-fs (loop4): mount failed
[  250.033737][T15253] netlink: 'syz.4.4584': attribute type 3 has an invalid length.
[  250.050620][T15253] loop4: detected capacity change from 0 to 164
[  250.057623][T15253] iso9660: Unknown parameter '0177777777777777777777718446744073709551615ÿÿ00000000000000000009'
[  250.074422][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.084239][T15254] FAULT_INJECTION: forcing a failure.
[  250.084239][T15254] name failslab, interval 1, probability 0, space 0, times 0
[  250.096936][T15254] CPU: 0 UID: 0 PID: 15254 Comm: syz.1.4583 Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(voluntary) 
[  250.096970][T15254] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  250.097004][T15254] Call Trace:
[  250.097011][T15254]  <TASK>
[  250.097019][T15254]  dump_stack_lvl+0xf6/0x150
[  250.097042][T15254]  dump_stack+0x15/0x1a
[  250.097058][T15254]  should_fail_ex+0x261/0x270
[  250.097083][T15254]  should_failslab+0x8f/0xb0
[  250.097105][T15254]  __kmalloc_cache_noprof+0x55/0x320
[  250.097151][T15254]  ? resv_map_alloc+0x32/0x190
[  250.097248][T15254]  ? vfs_write+0x669/0x950
[  250.097272][T15254]  resv_map_alloc+0x32/0x190
[  250.097334][T15254]  hugetlbfs_get_inode+0x64/0x380
[  250.097439][T15254]  hugetlb_file_setup+0x188/0x3c0
[  250.097475][T15254]  ksys_mmap_pgoff+0x174/0x340
[  250.097497][T15254]  x64_sys_call+0x1945/0x2e10
[  250.097518][T15254]  do_syscall_64+0xc9/0x1a0
[  250.097547][T15254]  ? clear_bhb_loop+0x25/0x80
[  250.097646][T15254]  ? clear_bhb_loop+0x25/0x80
[  250.097672][T15254]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  250.097693][T15254] RIP: 0033:0x7f44cd61e169
[  250.097746][T15254] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  250.097837][T15254] RSP: 002b:00007f44cbc66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  250.097855][T15254] RAX: ffffffffffffffda RBX: 00007f44cd846080 RCX: 00007f44cd61e169
[  250.097867][T15254] RDX: 0000000000000000 RSI: 0000000001400000 RDI: 0000200000000000
[  250.097880][T15254] RBP: 00007f44cbc66090 R08: ffffffffffffffff R09: 0000000000000000
[  250.097894][T15254] R10: 00000000000c3072 R11: 0000000000000246 R12: 0000000000000001
[  250.097909][T15254] R13: 0000000000000000 R14: 00007f44cd846080 R15: 00007ffc2391d338
[  250.097972][T15254]  </TASK>
[  250.807249][T15272] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4590'.
[  250.894890][T15274] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4591'.
[  251.083642][T15288] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4597'.
[  251.450968][T15313] loop6: detected capacity change from 0 to 4096
[  251.466582][T15313] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  251.498445][T15313] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  251.527944][T15331] netlink: 'syz.4.4614': attribute type 3 has an invalid length.
[  251.537411][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.550431][T15331] loop4: detected capacity change from 0 to 164
[  251.559426][T15336] FAULT_INJECTION: forcing a failure.
[  251.559426][T15336] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  251.565649][T15331] iso9660: Unknown parameter '0177777777777777777777718446744073709551615ÿÿ00000000000000000009'
[  251.573432][T15336] CPU: 1 UID: 0 PID: 15336 Comm: syz.1.4617 Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(voluntary) 
[  251.573457][T15336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  251.573526][T15336] Call Trace:
[  251.573554][T15336]  <TASK>
[  251.573564][T15336]  dump_stack_lvl+0xf6/0x150
[  251.573595][T15336]  dump_stack+0x15/0x1a
[  251.573615][T15336]  should_fail_ex+0x261/0x270
[  251.573645][T15336]  should_fail+0xb/0x10
[  251.573671][T15336]  should_fail_usercopy+0x1a/0x20
[  251.573701][T15336]  _copy_to_user+0x20/0xa0
[  251.573803][T15336]  simple_read_from_buffer+0xb2/0x130
[  251.573845][T15336]  proc_fail_nth_read+0x103/0x140
[  251.573960][T15336]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  251.574081][T15336]  vfs_read+0x1b2/0x710
[  251.574103][T15336]  ? __rcu_read_unlock+0x4e/0x70
[  251.574130][T15336]  ? __fget_files+0x186/0x1c0
[  251.574160][T15336]  ksys_read+0xeb/0x1b0
[  251.574184][T15336]  __x64_sys_read+0x42/0x50
[  251.574235][T15336]  x64_sys_call+0x2a3b/0x2e10
[  251.574263][T15336]  do_syscall_64+0xc9/0x1a0
[  251.574295][T15336]  ? clear_bhb_loop+0x25/0x80
[  251.574323][T15336]  ? clear_bhb_loop+0x25/0x80
[  251.574360][T15336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.574388][T15336] RIP: 0033:0x7f44cd61cb7c
[  251.574407][T15336] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  251.574431][T15336] RSP: 002b:00007f44cbc87030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  251.574455][T15336] RAX: ffffffffffffffda RBX: 00007f44cd845fa0 RCX: 00007f44cd61cb7c
[  251.574471][T15336] RDX: 000000000000000f RSI: 00007f44cbc870a0 RDI: 0000000000000006
[  251.574526][T15336] RBP: 00007f44cbc87090 R08: 0000000000000000 R09: 0000000000000000
[  251.574542][T15336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  251.574557][T15336] R13: 0000000000000000 R14: 00007f44cd845fa0 R15: 00007ffc2391d338
[  251.574581][T15336]  </TASK>
[  251.811346][T15353] loop6: detected capacity change from 0 to 512
[  251.818823][T15353] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  251.827905][T15353] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c118, mo2=0002]
[  251.836377][T15353] EXT4-fs error (device loop6): ext4_iget_extra_inode:4693: inode #15: comm syz.6.4616: corrupted in-inode xattr: e_value size too large
[  251.852876][T15353] EXT4-fs error (device loop6): ext4_orphan_get:1395: comm syz.6.4616: couldn't read orphan inode 15 (err -117)
[  251.865725][T15353] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  251.894536][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  252.435755][   T29] kauditd_printk_skb: 466 callbacks suppressed
[  252.435773][   T29] audit: type=1326 audit(1745092602.660:15518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15399 comm="syz.3.4642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5941c8e169 code=0x7ffc0000
[  252.490733][   T29] audit: type=1326 audit(1745092602.660:15519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15399 comm="syz.3.4642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f5941c8e169 code=0x7ffc0000
[  252.515031][   T29] audit: type=1326 audit(1745092602.660:15520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15399 comm="syz.3.4642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5941c8e169 code=0x7ffc0000
[  252.560786][   T29] audit: type=1326 audit(1745092602.780:15521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15345 comm="syz.5.4622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72baf4e169 code=0x7fc00000
[  252.585173][   T29] audit: type=1326 audit(1745092602.780:15522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15345 comm="syz.5.4622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f72baf4e169 code=0x7fc00000
[  252.609029][   T29] audit: type=1326 audit(1745092602.780:15523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15345 comm="syz.5.4622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72baf4e169 code=0x7fc00000
[  252.633328][   T29] audit: type=1326 audit(1745092602.780:15524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15345 comm="syz.5.4622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72baf4e169 code=0x7fc00000
[  252.657765][   T29] audit: type=1326 audit(1745092602.780:15525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15345 comm="syz.5.4622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72baf4e169 code=0x7fc00000
[  252.681380][   T29] audit: type=1326 audit(1745092602.780:15526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15345 comm="syz.5.4622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72baf4e169 code=0x7fc00000
[  252.705800][   T29] audit: type=1326 audit(1745092602.780:15527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15345 comm="syz.5.4622" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72baf4e169 code=0x7fc00000
[  252.908507][T15434] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15434 comm=syz.5.4658
[  252.921925][T15434] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15434 comm=syz.5.4658
[  252.983092][T15444] netlink: 'syz.5.4662': attribute type 3 has an invalid length.
[  253.141026][T15462] loop6: detected capacity change from 0 to 512
[  253.154823][T15462] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  253.167660][T15462] EXT4-fs (loop6): 1 truncate cleaned up
[  253.173747][T15462] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  253.236021][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.257979][T15468] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15468 comm=syz.6.4671
[  253.270577][T15468] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15468 comm=syz.6.4671
[  253.358236][T15476] 9pnet_fd: Insufficient options for proto=fd
[  253.387974][T15478] loop6: detected capacity change from 0 to 512
[  253.397620][T15478] EXT4-fs error (device loop6): ext4_iget_extra_inode:4693: inode #15: comm syz.6.4676: corrupted in-inode xattr: invalid ea_ino
[  253.411477][T15478] EXT4-fs error (device loop6): ext4_orphan_get:1395: comm syz.6.4676: couldn't read orphan inode 15 (err -117)
[  253.423951][T15478] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  253.484533][T13577] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.621763][T15491] loop6: detected capacity change from 0 to 512
[  253.629416][T15491] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  253.637796][T15491] EXT4-fs (loop6): orphan cleanup on readonly fs
[  253.644578][T15491] EXT4-fs warning (device loop6): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  253.659942][T15491] EXT4-fs (loop6): Cannot turn on quotas: error -22
[  253.666864][T15491] EXT4-fs error (device loop6): ext4_orphan_get:1390: inode #16: comm syz.6.4681: iget: immutable or append flags not allowed on symlinks
[  253.681149][T15491] EXT4-fs error (device loop6): ext4_orphan_get:1395: comm syz.6.4681: couldn't read orphan inode 16 (err -117)
[  253.694184][T15491] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  253.759785][T15499] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15499 comm=syz.3.4684
[  253.772492][T15499] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15499 comm=syz.3.4684
[  253.789980][T15501] loop4: detected capacity change from 0 to 512
[  253.797323][T15501] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  253.818025][T15501] EXT4-fs (loop4): orphan cleanup on readonly fs
[  253.826618][T15501] EXT4-fs error (device loop4): ext4_acquire_dquot:6935: comm syz.4.4682: Failed to acquire dquot type 1
[  253.838629][T15501] EXT4-fs (loop4): 1 truncate cleaned up
[  253.845790][T15501] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  253.868515][T15506] 9pnet_fd: Insufficient options for proto=fd
[  254.388521][T15528] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15528 comm=syz.5.4695
[  254.401245][T15528] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15528 comm=syz.5.4695
[  254.497467][T13577] EXT4-fs error (device loop6): ext4_readdir:264: inode #2: block 3: comm syz-executor: path /126/file2: bad entry in directory: inode out of bounds - offset=12, inode=5238, rec_len=12, size=4096 fake=1
[  254.563772][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.612124][T15532] 9pnet_fd: Insufficient options for proto=fd
[  254.825435][T15493] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.941870][ T1075] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.009712][ T1075] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.023194][T15554] __nla_validate_parse: 7 callbacks suppressed
[  255.023212][T15554] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4704'.
[  255.077740][ T1075] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.080459][T15558] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4708'.
[  255.153877][T15564] 9pnet_fd: Insufficient options for proto=fd
[  255.180094][ T1075] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.325619][T15575] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15575 comm=syz.3.4714
[  255.338350][T15575] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15575 comm=syz.3.4714
[  255.371286][ T1075] bridge_slave_1: left allmulticast mode
[  255.377070][ T1075] bridge_slave_1: left promiscuous mode
[  255.382782][ T1075] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.392643][ T1075] bridge_slave_0: left promiscuous mode
[  255.398650][ T1075] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.767781][T15590] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4719'.
[  255.995983][T15594] 9pnet_fd: Insufficient options for proto=fd
[  256.058185][ T1075] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  256.068105][ T1075] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  256.078193][ T1075] bond0 (unregistering): Released all slaves
[  256.118071][T15547] chnl_net:caif_netlink_parms(): no params data found
[  256.200604][ T1075] hsr_slave_0: left promiscuous mode
[  256.208001][ T1075] hsr_slave_1: left promiscuous mode
[  256.213962][ T1075] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  256.221608][ T1075] batman_adv: batadv0: Removing interface: batadv_slave_0
[  256.229660][ T1075] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  256.237187][ T1075] batman_adv: batadv0: Removing interface: batadv_slave_1
[  256.248655][ T1075] veth1_vlan: left promiscuous mode
[  256.253933][ T1075] veth0_vlan: left promiscuous mode
[  256.301600][T15614] loop4: detected capacity change from 0 to 4096
[  256.341284][ T1075] team0 (unregistering): Port device team_slave_1 removed
[  256.352984][ T1075] team0 (unregistering): Port device team_slave_0 removed
[  256.362073][   T38] smc: removing ib device syz!
[  256.370132][T15623] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4728'.
[  256.380458][T15614] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  256.408390][T15604] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  256.423286][T15547] bridge0: port 1(bridge_slave_0) entered blocking state
[  256.430426][T15547] bridge0: port 1(bridge_slave_0) entered disabled state
[  256.452236][T15625] 9pnet_fd: Insufficient options for proto=fd
[  256.458628][T15547] bridge_slave_0: entered allmulticast mode
[  256.465349][T15547] bridge_slave_0: entered promiscuous mode
[  256.467123][T15547] bridge0: port 2(bridge_slave_1) entered blocking state
[  256.478523][T15547] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.486177][T15547] bridge_slave_1: entered allmulticast mode
[  256.492774][T15547] bridge_slave_1: entered promiscuous mode
[  256.502794][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.524420][T15629] atomic_op ffff888134324d28 conn xmit_atomic 0000000000000000
[  256.561067][T15633] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4734'.
[  256.588918][T15547] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  256.618352][T15631] loop4: detected capacity change from 0 to 4096
[  256.622179][T15547] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  256.649836][T15631] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  256.665430][T15636] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4735'.
[  256.696886][T15547] team0: Port device team_slave_0 added
[  256.708470][T15631] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  256.717788][T15547] team0: Port device team_slave_1 added
[  256.739752][T15636] netlink: 100 bytes leftover after parsing attributes in process `syz.3.4735'.
[  256.749954][T15547] batman_adv: batadv0: Adding interface: batadv_slave_0
[  256.757082][T15547] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  256.783899][T15547] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  256.795193][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  256.795843][T15547] batman_adv: batadv0: Adding interface: batadv_slave_1
[  256.811834][T15547] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  256.838445][T15547] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  256.884878][T15547] hsr_slave_0: entered promiscuous mode
[  256.891797][T15547] hsr_slave_1: entered promiscuous mode
[  256.898650][T15547] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  256.906282][T15547] Cannot create hsr debugfs directory
[  256.978058][T15656] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4740'.
[  256.998974][T15655] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4741'.
[  257.041726][T15547] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  257.052554][T15659] 9pnet_fd: Insufficient options for proto=fd
[  257.081754][T15547] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  257.101036][T15547] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  257.114980][T15547] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  257.134900][T15547] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.142048][T15547] bridge0: port 2(bridge_slave_1) entered forwarding state
[  257.149356][T15547] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.156441][T15547] bridge0: port 1(bridge_slave_0) entered forwarding state
[  257.178419][ T1075] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.204471][ T1075] bridge0: port 2(bridge_slave_1) entered disabled state
[  257.261134][T15665] atomic_op ffff888116c07128 conn xmit_atomic 0000000000000000
[  257.340000][T15547] 8021q: adding VLAN 0 to HW filter on device bond0
[  257.413915][T15547] 8021q: adding VLAN 0 to HW filter on device team0
[  257.424454][T15669] netlink: 'syz.3.4745': attribute type 3 has an invalid length.
[  257.435721][ T1075] bridge0: port 1(bridge_slave_0) entered blocking state
[  257.442818][ T1075] bridge0: port 1(bridge_slave_0) entered forwarding state
[  257.451867][   T29] kauditd_printk_skb: 463 callbacks suppressed
[  257.451881][   T29] audit: type=1400 audit(1745092607.670:15989): avc:  denied  { ioctl } for  pid=15667 comm="syz.3.4745" path="/dev/loop7" dev="devtmpfs" ino=107 ioctlcmd=0x4c00 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  257.459017][ T1075] bridge0: port 2(bridge_slave_1) entered blocking state
[  257.483629][   T29] audit: type=1400 audit(1745092607.670:15990): avc:  denied  { ioctl } for  pid=15667 comm="syz.3.4745" path="socket:[55981]" dev="sockfs" ino=55981 ioctlcmd=0x8907 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  257.490672][ T1075] bridge0: port 2(bridge_slave_1) entered forwarding state
[  257.554481][   T29] audit: type=1326 audit(1745092607.770:15991): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15641 comm="syz.5.4737" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72baf4e169 code=0x7fc00000
[  257.579056][   T29] audit: type=1400 audit(1745092607.800:15992): avc:  denied  { read } for  pid=15667 comm="syz.3.4745" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  257.623074][T15547] 8021q: adding VLAN 0 to HW filter on device batadv0
[  257.631118][   T29] audit: type=1400 audit(1745092607.860:15993): avc:  denied  { create } for  pid=15667 comm="syz.3.4745" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  257.668133][   T29] audit: type=1400 audit(1745092607.860:15994): avc:  denied  { write } for  pid=15667 comm="syz.3.4745" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  257.687873][   T29] audit: type=1400 audit(1745092607.860:15995): avc:  denied  { connect } for  pid=15667 comm="syz.3.4745" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  257.707683][   T29] audit: type=1400 audit(1745092607.860:15996): avc:  denied  { name_connect } for  pid=15667 comm="syz.3.4745" dest=20001 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=sctp_socket permissive=1
[  257.711520][T15682] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4749'.
[  257.729944][   T29] audit: type=1400 audit(1745092607.860:15997): avc:  denied  { shutdown } for  pid=15667 comm="syz.3.4745" lport=38249 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  257.729980][   T29] audit: type=1400 audit(1745092607.860:15998): avc:  denied  { getopt } for  pid=15667 comm="syz.3.4745" lport=38249 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1
[  257.928729][T15547] veth0_vlan: entered promiscuous mode
[  257.937611][T15547] veth1_vlan: entered promiscuous mode
[  257.951109][T15547] veth0_macvtap: entered promiscuous mode
[  257.958548][T15547] veth1_macvtap: entered promiscuous mode
[  257.970003][T15547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  257.980592][T15547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  257.990558][T15547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  258.001056][T15547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  258.011778][T15547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  258.022397][T15547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  258.032326][T15547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  258.043364][T15547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  258.054330][T15547] batman_adv: batadv0: Interface activated: batadv_slave_0
[  258.063567][T15547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  258.074741][T15547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  258.084558][T15547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  258.095738][T15547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  258.105702][T15547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  258.116223][T15547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  258.126760][T15547] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  258.137245][T15547] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  258.153544][T15547] batman_adv: batadv0: Interface activated: batadv_slave_1
[  258.187876][T15547] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  258.196745][T15547] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  258.205528][T15547] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  258.214270][T15547] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  258.445715][T15705] 9pnet_fd: Insufficient options for proto=fd
[  258.494482][T15709] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15709 comm=syz.5.4753
[  258.507169][T15709] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15709 comm=syz.5.4753
[  258.533198][T15711] bpf: Bad value for 'gid'
[  258.542301][T15713] atomic_op ffff888118395928 conn xmit_atomic 0000000000000000
[  258.862413][T15734] 9pnet_fd: Insufficient options for proto=fd
[  259.253397][T15747] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15747 comm=syz.3.4769
[  259.266144][T15747] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15747 comm=syz.3.4769
[  259.433303][T15759] netlink: 'syz.3.4774': attribute type 3 has an invalid length.
[  259.444230][T15759] loop7: detected capacity change from 0 to 16384
[  259.561730][T15765] 9pnet_fd: Insufficient options for proto=fd
[  259.617402][T15763] loop7: detected capacity change from 16384 to 16383
[  259.689685][T15768] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  259.702899][T15775] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15775 comm=syz.4.4781
[  259.715556][T15775] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15775 comm=syz.4.4781
[  259.725570][T15777] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15777 comm=syz.7.4780
[  259.740659][T15777] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15777 comm=syz.7.4780
[  259.796946][T15768] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  259.810475][T15783] loop4: detected capacity change from 0 to 512
[  259.820379][T15783] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  259.844049][T15783] EXT4-fs (loop4): 1 truncate cleaned up
[  259.856320][T15783] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  259.879311][T15790] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15790 comm=syz.5.4786
[  259.891917][T15790] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15790 comm=syz.5.4786
[  259.938623][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.953482][T15793] 9pnet_fd: Insufficient options for proto=fd
[  260.123237][T15807] IPv6: NLM_F_CREATE should be specified when creating new route
[  260.162159][T15809] __nla_validate_parse: 7 callbacks suppressed
[  260.162177][T15809] netlink: 52 bytes leftover after parsing attributes in process `syz.5.4793'.
[  260.228134][T15813] lo: entered promiscuous mode
[  260.232918][T15813] lo: entered allmulticast mode
[  260.311159][T15816] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4796'.
[  260.329689][T15816] netlink: 100 bytes leftover after parsing attributes in process `syz.3.4796'.
[  260.434760][T15821] xt_bpf: check failed: parse error
[  260.464483][T15823] 9pnet_fd: Insufficient options for proto=fd
[  260.490813][T15825] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4800'.
[  260.567931][T15831] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4802'.
[  260.810379][T15839] netlink: 52 bytes leftover after parsing attributes in process `syz.7.4805'.
[  260.841115][T15840] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4803'.
[  260.932682][T15842] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  261.411295][T15861] netlink: 76 bytes leftover after parsing attributes in process `syz.4.4813'.
[  261.636582][T15870] netlink: 52 bytes leftover after parsing attributes in process `syz.1.4816'.
[  261.785723][T15868] loop7: detected capacity change from 0 to 8192
[  261.833224][T15868] vfat: Unknown parameter '&ó #ó0»!T—.yÕ„¯÷—Ž£ÎÆ°*Æìì#Ë'
[  261.914521][T15878] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4818'.
[  261.932287][T15878] IPVS: Error joining to the multicast group
[  262.487877][   T29] kauditd_printk_skb: 522 callbacks suppressed
[  262.487891][   T29] audit: type=1326 audit(1745092612.710:16521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15907 comm="syz.5.4830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72baf4e169 code=0x7ffc0000
[  262.541947][   T29] audit: type=1326 audit(1745092612.740:16522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15907 comm="syz.5.4830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72baf4e169 code=0x7ffc0000
[  262.565830][   T29] audit: type=1326 audit(1745092612.740:16523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15907 comm="syz.5.4830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7f72baf4e169 code=0x7ffc0000
[  262.589425][   T29] audit: type=1326 audit(1745092612.740:16524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15907 comm="syz.5.4830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72baf4e169 code=0x7ffc0000
[  262.613089][   T29] audit: type=1326 audit(1745092612.740:16525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15907 comm="syz.5.4830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72baf4e169 code=0x7ffc0000
[  262.636770][   T29] audit: type=1326 audit(1745092612.740:16526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15907 comm="syz.5.4830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f72baf4e169 code=0x7ffc0000
[  262.636803][   T29] audit: type=1326 audit(1745092612.740:16527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15907 comm="syz.5.4830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72baf4e169 code=0x7ffc0000
[  262.636831][   T29] audit: type=1326 audit(1745092612.740:16528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15907 comm="syz.5.4830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f72baf4e169 code=0x7ffc0000
[  262.636865][   T29] audit: type=1326 audit(1745092612.740:16529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15907 comm="syz.5.4830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72baf4e169 code=0x7ffc0000
[  262.636895][   T29] audit: type=1326 audit(1745092612.740:16530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15907 comm="syz.5.4830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f72baf4e169 code=0x7ffc0000
[  262.699647][T15917] atomic_op ffff888111e94928 conn xmit_atomic 0000000000000000
[  264.122113][T15956] atomic_op ffff888111e94d28 conn xmit_atomic 0000000000000000
[  265.042390][T15964] SELinux: security_context_str_to_sid (Ð-šXܘ7.H\¹ÿ%ºu@
) failed with errno=-22
[  265.062419][T15966] selinux_netlink_send: 8 callbacks suppressed
[  265.062511][T15966] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=15966 comm=syz.7.4851
[  265.082047][T15966] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=15966 comm=syz.7.4851
[  265.281511][T15990] atomic_op ffff888117ca8d28 conn xmit_atomic 0000000000000000
[  265.309582][T15988] xt_SECMARK: invalid security context 'system_u:object_r:dbusd_etc_t:s0'
[  265.341021][T15994] loop7: detected capacity change from 0 to 512
[  265.349796][T15994] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  265.359758][T15994] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c118, mo2=0002]
[  265.370111][T15994] EXT4-fs error (device loop7): ext4_iget_extra_inode:4693: inode #15: comm syz.7.4862: corrupted in-inode xattr: e_value size too large
[  265.400380][T15994] EXT4-fs error (device loop7): ext4_orphan_get:1395: comm syz.7.4862: couldn't read orphan inode 15 (err -117)
[  265.414233][T15994] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.462355][T16003] __nla_validate_parse: 7 callbacks suppressed
[  265.462564][T16003] netlink: 132 bytes leftover after parsing attributes in process `syz.4.4865'.
[  265.483530][T16003] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  265.510625][T15547] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.522684][T16011] set match dimension is over the limit!
[  265.542248][T16015] netlink: 'syz.7.4870': attribute type 3 has an invalid length.
[  265.552183][T16018] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  265.562698][T16015] loop7: detected capacity change from 0 to 16384
[  265.607449][T16023] FAULT_INJECTION: forcing a failure.
[  265.607449][T16023] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  265.620628][T16023] CPU: 1 UID: 0 PID: 16023 Comm: syz.3.4874 Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(voluntary) 
[  265.620661][T16023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  265.620677][T16023] Call Trace:
[  265.620686][T16023]  <TASK>
[  265.620696][T16023]  dump_stack_lvl+0xf6/0x150
[  265.620734][T16023]  dump_stack+0x15/0x1a
[  265.620756][T16023]  should_fail_ex+0x261/0x270
[  265.620783][T16023]  should_fail+0xb/0x10
[  265.620802][T16023]  should_fail_usercopy+0x1a/0x20
[  265.620884][T16023]  _copy_from_user+0x1c/0xa0
[  265.620966][T16023]  do_ipt_set_ctl+0x208/0x830
[  265.621001][T16023]  ? _raw_spin_unlock_bh+0x36/0x40
[  265.621043][T16023]  nf_setsockopt+0x195/0x1b0
[  265.621134][T16023]  ip_setsockopt+0xea/0x100
[  265.621192][T16023]  tcp_setsockopt+0x93/0xb0
[  265.621232][T16023]  sock_common_setsockopt+0x64/0x80
[  265.621272][T16023]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  265.621312][T16023]  __sys_setsockopt+0x187/0x200
[  265.621377][T16023]  __x64_sys_setsockopt+0x66/0x80
[  265.621403][T16023]  x64_sys_call+0x2a09/0x2e10
[  265.621425][T16023]  do_syscall_64+0xc9/0x1a0
[  265.621452][T16023]  ? clear_bhb_loop+0x25/0x80
[  265.621552][T16023]  ? clear_bhb_loop+0x25/0x80
[  265.621578][T16023]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  265.621672][T16023] RIP: 0033:0x7f5941c8e169
[  265.621691][T16023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  265.621715][T16023] RSP: 002b:00007f59402f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  265.621739][T16023] RAX: ffffffffffffffda RBX: 00007f5941eb5fa0 RCX: 00007f5941c8e169
[  265.621753][T16023] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000007
[  265.621764][T16023] RBP: 00007f59402f7090 R08: 0000000000000410 R09: 0000000000000000
[  265.621776][T16023] R10: 0000200000000580 R11: 0000000000000246 R12: 0000000000000001
[  265.621787][T16023] R13: 0000000000000000 R14: 00007f5941eb5fa0 R15: 00007ffd503a29a8
[  265.621804][T16023]  </TASK>
[  265.944821][T16024] loop7: detected capacity change from 16384 to 16383
[  266.424926][T16045] loop4: detected capacity change from 0 to 512
[  266.478503][T16045] EXT4-fs: Ignoring removed nobh option
[  266.525761][T16045] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.4882: invalid indirect mapped block 256 (level 2)
[  266.547257][T16045] EXT4-fs (loop4): 2 truncates cleaned up
[  266.566495][T16045] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  266.610512][T16045] EXT4-fs error (device loop4): ext4_validate_block_bitmap:432: comm syz.4.4882: bg 0: block 5: invalid block bitmap
[  266.651356][T16045] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 4096 with max blocks 1 with error 28
[  266.663923][T16045] EXT4-fs (loop4): This should not happen!! Data will be lost
[  266.663923][T16045] 
[  266.673650][T16045] EXT4-fs (loop4): Total free blocks count 0
[  266.679671][T16045] EXT4-fs (loop4): Free/Dirty block details
[  266.685580][T16045] EXT4-fs (loop4): free_blocks=0
[  266.690522][T16045] EXT4-fs (loop4): dirty_blocks=2
[  266.695575][T16045] EXT4-fs (loop4): Block reservation details
[  266.701584][T16045] EXT4-fs (loop4): i_reserved_data_blocks=2
[  266.718692][T16059] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4887'.
[  266.753217][T16059] netlink: 100 bytes leftover after parsing attributes in process `syz.3.4887'.
[  266.816636][   T38] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  266.861289][T16069] SELinux: failed to load policy
[  266.876565][T16070] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  267.321582][T16099] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4898'.
[  267.652068][T16094] loop4: detected capacity change from 0 to 512
[  267.686436][T16094] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  267.697781][   T29] kauditd_printk_skb: 186 callbacks suppressed
[  267.697798][   T29] audit: type=1400 audit(1745092617.920:16717): avc:  denied  { append } for  pid=16095 comm="syz.5.4903" name="001" dev="devtmpfs" ino=147 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  267.729700][T16094] EXT4-fs (loop4): 1 truncate cleaned up
[  267.736071][T16094] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.739160][   T29] audit: type=1326 audit(1745092617.960:16718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16095 comm="syz.5.4903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72baf4e169 code=0x7ffc0000
[  267.753169][T16098] loop7: detected capacity change from 0 to 512
[  267.779733][   T29] audit: type=1326 audit(1745092618.000:16719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16095 comm="syz.5.4903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f72baf4e169 code=0x7ffc0000
[  267.807740][T16094] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4902'.
[  267.808177][   T29] audit: type=1326 audit(1745092618.000:16720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16095 comm="syz.5.4903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72baf4e169 code=0x7ffc0000
[  267.819995][T16098] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  267.840519][   T29] audit: type=1326 audit(1745092618.000:16721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16095 comm="syz.5.4903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f72baf4e169 code=0x7ffc0000
[  267.872276][   T29] audit: type=1326 audit(1745092618.000:16722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16095 comm="syz.5.4903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f72baf4e169 code=0x7ffc0000
[  267.896141][   T29] audit: type=1326 audit(1745092618.000:16723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16095 comm="syz.5.4903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f72baf4e1a3 code=0x7ffc0000
[  267.919613][   T29] audit: type=1326 audit(1745092618.000:16724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16095 comm="syz.5.4903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f72baf4cc1f code=0x7ffc0000
[  267.964564][   T29] audit: type=1326 audit(1745092618.150:16725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16095 comm="syz.5.4903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f72baf4e1f7 code=0x7ffc0000
[  267.996343][   T29] audit: type=1326 audit(1745092618.220:16726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16095 comm="syz.5.4903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f72baf4cad0 code=0x7ffc0000
[  268.000108][T16098] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c118, mo2=0002]
[  268.024373][T16094] netlink: 100 bytes leftover after parsing attributes in process `syz.4.4902'.
[  268.041189][T16098] EXT4-fs error (device loop7): ext4_iget_extra_inode:4693: inode #15: comm syz.7.4904: corrupted in-inode xattr: e_value size too large
[  268.056456][T16098] EXT4-fs error (device loop7): ext4_orphan_get:1395: comm syz.7.4904: couldn't read orphan inode 15 (err -117)
[  268.074266][T16098] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  268.140921][T16120] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=16120 comm=syz.3.4907
[  268.153752][T16120] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=16120 comm=syz.3.4907
[  268.160890][T15547] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.176578][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.222980][T16131] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  268.275154][T16126] netlink: 76 bytes leftover after parsing attributes in process `syz.3.4910'.
[  268.298452][T16127] loop7: detected capacity change from 0 to 4096
[  268.308060][T16127] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  268.351067][T16127] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  268.391411][T15547] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.423564][T16143] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4915'.
[  268.431134][T16153] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=16153 comm=syz.5.4920
[  268.445171][T16153] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=16153 comm=syz.5.4920
[  268.458196][T16145] loop4: detected capacity change from 0 to 8192
[  268.466235][T16145] vfat: Unknown parameter '&ó #ó0»!T—.yÕ„¯÷—Ž£ÎÆ°*Æìì#Ë'
[  268.485611][T16155] loop7: detected capacity change from 0 to 512
[  268.502234][T16155] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  268.508107][T16158] FAULT_INJECTION: forcing a failure.
[  268.508107][T16158] name failslab, interval 1, probability 0, space 0, times 0
[  268.523087][T16158] CPU: 1 UID: 0 PID: 16158 Comm: syz.5.4921 Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(voluntary) 
[  268.523122][T16158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  268.523138][T16158] Call Trace:
[  268.523147][T16158]  <TASK>
[  268.523157][T16158]  dump_stack_lvl+0xf6/0x150
[  268.523191][T16158]  dump_stack+0x15/0x1a
[  268.523212][T16158]  should_fail_ex+0x261/0x270
[  268.523242][T16158]  should_failslab+0x8f/0xb0
[  268.523269][T16158]  kmem_cache_alloc_noprof+0x59/0x340
[  268.523303][T16158]  ? getname_flags+0x81/0x3b0
[  268.523432][T16158]  getname_flags+0x81/0x3b0
[  268.523520][T16158]  __x64_sys_unlink+0x21/0x40
[  268.523548][T16158]  x64_sys_call+0x2358/0x2e10
[  268.523574][T16158]  do_syscall_64+0xc9/0x1a0
[  268.523681][T16158]  ? clear_bhb_loop+0x25/0x80
[  268.523713][T16158]  ? clear_bhb_loop+0x25/0x80
[  268.523733][T16158]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.523757][T16158] RIP: 0033:0x7f72baf4e169
[  268.523799][T16158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  268.523819][T16158] RSP: 002b:00007f72b95b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[  268.523876][T16158] RAX: ffffffffffffffda RBX: 00007f72bb175fa0 RCX: 00007f72baf4e169
[  268.523895][T16158] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  268.523905][T16158] RBP: 00007f72b95b7090 R08: 0000000000000000 R09: 0000000000000000
[  268.523917][T16158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.523928][T16158] R13: 0000000000000000 R14: 00007f72bb175fa0 R15: 00007fff29cd2c58
[  268.523944][T16158]  </TASK>
[  268.701438][T16155] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c118, mo2=0002]
[  268.717148][T16155] EXT4-fs error (device loop7): ext4_iget_extra_inode:4693: inode #15: comm syz.7.4919: corrupted in-inode xattr: e_value size too large
[  268.735248][T16155] EXT4-fs error (device loop7): ext4_orphan_get:1395: comm syz.7.4919: couldn't read orphan inode 15 (err -117)
[  268.749471][T16155] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  268.756294][T16165] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  268.787014][T15547] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.826730][T16168] loop4: detected capacity change from 0 to 2048
[  268.867151][T16168] EXT4-fs (loop4): failed to initialize system zone (-117)
[  268.876870][T16168] EXT4-fs (loop4): mount failed
[  268.978396][T16188] netlink: 'syz.7.4932': attribute type 3 has an invalid length.
[  268.986865][T16185] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4931'.
[  269.042414][T16188] loop7: detected capacity change from 0 to 16384
[  269.105828][T16193] loop4: detected capacity change from 0 to 512
[  269.120193][T16196] FAULT_INJECTION: forcing a failure.
[  269.120193][T16196] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  269.133584][T16196] CPU: 1 UID: 0 PID: 16196 Comm: syz.1.4935 Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(voluntary) 
[  269.133614][T16196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  269.133637][T16196] Call Trace:
[  269.133645][T16196]  <TASK>
[  269.133654][T16196]  dump_stack_lvl+0xf6/0x150
[  269.133684][T16196]  dump_stack+0x15/0x1a
[  269.133781][T16196]  should_fail_ex+0x261/0x270
[  269.133808][T16196]  should_fail+0xb/0x10
[  269.133833][T16196]  should_fail_usercopy+0x1a/0x20
[  269.133863][T16196]  _copy_from_user+0x1c/0xa0
[  269.133897][T16196]  copy_msghdr_from_user+0x54/0x2b0
[  269.133951][T16196]  ? __fget_files+0x186/0x1c0
[  269.133973][T16196]  __sys_sendmsg+0x141/0x240
[  269.134013][T16196]  __x64_sys_sendmsg+0x46/0x50
[  269.134041][T16196]  x64_sys_call+0x26f3/0x2e10
[  269.134125][T16196]  do_syscall_64+0xc9/0x1a0
[  269.134148][T16196]  ? clear_bhb_loop+0x25/0x80
[  269.134172][T16196]  ? clear_bhb_loop+0x25/0x80
[  269.134198][T16196]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  269.134241][T16196] RIP: 0033:0x7f44cd61e169
[  269.134259][T16196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  269.134281][T16196] RSP: 002b:00007f44cbc87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  269.134299][T16196] RAX: ffffffffffffffda RBX: 00007f44cd845fa0 RCX: 00007f44cd61e169
[  269.134313][T16196] RDX: 0000000000048002 RSI: 0000200000000080 RDI: 0000000000000003
[  269.134328][T16196] RBP: 00007f44cbc87090 R08: 0000000000000000 R09: 0000000000000000
[  269.134343][T16196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  269.134475][T16196] R13: 0000000000000000 R14: 00007f44cd845fa0 R15: 00007ffc2391d338
[  269.134517][T16196]  </TASK>
[  269.320381][T16193] EXT4-fs (loop4): #blocks per group too big: 24576
[  269.357060][T16204] loop4: detected capacity change from 0 to 512
[  269.377033][T16204] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  269.381824][T16190] loop7: detected capacity change from 16384 to 16383
[  269.458382][T16204] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c118, mo2=0002]
[  269.491723][T16204] EXT4-fs error (device loop4): ext4_iget_extra_inode:4693: inode #15: comm syz.4.4938: corrupted in-inode xattr: e_value size too large
[  269.552701][T16204] EXT4-fs error (device loop4): ext4_orphan_get:1395: comm syz.4.4938: couldn't read orphan inode 15 (err -117)
[  269.568955][T16216] IPv6: Can't replace route, no match found
[  269.581238][T16204] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.594574][T16215] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4942'.
[  269.617238][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.945809][T16243] loop4: detected capacity change from 0 to 4096
[  269.977517][T16243] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  270.007538][T16243] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  270.046169][T16257] loop7: detected capacity change from 0 to 512
[  270.060174][T16257] EXT4-fs (loop7): mounting ext3 file system using the ext4 subsystem
[  270.074044][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.092573][T16257] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c118, mo2=0002]
[  270.106212][T16257] EXT4-fs error (device loop7): ext4_iget_extra_inode:4693: inode #15: comm syz.7.4956: corrupted in-inode xattr: e_value size too large
[  270.128212][T16257] EXT4-fs error (device loop7): ext4_orphan_get:1395: comm syz.7.4956: couldn't read orphan inode 15 (err -117)
[  270.141161][T16257] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  270.191429][T15547] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.211814][T16267] loop4: detected capacity change from 0 to 2048
[  270.243284][T16275] netlink: 'syz.1.4964': attribute type 4 has an invalid length.
[  270.252911][T16267] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  270.289941][T16275] 9pnet: Could not find request transport: 0xffffffffffffffff
[  270.441552][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.637201][T16288] loop7: detected capacity change from 0 to 4096
[  270.670198][T16296] __nla_validate_parse: 7 callbacks suppressed
[  270.670220][T16296] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4971'.
[  270.714433][T16288] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  270.738765][T16299] bridge_slave_0: left promiscuous mode
[  270.744535][T16299] bridge0: port 1(bridge_slave_0) entered disabled state
[  270.752396][T16288] EXT4-fs (loop7): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  270.763936][T16299] bridge_slave_1: left allmulticast mode
[  270.769749][T16299] bridge_slave_1: left promiscuous mode
[  270.775655][T16299] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.788823][T16299] bond0: (slave bond_slave_0): Releasing backup interface
[  270.797941][T16304] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4969'.
[  270.811564][T15547] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.823126][T16299] bond0: (slave bond_slave_1): Releasing backup interface
[  270.845868][T16308] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4976'.
[  270.846397][T16299] team0: Port device team_slave_0 removed
[  270.864569][T16299] team0: Port device team_slave_1 removed
[  270.871735][T16299] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  270.879266][T16299] batman_adv: batadv0: Removing interface: batadv_slave_0
[  270.888454][T16299] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  270.895953][T16299] batman_adv: batadv0: Removing interface: batadv_slave_1
[  271.187059][T16331] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4985'.
[  271.324763][T16332] FAULT_INJECTION: forcing a failure.
[  271.324763][T16332] name failslab, interval 1, probability 0, space 0, times 0
[  271.337488][T16332] CPU: 0 UID: 0 PID: 16332 Comm: syz.5.4983 Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(voluntary) 
[  271.337519][T16332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  271.337533][T16332] Call Trace:
[  271.337539][T16332]  <TASK>
[  271.337546][T16332]  dump_stack_lvl+0xf6/0x150
[  271.337570][T16332]  dump_stack+0x15/0x1a
[  271.337585][T16332]  should_fail_ex+0x261/0x270
[  271.337611][T16332]  should_failslab+0x8f/0xb0
[  271.337636][T16332]  kmem_cache_alloc_noprof+0x59/0x340
[  271.337663][T16332]  ? vm_area_dup+0x32/0x260
[  271.337682][T16332]  vm_area_dup+0x32/0x260
[  271.337700][T16332]  __split_vma+0xf9/0x630
[  271.337725][T16332]  ? mod_objcg_state+0x3f6/0x530
[  271.337758][T16332]  vms_gather_munmap_vmas+0x171/0x790
[  271.337783][T16332]  ? mas_walk+0x204/0x320
[  271.337808][T16332]  mmap_region+0x46f/0x1490
[  271.337835][T16332]  ? mntput_no_expire+0x73/0x3e0
[  271.337864][T16332]  ? __rcu_read_unlock+0x4e/0x70
[  271.337900][T16332]  do_mmap+0x9ef/0xc80
[  271.337923][T16332]  __se_sys_remap_file_pages+0x767/0x800
[  271.337951][T16332]  ? fput+0x99/0xd0
[  271.337975][T16332]  ? ksys_write+0x180/0x1b0
[  271.337994][T16332]  __x64_sys_remap_file_pages+0x67/0x80
[  271.338018][T16332]  x64_sys_call+0x29b9/0x2e10
[  271.338040][T16332]  do_syscall_64+0xc9/0x1a0
[  271.338064][T16332]  ? clear_bhb_loop+0x25/0x80
[  271.338084][T16332]  ? clear_bhb_loop+0x25/0x80
[  271.338105][T16332]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.338125][T16332] RIP: 0033:0x7f72baf4e169
[  271.338140][T16332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  271.338158][T16332] RSP: 002b:00007f72b9596038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d8
[  271.338176][T16332] RAX: ffffffffffffffda RBX: 00007f72bb176080 RCX: 00007f72baf4e169
[  271.338189][T16332] RDX: 0000000000000000 RSI: 0000000000400d00 RDI: 000020000051c000
[  271.338202][T16332] RBP: 00007f72b9596090 R08: 0200000000000000 R09: 0000000000000000
[  271.338214][T16332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  271.338225][T16332] R13: 0000000000000000 R14: 00007f72bb176080 R15: 00007fff29cd2c58
[  271.338244][T16332]  </TASK>
[  271.616405][T16340] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4987'.
[  271.839917][T16351] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4992'.
[  272.077453][T16366] FAULT_INJECTION: forcing a failure.
[  272.077453][T16366] name failslab, interval 1, probability 0, space 0, times 0
[  272.090487][T16366] CPU: 0 UID: 0 PID: 16366 Comm: syz.1.4996 Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(voluntary) 
[  272.090599][T16366] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  272.090615][T16366] Call Trace:
[  272.090624][T16366]  <TASK>
[  272.090634][T16366]  dump_stack_lvl+0xf6/0x150
[  272.090670][T16366]  dump_stack+0x15/0x1a
[  272.090712][T16366]  should_fail_ex+0x261/0x270
[  272.090742][T16366]  should_failslab+0x8f/0xb0
[  272.090764][T16366]  __kmalloc_cache_noprof+0x55/0x320
[  272.090806][T16366]  ? __se_sys_mount+0xf9/0x2e0
[  272.090875][T16366]  __se_sys_mount+0xf9/0x2e0
[  272.090898][T16366]  ? fput+0x99/0xd0
[  272.090932][T16366]  ? ksys_write+0x180/0x1b0
[  272.090957][T16366]  __x64_sys_mount+0x67/0x80
[  272.091006][T16366]  x64_sys_call+0xd11/0x2e10
[  272.091061][T16366]  do_syscall_64+0xc9/0x1a0
[  272.091090][T16366]  ? clear_bhb_loop+0x25/0x80
[  272.091117][T16366]  ? clear_bhb_loop+0x25/0x80
[  272.091171][T16366]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.091191][T16366] RIP: 0033:0x7f44cd61e169
[  272.091205][T16366] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  272.091224][T16366] RSP: 002b:00007f44cbc87038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  272.091247][T16366] RAX: ffffffffffffffda RBX: 00007f44cd845fa0 RCX: 00007f44cd61e169
[  272.091263][T16366] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000000
[  272.091278][T16366] RBP: 00007f44cbc87090 R08: 0000200000000100 R09: 0000000000000000
[  272.091352][T16366] R10: 00000000009200e5 R11: 0000000000000246 R12: 0000000000000001
[  272.091418][T16366] R13: 0000000000000000 R14: 00007f44cd845fa0 R15: 00007ffc2391d338
[  272.091442][T16366]  </TASK>
[  272.288119][T16368] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[  272.311804][T16370] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4998'.
[  272.325385][T16372] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=16372 comm=syz.4.4999
[  272.338067][T16372] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=16372 comm=syz.4.4999
[  272.411733][T16378] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5002'.
[  272.548296][T16390] loop4: detected capacity change from 0 to 4096
[  272.574464][T16390] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  272.622294][T16390] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  272.642004][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.662726][T16398] netlink: 'syz.5.5009': attribute type 4 has an invalid length.
[  272.666216][T16397] netlink: 76 bytes leftover after parsing attributes in process `syz.3.5008'.
[  272.699935][T16401] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=16 sclass=netlink_audit_socket pid=16401 comm=syz.4.5010
[  272.712596][T16401] SELinux: unrecognized netlink message: protocol=9 nlmsg_type=17 sclass=netlink_audit_socket pid=16401 comm=syz.4.5010
[  272.727237][   T29] kauditd_printk_skb: 500 callbacks suppressed
[  272.727278][   T29] audit: type=1400 audit(1745092623.011:17227): avc:  denied  { create } for  pid=16396 comm="syz.3.5008" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  272.755544][T16403] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5007'.
[  272.801353][   T29] audit: type=1400 audit(1745092623.051:17228): avc:  denied  { write } for  pid=16396 comm="syz.3.5008" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  272.821012][   T29] audit: type=1400 audit(1745092623.071:17229): avc:  denied  { read } for  pid=2987 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1
[  272.843234][   T29] audit: type=1400 audit(1745092623.071:17230): avc:  denied  { search } for  pid=2987 comm="syslogd" name="/" dev="tmpfs" ino=1 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[  272.864922][   T29] audit: type=1400 audit(1745092623.071:17231): avc:  denied  { open } for  pid=2987 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  272.887693][   T29] audit: type=1400 audit(1745092623.071:17232): avc:  denied  { getattr } for  pid=2987 comm="syslogd" path="/tmp/messages" dev="tmpfs" ino=11 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[  273.029254][T16406] loop7: detected capacity change from 0 to 512
[  273.050552][   T29] audit: type=1400 audit(1745092623.201:17233): avc:  denied  { read write } for  pid=15547 comm="syz-executor" name="loop7" dev="devtmpfs" ino=107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  273.075009][   T29] audit: type=1400 audit(1745092623.201:17234): avc:  denied  { read write open } for  pid=15547 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=107 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  273.077228][T16406] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  273.100518][   T29] audit: type=1400 audit(1745092623.201:17235): avc:  denied  { ioctl } for  pid=15547 comm="syz-executor" path="/dev/loop7" dev="devtmpfs" ino=107 ioctlcmd=0x4c01 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1
[  273.136299][   T29] audit: type=1400 audit(1745092623.201:17236): avc:  denied  { create } for  pid=16395 comm="syz.5.5009" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  273.177309][T16406] EXT4-fs (loop7): 1 truncate cleaned up
[  273.183452][T16406] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  273.196155][T16412] loop4: detected capacity change from 0 to 4096
[  273.318170][T16412] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  273.354618][T16412] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  273.508270][T15547] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.597055][T10617] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.646858][T16433] netlink: 'syz.4.5020': attribute type 3 has an invalid length.
[  273.663490][T16433] loop4: detected capacity change from 0 to 164
[  273.670193][T16433] iso9660: Unknown parameter '0177777777777777777777718446744073709551615ÿÿ00000000000000000009'
[  273.683851][T16433] loop7: detected capacity change from 0 to 16384
[  273.777046][T15547] ==================================================================
[  273.785188][T15547] BUG: KCSAN: data-race in __filemap_remove_folio / invalidate_bdev
[  273.793228][T15547] 
[  273.795570][T15547] read-write to 0xffff8881004c11f0 of 8 bytes by task 16440 on cpu 0:
[  273.803738][T15547]  __filemap_remove_folio+0x1c7/0x2c0
[  273.809149][T15547]  __remove_mapping+0x33f/0x470
[  273.814021][T15547]  remove_mapping+0x22/0x90
[  273.818536][T15547]  mapping_try_invalidate+0x267/0x3f0
[  273.823927][T15547]  invalidate_mapping_pages+0x27/0x40
[  273.829343][T15547]  invalidate_bdev+0x58/0x70
[  273.833950][T15547]  loop_set_status+0x12b/0x5d0
[  273.838741][T15547]  lo_ioctl+0x81a/0x15e0
[  273.842994][T15547]  blkdev_ioctl+0x35b/0x450
[  273.847529][T15547]  __se_sys_ioctl+0xc9/0x140
[  273.852132][T15547]  __x64_sys_ioctl+0x43/0x50
[  273.856738][T15547]  x64_sys_call+0x168d/0x2e10
[  273.861424][T15547]  do_syscall_64+0xc9/0x1a0
[  273.865948][T15547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.871867][T15547] 
[  273.874196][T15547] read to 0xffff8881004c11f0 of 8 bytes by task 15547 on cpu 1:
[  273.881831][T15547]  invalidate_bdev+0x25/0x70
[  273.886437][T15547]  bdev_disk_changed+0xe1/0xcd0
[  273.891292][T15547]  blkdev_get_whole+0x1eb/0x2d0
[  273.896164][T15547]  bdev_open+0x289/0x860
[  273.900438][T15547]  blkdev_open+0x258/0x290
[  273.904869][T15547]  do_dentry_open+0x621/0xa20
[  273.909561][T15547]  vfs_open+0x38/0x1e0
[  273.913675][T15547]  path_openat+0x1b1c/0x2000
[  273.918279][T15547]  do_filp_open+0x115/0x240
[  273.922807][T15547]  do_sys_openat2+0xaa/0x110
[  273.927509][T15547]  __x64_sys_openat+0xf8/0x120
[  273.932293][T15547]  x64_sys_call+0x1ac/0x2e10
[  273.936897][T15547]  do_syscall_64+0xc9/0x1a0
[  273.941410][T15547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.947322][T15547] 
[  273.949644][T15547] value changed: 0x00000000000005c0 -> 0x00000000000005ba
[  273.956751][T15547] 
[  273.959081][T15547] Reported by Kernel Concurrency Sanitizer on:
[  273.965242][T15547] CPU: 1 UID: 0 PID: 15547 Comm: syz-executor Not tainted 6.15.0-rc2-syzkaller-00404-g8560697b23dc #0 PREEMPT(voluntary) 
[  273.978020][T15547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  273.988084][T15547] ==================================================================
[  274.024826][T16440] loop7: detected capacity change from 16384 to 16383