last executing test programs:

1m33.053653497s ago: executing program 2 (id=106):
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb80, &(0x7f0000000c40)="$eJzs3MtrXFUYAPDv3jyaNrGTiqgtggGpFcVp2hSFrlrXooIuuuyYTErI9GEmggldpHWvLkRcFKR/guDeunAluKgLrX9BEYsU3bQuInce6dBkktjO9PTx+8GZe86c6XzfN5fOPQfmJoAn1kTxkEfsjYiTWUSp9XweEcON3kjESvN1t2+eny5aFqur7/+VRRYRt26en26/V9Y6jrYGIxFx9a0snv50fdz60vJ8pVarLrTGBxdPnztYX1p+fe505VT1VPXMkak3j0y9MTXVw1qvn/vw6xd+eefli5c/m3z3q90/ZXEsxlpznXX0ykRMrH0mnQYjotLrYIkMtOrprDMbTJgQAACbyjvWcM9GKQbizuKtFD/+mjQ5AAAAoCdWByJWAQAAgMdcZv8PAAAAj7n27wBu3Tw/3W5pf5HwYN04HhHjzfrb9zc3ZwZjpXEciaGI2PV3Fp23tWbNf3bfJopI3/1cLVr06T7kzaxciIjnNzr/WaP+8cZd3OvrzyNisgfxJ+4aP0r1H+tB/NT1A/BkunK8eSFbf/3L19Y/scH1b3CDa9e9SH39a6//bq9b/92pf6DL+u+9bcbY9++rV7vNda7/Tnz++0wRvzjeV1H/w40LEfsGN6o/W6s/61L/yW3GGJ2+fqnbXFF/UW+7Pej6Vy9H7I+N62/LNvv7RAdn52rVyeZjlxj7fzhxoFv8zvNftCJ+ey/wIBTnf1eX+rc6/+e2GWP8uT/3dpvbuv78j+Hsg0ZvuPXMJ5XFxYVDEcPZ2+ufP7x5Lu3XtN+jqP+Vlzb//79R/cV3wkrrcyj2Ahdax2J88a6Yo/sPf3vv9fdXUf/MPZ7/L7YZ45vvL33UbS51/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GvKIGIssL6/187xcjhiNiGdiV147W198bfbsx2dmirmI8RjKZ+dq1cmIKDXHWTE+1OjfGR++azwVEXsi4svSzsa4PH22NpO6eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANaMRsRYZHk5IvKI+KeU5+Vy6qwAAACAnhtPnQAAAADQd/b/AAAA8Piz/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKDP9rx45VoWEStHdzZaYbg1N5Q0M6Df8tQJAMkMpE4ASGYwdQJAMvb4QLbF/EjXmR09zwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh9eBvVeuZRGxcnRnoxWGW3NDSTMD+i1PnQCQzEDqBIBkBlMnACRjjw9kW8yPdJ3Z0fNcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHh4jTValpcjIm/087xcjngqIsZjKJudq1UnI2J3RPxWGtpRjA+lThoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICeqy8tz1dqteqCjo6Ozlon9TcTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp1JeW5yu1WnWhnjoTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAILX60vJ8pVarLvSxk7pGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADS+S8AAP//szUGGQ==")
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1200, 0x0, 0x3) (fail_nth: 20)

1m32.537058567s ago: executing program 2 (id=109):
r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={<r2=>0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000001c0)={r2, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xd4}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x85, &(0x7f0000000000)={r2, @in={{0x2, 0x0, @empty}}, 0x0, 0x7ffe}, 0x90)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000340)={r2, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x9c)
openat(r0, &(0x7f0000000100)='./file0\x00', 0x438300, 0x48)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000440)={0xffffffffffffffff}, 0x4)
lseek(r3, 0x4, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="0200000004002b002e7d3276dbc04b5a5a1c0000080000000100000080000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x8, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x4000, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r8, <r9=>0xffffffffffffffff}, &(0x7f00000003c0)=0x18, &(0x7f0000000140)}, 0x20)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000006020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b70300000000ecff850000000400000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
fsetxattr$security_capability(r9, &(0x7f0000000340), &(0x7f0000000540)=@v3={0x3000000, [{0x9, 0x200}, {0x6, 0x2}]}, 0x18, 0x2)
r11 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000015c0), r7)
sendmsg$IEEE802154_LLSEC_SETPARAMS(r7, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001600)=ANY=[@ANYBLOB="388fbe13", @ANYRES16=r11, @ANYBLOB="010025bd7000fedbdf252500000006000400000000000a0001007770616e30000000060006000200000005002b0000000000"], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x8000)
listen(0xffffffffffffffff, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6}, 0x4)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='kfree\x00', r12}, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001640)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r5, @ANYBLOB="796100180000000000007e"], 0x1c}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x0, &(0x7f0000000000), 0x64, 0x520, &(0x7f0000000740)="$eJzs3UFvI1cdAPD/OPY22c02KXCASpRCi7IrWDtpaBv1UIqE4FQJKPclJE4UxYmj2Gk3UUUT8QGQEAIkTnDhgsQHQEKVuHBESJXgDAIEQrALBw6wg2yPs1nHTry73jgb/37SZN68mef/e45mPG/maSaAkfV8RLwREXfTNL0eEVNZfi6bYr81Nba7c/vdpcaURJq+9Y8kkiyv/VlJNr+SFRuPiK99OeKbyfG4td299cVKpbydLZfqG1ul2u7ejbWNxdXyanlzfn7ulYVXF15emB1IO69GxOtf/Mv3v/PTL73+y8++88ebf7v2rUa1JrP1R9vxgPInrWw1vdD8Lo4W2H7IYOdRvtnCzES3LcaO5Rw85joBANBd4xz/QxHxqYi4HlMxdvLpLAAAAPAESj8/Gf9NItLuLvXIBwAAAJ4gueYY2CRXzMYCTEYuVyy2xvB+JC7nKtVa/TMr1Z3N5dZY2eko5FbWKuXZbKzwdBSSxvJcM31v+aWO5fmIeCYivjc10VwuLlUry8O++AEAAAAj4kpH///fU63+PwAAAHDBTA+7AgAAAMBjp/8PAAAAF5/+PwAAAFxoX3nzzcaUtt9/vfz27s569e0by+XaenFjZ6m4VN3eKq5Wq6vNZ/ZtnPZ5lWp163OxuXOrVC/X6qXa7t7NjerOZv3m2n2vwAYAAADO0DOfeP/3SUTsvzZxsP/aRDPvUn9F+9wMOK/yh6kkm3fZrf/wdGv+5zOqFHAmxoZdAWBo8sOuADA0hWFXABi65P7FY92CnoN3fpPNPzn4OgEAAIM187HD+//Rcf9/PHdiyf2TVwPnnp0YRpf7/zC6mvf/+x3J62QBLpSCMwAYeUfu/6fvdVl/6v3/U6Xpg9cKAAAYpMnmlOSK2eW9ycjlisWIq83XAhSSlbVKeTYino6I300VnmoszzVLJp1jhgEAAAAAAAAAAAAAAAAAAAAAAACAHtI0iRQAAAC40CJyf01+1XqW/8zUi5Od1wcuJf+ZiuwVoe/86K0f3Fqs17fnGvn/PMyv/zDLf2kYVzAAAABgJDzQC/zb/fR2Px4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABunO7XeX2tNZxv37FyJiulv8fIw35+NRiIjL/0oi31F2bADxJxp/PtotftKo1mHIzvhJu+wj2j84MX5MZ99Ct/hXBhAfRtn7jePPG932v1w835x33//yEceORw+j9/EvDo9/Yz32/6t9xnj2g5+XesY/iHg23/34046f9Ij/Qp/xv/H1vb1e69IfR8x0/f1J7otVqm9slWq7ezfWNhZXy6vlzfn5uVcWXl14eWG2tLJWKWd/46kuMb778V/cPan9l3vEnz6l/S/22f7/fXDr9odbyUK3+Nde6BL/1z/JtjgeP5f99n06SzfWz7TT+630Uc/97LfPndT+5R7tP+3/f63P9l//6rf/1OemAMAZqO3urS9WKuXtC5to9NLPQTUkzmHivYF+YJqmaWOfeoTPSeI8fC3NxLCPTAAAwKDdO+kfdk0AAAAAAAAAAAAAAAAAAABgdJ3F48Q6Y+4fppJBPEIbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAg/h8AAP//ZLnbZQ==")

1m32.200126107s ago: executing program 2 (id=121):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r1, 0x0, 0x0)
r2 = signalfd(r0, &(0x7f0000000000)={[0x3]}, 0x8)
syz_emit_ethernet(0x16, &(0x7f0000000080)={@multicast, @empty, @void, {@llc_tr={0x11, {@snap={0xaa, 0x0, "0f", '~b^'}}}}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r1)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000140)={'syztnl1\x00', &(0x7f00000003c0)={'erspan0\x00', <r3=>0x0, 0x40, 0x10, 0x89, 0x1, {{0x25, 0x4, 0x2, 0x24, 0x94, 0x68, 0x0, 0xf, 0x2f, 0x0, @multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@ssrr={0x89, 0x13, 0xba, [@loopback, @rand_addr=0x64010100, @multicast2, @dev={0xac, 0x14, 0x14, 0x32}]}, @ssrr={0x89, 0x23, 0x8a, [@broadcast, @empty, @multicast2, @remote, @local, @broadcast, @private=0xa010100, @initdev={0xac, 0x1e, 0x0, 0x0}]}, @noop, @end, @timestamp_addr={0x44, 0x3c, 0xee, 0x1, 0x4, [{@rand_addr=0x64010102, 0x4}, {@rand_addr=0x64010101, 0xfffff001}, {@private=0xa010102, 0x3}, {@remote, 0x2}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x2}, {@broadcast, 0x5}, {@broadcast, 0x8}]}, @timestamp_prespec={0x44, 0xc, 0xe5, 0x3, 0x5, [{@dev={0xac, 0x14, 0x14, 0xd}, 0x5}]}]}}}}})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), r1)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000980)={r2, 0xe0, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f00000006c0)=[0x0, 0x0, 0x0], ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x8, 0x5, &(0x7f0000000700)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000740)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x5b, &(0x7f0000000780)=[{}], 0x8, 0x10, &(0x7f00000007c0), &(0x7f0000000800), 0x8, 0x81, 0x8, 0x8, &(0x7f0000000840)}}, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_GET(r4, &(0x7f0000000b40)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000b00)={&(0x7f0000000c40)=ANY=[@ANYBLOB="08010000", @ANYRES16=r5, @ANYBLOB="000228bd7000fcdbdf2513000000200001801400020076657468315f766c616e00000000000008000100", @ANYRES32=r3, @ANYBLOB="300001800800010064c5ba96363ede3279b651b84a680a69a6c68262b9a09a911fb1be14d6c636282ef2ee093bae532be56703d3333be0b0ada635b088b61f11a4f356c64e0ad3b4e4f17cb970e4d87d49e9bcac30d1f73713c46335e497be82c0cb45a9c2b616a0502f82d1ff576642f4b050a0babc9a517d9501aa182d0ea9d2ff042710208c0fb70675a89957620e38c50382da4b3359b217f47d7722477b6e2bdfbc84278699a0cedb3e735994d452c1c3be50245a34ddb6cab51743a37273cd2c20a465fd13637e7e6bc3d1065c4bfa14c1205cb1f0915cdc4d679f", @ANYRES32=r6, @ANYBLOB="0800030003000000140002006261746164765f736c6176655f31000008000300010000002c0001801400020070696d36726567300000000000000000140002007663616e30000000000000000000000078000180140002007665746831000000000000000000000008000100", @ANYRES32=r3, @ANYBLOB="140002006970766c616e3000000000000000000008000100", @ANYRES32=r3, @ANYBLOB="08000100", @ANYRES32=r3, @ANYBLOB="08000100", @ANYRES32=r3, @ANYBLOB="0800030002000000140002006772657461703000000000000000000008000100", @ANYRES32=r3, @ANYBLOB="0800030002000000"], 0x108}, 0x1, 0x0, 0x0, 0x40080}, 0x44000)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020300020d0000000000000000000000030006000b0a000002000000ac141436000000000000000002000100000000000000090000000000030005000000000002000000ac1414aa0000000000000000020008000800000034"], 0x68}, 0x1, 0x7}, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0x0)
r8 = inotify_init()
inotify_add_watch(r8, &(0x7f0000000000)='./file0\x00', 0xa000032a)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x140)
perf_event_open(&(0x7f00000003c0)={0x7, 0x80, 0x36, 0x1, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x6, @perf_bp={0x0}, 0x4ec0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mbind(&(0x7f00005f7000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x0)
readv(r8, &(0x7f0000000100)=[{&(0x7f00000002c0)=""/256, 0x10}], 0x2)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000200)={'geneve0\x00', <r9=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="3400000a0026f0000000000000000000", @ANYRES32=r9, @ANYBLOB="0006000000000000140012800b00010067656e657665000004000280"], 0x34}, 0x1, 0x2}, 0x0)
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r1, 0x40a85321, &(0x7f0000000b80)={{0x0, 0x7}, 'port0\x00', 0x4, 0x20010, 0x3, 0x101, 0xffffffff, 0x6, 0x8, 0x0, 0x2, 0x6})
r10 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r10, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r11=>0x0})
sendto$packet(r10, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r11, 0x1, 0x0, 0x6, @link_local}, 0x14)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000200)={'gre0\x00', &(0x7f0000000480)={'syztnl2\x00', 0x0, 0x7800, 0x80, 0x9, 0x9, {{0x18, 0x4, 0x0, 0x1b, 0x60, 0x66, 0x0, 0x3, 0x2f, 0x0, @empty, @remote, {[@ssrr={0x89, 0x7, 0xef, [@loopback]}, @timestamp={0x44, 0x14, 0xaa, 0x0, 0x3, [0xe, 0x8, 0x80, 0xffff]}, @lsrr={0x83, 0xb, 0xf7, [@local, @multicast1]}, @end, @lsrr={0x83, 0x1f, 0x8b, [@initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0x13}, @broadcast, @rand_addr=0x64010100, @broadcast, @dev={0xac, 0x14, 0x14, 0xc}, @remote]}, @ra={0x94, 0x4}]}}}}})

1m32.137629074s ago: executing program 2 (id=123):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0) (async, rerun: 64)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1b, 0x80000001, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) (rerun: 64)
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1, 0x21, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000df00850000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async, rerun: 32)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000000)) (async, rerun: 32)
r1 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$pidfd(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000a496000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10) (async)
fcntl$notify(r2, 0x402, 0x29) (async)
readv(r1, 0x0, 0x0) (async)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cgroup.stat\x00', 0x60ff, 0x8cffffff) (async)
ioctl$FITHAW(r2, 0xc0045878) (async, rerun: 32)
r6 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r7 = syz_genetlink_get_family_id$fou(&(0x7f0000000040), 0xffffffffffffffff)
setsockopt$inet_int(r5, 0x0, 0x13, &(0x7f00000001c0)=0x7fffffff, 0x4) (async)
sendmsg$FOU_CMD_GET(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r7, 0x1, 0x70bd29, 0x25dfdbfe, {}, [@FOU_ATTR_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000040}, 0x8000)
socket$inet6_udp(0xa, 0x2, 0x0) (async)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
r8 = socket$inet6(0xa, 0x1, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff) (async)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r10 = openat$cgroup_procs(r9, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_subtree(r10, &(0x7f0000000040)=ANY=[@ANYBLOB='-4'], 0xc)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r8, 0x29, 0x20, &(0x7f0000000180)={@private2, 0x800, 0x0, 0x2, 0x1}, 0x20) (async)
pselect6(0x40, &(0x7f0000000000)={0x0, 0x9, 0x4000000}, 0x0, &(0x7f0000000080)={0x9}, 0x0, 0x0) (async, rerun: 32)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0) (rerun: 32)

1m32.073379831s ago: executing program 2 (id=126):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000340)={[{@nogrpid}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@jqfmt_vfsv0}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000100)='kfree\x00', r1}, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x111, 0x2}}, 0x20)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000080), 0x62}, {&(0x7f0000000100)="06010000246837f73199aee6fdb9291b3091ec1a2d41d2271b00d8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0x682c}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29c89a2676", 0x1001}], 0x3)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec8500000050000000850000000f00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002400)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000400000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e345c65c26e278ef5b915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d57aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762c295122a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e720c9901de2ebb9000000018e3095c4c5c7a156cec37dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e8f0a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340bdc8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337ac5d58bcb5e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9fae997ccd314000f7477137f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfd0aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5ea3c88d5480efd8329d9a733d8f9ffffff5f91ae162745f6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bc39c1e91c000b85457917dcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a9c1f2dc7e8542422113285b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b4a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef3b398f0e6bb7a30006000000cba12953d58cff0f65fd31fbd9853fd57b97d8e7cdb047acd083d3cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0091245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b05ebf1445ea110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a903375dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689df8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c00000000040000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00122e812a5e37cd52c9eb7336281cb8c6c64c382680fdc8f7eeafce2e993c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710b20f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a656d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba334c83e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaaf56e86d856b3cf79a3f7306436762dd1a08ce873e07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9f30f840f1ba4664f35547cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c67491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a1cc4df1112105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce169117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd803bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfc8c00000000000000afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb56923b0735ab60a539ade786bd6004d0ea3edbd6c49859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3030000000000000059f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee2838903b6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2caa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5cc98d992f3de7d1cdfb24384b9f10f615c87c441dc970ec896a5af6bf69b50a244bc131538c6cfc98a1cae9868c3079bafe69769000000000000000000e99b63029d219cd3545a8426b56554a9f265d3557eefb3602894507c256cb8ee9ebadfecb6afeb84ba757bfa8d00a5af0dd6aa1e8144ef8ef04410d5b7b29a938f488be7eccc5c734cc6a05247142ed647f89bcb5c043acfb382b9cc918bc3cdc368983157851cdf678800aa7eb2a6cb00000000000000000000f4e1b774d0732ede6385923110ae01da6437a9b7a01b2d8c6afdcf15fd0040393ed3f2d3bf40285c414df6ddaab8e27b4c0028bd945d6e622017b2d96c978859fc2917951c5662b325f7fead9c68f9df5ef9f401a2127dc1d386022cdf8a786b02d0a7a74f7c7564e993772bacf42831528fa72bbb64cbe93d2ce0ff64ec7499e7d4c326d1497916ce58b283ff659db3ef576a74571a2bc325e87a72a3ed27a57efe5d6016193ea3d6c63fb777ca5aec649e977443cbe3603ebf1a3b1f705b6f576fe7a6bfa7f20036821615b808c442658d069434c8fb423dd1e5673b61f867e042172654f48c3aa8464e8f75f93b5660f6449b93a5957198ee5c258f04edd640b77f3a49b01230a2a863d4a8d69ebbd0cffbae7602956090f6681131b7ced5ac86f330282f1e3a435a915a790dd88e2220c7904457576c4e0942ccbd07f1cd9c04645ae4c77bcd2f95b263b7495bd56a99536092c1fc86b32d9e57d1d7627ec3390ffa7d4f229a071639f4d61bf0030b4f9ee0533d8c5ce2e06b98e859df68e9491b1a708c60baa367370b2cd91b56b537425ed74d811ff4e07f53abeb164a"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001ac0)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
creat(&(0x7f0000000140)='./file2\x00', 0x1ad)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
write$cgroup_devices(0xffffffffffffffff, &(0x7f0000000200)=ANY=[@ANYBLOB="62200b1c"], 0x9)
unlink(&(0x7f0000000180)='./file1\x00')

1m31.535167044s ago: executing program 2 (id=131):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x24000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb7030000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3, &(0x7f0000000000)=0x5, 0x8, 0x0)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f00005e2000/0x3000)=nil, 0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000100000100c28000050003"], 0x48}}, 0x40000)

1m31.534828294s ago: executing program 32 (id=131):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5, 0x24000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb7030000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3, &(0x7f0000000000)=0x5, 0x8, 0x0)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f00005e2000/0x3000)=nil, 0x3)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0}, 0x18)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800b0001006d61637365630000180002800c0004000100000100c28000050003"], 0x48}}, 0x40000)

15.06251534s ago: executing program 4 (id=1459):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="160000000000000400d35e50202466d1274150e6d8418b58b2d10c794a2b404ff8f3d2280bb8d2d0e048812b0e99708cc7cf8c704c4200", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0xffffff14, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000010008105e9c51c000000000000000000", @ANYRES32=r4, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100000000000c0002000c0000000d00000008000500", @ANYRES64=r2], 0x50}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0xffb7, &(0x7f0000000180)={&(0x7f0000000780)=ANY=[@ANYBLOB="500000001000810500"/20, @ANYRES32=0x0, @ANYBLOB="01000000000000002800128009000100766c616e000000001800028006000100030000000c0002001c0000000f00000008000500", @ANYRES32=r2], 0x50}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1)
socket$inet_smc(0x2b, 0x1, 0x0)
r7 = memfd_secret(0xdc10baeef0720935)
sendmsg$AUDIT_USER_AVC(r7, &(0x7f0000000600)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000540)={0x64, 0x453, 0x400, 0x70bd26, 0x25dfdbfc, "d58807100440cd02abd5eb484f2bb298e7aea89cd7a4b8cdd51b75129ca49062c3d57c80af6078b4b611de3f89909ea9c26d45436ea2988e5115365d94fc9d351eb33ccaf68d8ce356c5f4dd3f3a85f0f3", ["", "", "", "", "", "", ""]}, 0x64}, 0x1, 0x0, 0x0, 0x10}, 0x40000)
setsockopt$inet_sctp6_SCTP_EVENTS(r7, 0x84, 0xb, &(0x7f00000004c0)={0x5, 0x5f, 0x2, 0x5, 0xf8, 0xb8, 0x2, 0xd, 0x1, 0xce, 0x7, 0x5, 0x3}, 0xe)
getpeername$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000200)=0x14)
r9 = ioctl$NS_GET_PARENT(0xffffffffffffffff, 0xb702, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000280)=@newlinkprop={0xe4, 0x6c, 0x300, 0x70bd28, 0x25dfdbfe, {0x0, 0x0, 0x0, r8, 0x4a008, 0x48000}, [@IFLA_IFNAME={0x14, 0x3, 'bridge0\x00'}, @IFLA_IFALIAS={0x14, 0x14, 'veth1_macvtap\x00'}, @IFLA_OPERSTATE={0x5, 0x10, 0x8}, @IFLA_NET_NS_FD={0x8, 0x1c, r9}, @IFLA_PHYS_SWITCH_ID={0x22, 0x24, "3b1f5dbea66be1d9fbc049e018bd1732e4ef11c7da3b391e7c568ba4faa4"}, @IFLA_IFNAME={0x14, 0x3, 'veth1_virt_wifi\x00'}, @IFLA_IFNAME={0x14, 0x3, 'team_slave_0\x00'}, @IFLA_PROP_LIST={0x40, 0x34, 0x0, 0x1, [{0x14, 0x35, 'dvmrp0\x00'}, {0x14, 0x35, 'pim6reg1\x00'}, {0x14, 0x35, 'ip6gre0\x00'}]}]}, 0xe4}, 0x1, 0x0, 0x0, 0x81}, 0x40)

14.999260697s ago: executing program 4 (id=1461):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x1, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000000)=0x7f, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000600)={'veth0_to_team\x00', <r2=>0x0})
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x200, 0x4)
sendto$packet(r1, &(0x7f00000000c0)="3f030e0033e6120306001e0089e9aaa911d7c2290f0086dd1327c9167c64114a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe94f, 0x0, &(0x7f0000000540)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
lsetxattr$security_capability(&(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000180)=@v2, 0x14, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r3, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r5}, 0x10)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000001680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000001700)=ANY=[@ANYBLOB="540200001600010000000000fedbdf25ff0100000000000000000000000000010a0101010000000000000000000000004e2200004e2300000a00200021000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fc0000000000000000000000000000000000000033000000e0000002000000000000000000000000060000000000000019d000000000000009000000000000000000000000000000000000000000000008000000000000000000000000000000ff030000100000000300000000000000ffffffff00000000ffffff7f000000000900000000000000000000007f000000070000002bbd7000000000000200013f000000000000000001000000060000002c001300200100000000000000000000000000010000000000000000000000020000001c00040003004e204e210000fe"], 0x254}}, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r7, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r3, &(0x7f0000000200)=@file={0x0, './file1\x00'}, 0x6e)
connect$unix(r3, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
accept(r3, 0x0, 0x0)
fchownat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x1000)

14.729348018s ago: executing program 4 (id=1472):
sched_setscheduler(0x0, 0x1, 0x0)
getpid() (async)
r0 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010802, &(0x7f0000000100)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x5}}]}, 0x1, 0x638, &(0x7f0000000240)="$eJzs3U1vVFUfAPD/nU5faJ/naSFPVFxIE2MgUVpawBBjIuwJwZedbiotBCmU0BotIaEkuDFx54LElQvxY0jCli/gwsS4MibEKAsxRMbc27nT2+lM6dt0yvT3Sy495972nnNL/3POPXPOnQB2reGIGImI/RFxNYkYLBwrZ/+Wsm9Kv+/RHzfOpVsSlcr7vydx42ayUDxXUv06UP3hfwYXd+3rWlnu7Pz1SxPT01PXqvnRuctXR2fnrx++eHniwtSFqSvjb46fOH7s+ImxI5u6vr2F9Onbn3w2+OWZD7/75kky9v1PZ5I4mV5dJr2uarKSX0fvpkpOf2fDUVn0uLg//b2e2OS5d4q/BvO/kyVJ/Q52tDQGuiPixRiMrsL/5mB88W5bKwa0VNrYVYBdKtlQ/PdtfUWAbZb3A/J7+8J98Goa3NEDz5uHpxYHpBZjvzsi8vgvZ2N+EX3Z2ED/o2TZOE8SEZsbmVuUlvHg/pnb6RbLx+GAFlu4lY9y17f/SRabQ9GX5foflZbFf6mwpfvfW0+hPUvJ4bpD4h+2z8KtiHip2v73xHrivxyF+P94g+WLfwAAAAAAANg6905FxBuN5v+VavN/ehrM/xmIiJNbUP6z3/8r5Uv0ki0oDih4eCri7Ybzf/Owi6Guau6/2XyA7uT8xempIxHxv4g4FN29aX6s7rylQvrwV/vuNCu/OP8v3dLyH9wvTi8u/VauW4g7OTE34dUANu/hrYiXs/m/B6p7ls//Sdv/pEH7n8b31TWWse+1u2eL+UqlcjNPN47/xbnAQGtVvo042LD9X2pgk9WfzzGa9QdG817BSq88KSw0qiP+oX3S9r+/efzXet615/XMru/8PRFxdL7cLPzXEP+N+/89yQddUVhK8PnE3Ny1sYie5PTK/ePrqzN0qjwe8nhJ4//Qq6uP/9X6/4U43BMRC2ss84WnA780O6b9h/ZJ439y9f7/UFJt/yNr/2sdgTUnxu8O/ZCdqcFz4c6uqf0/lrXph6p7svE/oKq0Ys9aA7Qt1QUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA51wpIv4TSWmkli6VRkYiBiLi/9Ffmp6ZnXv9/MynVybTY9nn/5fyT/odXMwn+ef/DxXy43X5oxGxNyK+7tqT5UfOzUxPtvviAQAAAAAAAAAAAAAAAAAAYIcYyNb8V3rr1/+nfu1qd+2AlitXvz4j3vu2oy7A9ipv+CcrvVtaEWDbbTz+gefd2uO/u6X1ALZf8/h//KSSyfNJUjz6Z4vrBbSe/j/sXhuMf28PQgdoEP/D7agHsN1WHdO7U0t59x86kvt/AAAAAADoKHsP3PsxiYiFt/ZkW6qnesxkf+hspXZXAGgbc3hh9yrPtLsGQLu4xweW1vX/XWl0vPns/6Q1FQIAAAAAAAAAAAAAVji43/p/2K1WX/9vbj90slXW/zcKfo8LgA7S/KM/tP3Q6dzjA89q7a3/BwAAAAAAAAAAAIAdoO/6pYnp6alrs/ObTETEz5UkYrPnaZL4qMGhd1pUVksTCxM7ohpbmnjamjN3R8TOuMCWJ7oiorAnfwRHGyvW5tclAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5t8AAAD//wB1KIo=") (async, rerun: 64)
r1 = socket(0xa, 0x3, 0x2)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000040)={'wg0\x00', <r2=>0x0}) (async)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x54e, &(0x7f00000014c0)="$eJzs3c9vHFcdAPDvjH+sm6ZxAj1ABSRAIaAou/Gmjape2lxAqKqEqDggDqmxN5bJbjZk16U2kXD/hiKBxAn+BA5IHJB64sCNIxIHhFQOSAEsUIwE0qKZHf+ovcaLd73bej8faTLz5s3M973Ys+/t2/W8ACbWlYjYjIjZiHgzIuaL/UmxxKvdJTvuydajpe2tR0tJdDpv/C3J87N9+QmlvWs+XVxzLiK+8dWI7ySH47bWN+4t1uu1h0W60m48qLTWN66vNhZXaiu1+9XqrYVbN166+WJ1aHW93PjF46+svvbNX//q0+//bvPLP8iKdb7I263HkHWrPrMbJzMdEa+dRrAxmCrWs2MuByeTRsTHIuJz+f0/H1P5bycAcJZ1OvPRmd+fBgDOujQfA0vSckSkadEJKHfH8J6Nc2m92Wpfu9tcu7/cHSu7GDPp3dV67cal0h++lx88k2TphTwvz8/T1QPpmxFxKSJ+VHoqT5eXmvXl8XR5AGDiPb2//Y+If5bStFzu69Qen+oBAB8Zc+MuAAAwctp/AJg82n8AmDx9tP/Fh/2bp14WAGA0/r/3/xdOrRwAwOgY/weAyaP9B4CJ8vXXX8+Wznbx/Ovlt9bX7jXfur5ca90rN9aWykvNhw/KK83mSv7MnsZx16s3mw8WXoi1tyvtWqtdaa1v3Gk01+637+TP9b5TmxlJrQCA/+XS5fd+n0TE5stP5Uvsm8tBWw1nWzruAgBjMzXIyToI8JFmti+YXH014Xkn4benXhZgPHo+zHuu5+YH/aS7erefIL5nBB8qVz/Z//i/OZ7hbDH+D5PrZOP/rwy9HMDoGf+HydXpJAfn/J/dzQIAzqQBvsLX+eGwOiHAWB03mfdxn/8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAJDofEd+NJC3nc4Gn2b9puRzxTERcjJnk7mq9diMiLsTliJgpZemFcRcaABhQ+pekmP/r6vzz5w/mzib/KuXriPj+T9/48duL7fbDhWz/33f3l3amD6vunTfAvIIAwJDl7Xe1WO97I/9k69HSzjLK8jy+Hf8ppiJe2t56lC/dnOnIdkbM5X2Jc/9IYro4Zy4inouIqSHE33wnIj7Rq/5JPjZysZj5dH/8KGI/M9L46Qfip3led511vj4+hLLApHnvdkS82uv+S+NKvu59/8/lr1CDe3y7e7Gd177tffGni0hTPeJn9/yVfmO88JuvHdrZme/mvRPx3HSv+Mlu/OSI+M/3Gf+Pn/rMu68ckdf5WcTV6B1/f6xKu/Gg0lrfuL7aWFyprdTuV6u3Fm7deOnmi9VKPkZd2RmpPuyvL1+7cFTZsvqfOyL+XM/6z+6e+4U+6//zf7/57c/uJUsH43/p871//s/2jN+VtYlf7DP+4rlfHjl9dxZ/+Yj6H/fzv9Zn/Pf/vLHc56EAwAi01jfuLdbrtYcDbWTvQodxnUMbWRH7O3inuzhY0D/FadTihBszp/W/euob07t9xeFe+VvZFXtkpX3+kpxkIx16LQbaeDKqWON7TQJGY++mH3dJAAAAAAAAAAAAAACAo4ziT5fGXUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADOrv8GAAD//xxkzKw=")
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB='\n\x00\x00\x00'], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000640)={{r3}, &(0x7f00000005c0), &(0x7f0000000600)}, 0x20)
r4 = open(&(0x7f0000000040)='.\x00', 0x418601, 0x8)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="3000000010000100"/20, @ANYRES32=r2, @ANYBLOB="00000000e6000000080029000000000008002800"], 0x30}}, 0x0)
connect$unix(r4, &(0x7f0000000880)=@file={0x1, './file0\x00'}, 0x6e) (async)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r5=>r1, {0xf659}}, './file0\x00'})
ioctl$PIO_UNIMAP(r5, 0x4b67, &(0x7f0000000180)={0x6, &(0x7f0000000140)=[{0x7, 0x94}, {0x7fff, 0x57}, {0x5, 0x8000}, {0x5, 0x3}, {0x589, 0x1ff}, {0x1ff, 0x1}]})

14.590534535s ago: executing program 4 (id=1474):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000580)='kfree\x00', r1, 0x0, 0x40}, 0x18)
syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c200000208060001080006040002aaaaaaaaaa00f5b75eb8725f79d8aa00ac"], 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000080), 0x81, 0x7a5, &(0x7f0000000f80)="$eJzs3c9rXNUeAPDvnfxq0r6XPHjwXl0FBA2UTkyNrYKLigsRLBR0bRsm01AzyZTMpDQh0BYR3AgqLgTddO2PunPrj63+Fy6kpWparLiQkTuZSSbNTJq0mZlgPh+4uefcc2/O+c65P87MvcwEcGCNpn8yEUcj4v0kYri2PImIvmqqN+L02nr3V1dy6ZREpfL6r0l1nXurK7lo2CZ1uJb5f0R8907EsczWektLy7NThUJ+oZYfL89dGi8tLR+/ODc1k5/Jz5+cmJw8ceq5Uyf3Ltbff1w+cvuDV57+8vSfb//v5nvfJ3E6jtTKGuPYK6MxWntN+tKXcJOX97qyLku63QAeSXpo9qwd5XE0hqOnmmphsJMtAwDa5WpEVACAAyZx/QeAA6b+OcC91ZVcferuJxKddeeliDi0Fn/9/uZaSW/tnt2h6n3QoXvJpjsjSUSM7EH9oxHx6ddvfp5O0ab7kADNXLseEedHRree/5Mtzyzs1jPbFVYGqrPRBxY7/0HnfJOOf55vNv7LrI9/osn4Z6DJsfsoHn78Z27tQTUtpeO/FxuebbvfEH/NSE8t96/qmK8vuXCxkE/Pbf+OiLHoG0jzE9VVmz8FNXb3r7ut6m8c//324VufpfWn8401Mrd6BzZvMz1VnnrcuOvuXI94ordZ/Ml6/yctxr9nd1jHqy+8+0mrsjT+NN76tDX+9qrciHiqaf9v9GWy7fOJ49XdYby+UzTx1U8fD7Wqf6P/B6rztP76e4FOSPt/aPv4R5LG5zVLu6/jhxvD37Yqa9z/m8fffP/vT96opvtry65MlcsLExH9yWtbl5/Y2Laer6+fxj/2ZPPjv9X+n6k9G3t+Pbe93tu/fFH7V03jr7rWKv72SuOf3lX/b5Oo1LZ5oOjm/dmeVvXvrP8nq6mx2pKdnP8e0tLH2JsBAAAAAAAAAAAAAAAAAAAAAAAAYPcyEXEkkkx2PZ3JZLNrv+H93xjKFIql8rELxcX56aj+VvZI9GXqX3U53PB9qBO178Ov5088kH82Iv4TER8NDFbz2VyxMN3t4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5vDm3/+/ms6y2bWynwe63ToAoG0OdbsBAEDHuf4DwMGzu+v/YNvaAQB0zq7f/1eS9jQEAOiYHV//z7e3HQBA57j/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQJudPXMmnSp/rK7k0vz05aXF2eLl49P50mx2bjGXzRUXLmVnisWZQj6bK861/EfX1maFYvHSZMwvXhkv50vl8dLS8rm54uJ8+dzFuamZ/Ll8X8ciAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdKy0tz04VCvkFiW0Tg/ujGfsm0Rv7ohn/+ER/12pvPEsMdu8EBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALDP/R0AAP//aHclQg==")
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r2, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0xa00, 0x0, 0x80, 0x100}})
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_tcp_buf(r3, 0x6, 0x23, 0x0, &(0x7f0000000080))
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='kmem_cache_free\x00', r5}, 0x10)
r6 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r6, 0x40042408, r4)
set_mempolicy(0x3, &(0x7f0000000000)=0x5, 0x6)
syz_clone(0x240c7000, 0x0, 0x0, 0x0, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
ioperm(0x0, 0x3, 0x2)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
sendfile(r4, r4, 0x0, 0x7a680000)
truncate(&(0x7f0000000200)='./file2\x00', 0x7)
r8 = socket$packet(0x11, 0x3, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r8, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r9=>0x0})
sendto$packet(r8, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r9, 0x1, 0x0, 0x6, @link_local}, 0x14)

14.278554031s ago: executing program 4 (id=1479):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000180000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000f0850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000640)=ANY=[@ANYBLOB="9feb010018000000000000003400000034000000060000000400000000000007000000000000000000000001050000a2200000000000000001000085100000000000000002000000000000ff00000100da"], 0x0, 0x52, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
socket$can_bcm(0x1d, 0x2, 0x2)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)
r3 = creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
write$binfmt_elf32(r3, &(0x7f0000000040)=ANY=[], 0x69)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0xd2080, 0x7a)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r3, 0x4, &(0x7f0000000080)='.*&@{\x00', &(0x7f0000000280)='./file0\x00', r4)

13.490179663s ago: executing program 4 (id=1493):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
listen(0xffffffffffffffff, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r2, 0x0, 0x20000000)
r3 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r3, 0x0, 0x0)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r3, 0x5)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e20, @dev}, 0x10)
sendmmsg(r4, &(0x7f0000002980), 0x400000000000239, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

13.457189156s ago: executing program 33 (id=1493):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
listen(0xffffffffffffffff, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r2, 0x0, 0x20000000)
r3 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r3, 0x0, 0x0)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r3, 0x5)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e20, @dev}, 0x10)
sendmmsg(r4, &(0x7f0000002980), 0x400000000000239, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

1.915535347s ago: executing program 0 (id=1694):
syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x141341)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd09e, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
epoll_create(0x881)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x9, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b708000000005aab7b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00'}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = socket$netlink(0x10, 0x3, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f00000002c0)={0x0, 0x5, &(0x7f0000001200)={&(0x7f0000001080)={0x38, 0x1403, 0x1, 0x700, 0x0, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'syzkaller0\x00'}}]}, 0x38}}, 0x0)

1.72300538s ago: executing program 6 (id=1695):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x73, 0x11, 0xa1}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = creat(&(0x7f0000000180)='./file0\x00', 0x0)
pwritev(r2, &(0x7f0000000280)=[{&(0x7f0000000300)="8a", 0x1}], 0x1, 0x451, 0x6)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0xff], 0x0, 0x0, 0x1, 0x1}}, 0x40)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r3, 0x1, 0x2e, &(0x7f0000000040)=0xfffffffd, 0x4)
close_range(r0, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000300)={[{@mpol={'mpol', 0x3d, {'bind', '', @val={0x3a, [0x30, 0x2d, 0x30, 0x3a, 0x4e, 0x2f]}}}}]})

1.71794448s ago: executing program 0 (id=1696):
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000140)={'pimreg1\x00', 0x8001})
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000200)={[{@abort}, {@jqfmt_vfsv1}]}, 0x1, 0x79c, &(0x7f0000001700)="$eJzs3c9rXNUeAPDvnck0Tdr3kgcP3qurgKCB0ompsVVwUXEhgoWCrm2HyTS0mWRKZlKaELBFBDeCFheCbrquWndu/bHV/8KFtFSbFisuJHInM+00mUmTJpkp5POB255zf53zvef+OJN7mAlgzxpJ/8lEHIqIj5OIocb8JCJy9VRfxInV9e4vLxXTKYmVlbd/T+rr3FteKkbLNqkDjcz/I+KHDyIOZ9aXW11YnC6Uy6W5Rn6sNnNhrLqweOTcTGGqNFWaPTY+MXH0+EvHj+1crH/8vHjw1idvPP/1ib/e/9+Nj35M4kQcbCxrjWOnjMRI45jk0kP4iNd3urAeS3pdAZ5IemlmV6/yOBRDka2nOhjoZs0AgN3yXkSsAAB7TOL5DwB7TPPvAPeWl4rNqbd/keiu269FxP7V+JvvN1eX9DXe2e2vvwcdvJc88mYkiYjhHSh/JCK++PbdL9Mpduk9JEA7l69ExJnhkfX3/2TdmIWtemET66x92+z+B93zXdr/ebld/y/zoP8Tbfo//c2xY9u0dh/rr//MzR0opqO0//dqy9i2+y3xNwxnG7l/1ft8ueTsuXIpvbf9OyJGI9ef5sc3KGP07t93Oy1r7f/duXr+elr+nWxcf7hG5mZf/yObZLcV8Bq3r0Q809cu/uRB+ycd+r+nNlnGm698+HmnZWn8adzNqR7/1fPXtxXUFqxci3iubfs/HNGWtBufOJVrjE8cq58OY82Too1vfvlssFP5re2fTmn5zc8C3ZC2/+DG8Q8nreM1q1sv46drQ993XJh5XPzrzv+YLNQK+5J36ul9jXmXCrXa3HjEvuSt9fOPPty2mW+un8Y/+mz763+j8z/9THhmk/H33frtq07Lnob2n9xS+289ceP+dMd71uPjT9t/op4abcxJ2/9xcW22gts5dgAAAAAAAAAAAAAAAAAAAAAAAACwWZmIOBhJJv8gncnk86u/4f3fGMyUK9Xa4bOV+dnJqP9W9nDkMs2vuhxq+T7U8cb34TfzR9fkX4yI/0TEp/0D9Xy+WClP9jp4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGg40OH3/1O/9ve6dgDArtnf6woAAF3n+Q8Ae8/Wnv8Du1YPAKB7fP4HgL3H8x8A9h7PfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbZqZMn02nlz+WlYpqfvLgwP125eGSyVJ3Oz8wX88XK3IX8VKUyVS7li5WZjju6vPpfuVK5MBGz85fGaqVqbay6sHh6pjI/Wzt9bqYwVTpdynUtMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYvOrC4nShXC7NbSeR7mgn9tOtRP/TUQ2JriaysXtF5OKJNs9GRK8Py0YXddNAz+5PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+7fwIAAP//IIQicg==")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1, 0x10012, r1, 0x0)
ioperm(0x0, 0x3, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = gettid()
r3 = timerfd_create(0x0, 0x0)
read(r3, &(0x7f0000000240)=""/123, 0x7b)
inotify_init1(0xc0000)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan4\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, @void, @value}, 0x94)
ioctl$SIOCX25SFACILITIES(r0, 0x89e3, &(0x7f00000001c0)={0x37, 0x3, 0x5, 0x9, 0x9, 0x81})
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))

1.704944002s ago: executing program 6 (id=1698):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008bd6000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x66, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008bd6000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x66, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000340)='io_uring_register\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='ext4_es_lookup_extent_enter\x00', r2}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='ext4_es_lookup_extent_enter\x00', r2}, 0x10)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@discard}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x1, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='ext4_es_lookup_extent_enter\x00', r4}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='ext4_es_lookup_extent_enter\x00', r4}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r5 = io_uring_setup(0x17ba, &(0x7f00000004c0))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r5, 0x11, &(0x7f00000002c0), 0x2) (async)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r5, 0x11, &(0x7f00000002c0), 0x2)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r6}, 0x10)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) (async)
perf_event_open(&(0x7f0000000180)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
syz_clone(0x22023500, 0x0, 0x0, 0x0, 0x0, 0x0)

1.337808484s ago: executing program 6 (id=1703):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000b00)={r1, 0xe0, &(0x7f0000000940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, &(0x7f00000005c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x2, 0x7, &(0x7f0000000780)=[0x0, 0x0], &(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xdf, &(0x7f0000000800)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000880), &(0x7f00000008c0), 0x8, 0xf4, 0x8, 0x8, &(0x7f0000000900)}}, 0x10)
sendmsg$nl_route_sched_retired(r3, &(0x7f0000000c40)={&(0x7f0000000540)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000c00)={&(0x7f0000000b40)=@delqdisc={0xac, 0x25, 0x300, 0x70bd2b, 0x25dfdbfe, {0x0, 0x0, 0x0, r4, {0x9, 0x1}, {0xe, 0xffe0}, {0x0, 0xf}}, [@q_dsmark={{0xb}, {0x1c, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x6}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}]}}, @q_dsmark={{0xb}, {0x2c, 0x2, [@TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_SET_TC_INDEX={0x4}, @TCA_DSMARK_INDICES={0x6}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x1000}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x24}, @TCA_DSMARK_DEFAULT_INDEX={0x6}]}}, @q_dsmark={{0xb}, {0x1c, 0x2, [@TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0x9}, @TCA_DSMARK_INDICES={0x6, 0x1, 0x24}, @TCA_DSMARK_DEFAULT_INDEX={0x6, 0x2, 0xfff7}]}}]}, 0xac}, 0x1, 0x0, 0x0, 0xc800}, 0x4008010)
syz_io_uring_setup(0x5169, &(0x7f0000000200)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000000))
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB="00000000000000000000000000994d0000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r5 = syz_open_procfs(0x0, &(0x7f0000000080)='net/udplite6\x00')
pread64(r5, &(0x7f00000031c0)=""/4119, 0x1017, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f00000003c0)=ANY=[@ANYRES8=r0, @ANYRESOCT=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r6}, 0x10)
chmod(&(0x7f0000000180)='./file0\x00', 0x0)

960.819819ms ago: executing program 3 (id=1708):
syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x141341)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd09e, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
epoll_create(0x881)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x9, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b708000000005aab7b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00'}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = socket$netlink(0x10, 0x3, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f00000002c0)={0x0, 0x5, &(0x7f0000001200)={&(0x7f0000001080)={0x38, 0x1403, 0x1, 0x700, 0x0, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'syzkaller0\x00'}}]}, 0x38}}, 0x0)

955.797899ms ago: executing program 6 (id=1709):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x1, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000000)=0x7f, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000600)={'veth0_to_team\x00', <r2=>0x0})
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x200, 0x4)
sendto$packet(r1, &(0x7f00000000c0)="3f030e0033e6120306001e0089e9aaa911d7c2290f0086dd1327c9167c64114a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe94f, 0x0, &(0x7f0000000540)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
lsetxattr$security_capability(&(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000180)=@v2, 0x14, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r4}, 0x10)
fchownat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x1000)

854.690501ms ago: executing program 0 (id=1711):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xfe, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f00000700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/23], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
utime(&(0x7f0000001140)='./file0\x00', 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
add_key(&(0x7f0000000280)='rxrpc\x00', 0x0, &(0x7f0000000100)="01000000020000000000006bb55a2a630b00c145f94cd977", 0x18, 0xffffffffffffffff)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r4, 0xc004743e, &(0x7f0000000140))
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000300)='./file0\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='nonumtail=0,iocharset=cp950,umask=00000000000000000000000,uni_xlate=1,uni_xlate=1,shortname=win95,utf8=0,shortname=win95,utf8=1,uid=', @ANYRESHEX, @ANYBLOB="2c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c696f636861727365743d6d616363726f617469616e2c696f636861727365743d63703433372c757365667265652c726f6469722c7569643e74353a7bd912f41b207e4bc4478b479f5a21373fd412d72f65702b57308921a665e19ef4cc41aac5e7c09d211fd4c1fbf43833c769c6b16297c14d0d92df4f0371acd1b184d6", @ANYRES16, @ANYRESHEX=0x0], 0x6, 0x2c0, &(0x7f0000000940)="$eJzs3T9rJGUYAPBndjezqxabwkoEB7SwOi7X2myQHBxupWyhFnp4dyDZRUgg4B8cU9naWPoJBMHOL2HjJ1CwFe1MERiZ2Rl3s+4fV7NGvd+vyZN33uf9lzcJKebJ289Ojh9k8ej8ox+i10uiNYhBXCSxH61ofBJXDD4LAOC/7KIo4pdiapu8JCJ6u1sWALBDW//+/3rnSwIAduy119945XA4PHo1y3pxd/Lp2aj8y778OH1++CjejXE8jNvRj8uI4nfT+G5RFHknK+3HC5P8bFRmTt76th7/8KeIKv8g+rFfNV3Nvzc8OqjSszQimvy8XMeT9fyDMv9O9OPpJfPfGx7dmeZnc/PnMUrjxefn1n8r+vHdO/FejONBtYhZ/scHWfZy8fmvH75ZLq/MT/KzUbfqN1O0F8+uu/svDwAAAAAAAAAAAAAAAAAAAAAA/1O36to53ajq95RNdf2d9mX5yV5kjfn6PnlTHyhpBpqrD5RGUeRFfNHU17mdZVlRd5zld+KZTnRuZtcAAAAAAAAAAAAAAAAAAADw73L6/gfH98fjhyfXEjTVAJrX+v/qOIO5ludifefubK5WHa4ZOdpNnyRi1TKS8ljKTVzTsWwKnli15i+/2nbA3uY+e+vOZxp04u/tq7ldx/eT5WfYjaal11ySb+b7pFEF3/+8aa501aNiyfW7WDlOWgatxUf9q53bm/eePlUF+Zo+kaz7vnjpx+nJ1S3J4i7S6lSXpu/VwVz6wt3Y6j7/8WdFoloHAAAAAAAAAAAAAAAAAADs1Oyl3yUPz9emtoruzpYFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+o2f//3yLI6+Q/0TmNk9Mb3iIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACPgd8CAAD//1pUXmc=")
mount$bpf(0x0, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000240), 0x8882, &(0x7f0000000680)={[{@gid}, {@mode={'mode', 0x3d, 0x8}}, {}]})
syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
openat2(0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x400040, 0xd98f344abe25da01, 0x5}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1200000009000000080000000200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000b000000000000000000000000000000000000000000210556013261fc8d520864e83effa4525840fea71209f3528220fc2a9ff0b84e73ded78bf527a4e25536af6efb9778ffad8cfd1f543dac371a3a9ce2a9c6c2fc9e736ed669e48496a1a40fc060ee08a3d0703edd317e8549027559f84bb802b9992eeb705e740400000000000000c568928d672bc3423667eccd74ed3ffa76883406894e626120d1604ae42d044c41a492fce7f111"], 0x50)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
io_uring_setup(0xd17, &(0x7f0000000300)={0x0, 0x20000, 0x0, 0x0, 0x100})
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f0000000200))
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x48, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r6, 0x0, 0x5}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x204092, &(0x7f0000000480), 0x6, 0x50d, &(0x7f00000006c0)="$eJzs3U1vI3cZAPBnHLubbQNOWw6lEtvQF2URrJM0fYk4lEbi5VQJUe7ZkDhRFCdeJU67iVaQfgIQqgCJC5y4IPEBkFA/AkKqBDcOnEAVZOmBCzIae9xNHDs4Wsezm/x+0mT+8//Hfp7HiSfzFk8AV9ZURLwdEWMR8UpElLP+QjbFYXtKv+/+0b2VdEqi2Xz3n0kkWV/3cz6VPSz1ve9E/CA5HXd3/2BzuVar7pzsPri1sbW8Xl2vbs/Pz72x8ObC6wuzA1aSFM8afToi3vrmpz/78W++/dYfvvb+35b+cfOHaVq3s/FedQxDu/RSjJ9YvjzS35tiq0IAAB4Hz0bEMxHxYkR8JcoxFmduRgMAAACPoeY3Jq51mgAAAMDlVIiIiUgKlex634koFCqV9jW8X4gnC7X6buOra/W97dV0LGIySoW1jVp1NrtWeDJKSbo812o/WH61a3k+uwb3w/L1dLk1BgAAAIzGYtf+/6fl9v4/AAAAcMn0Phk/NvI8AAAAgIvjYnwAAAC4/Oz/AwAAwKX23XfeSafm/aN7rfsArL63v7dZf+/WanV3s7K1t1JZqe/cqazX6+u1amWA/wio1et3XovtvbszjeJuY2Z3/2Bpq7633Vhq3dd7qfrMCGoCAAAATnr6hY/+kkTE4devt6bUE9lYKdfMgEdIUuzquP3lnDIBhuLcH/IztXcxiQAj1/03Hbg67OMDSXdH14bBeL9NhT92d9z4v7FscwAAQD6mv+j8P1xVhbwTAHLzk7wTAHIz8LH4qYvNAxi9ktv8wZV36vx/l/F+A6fO//fTbJ4rIQAAYOgm2rPDyM4FTkShUKl8dlowWduoVWcj4vMR8edy6Vq6PJdjvgAAAAAAAAAAAAAAAAAAAAAAAADwOGo2k2gCAAAAl1pE4e9Jdv+v6fLLE93HB55I/lNuzSPi/V+++/O7y43Gzlza/6/P+hu/yPpfzeMIBgAAAFxFpTNHO/vpnf14AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABim+0f3VjrTKON+shjXY7JX/GKMt+bjUYqIJ/+dRPHY45KIGBtC/MMPIuK5XvGTNK2YzLLojl+IiOs5x39qCPHhKvtoMSLe7vX+K8RUa977/VfMpof1yWLrTd4zfmf9N9Zn/fe5AWM8//HvZvrG/yDi+WLv9U8nftIn/ksDxr/9/YODfmPNX0dM9/z7k7RnhewbG1t3Znb3D25tbC2vV9er2/Pzc28svLnw+sLszNpGrZp97Rnjp1/6/eGHfetvBzgev1PnZDvDH/Wr/+UB6//vx3ePnm03S6fjR9x8qffP/7nWvPfrn/5OvJK9POn4dKd92G4fd+O3f7rRL7c0/mqf17/98y83H8Qvnqj/5mDlH6/5V4M9BAC4SLv7B5vLtVp1ZwSNF18b3hMmrUa6FTSi5PNudA52PCr5jOcT/VrkW/u3Hvp5OpvDD/M8fx1aXek+Q++hHFdKAADAhXiw0Z93JgAAAAAAAAAAAAAAAAAAAHB1tf7/f+ycHwT4wvk+aaw75mE+pQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnOl/AQAA//9DhsFC")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000380)='xen_cpu_write_ldt_entry\x00', 0xffffffffffffffff, 0x0, 0x1}, 0x18)

854.147971ms ago: executing program 5 (id=1712):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200001400ea00b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = openat$cgroup_devices(r3, &(0x7f0000000240)='devices.deny\x00', 0x2, 0x0)
fchdir(r4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10)
r5 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_msfilter(r5, 0x0, 0x29, 0x0, 0x5000)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'dummy0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=@newqdisc={0xec, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xfff1, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x9, 0x3, 0x7, 0x9, 0x2, 0x4, 0x3}}, {0x4}}]}, @TCA_RATE={0x6, 0x5, {0x7, 0xc}}, @TCA_STAB={0x90, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x8, 0x2, 0xd94, 0x7ff, 0x0, 0x80, 0x3, 0x7}}, {0x12, 0x2, [0x1, 0x0, 0x2, 0xe, 0x8001, 0x7, 0x2]}}, {{0x1c, 0x1, {0x9, 0x7, 0x7f, 0x40ae0d13, 0x1, 0x6d7, 0x3, 0xa}}, {0x18, 0x2, [0x8001, 0xa47, 0x7b, 0x3, 0x10, 0x1, 0x68, 0x401, 0x73a, 0xf]}}, {{0x1c, 0x1, {0xec, 0x9, 0x9, 0x8e8, 0x2, 0x8, 0x1, 0x3}}, {0xa, 0x2, [0xc8c, 0xffff, 0x4]}}]}]}, 0xec}}, 0x0)

804.928267ms ago: executing program 6 (id=1714):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', r1}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f00000005c0)={0x40, 0x0, 0x3}, 0x10)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000c500000001f0ffff95"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x2, &(0x7f0000000200)=[{0x6c, 0x0, 0xfe}, {0x6, 0x0, 0x0, 0x7ffffdbd}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
syz_emit_ethernet(0x3a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x3, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x4, 0x0, @empty, @multicast1}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0)
syz_emit_ethernet(0x83, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r4}, 0x10)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
write$cgroup_subtree(r5, 0x0, 0xfdef)
r6 = socket$tipc(0x1e, 0x2, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8}, 0x10)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001940)=@newtaction={0xe98, 0x30, 0x871a15abc695fa3d, 0x0, 0x0, {}, [{0xe84, 0x1, [@m_pedit={0xe80, 0x1, 0x0, 0x0, {{0xa}, {0xe54, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe50, 0x2, {{{0x0, 0x0, 0x0, 0xe4}, 0x97, 0x0, [{}, {}]}, [{}, {}, {}, {}, {}, {0x448eade7}, {0x0, 0x0, 0x80000000}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffb}, {0x0, 0x0, 0x0, 0x3}, {}, {0x7, 0x1}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {}, {0xfffffffc}, {}, {}, {}, {0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0xfffffffe}, {}, {0xd5}, {0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x10}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffb}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfd2}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xd1e00}, {}, {}, {0x4}, {}, {}, {0x4}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x10000, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xb}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe98}}, 0x4000000)
setsockopt$TIPC_GROUP_JOIN(r6, 0x10f, 0x87, &(0x7f0000000c40)={0x40, 0x0, 0x3}, 0x10)
bind$tipc(r2, 0x0, 0x0)
close(r6)

799.933117ms ago: executing program 3 (id=1715):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000058000000030a01040000000000000000010000000900030073797a300000000028000480080002400000000008000140000000051400030076657468315f746f5f622174616476000900010073797a30"], 0xa0}}, 0x0)

737.841724ms ago: executing program 3 (id=1717):
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000001740)=[{&(0x7f0000001800)="c0b3f641e93358db730fa114ef6fd9c6705352e1b8dfb95390d3ebb8cd73712ed6131a236b661abbe3038b46fa6f7c0f1e5c157cc3b5089582c0ef2a0fb81c4b6d478f7be370faea02f562a6fdead5a874b85495136d707a1cef985f3a56aeab38fa694e94d9e726bc11b61f00000000000000ed469d85cbf48688f6f8b4cd643a32a94ab6ec8efc569356a30a982aeae44ce595e461a425b08c032a84b79b477b410627d19c42cbb08d", 0xaa}, {&(0x7f0000000100)="8323000000a01d39afc62ceefc8936f299eecf", 0x1a}, {&(0x7f0000000180), 0x13}, {&(0x7f00000001c0)="55c1ac6a33bcabcbf05b5674529841f58350038a066a02a6bc9d8c5eecfdbde63fe0ae2f71fe751ba7f269ebe88062259a37084b213e218b5a144b53a81e7cc49a22a19158853dbfabb1be2c6ab892f6083dc94e6a6710e73b7f4d1e2c52f8fe322e59d8020f1b81ca806ad1d02ffb2e82e69cf0a80a05a65dead7c62f7974b805c23351c9b7c340b4b064e60b5a4efdc0833b928d4530831c03a39c7727a1a29aec7354d1c5e9a5aa8af60670eee565ae446b989f81ea74a578a387aec81be9a2fdc25f94c171a3874be3e051956f638cf1f01811ddb63de509efb4008cdeb5cb0644c7cb2c", 0xfd82}, {&(0x7f0000000700)="820566a0e5038adaeacf19e7470234a058fa1a347381c790661dde230dc4150ae23ec76b77396270f45644f86e8d09edab75a26acb1e6209b5be5b40d09ba299b5c626c28448e5f04342e71e03d98aab89bf23721c77e3d1d2553eef61a61dc700000000000010bc27d1586457875f2878644dc8f4c8d47c9edc1bdb46392e3b52895de73f4d8808e1bd71ed7a571dc4f41465e8ad35c2ed5a79d701f8a8e492", 0xa0}, {&(0x7f0000000380)="c77d467908bfdef41403f806aa8abd7163a810e03642f3dea6321a7b21b738ed132db614140e7dc513a4f44adab6b69a9208bc55cf77e018bf5821baa9521cedb29a6d43c72b87ca91a291", 0x4b}, {&(0x7f0000000400)="172aab8be48dffb8c13bbe5b7830bf9c344a13084e2fe8f6dd2605827df7b1ac7b2450cbf05c35253ae54cd33901f51668d716b66c13f6ba284ef2cf01d7bbf939b1d4cab10a1aa86185486095621eae55893ba69c943d96f0d6f95a051299a481dd32a52809b340ef6368464019b9cf147d8af9f1db8c905526aafec152c725543f934aa63e25c407322d061317ca63986f9fbad6810113789ed7701e8ef0e7bdbd1a930b3ee45e55f0092f6fdb6e8e501ad0ea53f16079b866d5bedee8c5408e434a3d98ed6b71aac6756428923db3d6dfaf85336bf481969bfd22f7b49ec349907250ed61c5d23be87ea69afd88a5052001a3eff7d51d950c6ab7d98b8b7981171c34810a3470368d70ef8c68b7147a8be2b04e17dfc96f857b730cdd16cbf68247d48b89c2f53c0da92286209329d41dc6eab764b107ea248af65e2f0866054d3dc4fbd8ab953c12c39847a55f6ac1559b77c87469af69d228d0ac7942d2aee268f072a2d805621da445d3b8256f6072e6681e3da1364555034d26c9f3a39e2d65d1fb267ce48a705a1d7f88e32e433263a00ebb490703cf9da5407587bebadd680e47e06fad881a08a28f8009a649c6a474b9cec32d4446344c168ede4718fca4900ec60ed75d8a382bfccd496ce508b2404f65e04c2ed297fcc450", 0x1de}], 0x7, 0x0)
ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000000)="c052c489f0c31aab945b73010fdffb162f6235d3e98bebdf8a20")

710.665648ms ago: executing program 1 (id=1718):
socket$can_j1939(0x1d, 0x2, 0x7)
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r2 = gettid()
rt_sigaction(0x16, &(0x7f0000000080)={&(0x7f0000000440)="c4a23d0643b9f0430fc079fff3460f1ec9f081035c000000f30faed446a900000000660f7ed238c461915492db8876efa1efa12eb22d233333f30fa7d0", 0x0, 0x0}, 0x0, 0x8, &(0x7f0000000200))
close_range(r0, r0, 0x2)
rt_sigsuspend(&(0x7f0000000000), 0x8)
tkill(r2, 0x16)
syz_io_uring_setup(0x455d, &(0x7f0000000000)={0x0, 0x6acf, 0x10, 0x0, 0x197, 0x0, r0}, &(0x7f00000001c0), &(0x7f0000000100)=<r3=>0x0)
syz_io_uring_submit(r1, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x35, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

687.36051ms ago: executing program 3 (id=1719):
r0 = syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x400c84, &(0x7f0000000340), 0x1, 0x786, &(0x7f0000001900)="$eJzs3c9rHGUfAPDvbJKmTfu+yQsvaL0YEDRQmpgaWwWFigcRLBT0bLtstqFmky3ZTWlCQIsIXgQVD4JeevLgj3rz6o+r/hcexFI1LVY8SGQ2s+2m2U03abIbzecDk32emdl8n+/Or2d3hpkA9qzh9E8u4nBEvJtEDGbjk4joq5V6I06uzndreamQDkmsrLz8a1Kb5+byUiEa3pM6mFUejIhv34o4klsft7KwOJ0vlYpzWX2sOnNhrLKwePT8TH6qOFWcPT4+MXHsxJMnjm9frr//sHjo2nsvPPbFyT/ffODqO98lcTIOZdMa89iyZ9dWh2M4+0z60o9wjefvO9juknS7AWxJumn2rG7lcTgGo6dWAgD+zV6PiBUAYI9JHP8BYI+p/w5wc3mpUB+6+4tEZ11/LiL2r+ZfP7+5OqU3O2e3v3YedOBmsubMSBIRQ9sQfzgiPv7q1c/SIbbrPCRAG964HBFnh4bX7/+TddcsbNbjG0zbl70O3zU+je8MNHTG12n/56lm/b/c7f5PNOn/9DfZdrei2fa/ZsSBbQiygeufRDzTcG3brYb8M0M9We0/tT5fX3LufKmY7tv+GxEj0def1sc3iDFy468braY19v9+e/+1T9P46eudOXI/9/avfc9kvpq/n5wbXb8c8VBvs/yT28s/adH/Pd1mjBeffvujVtPS/NN868P6/CO7OmlnrFyJeLTp8r9zRVuy4fWJY7XVYay+UjTx5Y8fDrSK37j80yGNX/8u0Anp8h/YOP+hpPF6zcrmY3x/ZfCbVtPunX/z9X9f8kqtXO9HXMpXq3PjEfuSl9aPP3bnvZfyD2el1fnT/Eceab79b7T+p98Jz7aZf++1Xz7fev47K81/clPLf/OFq7eme1rFb2/5T9RKI9mYdvZ/7Tbwfj47AAAAAAAAAAAAAAAAAAAAAAAAAGhXLiIORZIbvV3O5UZHV5/h/f8YyJXKleqRc+X52cmoPSt7KPpy9VtdDjbcD3U8ux9+vX7srvoTEfG/iPig/0BSv4/iZJdzBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC6gy2e/5/6qb/brQMAdsz+bjcAAOg4x38A2Hsc/wFg72nv+N+z4+0AADrH938A2Hsc/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANhhp0+dSoeVP5aXCml98uLC/HT54tHJYmV6dGa+MFooz10YnSqXp0rF0UJ55l7/r1QuX5iI2flLY9VipTpWWVg8M1Oen62eOT+TnyqeKfZ1JCsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2JzKwuJ0vlQqzilsobCyO5rR/UJPtjrtlvZ0tJDsjmZsc6HLOyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf4i/AwAA//+3ACFj")
mount(0x0, 0x0, 0x0, 0x0, 0x0)
r1 = open(&(0x7f0000001780)='./bus\x00', 0x64842, 0x0)
lstat(&(0x7f0000000000)='./file1\x00', &(0x7f0000000540))
mkdirat(r0, &(0x7f00000000c0)='./bus\x00', 0x8)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000340)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="160000002e8c6640d54f04000000ff0000000000000028e856b2dd5bce35a9dd5d9048e95949a5464030979800665ef27bed08be049c165524aac2c0fa2f26813a27a2647803f42da7a84e75d82d5db172935a353ab86973a3c5cd30a8a9804d0db2d2299cd7ff73da8866", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x72, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2}, 0x0, &(0x7f0000000040)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
syz_clone3(&(0x7f0000000700)={0x2000a0080, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, {r4}}, 0x58)
bpf$BPF_TASK_FD_QUERY(0x14, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0xfe1b)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x89f1, 0x0)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x35, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_config_ext={0x9, 0x2}, 0x0, 0x3, 0x4, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x6821, 0x0, 0x4, 0x0, &(0x7f0000000000))
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, 0x0)
r5 = open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0)
syz_io_uring_setup(0x7b58, &(0x7f0000000100)={0x0, 0x0, 0x8}, 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x4c02, &(0x7f0000000140))
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="1b00000000a3a880f000a2b6943c4ec1e4c821ca74f7c19c39b0a6fd5a2320fe8bb7abcdb1dfb385e64d7eb47dce13426a2d4556b4b15d7017c74339d2215997383d0d1326ad707bfa8bdb042a0c9af84dd1a2f91e73dccfe1071c689b19f438c29e4f672ddf92d466b46437c48ab09e3d481641c487675e9571f5478d1b792264a8d27177cc8b2d90d95fd7a816a150d0f848", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='kmem_cache_free\x00', r7}, 0x10)
getpeername$packet(r1, &(0x7f00000002c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000300)=0x14)
pidfd_send_signal(0xffffffffffffffff, 0x18, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0xffff)

686.97921ms ago: executing program 5 (id=1720):
chmod(&(0x7f0000000180)='./file0\x00', 0x0)

618.434048ms ago: executing program 6 (id=1721):
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000140)={'pimreg1\x00', 0x8001})
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x0, &(0x7f0000000200)={[{@abort}, {@jqfmt_vfsv1}]}, 0x1, 0x79c, &(0x7f0000001700)="$eJzs3c9rXNUeAPDvnck0Tdr3kgcP3qurgKCB0ompsVVwUXEhgoWCrm2HyTS0mWRKZlKaELBFBDeCFheCbrquWndu/bHV/8KFtFSbFisuJHInM+00mUmTJpkp5POB255zf53zvef+OJN7mAlgzxpJ/8lEHIqIj5OIocb8JCJy9VRfxInV9e4vLxXTKYmVlbd/T+rr3FteKkbLNqkDjcz/I+KHDyIOZ9aXW11YnC6Uy6W5Rn6sNnNhrLqweOTcTGGqNFWaPTY+MXH0+EvHj+1crH/8vHjw1idvPP/1ib/e/9+Nj35M4kQcbCxrjWOnjMRI45jk0kP4iNd3urAeS3pdAZ5IemlmV6/yOBRDka2nOhjoZs0AgN3yXkSsAAB7TOL5DwB7TPPvAPeWl4rNqbd/keiu269FxP7V+JvvN1eX9DXe2e2vvwcdvJc88mYkiYjhHSh/JCK++PbdL9Mpduk9JEA7l69ExJnhkfX3/2TdmIWtemET66x92+z+B93zXdr/ebld/y/zoP8Tbfo//c2xY9u0dh/rr//MzR0opqO0//dqy9i2+y3xNwxnG7l/1ft8ueTsuXIpvbf9OyJGI9ef5sc3KGP07t93Oy1r7f/duXr+elr+nWxcf7hG5mZf/yObZLcV8Bq3r0Q809cu/uRB+ycd+r+nNlnGm698+HmnZWn8adzNqR7/1fPXtxXUFqxci3iubfs/HNGWtBufOJVrjE8cq58OY82Too1vfvlssFP5re2fTmn5zc8C3ZC2/+DG8Q8nreM1q1sv46drQ993XJh5XPzrzv+YLNQK+5J36ul9jXmXCrXa3HjEvuSt9fOPPty2mW+un8Y/+mz763+j8z/9THhmk/H33frtq07Lnob2n9xS+289ceP+dMd71uPjT9t/op4abcxJ2/9xcW22gts5dgAAAAAAAAAAAAAAAAAAAAAAAACwWZmIOBhJJv8gncnk86u/4f3fGMyUK9Xa4bOV+dnJqP9W9nDkMs2vuhxq+T7U8cb34TfzR9fkX4yI/0TEp/0D9Xy+WClP9jp4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGg40OH3/1O/9ve6dgDArtnf6woAAF3n+Q8Ae8/Wnv8Du1YPAKB7fP4HgL3H8x8A9h7PfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbZqZMn02nlz+WlYpqfvLgwP125eGSyVJ3Oz8wX88XK3IX8VKUyVS7li5WZjju6vPpfuVK5MBGz85fGaqVqbay6sHh6pjI/Wzt9bqYwVTpdynUtMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYvOrC4nShXC7NbSeR7mgn9tOtRP/TUQ2JriaysXtF5OKJNs9GRK8Py0YXddNAz+5PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+7fwIAAP//IIQicg==")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1, 0x10012, r1, 0x0)
ioperm(0x0, 0x3, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = gettid()
r3 = timerfd_create(0x0, 0x0)
read(r3, &(0x7f0000000240)=""/123, 0x7b)
inotify_init1(0xc0000)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wpan4\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, @void, @value}, 0x94)
ioctl$SIOCX25SFACILITIES(r0, 0x89e3, &(0x7f00000001c0)={0x37, 0x3, 0x5, 0x9, 0x9, 0x81})
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))

617.865188ms ago: executing program 5 (id=1722):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2}, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'hsr0\x00', <r3=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPVLAN_MODE={0x6, 0x1, 0x2}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x4c}}, 0x0)

596.881581ms ago: executing program 1 (id=1723):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x0, 0xc, &(0x7f0000000600)=ANY=[@ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000000009592b7a768afb83d639b46c48fdbfb5df8f72b1154498c663c57cbedbfbdbc9223a4f5cab3050a68c49a056553cc7105cab4abbb80d6c77810ca8bf2dd48518806b2ce6362f5993909caf3691c0b9289c9df5379c59b7d43a2c1033aa715ea68982406a8147a6bef2defbc2cedcc"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000001c0), 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="3c0000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="3f7e000013000000140012800900010076657468000000000400028008001f0007"], 0x3c}}, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
syz_open_procfs(0x0, &(0x7f0000000080)='ns\x00')
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r4, 0x1, 0x2c, &(0x7f0000000100), 0x4)
setsockopt$sock_attach_bpf(r4, 0x1, 0x1b, &(0x7f0000000800), 0x4)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x10, r3, 0x0)
ioctl$KDGETKEYCODE(r3, 0x4b4c, &(0x7f0000000000)={0x7fffffff, 0x3})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r5)
syz_emit_ethernet(0x5e, &(0x7f00000004c0)=ANY=[@ANYBLOB="bbbbbbbbbbbb00f9a684a51b86dd60108f8400283afffe8000000000000000000000000000bbfe8000000000000000000000000000aa890090780000000000000000000000000000ffffac1414bbfc020000000000000000000000000000f8c65d8042b69fb9737dd3563ffb9ef5540183f542294343c395d214b4b71b54be342b8f2e33f141aba9dd9f36cde4df5471cffc9b654495ddb155adcc64c9594b659669d1776bf35d3199d66f80c4c0dd77c7c3eedea68a9f43698cf576b6b312ab059bce4f6f186cc5bcb343cc1a8dc26424e6ef86e2daf8e867c8e01f88dd1eb42cf9f316973b5927d8d537758477f432a7bc7d3a1068a3c7ac8c3dd0264c3fab94db9fc2002a512b4a5825aa56ede768da2d02"], 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0505350, &(0x7f0000000200)={{}, 'port1\x00'})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
io_uring_setup(0x497c, &(0x7f00000001c0)={0x0, 0x6c0a, 0x0, 0x0, 0x40001e6})
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000740)=ANY=[@ANYBLOB="500000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000001140012800c0001006d6163766c616e00dbff028008000500", @ANYRES32=r6, @ANYBLOB="080004007f0000000a000100aa"], 0x50}}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f00000001c0), &(0x7f00000002c0)}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r8}, &(0x7f00000000c0), &(0x7f0000000100)}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={r8}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r8, @ANYBLOB="000000000000e7b60500000800400085000000a5000000950000000000000000"], &(0x7f0000000300)='GPL\x00', 0x4, 0xff8, &(0x7f0000001e00)=""/4088, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

481.460264ms ago: executing program 1 (id=1724):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x1, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000000)=0x7f, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000600)={'veth0_to_team\x00', <r2=>0x0})
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x200, 0x4)
sendto$packet(r1, &(0x7f00000000c0)="3f030e0033e6120306001e0089e9aaa911d7c2290f0086dd1327c9167c64114a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe94f, 0x0, &(0x7f0000000540)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
lsetxattr$security_capability(&(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000180)=@v2, 0x14, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r3, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r3, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r4}, 0x10)
fchownat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0, 0x1000)

467.144466ms ago: executing program 3 (id=1725):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000bc0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000702000000feffff7a0af0ffe100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000009000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb4500639100f51f00000000000000ff7f00000000000000001f99649a2079fd00cb04fcbb0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e84cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fb484510bef2e4872f5c2fe6faaf75e5cc4051ade12f41deff6df6a936b4ec3827c739bb39aad16d875fe369258673b5df11cc2afb53611cc320000bc0b80e80eae8f5e64be2c41f629db3d36dd015c7bb41fcb6cf9f6b59ca01685108e61aa000000000000000000000000008b798b4f7458d1863cc67c4c6a06e828e5216f603419db1af1b5d356d0f062137d866d11be4ba3f0151f07bd4e97d62ecc645e143a60f1c6edc76609077909826151e2b42bf0ed0c7e8b0db51662de6d87c493db845b10e9468bda6f82881eb8c9cfa72b08eecc952a3fd2c46f3c1cde71a19d1a2000000000000000bfea3b8d188df2eff8d56aaae7d32a2e183722537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1edd1a74851b59d378d0616a48c7957e122665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d817b324d6e417b1c2cbfdcada0a16e31790e26cf101000080496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b4207e6078625cb2717e21f8f187b1866108b6e8c71e26032176066599783568628f0309c3afa716d3706e1fa89917e131f4034a8383e9dc3568fd04201b37cd92ca6d2676bef8310f703000000005652f87b039d543000000000000000008ce31344b554aca78a00000000000000e63a0dba7f6b25e8d5e40a3a571a5dfde3b4dca2d38a9c0ea7b5bcd49f977c609915c7601080d10b96af1eb55922765313a0eeefae505f4535cd9dc69fbab92150c7e74e5c5b051ddf6399b0d00eee5c3afee38cdc55b8d3fbbe210bdec686a23503f4a547327caf3811718c9002be6d89f5734a9e204dbc327ec8f9851d273fa07369c419942509198605ff2781f4d2d4685d762d4764f7ff762e09116946137b7ab812a2d408b572064d6d2a7a46ea2a536f3cb1b7d6b0fc51a0f8bb3324edf2f34fa684e3306e7268aaca88b950df9543c360742ea4d64cbc9eaabf3d0871b02e2e"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x0, 0x5}, 0x8, 0x10, &(0x7f0000000100), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$ENABLE_STATS(0x20, 0x0, 0x2e)
syz_emit_ethernet(0x3e, &(0x7f0000000040)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x7, 0x4, 0x2, 0x9, 0x30, 0x64, 0x0, 0x2, 0x1, 0x0, @remote, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@lsrr={0x83, 0x3, 0xe2}, @ssrr={0x89, 0x3, 0x2e}]}}, @timestamp_reply={0xe, 0x0, 0x0, 0x81, 0x8, 0x99f, 0x10000, 0x2}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x1f2f, 0x241, 0x38f, &(0x7f00000007c0)="9f44948721919580684010a486dd", 0x0, 0x241, 0x0, 0xb1, 0x0, &(0x7f0000000700)="389ceff69d08b0af1cc71b6262d50660bbaf31a7f8cd6a6f911beb65d5fe6b54bf21a66489121f24fefd198059288c9b735e1898e77a7469489a249292c02a72bc193a3008ebdbf4e9dd4ee8fcceef55402c913c8dd0ebece1330aaa93ece835c5044a246a5967e3acd7c950b3b19f351830e545eb9bc3a9c6dd22ce97f1f857cfe8b68a2370b69ea336006b589368f92deb68f3dfc6f2bfee09f8342da437fce5dcdf658e453e3132bb42067575318c39"}, 0x23)
r1 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000080)='syz1\x00', 0x200002, 0x0)
perf_event_open(&(0x7f0000000700)={0x1, 0x80, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x1)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000540)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
ioctl$TCSETS(r2, 0x89f0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "bb40af00008000"})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f0000000580)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)={0x5c, r5, 0x400, 0x70bd25, 0x25dfdbff, {}, [@BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x9}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x7f}, @BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_VLANID={0x6, 0x28, 0x3}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}]}, 0x5c}, 0x1, 0x0, 0x0, 0x41}, 0x4000004)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={r0, r1, 0x33, 0x0, @void}, 0x10)
bpf$ENABLE_STATS(0x20, &(0x7f0000000040), 0x4)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r6=>r0, {0x10}}, './file0\x00'})
r7 = syz_genetlink_get_family_id$gtp(&(0x7f00000001c0), 0xffffffffffffffff)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000002c0)={<r8=>0x0, @loopback, @multicast2}, &(0x7f0000000300)=0xc)
sendmsg$GTP_CMD_GETPDP(r6, &(0x7f0000000400)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20003040}, 0xc, &(0x7f00000003c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="10002cbd7000fcdbdf250200000008000100", @ANYRES32=r8, @ANYBLOB="74adbeb5bfcba4290f3ff5d21b210922ed77bb94280ba3535b5c1e2eaff4bb2a7a8265b362e97d39c615d8afbe4f6b7c92fd1da3896ef1833b2ef8b9d873fb4b7da3cadf665900000000000000000000fdd33f64262ef645cf97e2395eed9ff75638f16d7cb95af1b4cb693c9e"], 0x24}, 0x1, 0x0, 0x0, 0x4004001}, 0x40000)

465.000986ms ago: executing program 5 (id=1726):
syz_open_dev$usbfs(&(0x7f0000000480), 0x76, 0x141341)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd09e, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r1}, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
epoll_create(0x881)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x9, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b708000000005aab7b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00'}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = socket$netlink(0x10, 0x3, 0x14)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r3, &(0x7f00000002c0)={0x0, 0x5, &(0x7f0000001200)={&(0x7f0000001080)={0x38, 0x1403, 0x1, 0x700, 0x0, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'syzkaller0\x00'}}]}, 0x38}}, 0x0)

421.219611ms ago: executing program 0 (id=1727):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x5, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000058000000030a01040000000000000000010000000900030073797a300000000028000480080002400000000008000140000000051400030076657468315f746f5f622174616476000900010073797a30"], 0xa0}}, 0x0)

382.916586ms ago: executing program 1 (id=1728):
r0 = socket(0x28, 0x5, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r3, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r3, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080), 0x10)
sendmmsg(r0, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x0)
r4 = accept4$unix(r3, 0x0, 0x0, 0x0)
recvfrom$unix(r4, &(0x7f0000000180)=""/235, 0x1ffd4, 0x0, 0x0, 0x0)

349.508779ms ago: executing program 0 (id=1729):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180100000000200000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x40000000, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2b, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x34, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x4}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x53d, &(0x7f0000000b80)="$eJzs3dFvG3cdAPDvuXGbtumSAQ8waWOwoXaC2s3CtoiHMSQET5OA8V5C4kZRnTiKna2JJkj/AiSEAIkneOEFiT8ACVXihUeENAmeQRoCIehAYg+wQ2efk+CcE7c4dut8PtL1fr87332/P7e/853v13MAZ9azEfFaRHyQpukLETGbLy/lU+x1pux1791/ezmbkkjTN/6WRJIv6+4ryeeX882mI+JrX474ZnI0bnNn9/ZSvV7byuvV1vpmtbmze31tfWm1tlrbWFiYf3nxlcWXFm8MpZ1XIuLVL/7p+9/56Zde/eVn3vrjzb9c+1aW1ky+/nA7HtDUcSs7TS9fmO7ZYOshgz2KsvaUu5WLg21z9xTzAQCgv+wc/0MR8cmIeCFm49zxp7MAAADAYyj9/Ez8O4lIi53vsxwAAAB4jJTaY2CTUiUfCzATpVKl0hnD+5G4VKo3mq1P32psb6x0xsrORbl0a61eu5GPFZ6LcpLV59vlg/qLPfWFiHgyIr43e7Fdryw36ivj/vIDAAAAzojLPdf//5ztXP8DAAAAE2Zu3AkAAAAAp+7hr//LQ80DAAAAOD3u/wMAAMBE+8rrr2dT2v3965U3d7ZvN968vlJr3q6sby9Xlhtbm5XVRmO1/cy+9ZP2V280Nj8bG9t3qq1as1Vt7uzeXG9sb7RursX0SBoEAAAAHPHkx+/9PomIvc9dbE+Z8+NOChiJqf1Sks8Lev8fnujM3x1RUsBInBvgNe9eKF7uPAEeb1O9C/r0dWDy+A/8QHLC+r6Dd36Tzz8x3HwAAIDhu/qxovv/Xx1gy73SqScHnKpjO/H7o8sDGL2e+//p7LgSAUauff9/0IE8zvhhopQHGgEITLL/+/7/idL0gRICAACGbqY9JaVK/vXeTJRKlUrElfbPApSTW2v12o2IeCIifjdbvpDV59tbJideMwAAAAAAAAAAAAAAAAAAAAAAAAAAHWmaRAoAAABMtIjSn5NfdZ7lf3X2+Zne7wfOJ++3fxL4fES89aM3fnBnqdXams+W/31/eeuH+fIXx/ENBgAAANCre53env9r3NkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMGneu//2cnca4OUXhxX3r1+IiLmi+FMx3Z5PRzkiLv0jialD2yURcW4I8ffuRsRHi+InWVr7IYviD+NNOCF+zOXvQlH8y0OID2fZvez481rW/7Ledbj/leLZ9ry4/01F/E/9YfU//sX+8e9cn/5/ZcAYT73z82rf+HcjnpoqPv504yd94j83YPxvfH13t9+69McRV7ufP+0j3uEIB6Vqa32z2tzZvb62vrRaW61tLCzMv7z4yuJLizeqt9bqtfzPwhjfffoXHxzX/kuFn39Jnk3/9j9fsL+iz6T/vHPn/oe7lb2j8a89VxD/1z/JX3E0fimP86m8nK2/2i3vdcqHPfOz3z5zXPtXDtpffpC//2v9dtrrSEd5etB/OgDAKWju7N5eqtdrWxNbyK7SH4E0FB7BwreHusM0TdOsTxWsuhcRg+wniSG3tFScz0Gh7xFg3EcmAABg2A5O+sedCQAAAAAAAAAAAAAAAAAAAJxdo3jKWm/Mg0cgJ8N4hDYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFD8NwAA//9j+tKI") (fail_nth: 7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000000), 0x8001ff, 0x2)
syz_clone(0x28380080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)

110.249327ms ago: executing program 1 (id=1730):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = syz_io_uring_setup(0x67fe, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r2}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000ac0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(r1, 0x184c, 0x0, 0x0, 0x0, 0x0)
openat$cgroup_procs(r0, &(0x7f0000000040)='cgroup.procs\x00', 0x2, 0x0)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')

13.988458ms ago: executing program 0 (id=1731):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200001400ea00b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = openat$cgroup_devices(r3, &(0x7f0000000240)='devices.deny\x00', 0x2, 0x0)
fchdir(r4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r3}, 0x10)
r5 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_msfilter(r5, 0x0, 0x29, 0x0, 0x5000)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'dummy0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=@newqdisc={0xec, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xfff1, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x9, 0x3, 0x7, 0x9, 0x2, 0x4, 0x3}}, {0x4}}]}, @TCA_RATE={0x6, 0x5, {0x7, 0xc}}, @TCA_STAB={0x90, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x8, 0x2, 0xd94, 0x7ff, 0x0, 0x80, 0x3, 0x7}}, {0x12, 0x2, [0x1, 0x0, 0x2, 0xe, 0x8001, 0x7, 0x2]}}, {{0x1c, 0x1, {0x9, 0x7, 0x7f, 0x40ae0d13, 0x1, 0x6d7, 0x3, 0xa}}, {0x18, 0x2, [0x8001, 0xa47, 0x7b, 0x3, 0x10, 0x1, 0x68, 0x401, 0x73a, 0xf]}}, {{0x1c, 0x1, {0xec, 0x9, 0x9, 0x8e8, 0x2, 0x8, 0x1, 0x3}}, {0xa, 0x2, [0xc8c, 0xffff, 0x4]}}]}]}, 0xec}}, 0x0)

13.421428ms ago: executing program 1 (id=1732):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x3082, 0x0)
ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000080)={0x7, &(0x7f0000000040)=[{0x2a, 0x6, 0x3, 0xfffffff9}, {0x3, 0x5, 0x4a, 0x9}, {0x9ce6, 0x2, 0x3, 0xfe1}, {0x961, 0x4, 0x1, 0x9}, {0xfe00, 0x1e, 0x2, 0x4}, {0xfff7, 0xe7, 0x3, 0x5}, {0x200, 0x3, 0xf, 0x8}]}) (async)
ioctl$FITRIM(r0, 0xc0185879, &(0x7f00000000c0)={0x8, 0xa7, 0x400}) (async)
ioctl$HIDIOCGFEATURE(0xffffffffffffffff, 0xc0404807, &(0x7f0000000100)={0xa0, "634dd2f9155c40c21de4dc5c7868fc8ce70a86b9c60e420bf6b20a8815e3fb7747f152d03bd92e902bf444d40cdeed8fe8a067cbb77ca241407ab642d38e1a41"}) (async)
r1 = fsmount(0xffffffffffffffff, 0x0, 0xe)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000180)={<r2=>0x0}, &(0x7f00000001c0)=0xc)
sched_setaffinity(r2, 0x8, &(0x7f0000000200)=0x101)
ioctl$NS_GET_USERNS(r1, 0xb701, 0x0)
socket$packet(0x11, 0x2, 0x300)
ioctl$HIDIOCGFEATURE(r1, 0xc0404807, &(0x7f0000000240)={0x8, "dc156900474dc66e5e6455b002ea63758af60677d7d053511506f5591cb7a0a994ea384633a9165b69da0fd777f4760e2a14ad84961fbfb85c5d8d62ed2b0fa0"}) (async)
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000300)=@o_path={&(0x7f00000002c0)='./file0\x00', r1, 0x4000, r1}, 0x18) (async)
close_range(r0, r1, 0x2) (async)
r3 = dup2(r1, r1) (async)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r1)
sendmsg$NL80211_CMD_GET_SURVEY(r3, &(0x7f0000000440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x20, r4, 0x4, 0x70bd2b, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x2, 0x69}}}}, ["", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x20000044}, 0x1)
ptrace$ARCH_GET_MAX_TAG_BITS(0x1e, r2, &(0x7f0000000480), 0x4003) (async)
socket$packet(0x11, 0x3, 0x300) (async)
connect$l2tp6(r3, 0x0, 0x0) (async)
getsockopt$IP6T_SO_GET_ENTRIES(r1, 0x29, 0x41, &(0x7f00000004c0)={'filter\x00', 0x7a, "beed22c55842afd26b38f1f77a231f49c60d250771ea45e6766eb7175d894ffd29d4bedd5df3a53ce350976bac24c5e93520ffc3e77320b5e1f5caf88efcc84bf516d9ba1a334d4df1fcac90892a72f2b77fad42bd3f91bb774cf4445fce1a633db4ea620395349d290a1a5c53c8713b2d45201414e7f804be06"}, &(0x7f0000000580)=0x9e) (async)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000a00)={&(0x7f00000005c0)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000009c0)={&(0x7f0000000600)={0x398, r4, 0x100, 0x70bd28, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x7, 0x16}}}}, [@NL80211_ATTR_TID_CONFIG={0x378, 0x11d, 0x0, 0x1, [{0xd4, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x14}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x2f}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xcc}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xfd}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x200}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0x63}, @NL80211_TID_CONFIG_ATTR_TX_RATE={0x88, 0xd, 0x0, 0x1, [@NL80211_BAND_5GHZ={0x84, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x1f, 0x1, [0x4, 0x12, 0x30, 0x48, 0x24, 0x60, 0x9, 0x36, 0x18, 0x5, 0x4, 0x16, 0x12, 0x3, 0x6, 0x1b, 0x12, 0x16, 0x5, 0x18, 0x5, 0x3, 0x4, 0xc, 0x48, 0x5, 0xc]}, @NL80211_TXRATE_HE={0x14, 0x5, {[0x570, 0xfff9, 0x9, 0x9, 0x1, 0x40, 0x5bba, 0xe]}}, @NL80211_TXRATE_HT={0x45, 0x2, [{0x5, 0xa}, {0x5, 0x6}, {0x0, 0x2}, {0x6, 0x8}, {0x0, 0x7}, {0x6, 0x2}, {0x0, 0x3}, {0x4, 0x4}, {0x1, 0x8}, {0x0, 0x9}, {0x0, 0xa}, {0x7, 0x9}, {0x6, 0x3}, {0x0, 0x4}, {0x2}, {0x6, 0x2}, {0x0, 0x6}, {0x6, 0x8}, {0x6}, {0x7, 0x2}, {0x2, 0x8}, {0x4}, {0x3, 0x7}, {0x3, 0x1}, {0x4, 0x6}, {0x5, 0x8}, {0x5, 0xa}, {0x2, 0xa}, {0x5, 0x2}, {0x1, 0x6}, {0x0, 0xa}, {0x3, 0xa}, {0x3, 0x9}, {0x0, 0x5}, {0x4, 0x3}, {0x1, 0x4}, {0x7, 0x6}, {0x5, 0x2}, {0x4, 0x5}, {0x1}, {0x7}, {0x2, 0x9}, {0x2, 0x5}, {0x3, 0x6}, {0x4, 0x6}, {0x5, 0x1}, {0x0, 0x9}, {0x2, 0x4}, {0x0, 0x6}, {0x5, 0x8}, {0x4, 0x8}, {0x5}, {0x0, 0x7}, {0x0, 0x1}, {0x7, 0x4}, {0x1, 0x2}, {0x1, 0x2}, {0x7, 0x5}, {0x5, 0x5}, {0x2, 0xa}, {0x1, 0x2}, {0x1, 0x6}, {0x2, 0x5}, {0x7, 0x7}, {0x4, 0x5}]}, @NL80211_TXRATE_LEGACY={0x4}]}]}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}, {0x18, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x5}, @NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x852d}]}, {0x40, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_PEER_SUPP={0xc, 0x3, 0x6}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x4}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x85}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x16064d8b}]}, {0x14, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xb7}, @NL80211_TID_CONFIG_ATTR_AMPDU_CTRL={0x5}]}, {0x28, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0xf1b3}, @NL80211_TID_CONFIG_ATTR_NOACK={0x5, 0x6, 0x1}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}, @NL80211_TID_CONFIG_ATTR_RETRY_LONG={0x5, 0x8, 0xf9}]}, {0x1d4, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x1c8, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x20, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x1}, @NL80211_TXRATE_HE={0x14, 0x5, {[0xfff, 0x5, 0x7, 0x7, 0x7, 0x3, 0x1000, 0x7]}}]}, @NL80211_BAND_5GHZ={0x44, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HT={0x35, 0x2, [{0x1, 0x7}, {0x0, 0x6}, {0x1, 0x6}, {0x0, 0x4}, {0x4, 0x9}, {0x3, 0x4}, {0x5, 0x2}, {0x1, 0x2}, {0x5}, {0x1, 0x1}, {0x0, 0x6}, {0x0, 0x4}, {0x1, 0xa}, {0x2, 0x6}, {0x2, 0x4}, {0x5, 0x6}, {0x3, 0x7}, {0x1, 0x4}, {0x7, 0x7}, {0x6, 0xa}, {0x2, 0x6}, {0x2, 0x9}, {0x0, 0x4}, {0x7}, {0x7, 0xa}, {0x7, 0x7}, {0x5, 0x7}, {0x4, 0x3}, {0x6, 0x6}, {0x1, 0x4}, {0x0, 0x6}, {0x2}, {0x3}, {0x2, 0x2}, {0x7, 0x9}, {0x7, 0x5}, {0x0, 0xa}, {}, {0x2, 0x5}, {0x2, 0x4}, {0x2, 0x2}, {0x3, 0x5}, {0x7, 0x3}, {0x1, 0x3}, {0x0, 0x9}, {0x4, 0x8}, {0x1, 0x4}, {0x0, 0x3}, {0x4, 0x5}]}, @NL80211_TXRATE_GI={0x5}]}, @NL80211_BAND_2GHZ={0x54, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4d, 0x2, [{0x5, 0x8}, {0x5, 0xa}, {0x0, 0x1}, {0x4, 0x9}, {0x6, 0x8}, {0x2, 0x4}, {0x5, 0x3}, {0x2, 0x8}, {}, {0x0, 0xa}, {0x1, 0x3}, {0x4, 0x8}, {0x7, 0x7}, {0x1, 0x7}, {0x7, 0x4}, {0x0, 0x2}, {0x3, 0x6}, {0x0, 0x7}, {0x2, 0x8}, {0x5, 0x5}, {0x3, 0x8}, {0x3, 0x2}, {0x1, 0x8}, {0x3, 0x6}, {0x3, 0x1}, {0x0, 0x8}, {0x0, 0x1}, {0x1, 0x1}, {0x6}, {0x7, 0x8}, {0x7, 0x8}, {0x5, 0x9}, {0x5, 0x7}, {0x2, 0x1}, {}, {0x5, 0x6}, {0x4, 0x5}, {0x4}, {0x0, 0x8}, {0x5, 0x3}, {0x6, 0xa}, {0x0, 0x5}, {0x7, 0x4}, {0x0, 0x5}, {0x1, 0x8}, {0x5}, {0x3, 0x6}, {0x3, 0x4}, {0x0, 0x8}, {0x7, 0x2}, {0x5}, {0x3, 0x1}, {0x3}, {0x6, 0x2}, {0x1, 0xa}, {0x0, 0x8}, {0x5, 0x4}, {0x0, 0x1}, {0x0, 0x2}, {0x2, 0x2}, {0x5}, {0x2, 0x4}, {0x4, 0x5}, {0x0, 0x4}, {0x6, 0x2}, {0x6, 0x9}, {0x0, 0x7}, {}, {0x7, 0x5}, {0x2, 0x2}, {0x0, 0x2}, {0x5, 0x4}, {0x0, 0x5}]}]}, @NL80211_BAND_60GHZ={0x48, 0x2, 0x0, 0x1, [@NL80211_TXRATE_GI={0x5, 0x4, 0x1}, @NL80211_TXRATE_LEGACY={0x14, 0x1, [0x36, 0x48, 0x6c, 0x6c, 0x30, 0x77, 0x3, 0x18, 0x18, 0x3, 0x2, 0x48, 0x4, 0x60, 0x60, 0x2]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x2}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}, @NL80211_TXRATE_HT={0xe, 0x2, [{0x6, 0x2}, {0x0, 0x4}, {0x0, 0x6}, {0x7}, {0x6, 0x6}, {0x0, 0x5}, {0x5}, {0x4, 0x9}, {0x2, 0x1}, {0x1, 0xa}]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}, @NL80211_BAND_5GHZ={0x98, 0x1, 0x0, 0x1, [@NL80211_TXRATE_VHT={0x14, 0x3, {[0xe, 0x501, 0x9, 0x53, 0x6cf3, 0x4, 0x9, 0xe0]}}, @NL80211_TXRATE_HT={0x4a, 0x2, [{0x1, 0x6}, {0x4, 0x4}, {0x1, 0x4}, {0x3, 0x7}, {0x4, 0x4}, {0x7, 0x6}, {0x0, 0x6}, {0x1, 0x9}, {0x0, 0x9}, {0x0, 0xa}, {0x6, 0x9}, {0x6, 0x5}, {0x0, 0x5}, {0x3, 0xa}, {0x0, 0x9}, {0x0, 0x8}, {0x4}, {0x4, 0x4}, {0x6}, {0x0, 0x6}, {0x1, 0xa}, {0x7, 0x5}, {0x4, 0x4}, {0x0, 0x8}, {0x4, 0x3}, {0x4, 0x9}, {0x0, 0x3}, {0x6, 0x3}, {0x0, 0x1}, {0x0, 0x2}, {0x5, 0x3}, {0x0, 0x9}, {0x5, 0x1}, {0x6, 0x8}, {0x7}, {}, {0x1, 0x9}, {0x0, 0x9}, {0x0, 0x3}, {0x3, 0x1}, {0x4, 0x5}, {0x7, 0x2}, {0x5, 0x6}, {0x6, 0x3}, {0x3}, {0x4, 0x4}, {0x6, 0x5}, {0x5, 0x8}, {0x5, 0x2}, {0x3, 0xa}, {0x5, 0x2}, {0x4, 0x6}, {0x6, 0x2}, {0x5, 0x8}, {0x3, 0x8}, {0x0, 0x1}, {0x1, 0x7}, {0x4, 0x8}, {0x2, 0x6}, {0x5, 0x6}, {0x7, 0x2}, {0x1, 0x4}, {0x5, 0x1}, {0x2, 0x1}, {0x5}, {0x0, 0x1}, {0x7, 0x7}, {0x0, 0x6}, {0x0, 0x9}, {0x5, 0x2}]}, @NL80211_TXRATE_LEGACY={0x5, 0x1, [0x5]}, @NL80211_TXRATE_HT={0x13, 0x2, [{0x2, 0x9}, {0x6}, {0x3, 0x2}, {0x0, 0x7}, {0x4, 0x7}, {0x0, 0xa}, {0x7, 0x1}, {}, {0x0, 0x9}, {0x5, 0x1}, {0x1, 0x7}, {0x0, 0x8}, {0x6, 0xa}, {0x2, 0x6}, {0x7, 0x1}]}, @NL80211_TXRATE_LEGACY={0x17, 0x1, [0x55, 0x5, 0x9, 0x1b, 0x12, 0x3, 0x2, 0x24, 0x1, 0x77, 0x9, 0x9, 0x4, 0x48, 0x12, 0x5, 0x48, 0x2, 0x6]}]}, @NL80211_BAND_6GHZ={0x2c, 0x3, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x20, 0x1, [0x3e, 0x16, 0xd, 0xb, 0x2, 0x9, 0xc, 0xb, 0x48, 0x24, 0x60, 0x3, 0x18, 0xc, 0x1, 0x1846a086d688e406, 0xc, 0x4, 0x36, 0x18, 0x6, 0x9, 0x60, 0x60, 0x60, 0x60, 0xa8e2d1c7ec0ca838, 0xb]}, @NL80211_TXRATE_GI={0x5, 0x4, 0x1}]}]}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5, 0xb, 0x1}]}, {0x38, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_RETRY_SHORT={0x5, 0x7, 0x32}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x1}, @NL80211_TID_CONFIG_ATTR_VIF_SUPP={0xc, 0x2, 0x4}, @NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL={0x5, 0xa, 0x1}, @NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xb6}]}]}]}, 0x398}, 0x1, 0x0, 0x0, 0x4004004}, 0x4010) (async)
r5 = semget$private(0x0, 0x3, 0xda)
semop(r5, &(0x7f0000000a40)=[{0x3, 0x1}], 0x1)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000b80)={r1, &(0x7f0000000a80)="0fce58ef6e7c0c3ec7374ff423abfd48d5ce3aeebc04b414c61847606eeea70e43950c591c0eddd255de6831888bda9b1ba9f7f10b66bd9a55176341a2923b8960a291a23f09861af0956b72a66345079da80151976f242659da43ac0a261594920c5d2b765f744131c061070c8d10cc58907caa9a6a76f9c0bcf3b04ce019078cdfff01be4608a7d8e84c798db296dcb2ec03cdc8d9f265dee68900365c8ad2bd6a276383e64c94af65e768b85595458fbacf3106c35e6fd1cec9f6b09e091fc3b386e9e5806e2cfd23bc50ab7bf6"}, 0x20)
setsockopt$inet_udp_int(r3, 0x11, 0x67, &(0x7f0000000bc0)=0x9, 0x4) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r7 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000c40), r1)
sendmsg$L2TP_CMD_SESSION_DELETE(r6, &(0x7f0000000d40)={&(0x7f0000000c00)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000d00)={&(0x7f0000000c80)={0x60, r7, 0x100, 0x70bd2d, 0x25dfdbfb, {}, [@L2TP_ATTR_OFFSET={0x6, 0x3, 0x5}, @L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5, 0x22, 0x1}, @L2TP_ATTR_UDP_ZERO_CSUM6_RX={0x5}, @L2TP_ATTR_MRU={0x6, 0x1d, 0x368}, @L2TP_ATTR_L2SPEC_LEN={0x5}, @L2TP_ATTR_UDP_CSUM={0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x3}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}, @L2TP_ATTR_COOKIE={0xc, 0xf, 0x6}]}, 0x60}, 0x1, 0x0, 0x0, 0xcc0f34232b5978bd}, 0x80) (async)
mq_open(&(0x7f0000000d80)='\xa7\x00', 0x40, 0x1a1, &(0x7f0000000dc0)={0x9, 0x400, 0x8, 0x5}) (async)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000e00), 0x410800)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r8, 0x4058534c, &(0x7f0000000e40)={0xf, 0x0, 0x0, 0xf, 0xffffffff, 0x1ff})

13.321848ms ago: executing program 5 (id=1733):
chmod(&(0x7f0000000180)='./file0\x00', 0x0)

8.745659ms ago: executing program 3 (id=1734):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x6, [@fwd={0x3}]}, {0x0, [0x5f, 0x30, 0x5f, 0x30]}}, 0x0, 0x2a, 0x0, 0x1, 0x7, 0x0, @void, @value}, 0x28) (fail_nth: 11)

8.709649ms ago: executing program 34 (id=1734):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x6, [@fwd={0x3}]}, {0x0, [0x5f, 0x30, 0x5f, 0x30]}}, 0x0, 0x2a, 0x0, 0x1, 0x7, 0x0, @void, @value}, 0x28) (fail_nth: 11)

0s ago: executing program 5 (id=1736):
unshare(0x68040200) (fail_nth: 34)

kernel console output (not intermixed with test programs):

tem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.955107][ T7134] loop1: detected capacity change from 0 to 512
[   99.967491][ T7134] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   99.988815][ T7127] EXT4-fs error (device loop5): ext4_xattr_inode_iget:440: comm syz.5.1072: inode #1073372648: comm syz.5.1072: iget: illegal inode #
[  100.009436][ T7127] EXT4-fs error (device loop5): ext4_xattr_inode_iget:445: comm syz.5.1072: error while reading EA inode 1073372648 err=-117
[  100.024243][ T7134] EXT4-fs (loop1): 1 truncate cleaned up
[  100.030974][ T7134] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.036439][ T7127] EXT4-fs error (device loop5): ext4_xattr_delete_inode:2977: inode #15: comm syz.5.1072: corrupted xattr block 33: invalid header
[  100.065177][ T7127] EXT4-fs warning (device loop5): ext4_evict_inode:276: xattr delete (err -117)
[  100.096738][ T3891] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.111589][ T7146] loop3: detected capacity change from 0 to 512
[  100.120001][ T7146] ext3: Unknown parameter 'subj_role'
[  100.136017][ T7134] EXT4-fs error (device loop1): ext4_xattr_inode_iget:440: comm syz.1.1074: inode #1073372648: comm syz.1.1074: iget: illegal inode #
[  100.171672][ T7134] EXT4-fs error (device loop1): ext4_xattr_inode_iget:445: comm syz.1.1074: error while reading EA inode 1073372648 err=-117
[  100.185659][ T7134] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2977: inode #15: comm syz.1.1074: corrupted xattr block 33: invalid header
[  100.214182][ T7134] EXT4-fs warning (device loop1): ext4_evict_inode:276: xattr delete (err -117)
[  100.246483][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.282314][ T7156] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  100.430744][ T7176] loop5: detected capacity change from 0 to 512
[  100.456762][ T7176] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  100.506126][ T7176] EXT4-fs (loop5): 1 truncate cleaned up
[  100.513289][ T7176] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.545922][ T7176] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  100.588372][ T7190] loop3: detected capacity change from 0 to 512
[  100.605519][ T3891] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.621597][ T7190] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  100.656279][ T7190] EXT4-fs (loop3): 1 truncate cleaned up
[  100.663545][ T7190] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.266305][ T7209] loop0: detected capacity change from 0 to 512
[  102.300313][   T29] kauditd_printk_skb: 244 callbacks suppressed
[  102.300330][   T29] audit: type=1326 audit(1729988256.128:3393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.1.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  102.359555][ T7212] loop4: detected capacity change from 0 to 512
[  102.447036][ T7209] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1100: bg 0: block 35: padding at end of block bitmap is not set
[  102.452451][   T29] audit: type=1326 audit(1729988256.158:3394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.1.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  102.463758][ T7212] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1101: bg 0: block 35: padding at end of block bitmap is not set
[  102.484907][   T29] audit: type=1326 audit(1729988256.158:3395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.1.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=448 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  102.484944][   T29] audit: type=1326 audit(1729988256.158:3396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.1.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  102.484971][   T29] audit: type=1326 audit(1729988256.158:3397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.1.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  102.503061][ T7209] EXT4-fs (loop0): Remounting filesystem read-only
[  102.522516][   T29] audit: type=1326 audit(1729988256.158:3398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.1.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  102.522554][   T29] audit: type=1326 audit(1729988256.158:3399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.1.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  102.522583][   T29] audit: type=1326 audit(1729988256.158:3400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7204 comm="syz.1.1099" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  102.545975][ T7209] EXT4-fs (loop0): 1 truncate cleaned up
[  102.546400][ T7209] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.599792][ T7212] EXT4-fs (loop4): Remounting filesystem read-only
[  102.673675][ T7209] SELinux: (dev loop0, type ext4) getxattr errno 5
[  102.683473][ T7212] EXT4-fs (loop4): 1 truncate cleaned up
[  102.690007][ T7209] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.699813][ T7212] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.711873][ T7212] SELinux: (dev loop4, type ext4) getxattr errno 5
[  102.724096][ T7212] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.734357][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.776788][ T7216] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  102.780963][ T7218] ALSA: seq fatal error: cannot create timer (-22)
[  102.853171][ T7225] __nla_validate_parse: 9 callbacks suppressed
[  102.853191][ T7225] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1106'.
[  102.866370][ T7227] loop3: detected capacity change from 0 to 256
[  102.908826][ T7227] FAT-fs (loop3): Directory bread(block 1285) failed
[  102.919068][ T7233] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1109'.
[  102.930983][ T7230] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1108'.
[  102.951947][ T7235] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1119'.
[  102.980711][   T29] audit: type=1326 audit(1729988256.798:3401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7229 comm="syz.0.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff54422e719 code=0x7ffc0000
[  103.004322][   T29] audit: type=1326 audit(1729988256.798:3402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7229 comm="syz.0.1108" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7ff54422e719 code=0x7ffc0000
[  103.122444][ T7247] can0: slcan on ttyS3.
[  103.140516][ T7250] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  103.167294][ T7250] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  103.256388][ T7250] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  103.377469][ T7250] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  103.656559][ T7278] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1120'.
[  104.042139][ T7238] can0 (unregistered): slcan off ttyS3.
[  104.070102][ T7239] infiniband syz1: set down
[  104.074730][ T7239] infiniband syz1: added team_slave_0
[  104.152343][ T7239] RDS/IB: syz1: added
[  104.183098][ T7239] smc: adding ib device syz1 with port count 1
[  104.199395][ T7239] smc:    ib device syz1 port 1 has pnetid 
[  104.268780][ T7301] loop3: detected capacity change from 0 to 512
[  104.285678][ T7301] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1122: bg 0: block 35: padding at end of block bitmap is not set
[  104.328944][ T7301] EXT4-fs (loop3): Remounting filesystem read-only
[  104.335878][ T7301] EXT4-fs (loop3): 1 truncate cleaned up
[  104.347888][ T7301] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.361111][ T7310] loop1: detected capacity change from 0 to 256
[  104.384912][ T7301] SELinux: (dev loop3, type ext4) getxattr errno 5
[  104.397277][ T7301] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.476601][ T7314] loop1: detected capacity change from 0 to 512
[  104.489838][ T7314] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  104.519217][ T7314] EXT4-fs (loop1): 1 truncate cleaned up
[  104.528363][ T7314] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.561012][ T7314] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  104.595728][ T7316] loop3: detected capacity change from 0 to 764
[  104.629625][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.825731][ T7334] xt_bpf: check failed: parse error
[  104.875642][ T7340] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1137'.
[  104.912610][ T7342] syzkaller0: entered promiscuous mode
[  104.918424][ T7342] syzkaller0: entered allmulticast mode
[  104.937160][ T7328] loop0: detected capacity change from 0 to 512
[  104.946452][ T7328] EXT4-fs: Ignoring removed oldalloc option
[  104.960439][ T7344] [7344] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.960582][ T7344] [7344] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.972196][ T7344] [7344] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  104.995470][ T7344] loop3: detected capacity change from 0 to 2048
[  105.014007][ T7328] EXT4-fs error (device loop0): ext4_xattr_inode_iget:436: comm syz.0.1133: Parent and EA inode have the same ino 15
[  105.027449][ T7328] EXT4-fs (loop0): Remounting filesystem read-only
[  105.034033][ T7328] EXT4-fs warning (device loop0): ext4_evict_inode:259: couldn't mark inode dirty (err -5)
[  105.044262][ T7328] EXT4-fs (loop0): 1 orphan inode deleted
[  105.050497][ T7328] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.080305][ T7328] SELinux: (dev loop0, type ext4) getxattr errno 5
[  105.092856][ T7328] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.093669][ T7344]  loop3: unable to read partition table
[  105.110842][ T7344] loop3: partition table beyond EOD, truncated
[  105.114097][ T7347] loop4: detected capacity change from 0 to 512
[  105.117131][ T7344] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
[  105.140257][ T7347] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  105.165452][ T3016]  loop3: unable to read partition table
[  105.171253][ T3016] loop3: partition table beyond EOD, truncated
[  105.231653][ T7347] EXT4-fs (loop4): 1 truncate cleaned up
[  105.250838][ T7347] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.269473][ T7356] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1142'.
[  105.288967][ T7359] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1144'.
[  105.298578][ T7359] netlink: 132 bytes leftover after parsing attributes in process `syz.5.1144'.
[  105.300298][ T7347] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  105.307932][ T7359] netlink: 'syz.5.1144': attribute type 10 has an invalid length.
[  105.340282][ T7359] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  105.369311][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.384258][ T7361] siw: device registration error -23
[  105.393841][ T7350] loop1: detected capacity change from 0 to 2048
[  105.422715][ T7372] rdma_rxe: rxe_newlink: failed to add team_slave_0
[  105.453549][ T7372] can0: slcan on ttyS3.
[  105.458495][ T7350] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.537567][ T7379] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1149'.
[  105.603112][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.683449][ T7401] process 'syz.1.1152' launched '/dev/fd/7' with NULL argv: empty string added
[  105.783285][ T7413] loop1: detected capacity change from 0 to 512
[  105.790690][ T7413] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  105.810981][ T7414] team0 (unregistering): Port device team_slave_0 removed
[  105.822265][ T7413] EXT4-fs (loop1): 1 truncate cleaned up
[  105.829479][ T7413] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.845010][ T7414] team0 (unregistering): Port device team_slave_1 removed
[  105.845270][ T7413] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  105.883683][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.062173][ T7422] siw: device registration error -23
[  106.150878][ T7430] loop3: detected capacity change from 0 to 2048
[  106.191522][ T7430] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.420210][ T7453] kernel profiling enabled (shift: 3)
[  106.538132][ T7372] can0 (unregistered): slcan off ttyS3.
[  106.902133][ T7479] loop5: detected capacity change from 0 to 512
[  106.938660][ T7479] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  106.980698][ T7479] EXT4-fs (loop5): 1 truncate cleaned up
[  106.987211][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.018528][ T7479] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  107.037246][ T7479] EXT4-fs error (device loop5): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  107.101988][ T7488] team0 (unregistering): Port device team_slave_0 removed
[  107.111609][ T3891] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.112373][ T7491] dccp_invalid_packet: P.Data Offset(0) too small
[  107.123236][ T7488] team0 (unregistering): Port device team_slave_1 removed
[  107.140052][ T7488] syz_tun: left promiscuous mode
[  107.148029][ T7488] team0 (unregistering): Port device vlan2 removed
[  107.171616][ T7495] tipc: Started in network mode
[  107.176706][ T7495] tipc: Node identity ac1414aa, cluster identity 4711
[  107.185162][ T7495] tipc: Enabled bearer <udp:s>, priority 10
[  107.194670][ T7497] siw: device registration error -23
[  107.252090][ T7501] 9pnet_fd: Insufficient options for proto=fd
[  107.311390][   T29] kauditd_printk_skb: 207 callbacks suppressed
[  107.311406][   T29] audit: type=1326 audit(1729988261.138:3610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7507 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  107.346375][   T29] audit: type=1326 audit(1729988261.138:3611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7507 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  107.370184][   T29] audit: type=1326 audit(1729988261.138:3612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7507 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  107.393833][   T29] audit: type=1326 audit(1729988261.138:3613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7507 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  107.417261][   T29] audit: type=1326 audit(1729988261.138:3614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7507 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  107.440786][   T29] audit: type=1326 audit(1729988261.138:3615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7507 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  107.464286][   T29] audit: type=1326 audit(1729988261.138:3616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7507 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  107.487761][   T29] audit: type=1326 audit(1729988261.138:3617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7507 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  107.487791][   T29] audit: type=1326 audit(1729988261.148:3618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7507 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  107.487906][   T29] audit: type=1326 audit(1729988261.148:3619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7507 comm="syz.1.1179" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  107.504618][ T7518] loop4: detected capacity change from 0 to 2048
[  107.636916][ T7530] loop1: detected capacity change from 0 to 512
[  107.642908][ T7518] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.661640][ T7530] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #12: comm syz.1.1184: corrupted in-inode xattr: invalid ea_ino
[  107.675326][ T7530] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.1184: couldn't read orphan inode 12 (err -117)
[  107.689603][ T7530] EXT4-fs (loop1): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  107.903461][ T7529] __nla_validate_parse: 4 callbacks suppressed
[  107.903481][ T7529] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1183'.
[  108.023586][ T7530] EXT4-fs error (device loop1): ext4_add_entry:2437: inode #2: comm syz.1.1184: Directory hole found for htree leaf block 0
[  108.084690][ T3319] EXT4-fs (loop1): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  108.120164][ T7536] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1185'.
[  108.172949][ T7542] loop0: detected capacity change from 0 to 128
[  108.196041][ T7538] syz.3.1186[7538] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  108.196124][ T7538] syz.3.1186[7538] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  108.212767][ T7538] syz.3.1186[7538] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  108.246199][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.300641][   T24] tipc: Node number set to 2886997162
[  108.380125][ T7559] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1187'.
[  108.389163][ T7559] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1187'.
[  108.398286][ T7559] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1187'.
[  108.407581][ T7559] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1187'.
[  108.422027][ T7556] siw: device registration error -23
[  108.437277][ T7559] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1187'.
[  108.975443][ T7574] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1197'.
[  109.030013][ T7577] syzkaller0: entered promiscuous mode
[  109.035666][ T7577] syzkaller0: entered allmulticast mode
[  109.045168][ T7577] usb usb8: usbfs: process 7577 (syz.3.1198) did not claim interface 0 before use
[  109.057302][ T7579] loop0: detected capacity change from 0 to 2048
[  109.452343][ T7579] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.464531][ T7590] FAULT_INJECTION: forcing a failure.
[  109.464531][ T7590] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  109.479640][ T7590] CPU: 1 UID: 0 PID: 7590 Comm: syz.5.1201 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  109.490422][ T7590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  109.500509][ T7590] Call Trace:
[  109.503818][ T7590]  <TASK>
[  109.506772][ T7590]  dump_stack_lvl+0xf2/0x150
[  109.511479][ T7590]  dump_stack+0x15/0x20
[  109.515739][ T7590]  should_fail_ex+0x223/0x230
[  109.520484][ T7590]  should_fail+0xb/0x10
[  109.524747][ T7590]  should_fail_usercopy+0x1a/0x20
[  109.529961][ T7590]  _copy_from_user+0x20/0xe0
[  109.534642][ T7590]  restore_sigcontext+0x64/0x220
[  109.539757][ T7590]  __do_sys_rt_sigreturn+0xfd/0x160
[  109.545171][ T7590]  x64_sys_call+0x28e1/0x2d60
[  109.549897][ T7590]  do_syscall_64+0xc9/0x1c0
[  109.554569][ T7593] loop1: detected capacity change from 0 to 512
[  109.560902][ T7590]  ? clear_bhb_loop+0x55/0xb0
[  109.565631][ T7590]  ? clear_bhb_loop+0x55/0xb0
[  109.570463][ T7590]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.576409][ T7590] RIP: 0033:0x7f0fcb26a099
[  109.580848][ T7590] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  109.590074][ T7593] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1202: bg 0: block 35: padding at end of block bitmap is not set
[  109.600635][ T7590] RSP: 002b:00007f0fc9f46a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[  109.600665][ T7590] RAX: ffffffffffffffda RBX: 00007f0fcb485f80 RCX: 00007f0fcb26a099
[  109.600681][ T7590] RDX: 00007f0fc9f46a80 RSI: 00007f0fc9f46bb0 RDI: 0000000000000021
[  109.635144][ T7593] EXT4-fs (loop1): Remounting filesystem read-only
[  109.639223][ T7590] RBP: 00007f0fc9f47090 R08: 0000000000000f3a R09: 0000000000000000
[  109.639244][ T7590] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  109.639259][ T7590] R13: 0000000000000000 R14: 00007f0fcb485f80 R15: 00007fff45e93748
[  109.639283][ T7590]  </TASK>
[  109.677140][ T7593] EXT4-fs (loop1): 1 truncate cleaned up
[  109.683174][ T7593] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  109.696396][ T7593] SELinux: (dev loop1, type ext4) getxattr errno 5
[  109.712496][ T7593] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.741927][ T7601] siw: device registration error -23
[  109.841797][ T7609] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  109.879454][ T7614] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1209'.
[  109.909457][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.994414][ T7620] loop3: detected capacity change from 0 to 2048
[  110.050221][ T7627] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  110.101346][ T7630] loop4: detected capacity change from 0 to 512
[  110.110772][ T7630] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  110.111543][ T7620] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.135295][ T7630] EXT4-fs (loop4): 1 truncate cleaned up
[  110.141934][ T7630] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  110.194256][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.570369][ T7630] EXT4-fs error (device loop4): ext4_xattr_inode_iget:440: comm syz.4.1216: inode #1073372648: comm syz.4.1216: iget: illegal inode #
[  110.585224][ T7630] EXT4-fs error (device loop4): ext4_xattr_inode_iget:445: comm syz.4.1216: error while reading EA inode 1073372648 err=-117
[  110.599780][ T7630] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2977: inode #15: comm syz.4.1216: corrupted xattr block 33: invalid header
[  110.614712][ T7630] EXT4-fs warning (device loop4): ext4_evict_inode:276: xattr delete (err -117)
[  110.634563][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.667741][ T7652] loop5: detected capacity change from 0 to 2048
[  110.685420][ T7662] loop7: detected capacity change from 0 to 16384
[  110.712118][ T7652] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.716770][ T7666] loop3: detected capacity change from 0 to 512
[  110.740071][ T7666] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1226: bg 0: block 35: padding at end of block bitmap is not set
[  110.768287][ T7666] EXT4-fs (loop3): Remounting filesystem read-only
[  110.777097][ T7666] EXT4-fs (loop3): 1 truncate cleaned up
[  110.785750][ T7666] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.798488][ T7666] SELinux: (dev loop3, type ext4) getxattr errno 5
[  110.805431][ T7666] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.890610][ T7662] I/O error, dev loop7, sector 11904 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0
[  110.900979][ T7662] I/O error, dev loop7, sector 11904 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  110.910519][ T7662] Buffer I/O error on dev loop7, logical block 1488, async page read
[  110.931421][ T7660] I/O error, dev loop7, sector 5120 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  110.938021][ T7674] loop1: detected capacity change from 0 to 512
[  110.941563][ T7660] Buffer I/O error on dev loop7, logical block 640, lost async page write
[  110.956473][ T7660] Buffer I/O error on dev loop7, logical block 641, lost async page write
[  110.965062][ T7660] Buffer I/O error on dev loop7, logical block 642, lost async page write
[  110.975927][ T7660] Buffer I/O error on dev loop7, logical block 643, lost async page write
[  110.984563][ T7660] Buffer I/O error on dev loop7, logical block 644, lost async page write
[  110.993316][ T7660] Buffer I/O error on dev loop7, logical block 645, lost async page write
[  111.001059][ T7674] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2240: inode #15: comm syz.1.1228: corrupted in-inode xattr: invalid ea_ino
[  111.001992][ T7660] Buffer I/O error on dev loop7, logical block 646, lost async page write
[  111.002019][ T7660] Buffer I/O error on dev loop7, logical block 647, lost async page write
[  111.017551][ T7674] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.1228: couldn't read orphan inode 15 (err -117)
[  111.024145][ T7660] Buffer I/O error on dev loop7, logical block 648, lost async page write
[  111.034664][ T7674] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.048953][ T7660] I/O error, dev loop7, sector 6144 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  111.080065][ T7660] I/O error, dev loop7, sector 7168 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  111.093565][ T7660] I/O error, dev loop7, sector 8192 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  111.095967][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.107464][ T7660] I/O error, dev loop7, sector 9216 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  111.125846][ T7660] I/O error, dev loop7, sector 10240 op 0x1:(WRITE) flags 0x4800 phys_seg 128 prio class 0
[  111.130659][ T7679] loop0: detected capacity change from 0 to 736
[  111.138988][ T7660] I/O error, dev loop7, sector 11264 op 0x1:(WRITE) flags 0x800 phys_seg 80 prio class 0
[  111.223753][ T7684] loop4: detected capacity change from 0 to 512
[  111.241264][ T7684] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.254108][ T7684] ext4 filesystem being mounted at /272/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.276888][ T7684] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #2: comm syz.4.1232: corrupted inode contents
[  111.289283][ T7684] EXT4-fs error (device loop4): ext4_dirty_inode:5984: inode #2: comm syz.4.1232: mark_inode_dirty error
[  111.301046][ T7684] EXT4-fs error (device loop4): ext4_do_update_inode:5121: inode #2: comm syz.4.1232: corrupted inode contents
[  111.313381][ T7684] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #2: comm syz.4.1232: mark_inode_dirty error
[  111.332540][ T7684] smc: net device bond0 applied user defined pnetid SYZ0
[  111.354082][ T7694] loop0: detected capacity change from 0 to 512
[  111.361339][ T7694] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  111.373665][ T7694] EXT4-fs (loop0): 1 truncate cleaned up
[  111.373694][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.382244][ T7694] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.421531][ T7694] EXT4-fs error (device loop0): ext4_xattr_inode_iget:440: comm syz.0.1234: inode #1073372648: comm syz.0.1234: iget: illegal inode #
[  111.437518][ T7694] EXT4-fs error (device loop0): ext4_xattr_inode_iget:445: comm syz.0.1234: error while reading EA inode 1073372648 err=-117
[  111.438662][ T7697] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1235'.
[  111.454169][ T7694] EXT4-fs error (device loop0): ext4_xattr_delete_inode:2977: inode #15: comm syz.0.1234: corrupted xattr block 33: invalid header
[  111.495323][ T7694] EXT4-fs warning (device loop0): ext4_evict_inode:276: xattr delete (err -117)
[  111.498125][ T3891] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.556175][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.505283][ T7719] netlink: 'syz.3.1241': attribute type 12 has an invalid length.
[  112.619775][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x4
[  112.627494][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x2
[  112.635251][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.643087][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.650835][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.658859][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.666729][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.668984][   T29] kauditd_printk_skb: 208 callbacks suppressed
[  112.669003][   T29] audit: type=1400 audit(1729988266.441:3828): avc:  denied  { read write } for  pid=7734 comm="syz.0.1249" name="uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  112.674411][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.674436][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.674458][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.680635][   T29] audit: type=1400 audit(1729988266.441:3829): avc:  denied  { open } for  pid=7734 comm="syz.0.1249" path="/dev/uhid" dev="devtmpfs" ino=252 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:uhid_device_t tclass=chr_file permissive=1
[  112.704043][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.711707][   T29] audit: type=1400 audit(1729988266.441:3830): avc:  denied  { write } for  pid=7734 comm="syz.0.1249" name="usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  112.711785][   T29] audit: type=1400 audit(1729988266.441:3831): avc:  denied  { open } for  pid=7734 comm="syz.0.1249" path="/dev/usbmon0" dev="devtmpfs" ino=141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  112.719450][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.727080][   T29] audit: type=1400 audit(1729988266.441:3832): avc:  denied  { block_suspend } for  pid=7734 comm="syz.0.1249" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  112.750478][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.758103][   T29] audit: type=1400 audit(1729988266.481:3833): avc:  denied  { setopt } for  pid=7709 comm="syz.3.1241" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  112.781644][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.813331][ T7735] No such timeout policy "syz0"
[  112.834717][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.882769][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.882801][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.898197][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.902984][ T7737] loop1: detected capacity change from 0 to 2048
[  112.905849][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.920047][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.927893][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.935619][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.943408][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.951101][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.958908][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.966588][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.974374][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.982163][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.990324][ T3392] hid-generic 0000:3000000:0000.0003: unknown main item tag 0x0
[  112.991930][ T7737] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.001318][ T7733] FAULT_INJECTION: forcing a failure.
[  113.001318][ T7733] name failslab, interval 1, probability 0, space 0, times 0
[  113.023233][ T7733] CPU: 0 UID: 0 PID: 7733 Comm: syz.4.1245 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  113.033949][ T7733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  113.044297][ T7733] Call Trace:
[  113.047597][ T7733]  <TASK>
[  113.050539][ T7733]  dump_stack_lvl+0xf2/0x150
[  113.055165][ T7733]  dump_stack+0x15/0x20
[  113.059341][ T7733]  should_fail_ex+0x223/0x230
[  113.064068][ T7733]  ? __alloc_skb+0x10b/0x310
[  113.068682][ T7733]  should_failslab+0x8f/0xb0
[  113.073289][ T7733]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  113.079166][ T7733]  __alloc_skb+0x10b/0x310
[  113.083823][ T7733]  rtmsg_ifinfo_build_skb+0x63/0x1b0
[  113.089177][ T7733]  rtmsg_ifinfo+0x6b/0x100
[  113.093624][ T7733]  dev_close_many+0x151/0x240
[  113.098313][ T7733]  ? do_check+0x6bed/0x72e0
[  113.102926][ T7733]  unregister_netdevice_many_notify+0x263/0x11b0
[  113.109271][ T7733]  ? __list_add_valid_or_report+0x36/0xc0
[  113.115052][ T7733]  ? unregister_netdevice_queue+0x12b/0x220
[  113.120959][ T7733]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  113.127225][ T7733]  rtnl_dellink+0x380/0x580
[  113.131775][ T7733]  ? __list_add_valid_or_report+0x36/0xc0
[  113.137543][ T7733]  ? security_capable+0x81/0x90
[  113.142453][ T7733]  ? ns_capable+0x7d/0xb0
[  113.146799][ T7733]  ? __pfx_rtnl_dellink+0x10/0x10
[  113.151880][ T7733]  rtnetlink_rcv_msg+0x6aa/0x710
[  113.156896][ T7733]  ? __dev_queue_xmit+0x161/0x2040
[  113.162046][ T7733]  ? ref_tracker_alloc+0x1f5/0x2f0
[  113.167243][ T7733]  netlink_rcv_skb+0x12c/0x230
[  113.172050][ T7733]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  113.177572][ T7733]  rtnetlink_rcv+0x1c/0x30
[  113.182053][ T7733]  netlink_unicast+0x599/0x670
[  113.186828][ T7733]  netlink_sendmsg+0x5cc/0x6e0
[  113.191603][ T7733]  ? __pfx_netlink_sendmsg+0x10/0x10
[  113.196977][ T7733]  __sock_sendmsg+0x140/0x180
[  113.201741][ T7733]  ____sys_sendmsg+0x312/0x410
[  113.206714][ T7733]  __sys_sendmsg+0x1d9/0x270
[  113.211334][ T7733]  __x64_sys_sendmsg+0x46/0x50
[  113.216140][ T7733]  x64_sys_call+0x2689/0x2d60
[  113.220834][ T7733]  do_syscall_64+0xc9/0x1c0
[  113.225379][ T7733]  ? clear_bhb_loop+0x55/0xb0
[  113.230055][ T7733]  ? clear_bhb_loop+0x55/0xb0
[  113.234742][ T7733]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.240655][ T7733] RIP: 0033:0x7f12ce77e719
[  113.245119][ T7733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  113.264853][ T7733] RSP: 002b:00007f12cd3f1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  113.273346][ T7733] RAX: ffffffffffffffda RBX: 00007f12ce935f80 RCX: 00007f12ce77e719
[  113.281373][ T7733] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 000000000000000b
[  113.289395][ T7733] RBP: 00007f12cd3f1090 R08: 0000000000000000 R09: 0000000000000000
[  113.297375][ T7733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  113.305437][ T7733] R13: 0000000000000000 R14: 00007f12ce935f80 R15: 00007ffd078853f8
[  113.313527][ T7733]  </TASK>
[  113.316887][ T3392] hid-generic 0000:3000000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [sy

] on syz0
[  113.351829][ T7746] __nla_validate_parse: 1 callbacks suppressed
[  113.351845][ T7746] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1251'.
[  113.394959][   T29] audit: type=1326 audit(1729988267.221:3834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7745 comm="syz.3.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf20fee719 code=0x7ffc0000
[  113.418914][   T29] audit: type=1326 audit(1729988267.221:3835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7745 comm="syz.3.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf20fee719 code=0x7ffc0000
[  113.442621][   T29] audit: type=1326 audit(1729988267.221:3836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7745 comm="syz.3.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=140 compat=0 ip=0x7fcf20fee719 code=0x7ffc0000
[  113.466156][   T29] audit: type=1326 audit(1729988267.221:3837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7745 comm="syz.3.1251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf20fee719 code=0x7ffc0000
[  113.493776][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.510548][ T7752] loop3: detected capacity change from 0 to 512
[  113.576597][ T7752] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1254: bg 0: block 35: padding at end of block bitmap is not set
[  113.580634][ T7760] siw: device registration error -23
[  113.600560][ T7752] EXT4-fs (loop3): Remounting filesystem read-only
[  113.608094][ T7752] EXT4-fs (loop3): 1 truncate cleaned up
[  113.614226][ T7752] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.634364][ T7752] SELinux: (dev loop3, type ext4) getxattr errno 5
[  113.653222][ T7752] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.742074][ T7769] pim6reg1: entered promiscuous mode
[  113.747443][ T7769] pim6reg1: entered allmulticast mode
[  113.776861][ T7780] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1264'.
[  113.792533][ T7776] loop5: detected capacity change from 0 to 2048
[  113.829078][ T7776] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  113.925884][ T7795] syzkaller0: entered promiscuous mode
[  113.931474][ T7795] syzkaller0: entered allmulticast mode
[  114.035448][ T7804] siw: device registration error -23
[  114.136616][ T7815] loop7: detected capacity change from 0 to 16384
[  114.158400][ T7817] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1278'.
[  114.230604][ T7822] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1279'.
[  114.291608][ T7815] I/O error, dev loop7, sector 11016 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0
[  114.401862][ T7827] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1281'.
[  114.795468][ T3891] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.829482][ T7841] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1286'.
[  114.926570][ T7849] FAULT_INJECTION: forcing a failure.
[  114.926570][ T7849] name failslab, interval 1, probability 0, space 0, times 0
[  114.939409][ T7849] CPU: 0 UID: 0 PID: 7849 Comm: syz.1.1288 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  114.950163][ T7849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  114.960330][ T7849] Call Trace:
[  114.963625][ T7849]  <TASK>
[  114.966575][ T7849]  dump_stack_lvl+0xf2/0x150
[  114.971243][ T7849]  dump_stack+0x15/0x20
[  114.975470][ T7849]  should_fail_ex+0x223/0x230
[  114.980205][ T7849]  ? sidtab_sid2str_get+0xb8/0x140
[  114.985367][ T7849]  should_failslab+0x8f/0xb0
[  114.990002][ T7849]  __kmalloc_node_track_caller_noprof+0xa6/0x380
[  114.996356][ T7849]  ? vsnprintf+0xdd8/0xe30
[  115.000875][ T7849]  kmemdup_noprof+0x2a/0x60
[  115.005437][ T7849]  sidtab_sid2str_get+0xb8/0x140
[  115.010398][ T7849]  security_sid_to_context_core+0x1eb/0x2f0
[  115.016374][ T7849]  security_sid_to_context+0x27/0x30
[  115.021834][ T7849]  selinux_secid_to_secctx+0x22/0x30
[  115.027277][ T7849]  security_secid_to_secctx+0x48/0x90
[  115.032679][ T7849]  audit_log_task_context+0x8c/0x1b0
[  115.038081][ T7849]  audit_log_task+0xfb/0x180
[  115.042682][ T7849]  audit_seccomp+0x68/0x130
[  115.047332][ T7849]  __seccomp_filter+0x6fa/0x1180
[  115.052313][ T7849]  __secure_computing+0x9f/0x1c0
[  115.057269][ T7849]  syscall_trace_enter+0xd1/0x1f0
[  115.062332][ T7849]  ? fpregs_assert_state_consistent+0x83/0xa0
[  115.068426][ T7849]  do_syscall_64+0xaa/0x1c0
[  115.073050][ T7849]  ? clear_bhb_loop+0x55/0xb0
[  115.077741][ T7849]  ? clear_bhb_loop+0x55/0xb0
[  115.082434][ T7849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.088370][ T7849] RIP: 0033:0x7f86389ad15c
[  115.092794][ T7849] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  115.112605][ T7849] RSP: 002b:00007f8637627030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  115.121199][ T7849] RAX: ffffffffffffffda RBX: 00007f8638b65f80 RCX: 00007f86389ad15c
[  115.129380][ T7849] RDX: 000000000000000f RSI: 00007f86376270a0 RDI: 0000000000000003
[  115.137364][ T7849] RBP: 00007f8637627090 R08: 0000000000000000 R09: 0000000000000000
[  115.145433][ T7849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  115.153478][ T7849] R13: 0000000000000000 R14: 00007f8638b65f80 R15: 00007ffde3489bd8
[  115.161469][ T7849]  </TASK>
[  115.197425][ T7853] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1290'.
[  115.445540][ T7862] loop4: detected capacity change from 0 to 512
[  115.486167][ T7862] ext2: Unknown parameter 'noquota.bh'
[  115.651110][ T7872] loop4: detected capacity change from 0 to 512
[  115.657411][ T7874] loop0: detected capacity change from 0 to 512
[  115.674444][ T7872] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  115.705968][ T7878] usb usb8: usbfs: process 7878 (syz.5.1296) did not claim interface 0 before use
[  115.740127][ T7874] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1294: bg 0: block 35: padding at end of block bitmap is not set
[  115.746999][ T7872] EXT4-fs (loop4): 1 truncate cleaned up
[  115.765862][ T7874] EXT4-fs (loop0): Remounting filesystem read-only
[  115.773068][ T7874] EXT4-fs (loop0): 1 truncate cleaned up
[  115.779681][ T7874] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.792133][ T7874] SELinux: (dev loop0, type ext4) getxattr errno 5
[  115.805835][ T7872] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.806878][ T7874] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.824931][ T7888] loop3: detected capacity change from 0 to 2048
[  115.857317][ T7888] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.901276][ T3317] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.093629][ T7911] usb usb8: usbfs: process 7911 (syz.4.1308) did not claim interface 0 before use
[  116.137695][ T7917] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1310'.
[  116.232202][ T7924] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1313'.
[  116.616174][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.846170][ T7950] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  116.853880][ T7950] ªªªªªª: renamed from syzkaller0
[  116.860825][ T7950] tipc: Disabling bearer <eth:syzkaller0>
[  116.879342][ T7951] loop4: detected capacity change from 0 to 2048
[  117.009917][ T7965] loop0: detected capacity change from 0 to 128
[  117.142967][ T7967] loop0: detected capacity change from 0 to 2048
[  117.224800][ T7980] loop1: detected capacity change from 0 to 128
[  117.238073][ T7977] loop5: detected capacity change from 0 to 4096
[  117.243778][ T7980] ipvlan2: entered promiscuous mode
[  117.321822][ T7984] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  117.336480][ T7983] uprobe: syz.5.1333:7983 failed to unregister, leaking uprobe
[  117.765961][ T7992] siw: device registration error -23
[  117.876955][   T29] kauditd_printk_skb: 252 callbacks suppressed
[  117.876975][   T29] audit: type=1326 audit(1729988271.701:4089): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7993 comm="syz.3.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf20fee719 code=0x7ffc0000
[  117.906622][   T29] audit: type=1326 audit(1729988271.701:4090): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7993 comm="syz.3.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf20fee719 code=0x7ffc0000
[  117.930148][   T29] audit: type=1326 audit(1729988271.701:4091): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7993 comm="syz.3.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fcf20fee719 code=0x7ffc0000
[  117.933178][ T7996] loop4: detected capacity change from 0 to 128
[  117.953874][   T29] audit: type=1326 audit(1729988271.701:4092): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7993 comm="syz.3.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fcf20fee753 code=0x7ffc0000
[  117.983550][   T29] audit: type=1326 audit(1729988271.701:4093): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7993 comm="syz.3.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fcf20fee753 code=0x7ffc0000
[  118.007421][   T29] audit: type=1326 audit(1729988271.701:4094): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7993 comm="syz.3.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf20fee719 code=0x7ffc0000
[  118.031146][   T29] audit: type=1326 audit(1729988271.711:4095): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7993 comm="syz.3.1338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf20fee719 code=0x7ffc0000
[  118.064849][ T7996] x_tables: ip6_tables: socket match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT
[  118.085140][   T29] audit: type=1326 audit(1729988271.901:4096): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7995 comm="syz.4.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ce77e719 code=0x7ffc0000
[  118.109288][   T29] audit: type=1326 audit(1729988271.911:4097): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7995 comm="syz.4.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f12ce77e719 code=0x7ffc0000
[  118.132962][   T29] audit: type=1326 audit(1729988271.911:4098): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7995 comm="syz.4.1337" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12ce77e719 code=0x7ffc0000
[  118.181964][ T7996] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  118.189883][ T7996] FAT-fs (loop4): Filesystem has been set read-only
[  118.197963][ T7996] syz.4.1337: attempt to access beyond end of device
[  118.197963][ T7996] loop4: rw=524288, sector=2065, nr_sectors = 8 limit=128
[  118.248286][ T7996] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  118.256284][ T7996] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000100)
[  118.299045][ T7996] syz.4.1337: attempt to access beyond end of device
[  118.299045][ T7996] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  118.299836][ T8017] siw: device registration error -23
[  118.313138][ T7996] syz.4.1337: attempt to access beyond end of device
[  118.313138][ T7996] loop4: rw=0, sector=2065, nr_sectors = 8 limit=128
[  118.385678][ T8020] loop3: detected capacity change from 0 to 128
[  118.438948][ T8022] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1347'.
[  118.481659][ T8026] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1348'.
[  118.569695][ T8020] syz.3.1346: attempt to access beyond end of device
[  118.569695][ T8020] loop3: rw=2049, sector=128, nr_sectors = 1 limit=128
[  118.583197][ T8020] buffer_io_error: 1195 callbacks suppressed
[  118.583209][ T8020] Buffer I/O error on dev loop3, logical block 128, lost async page write
[  118.620683][ T8031] loop1: detected capacity change from 0 to 2048
[  118.775752][ T8047] loop4: detected capacity change from 0 to 512
[  118.815890][ T8047] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1355: bg 0: block 35: padding at end of block bitmap is not set
[  118.870740][ T8047] EXT4-fs (loop4): Remounting filesystem read-only
[  118.899075][ T8047] EXT4-fs (loop4): 1 truncate cleaned up
[  118.923208][ T8047] SELinux: (dev loop4, type ext4) getxattr errno 5
[  119.011192][ T8063] siw: device registration error -23
[  119.118329][ T8072] loop3: detected capacity change from 0 to 512
[  119.160867][ T8073] loop0: detected capacity change from 0 to 1024
[  119.167612][ T8073] EXT4-fs: Ignoring removed orlov option
[  119.173422][ T8073] EXT4-fs: Ignoring removed nobh option
[  119.214186][ T8078] loop5: detected capacity change from 0 to 128
[  119.257005][ T8072] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1364: bg 0: block 35: padding at end of block bitmap is not set
[  119.491110][ T8078] syz.5.1365: attempt to access beyond end of device
[  119.491110][ T8078] loop5: rw=2049, sector=128, nr_sectors = 1 limit=128
[  119.504721][ T8078] Buffer I/O error on dev loop5, logical block 128, lost async page write
[  119.605077][ T8072] EXT4-fs (loop3): Remounting filesystem read-only
[  119.690127][ T8072] EXT4-fs (loop3): 1 truncate cleaned up
[  119.708353][ T8072] SELinux: (dev loop3, type ext4) getxattr errno 5
[  119.842641][ T8095] syzkaller0: entered promiscuous mode
[  119.848275][ T8095] syzkaller0: entered allmulticast mode
[  119.887751][ T8095] usb usb8: usbfs: process 8095 (syz.1.1371) did not claim interface 0 before use
[  120.059957][ T8108] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1375'.
[  120.114290][ T8111] loop0: detected capacity change from 0 to 512
[  120.127316][ T8102] syzkaller0: entered promiscuous mode
[  120.133035][ T8102] syzkaller0: entered allmulticast mode
[  120.146824][ T8113] usb usb8: usbfs: process 8113 (syz.3.1372) did not claim interface 0 before use
[  120.179826][ T8111] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1377: bg 0: block 35: padding at end of block bitmap is not set
[  120.199481][ T8111] EXT4-fs (loop0): Remounting filesystem read-only
[  120.207433][ T8111] EXT4-fs (loop0): 1 truncate cleaned up
[  120.220556][ T8111] SELinux: (dev loop0, type ext4) getxattr errno 5
[  120.374887][ T8128] loop1: detected capacity change from 0 to 2048
[  120.394776][ T8128] EXT4-fs (loop1): unsupported inode size: 32768
[  120.401278][ T8128] EXT4-fs (loop1): blocksize: 2048
[  120.440411][ T8134] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1384'.
[  120.449026][ T8133] siw: device registration error -23
[  120.549431][ T8148] loop1: detected capacity change from 0 to 512
[  120.559328][ T8148] EXT4-fs: Ignoring removed bh option
[  120.571114][ T8148] EXT4-fs: dax option not supported
[  120.603846][ T8148] usb usb9: usbfs: process 8148 (syz.1.1390) did not claim interface 0 before use
[  121.069326][ T8171] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1398'.
[  121.110286][ T8175] siw: device registration error -23
[  121.384158][ T8197] loop0: detected capacity change from 0 to 128
[  121.424432][ T8201] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1410'.
[  121.645198][ T8204] netlink: 'syz.0.1408': attribute type 1 has an invalid length.
[  121.653127][ T8204] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1408'.
[  121.983280][ T8207] loop3: detected capacity change from 0 to 8192
[  122.000622][ T8221] tmpfs: Bad value for 'size'
[  122.006222][ T8221] syz.4.1417[8221] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  122.006289][ T8221] syz.4.1417[8221] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  122.019138][ T8221] syz.4.1417[8221] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  122.144121][ T8229] usb usb8: usbfs: process 8229 (syz.4.1421) did not claim interface 0 before use
[  122.349357][ T8232] syzkaller0: entered promiscuous mode
[  122.354921][ T8232] syzkaller0: entered allmulticast mode
[  122.427600][ T8235] usb usb8: usbfs: process 8235 (syz.5.1422) did not claim interface 0 before use
[  122.647054][ T8239] loop4: detected capacity change from 0 to 512
[  122.672130][ T8239] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1424: bg 0: block 35: padding at end of block bitmap is not set
[  122.700948][ T8243] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1425'.
[  122.703774][ T8239] EXT4-fs (loop4): Remounting filesystem read-only
[  122.717252][ T8239] EXT4-fs (loop4): 1 truncate cleaned up
[  122.724103][ T8239] SELinux: (dev loop4, type ext4) getxattr errno 5
[  122.761137][ T8245] siw: device registration error -23
[  122.885091][   T29] kauditd_printk_skb: 287 callbacks suppressed
[  122.885108][   T29] audit: type=1326 audit(1729988276.711:4386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8253 comm="syz.3.1429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf20fee719 code=0x7ffc0000
[  122.967635][ T8265] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1436'.
[  122.975900][ T8266] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1435'.
[  122.980502][   T29] audit: type=1326 audit(1729988276.791:4387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8260 comm="syz.1.1433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  123.009402][   T29] audit: type=1326 audit(1729988276.791:4388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8260 comm="syz.1.1433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  123.032869][   T29] audit: type=1326 audit(1729988276.801:4389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8260 comm="syz.1.1433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  123.056338][   T29] audit: type=1326 audit(1729988276.801:4390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8260 comm="syz.1.1433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f86389ae753 code=0x7ffc0000
[  123.079718][   T29] audit: type=1326 audit(1729988276.801:4391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8260 comm="syz.1.1433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f86389ae753 code=0x7ffc0000
[  123.103441][   T29] audit: type=1326 audit(1729988276.801:4392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8260 comm="syz.1.1433" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f86389ae719 code=0x7ffc0000
[  123.162590][   T29] audit: type=1400 audit(1729988276.991:4393): avc:  denied  { getopt } for  pid=8251 comm="syz.5.1430" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  123.170042][ T8272] FAULT_INJECTION: forcing a failure.
[  123.170042][ T8272] name failslab, interval 1, probability 0, space 0, times 0
[  123.193344][ T8274] loop4: detected capacity change from 0 to 1024
[  123.195329][ T8272] CPU: 1 UID: 0 PID: 8272 Comm: syz.0.1438 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  123.202327][ T8274] EXT4-fs: Ignoring removed orlov option
[  123.212737][ T8272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  123.218508][ T8274] EXT4-fs: Ignoring removed nomblk_io_submit option
[  123.228477][ T8272] Call Trace:
[  123.228487][ T8272]  <TASK>
[  123.228497][ T8272]  dump_stack_lvl+0xf2/0x150
[  123.246154][ T8272]  dump_stack+0x15/0x20
[  123.250345][ T8272]  should_fail_ex+0x223/0x230
[  123.255089][ T8272]  ? __alloc_skb+0x10b/0x310
[  123.259771][ T8272]  should_failslab+0x8f/0xb0
[  123.264406][ T8272]  kmem_cache_alloc_node_noprof+0x51/0x2b0
[  123.270262][ T8272]  __alloc_skb+0x10b/0x310
[  123.274712][ T8272]  netlink_alloc_large_skb+0xad/0xe0
[  123.280107][ T8272]  netlink_sendmsg+0x3b4/0x6e0
[  123.280970][   T29] audit: type=1400 audit(1729988277.081:4394): avc:  denied  { getopt } for  pid=8269 comm="syz.1.1437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  123.284888][ T8272]  ? __pfx_netlink_sendmsg+0x10/0x10
[  123.309804][ T8272]  __sock_sendmsg+0x140/0x180
[  123.314711][ T8272]  ____sys_sendmsg+0x312/0x410
[  123.319509][ T8272]  __sys_sendmsg+0x1d9/0x270
[  123.324281][ T8272]  __x64_sys_sendmsg+0x46/0x50
[  123.329089][ T8272]  x64_sys_call+0x2689/0x2d60
[  123.333800][ T8272]  do_syscall_64+0xc9/0x1c0
[  123.338324][ T8272]  ? clear_bhb_loop+0x55/0xb0
[  123.343040][ T8272]  ? clear_bhb_loop+0x55/0xb0
[  123.347728][ T8272]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.353689][ T8272] RIP: 0033:0x7ff54422e719
[  123.358141][ T8272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.377867][ T8272] RSP: 002b:00007ff542ea7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  123.386295][ T8272] RAX: ffffffffffffffda RBX: 00007ff5443e5f80 RCX: 00007ff54422e719
[  123.394280][ T8272] RDX: 0000000020000014 RSI: 0000000020000240 RDI: 0000000000000003
[  123.402263][ T8272] RBP: 00007ff542ea7090 R08: 0000000000000000 R09: 0000000000000000
[  123.410302][ T8272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.418283][ T8272] R13: 0000000000000000 R14: 00007ff5443e5f80 R15: 00007fff537ecf78
[  123.426270][ T8272]  </TASK>
[  123.444480][ T8274] FAULT_INJECTION: forcing a failure.
[  123.444480][ T8274] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  123.457676][ T8274] CPU: 0 UID: 0 PID: 8274 Comm: syz.4.1440 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  123.468488][ T8274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  123.478567][ T8274] Call Trace:
[  123.481877][ T8274]  <TASK>
[  123.484834][ T8274]  dump_stack_lvl+0xf2/0x150
[  123.489462][ T8274]  dump_stack+0x15/0x20
[  123.493639][ T8274]  should_fail_ex+0x223/0x230
[  123.498376][ T8274]  should_fail+0xb/0x10
[  123.502631][ T8274]  should_fail_usercopy+0x1a/0x20
[  123.507748][ T8274]  strncpy_from_user+0x25/0x210
[  123.512640][ T8274]  ? kmem_cache_alloc_noprof+0x10c/0x290
[  123.518322][ T8274]  getname_flags+0xb0/0x3b0
[  123.522941][ T8274]  user_path_at+0x26/0x110
[  123.527379][ T8274]  do_fchownat+0x92/0x1a0
[  123.531795][ T8274]  __x64_sys_fchownat+0x64/0x80
[  123.536746][ T8274]  x64_sys_call+0x2837/0x2d60
[  123.541575][ T8274]  do_syscall_64+0xc9/0x1c0
[  123.546146][ T8274]  ? clear_bhb_loop+0x55/0xb0
[  123.550836][ T8274]  ? clear_bhb_loop+0x55/0xb0
[  123.555606][ T8274]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.561583][ T8274] RIP: 0033:0x7f12ce77e719
[  123.566055][ T8274] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.585884][ T8274] RSP: 002b:00007f12cd3f1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000104
[  123.594445][ T8274] RAX: ffffffffffffffda RBX: 00007f12ce935f80 RCX: 00007f12ce77e719
[  123.602452][ T8274] RDX: 0000000000000000 RSI: 0000000020000040 RDI: ffffffffffffff9c
[  123.610537][ T8274] RBP: 00007f12cd3f1090 R08: 0000000000001000 R09: 0000000000000000
[  123.618516][ T8274] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.626495][ T8274] R13: 0000000000000000 R14: 00007f12ce935f80 R15: 00007ffd078853f8
[  123.634577][ T8274]  </TASK>
[  123.646647][ T8252] loop5: detected capacity change from 0 to 32768
[  123.650572][   T29] audit: type=1400 audit(1729988277.081:4395): avc:  denied  { append } for  pid=8269 comm="syz.1.1437" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  123.696513][ T8270] program syz.1.1437 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  123.719507][ T8270] can0: slcan on ttyS3.
[  123.720335][ T8288] loop0: detected capacity change from 0 to 512
[  123.736970][ T8252]  loop5: p1 p2 p3 < p5 p6 >
[  123.742063][ T8252] loop5: p1 size 242222080 extends beyond EOD, truncated
[  123.761814][ T8288] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1442: bg 0: block 35: padding at end of block bitmap is not set
[  123.769776][ T8252] loop5: p2 start 4294967295 is beyond EOD, truncated
[  123.817959][ T8269] can0 (unregistered): slcan off ttyS3.
[  123.832286][ T8288] EXT4-fs (loop0): Remounting filesystem read-only
[  123.844447][ T8288] EXT4-fs (loop0): 1 truncate cleaned up
[  123.851334][ T8288] SELinux: (dev loop0, type ext4) getxattr errno 5
[  123.929146][ T8306] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1447'.
[  123.951165][ T4411] udevd[4411]: inotify_add_watch(7, /dev/loop5p6, 10) failed: No such file or directory
[  123.976829][ T4413] udevd[4413]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  123.989423][ T4416] udevd[4416]: inotify_add_watch(7, /dev/loop5p5, 10) failed: No such file or directory
[  124.009873][ T3633] udevd[3633]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  124.015714][ T8310] 9pnet_fd: Insufficient options for proto=fd
[  124.048138][ T8316] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1449'.
[  124.577321][ T8350] hsr_slave_1 (unregistering): left promiscuous mode
[  124.602340][ T8357] loop1: detected capacity change from 0 to 512
[  124.618713][ T8357] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  124.640134][ T8350] program syz.0.1457 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  124.645917][ T8357] EXT4-fs (loop1): 1 truncate cleaned up
[  124.674830][ T8357] netlink: 164 bytes leftover after parsing attributes in process `syz.1.1460'.
[  124.680651][ T8364] loop4: detected capacity change from 0 to 1024
[  124.708124][ T8364] EXT4-fs: Ignoring removed orlov option
[  124.713839][ T8364] EXT4-fs: Ignoring removed nomblk_io_submit option
[  124.793809][ T8376] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1465'.
[  124.832224][ T8364] netlink: 268 bytes leftover after parsing attributes in process `syz.4.1461'.
[  124.841366][ T8364] unsupported nla_type 65024
[  124.857733][ T8380] loop0: detected capacity change from 0 to 128
[  124.864773][ T8380] vfat: Bad value for 'gid'
[  124.869336][ T8380] vfat: Bad value for 'gid'
[  124.895736][ T8380] devpts: called with bogus options
[  124.900920][ T8389] loop5: detected capacity change from 0 to 512
[  124.911797][ T8389] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1471: bg 0: block 35: padding at end of block bitmap is not set
[  124.923943][ T8380] syzkaller0: entered allmulticast mode
[  124.929310][ T8389] EXT4-fs (loop5): Remounting filesystem read-only
[  124.939345][ T8389] EXT4-fs (loop5): 1 truncate cleaned up
[  124.945684][ T8389] SELinux: (dev loop5, type ext4) getxattr errno 5
[  124.975861][ T8380] syzkaller0 (unregistering): left allmulticast mode
[  124.985954][ T8396] loop4: detected capacity change from 0 to 1024
[  125.090825][ T8403] loop4: detected capacity change from 0 to 2048
[  125.101545][ T8405] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1484'.
[  125.135547][ T8403] syz.4.1474[8403] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.135621][ T8403] syz.4.1474[8403] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.149861][ T8403] syz.4.1474[8403] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.282481][ T8421] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1478'.
[  125.329687][ T3317] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /325/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2130706434, rec_len=0, size=2048 fake=0
[  125.371101][ T3317] EXT4-fs error (device loop4): ext4_empty_dir:3105: inode #11: block 32: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2130706434, rec_len=0, size=2048 fake=0
[  125.495593][ T3317] EXT4-fs warning (device loop4): ext4_empty_dir:3107: inode #11: comm syz-executor: directory missing '..'
[  125.521888][ T3317] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /325/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2130706434, rec_len=0, size=2048 fake=0
[  125.611745][ T3317] EXT4-fs error (device loop4): ext4_empty_dir:3105: inode #11: block 32: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2130706434, rec_len=0, size=2048 fake=0
[  125.641012][ T8427] loop1: detected capacity change from 0 to 512
[  125.654231][ T3317] EXT4-fs warning (device loop4): ext4_empty_dir:3107: inode #11: comm syz-executor: directory missing '..'
[  125.672118][ T3317] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /325/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2130706434, rec_len=0, size=2048 fake=0
[  125.706291][ T3317] EXT4-fs error (device loop4): ext4_empty_dir:3105: inode #11: block 32: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2130706434, rec_len=0, size=2048 fake=0
[  125.733201][ T3317] EXT4-fs warning (device loop4): ext4_empty_dir:3107: inode #11: comm syz-executor: directory missing '..'
[  125.752297][ T3317] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /325/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2130706434, rec_len=0, size=2048 fake=0
[  125.766744][ T8427] ext4 filesystem being mounted at /274/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.775543][ T3317] EXT4-fs error (device loop4): ext4_empty_dir:3105: inode #11: block 32: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2130706434, rec_len=0, size=2048 fake=0
[  125.809756][ T3317] EXT4-fs warning (device loop4): ext4_empty_dir:3107: inode #11: comm syz-executor: directory missing '..'
[  125.825835][ T3317] EXT4-fs error (device loop4): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /325/file2/lost+found: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2130706434, rec_len=0, size=2048 fake=0
[  125.875631][ T3317] EXT4-fs error (device loop4): ext4_empty_dir:3105: inode #11: block 32: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=2130706434, rec_len=0, size=2048 fake=0
[  125.917945][ T3317] EXT4-fs warning (device loop4): ext4_empty_dir:3107: inode #11: comm syz-executor: directory missing '..'
[  125.931852][ T3317] EXT4-fs warning (device loop4): ext4_empty_dir:3107: inode #11: comm syz-executor: directory missing '..'
[  125.946717][ T3317] EXT4-fs warning (device loop4): ext4_empty_dir:3107: inode #11: comm syz-executor: directory missing '..'
[  125.962931][ T8435] loop1: detected capacity change from 0 to 164
[  125.970860][ T8435] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  125.980547][ T8435] rock: corrupted directory entry. extent=41, offset=65536, size=8
[  125.988624][ T3317] EXT4-fs warning (device loop4): ext4_empty_dir:3107: inode #11: comm syz-executor: directory missing '..'
[  126.053657][ T8435] iso9660: Corrupted directory entry in block 4 of inode 1792
[  126.061606][ T3317] EXT4-fs warning (device loop4): ext4_empty_dir:3107: inode #11: comm syz-executor: directory missing '..'
[  126.082591][ T3317] EXT4-fs warning (device loop4): ext4_empty_dir:3107: inode #11: comm syz-executor: directory missing '..'
[  126.119753][ T8445] siw: device registration error -23
[  126.185457][ T8452] loop3: detected capacity change from 0 to 1024
[  126.263458][ T8462] loop5: detected capacity change from 0 to 512
[  126.276595][ T8459] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1496'.
[  126.325106][ T8462] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1498: bg 0: block 35: padding at end of block bitmap is not set
[  126.359863][ T8462] EXT4-fs (loop5): Remounting filesystem read-only
[  126.366591][ T8462] EXT4-fs (loop5): 1 truncate cleaned up
[  126.373584][ T8462] SELinux: (dev loop5, type ext4) getxattr errno 5
[  126.541668][ T6374] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.834124][ T6374] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.863112][ T8474] loop1: detected capacity change from 0 to 1024
[  126.912699][ T6374] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  126.956580][ T8474] EXT4-fs: Ignoring removed orlov option
[  126.962467][ T8474] EXT4-fs: Ignoring removed nomblk_io_submit option
[  127.042044][ T8474] netlink: 268 bytes leftover after parsing attributes in process `syz.1.1500'.
[  127.056648][ T6374] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  127.127225][ T8486] xt_TPROXY: Can be used only with -p tcp or -p udp
[  127.161984][ T8460] chnl_net:caif_netlink_parms(): no params data found
[  127.163555][ T8489] FAULT_INJECTION: forcing a failure.
[  127.163555][ T8489] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  127.182120][ T8489] CPU: 1 UID: 0 PID: 8489 Comm: syz.3.1502 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  127.192821][ T8489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  127.203068][ T8489] Call Trace:
[  127.206433][ T8489]  <TASK>
[  127.209387][ T8489]  dump_stack_lvl+0xf2/0x150
[  127.214019][ T8489]  dump_stack+0x15/0x20
[  127.218335][ T8489]  should_fail_ex+0x223/0x230
[  127.223033][ T8489]  should_fail+0xb/0x10
[  127.227318][ T8489]  should_fail_usercopy+0x1a/0x20
[  127.232441][ T8489]  _copy_from_iter+0x24b/0xd00
[  127.237215][ T8489]  ? kmalloc_reserve+0x16e/0x190
[  127.242251][ T8489]  ? __virt_addr_valid+0x1ed/0x250
[  127.247582][ T8489]  ? __check_object_size+0x364/0x520
[  127.252942][ T8489]  pfkey_sendmsg+0x16c/0x970
[  127.257619][ T8489]  ? selinux_socket_sendmsg+0x19c/0x1d0
[  127.263425][ T8489]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  127.268755][ T8489]  __sock_sendmsg+0x140/0x180
[  127.273474][ T8489]  ____sys_sendmsg+0x312/0x410
[  127.278339][ T8489]  __sys_sendmsg+0x1d9/0x270
[  127.282971][ T8489]  __x64_sys_sendmsg+0x46/0x50
[  127.287793][ T8489]  x64_sys_call+0x2689/0x2d60
[  127.292504][ T8489]  do_syscall_64+0xc9/0x1c0
[  127.297034][ T8489]  ? clear_bhb_loop+0x55/0xb0
[  127.301757][ T8489]  ? clear_bhb_loop+0x55/0xb0
[  127.306440][ T8489]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.312368][ T8489] RIP: 0033:0x7fcf20fee719
[  127.316881][ T8489] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  127.336524][ T8489] RSP: 002b:00007fcf1fc61038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  127.344951][ T8489] RAX: ffffffffffffffda RBX: 00007fcf211a5f80 RCX: 00007fcf20fee719
[  127.352929][ T8489] RDX: 0000000004008090 RSI: 0000000020003780 RDI: 0000000000000003
[  127.360905][ T8489] RBP: 00007fcf1fc61090 R08: 0000000000000000 R09: 0000000000000000
[  127.368906][ T8489] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  127.377060][ T8489] R13: 0000000000000000 R14: 00007fcf211a5f80 R15: 00007ffc9c76f0b8
[  127.385194][ T8489]  </TASK>
[  127.593431][ T6374] veth0_to_bond: left allmulticast mode
[  127.597671][ T8517] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1512'.
[  127.599074][ T6374] veth0_to_bond: left promiscuous mode
[  127.613801][ T6374] bridge0: port 3(veth0_to_bond) entered disabled state
[  127.629527][ T6374] bridge_slave_1: left allmulticast mode
[  127.635244][ T6374] bridge_slave_1: left promiscuous mode
[  127.641048][ T6374] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.660079][ T6374] bridge_slave_0: left allmulticast mode
[  127.665985][ T6374] bridge_slave_0: left promiscuous mode
[  127.671993][ T6374] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.825076][ T6374] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  127.837698][ T6374] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  127.861401][ T6374] bond0 (unregistering): Released all slaves
[  127.957997][ T8460] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.965207][ T8460] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.975248][ T8460] bridge_slave_0: entered allmulticast mode
[  127.983449][ T8460] bridge_slave_0: entered promiscuous mode
[  127.994882][ T8460] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.002191][ T8460] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.071872][ T8460] bridge_slave_1: entered allmulticast mode
[  128.118673][ T8460] bridge_slave_1: entered promiscuous mode
[  128.172893][ T8460] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  128.202304][   T29] kauditd_printk_skb: 152 callbacks suppressed
[  128.202321][   T29] audit: type=1326 audit(1729988282.031:4548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8540 comm="syz.3.1517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf20fee719 code=0x7ffc0000
[  128.243050][ T8542] usb usb8: usbfs: process 8542 (syz.0.1516) did not claim interface 0 before use
[  128.252045][   T29] audit: type=1326 audit(1729988282.071:4549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8540 comm="syz.3.1517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf20fee719 code=0x7ffc0000
[  128.276052][   T29] audit: type=1326 audit(1729988282.071:4550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8540 comm="syz.3.1517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fcf20fee719 code=0x7ffc0000
[  128.286397][ T8460] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  128.299845][   T29] audit: type=1326 audit(1729988282.071:4551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8540 comm="syz.3.1517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf20fee719 code=0x7ffc0000
[  128.299879][   T29] audit: type=1326 audit(1729988282.071:4552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8540 comm="syz.3.1517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf20fee719 code=0x7ffc0000
[  128.334335][   T29] audit: type=1326 audit(1729988282.081:4553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8540 comm="syz.3.1517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcf20fee719 code=0x7ffc0000
[  128.379691][   T29] audit: type=1326 audit(1729988282.081:4554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8540 comm="syz.3.1517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf20fee719 code=0x7ffc0000
[  128.403660][   T29] audit: type=1326 audit(1729988282.081:4555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8540 comm="syz.3.1517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf20fee719 code=0x7ffc0000
[  128.427318][   T29] audit: type=1326 audit(1729988282.081:4556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8540 comm="syz.3.1517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fcf20fee719 code=0x7ffc0000
[  128.450732][   T29] audit: type=1326 audit(1729988282.081:4557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8540 comm="syz.3.1517" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcf20fee719 code=0x7ffc0000
[  128.506975][ T6374] hsr_slave_0: left promiscuous mode
[  128.513024][ T6374] hsr_slave_1: left promiscuous mode
[  128.546724][ T8552] FAULT_INJECTION: forcing a failure.
[  128.546724][ T8552] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  128.560249][ T8552] CPU: 1 UID: 0 PID: 8552 Comm: syz.3.1518 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  128.571033][ T8552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  128.581174][ T8552] Call Trace:
[  128.584467][ T8552]  <TASK>
[  128.587495][ T8552]  dump_stack_lvl+0xf2/0x150
[  128.592118][ T8552]  dump_stack+0x15/0x20
[  128.596450][ T8552]  should_fail_ex+0x223/0x230
[  128.601176][ T8552]  should_fail_alloc_page+0xfd/0x110
[  128.606496][ T8552]  __alloc_pages_noprof+0x109/0x340
[  128.611730][ T8552]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  128.617239][ T8552]  folio_alloc_mpol_noprof+0x36/0x70
[  128.622717][ T8552]  shmem_get_folio_gfp+0x3d1/0xd90
[  128.627941][ T8552]  shmem_write_begin+0xa2/0x180
[  128.632833][ T8552]  generic_perform_write+0x1a8/0x4a0
[  128.638225][ T8552]  shmem_file_write_iter+0xc2/0xe0
[  128.643361][ T8552]  vfs_write+0x77f/0x920
[  128.647665][ T8552]  ? handle_mm_fault+0x16de/0x2a80
[  128.652947][ T8552]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  128.658812][ T8552]  ksys_write+0xeb/0x1b0
[  128.663135][ T8552]  __x64_sys_write+0x42/0x50
[  128.667813][ T8552]  x64_sys_call+0x27dd/0x2d60
[  128.672605][ T8552]  do_syscall_64+0xc9/0x1c0
[  128.677128][ T8552]  ? clear_bhb_loop+0x55/0xb0
[  128.681842][ T8552]  ? clear_bhb_loop+0x55/0xb0
[  128.686553][ T8552]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  128.692563][ T8552] RIP: 0033:0x7fcf20fed1ff
[  128.697033][ T8552] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  128.705431][ T8569] loop1: detected capacity change from 0 to 512
[  128.716681][ T8552] RSP: 002b:00007fcf1fc60df0 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  128.716711][ T8552] RAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007fcf20fed1ff
[  128.716734][ T8552] RDX: 0000000000040000 RSI: 00007fcf17841000 RDI: 0000000000000004
[  128.735243][ T8569] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1524: bg 0: block 35: padding at end of block bitmap is not set
[  128.739391][ T8552] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000000004e9
[  128.739411][ T8552] R10: 00000000000007ce R11: 0000000000000293 R12: 0000000000000004
[  128.739427][ T8552] R13: 00007fcf1fc60ef0 R14: 00007fcf1fc60eb0 R15: 00007fcf17841000
[  128.747750][ T8569] EXT4-fs (loop1): Remounting filesystem read-only
[  128.761537][ T8552]  </TASK>
[  128.795657][ T8569] EXT4-fs (loop1): 1 truncate cleaned up
[  128.801850][ T8569] SELinux: (dev loop1, type ext4) getxattr errno 5
[  128.808620][ T6374] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  128.816175][ T6374] batman_adv: batadv0: Removing interface: batadv_slave_0
[  128.824309][ T6374] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  128.831866][ T6374] batman_adv: batadv0: Removing interface: batadv_slave_1
[  128.841782][ T6374] veth1_macvtap: left promiscuous mode
[  128.847380][ T6374] veth0_macvtap: left promiscuous mode
[  128.853041][ T6374] veth1_vlan: left promiscuous mode
[  128.858409][ T6374] veth0_vlan: left promiscuous mode
[  128.953202][ T7863] smc: removing ib device syz1
[  129.029753][ T8580] loop5: detected capacity change from 0 to 512
[  129.036539][ T8580] EXT4-fs: Ignoring removed mblk_io_submit option
[  129.045466][ T8460] team0: Port device team_slave_0 added
[  129.058463][ T8580] ext4 filesystem being mounted at /249/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  129.065006][ T8460] team0: Port device team_slave_1 added
[  129.099232][ T8580] EXT4-fs (loop5): shut down requested (0)
[  129.147309][ T8460] batman_adv: batadv0: Adding interface: batadv_slave_0
[  129.154486][ T8460] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  129.180507][ T8460] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  129.227409][ T8460] batman_adv: batadv0: Adding interface: batadv_slave_1
[  129.231724][ T8594] __nla_validate_parse: 1 callbacks suppressed
[  129.231744][ T8594] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1531'.
[  129.234528][ T8460] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  129.275668][ T8460] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  129.337094][ T8610] FAULT_INJECTION: forcing a failure.
[  129.337094][ T8610] name failslab, interval 1, probability 0, space 0, times 0
[  129.349847][ T8610] CPU: 0 UID: 0 PID: 8610 Comm: syz.5.1533 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  129.360635][ T8610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  129.370728][ T8610] Call Trace:
[  129.374013][ T8610]  <TASK>
[  129.376950][ T8610]  dump_stack_lvl+0xf2/0x150
[  129.381556][ T8610]  dump_stack+0x15/0x20
[  129.385724][ T8610]  should_fail_ex+0x223/0x230
[  129.390478][ T8610]  ? pagemap_read+0x19f/0x610
[  129.395352][ T8610]  should_failslab+0x8f/0xb0
[  129.400012][ T8610]  __kmalloc_cache_noprof+0x4b/0x2a0
[  129.405354][ T8610]  pagemap_read+0x19f/0x610
[  129.409874][ T8610]  ? __pfx_pagemap_read+0x10/0x10
[  129.415004][ T8610]  vfs_read+0x1a2/0x700
[  129.419257][ T8610]  ? __fget_files+0x1d4/0x210
[  129.423979][ T8610]  __x64_sys_pread64+0xf7/0x150
[  129.428931][ T8610]  x64_sys_call+0x264d/0x2d60
[  129.433832][ T8610]  do_syscall_64+0xc9/0x1c0
[  129.438345][ T8610]  ? clear_bhb_loop+0x55/0xb0
[  129.443032][ T8610]  ? clear_bhb_loop+0x55/0xb0
[  129.447832][ T8610]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.453751][ T8610] RIP: 0033:0x7f0fcb2ce719
[  129.458313][ T8610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  129.478124][ T8610] RSP: 002b:00007f0fc9f47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000011
[  129.486633][ T8610] RAX: ffffffffffffffda RBX: 00007f0fcb485f80 RCX: 00007f0fcb2ce719
[  129.494630][ T8610] RDX: 0000000000019000 RSI: 000000002001a240 RDI: 0000000000000005
[  129.502675][ T8610] RBP: 00007f0fc9f47090 R08: 0000000000000000 R09: 0000000000000000
[  129.510691][ T8610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  129.518670][ T8610] R13: 0000000000000000 R14: 00007f0fcb485f80 R15: 00007fff45e93748
[  129.526657][ T8610]  </TASK>
[  129.530608][ T8611] hub 6-0:1.0: USB hub found
[  129.536811][ T8611] hub 6-0:1.0: 8 ports detected
[  129.594410][ T8460] hsr_slave_0: entered promiscuous mode
[  129.609644][ T8460] hsr_slave_1: entered promiscuous mode
[  129.621039][ T8460] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  129.654192][ T8460] Cannot create hsr debugfs directory
[  129.689966][ T8621] siw: device registration error -23
[  129.730833][ T8630] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1543'.
[  129.739939][ T8630] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1543'.
[  129.838094][ T8633] usb usb5: usbfs: process 8633 (syz.3.1544) did not claim interface 0 before use
[  129.849572][ T8636] FAULT_INJECTION: forcing a failure.
[  129.849572][ T8636] name failslab, interval 1, probability 0, space 0, times 0
[  129.862299][ T8636] CPU: 1 UID: 0 PID: 8636 Comm: syz.5.1545 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  129.873015][ T8636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  129.883093][ T8636] Call Trace:
[  129.886435][ T8636]  <TASK>
[  129.889498][ T8636]  dump_stack_lvl+0xf2/0x150
[  129.894173][ T8636]  dump_stack+0x15/0x20
[  129.898467][ T8636]  should_fail_ex+0x223/0x230
[  129.903217][ T8636]  ? security_file_alloc+0x32/0x100
[  129.908556][ T8636]  should_failslab+0x8f/0xb0
[  129.913164][ T8636]  kmem_cache_alloc_noprof+0x4c/0x290
[  129.918566][ T8636]  security_file_alloc+0x32/0x100
[  129.923630][ T8636]  alloc_empty_file+0x121/0x2f0
[  129.928497][ T8636]  path_openat+0x6a/0x1fa0
[  129.932970][ T8636]  ? should_fail_ex+0xd7/0x230
[  129.937814][ T8636]  ? fpregs_mark_activate+0x42/0x130
[  129.943191][ T8636]  ? fpu__restore_sig+0x5c1/0xb00
[  129.948222][ T8636]  ? fpu__restore_sig+0x246/0xb00
[  129.953261][ T8636]  do_filp_open+0xf7/0x200
[  129.957713][ T8636]  do_sys_openat2+0xab/0x120
[  129.962332][ T8636]  __x64_sys_openat+0xf3/0x120
[  129.967184][ T8636]  x64_sys_call+0x1025/0x2d60
[  129.971876][ T8636]  do_syscall_64+0xc9/0x1c0
[  129.976456][ T8636]  ? clear_bhb_loop+0x55/0xb0
[  129.981181][ T8636]  ? clear_bhb_loop+0x55/0xb0
[  129.986026][ T8636]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  129.991943][ T8636] RIP: 0033:0x7f0fcb2ce719
[  129.996407][ T8636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  130.016203][ T8636] RSP: 002b:00007f0fc9f47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  130.024794][ T8636] RAX: ffffffffffffffda RBX: 00007f0fcb485f80 RCX: 00007f0fcb2ce719
[  130.032796][ T8636] RDX: 0000000000000441 RSI: 0000000020000080 RDI: ffffffffffffff9c
[  130.040774][ T8636] RBP: 00007f0fc9f47090 R08: 0000000000000000 R09: 0000000000000000
[  130.048871][ T8636] R10: 00000000000000b3 R11: 0000000000000246 R12: 0000000000000002
[  130.056916][ T8636] R13: 0000000000000000 R14: 00007f0fcb485f80 R15: 00007fff45e93748
[  130.064940][ T8636]  </TASK>
[  130.076208][ T6374] IPVS: stop unused estimator thread 0...
[  130.164003][ T8460] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  130.253435][ T8460] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  130.271970][ T8665] IPv6: NLM_F_CREATE should be specified when creating new route
[  130.282482][ T8460] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  130.299659][ T8460] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  130.323705][ T8675] vhci_hcd: default hub control req: 0000 v0000 i0000 l0
[  130.329271][ T8671] usb usb8: usbfs: process 8671 (syz.3.1555) did not claim interface 0 before use
[  130.337607][ T8673] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  130.393020][ T8682] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1559'.
[  130.429456][ T8460] 8021q: adding VLAN 0 to HW filter on device bond0
[  130.440541][ T8685] netlink: 'syz.0.1560': attribute type 21 has an invalid length.
[  130.474385][ T8460] 8021q: adding VLAN 0 to HW filter on device team0
[  130.512651][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.519795][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  130.530115][ T8694] SELinux: security_context_str_to_sid (u) failed with errno=-22
[  130.543283][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.550461][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  130.580854][ T8703] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  130.618610][ T8460] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  130.629048][ T8460] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  130.710876][ T8718] FAULT_INJECTION: forcing a failure.
[  130.710876][ T8718] name failslab, interval 1, probability 0, space 0, times 0
[  130.723623][ T8718] CPU: 1 UID: 0 PID: 8718 Comm: syz.0.1567 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  130.730256][ T8720] loop3: detected capacity change from 0 to 128
[  130.734321][ T8718] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  130.750743][ T8718] Call Trace:
[  130.754118][ T8718]  <TASK>
[  130.757136][ T8718]  dump_stack_lvl+0xf2/0x150
[  130.761774][ T8718]  dump_stack+0x15/0x20
[  130.766035][ T8718]  should_fail_ex+0x223/0x230
[  130.770797][ T8718]  ? __anon_vma_prepare+0xcf/0x310
[  130.775997][ T8718]  should_failslab+0x8f/0xb0
[  130.780754][ T8718]  kmem_cache_alloc_noprof+0x4c/0x290
[  130.786173][ T8718]  __anon_vma_prepare+0xcf/0x310
[  130.791182][ T8718]  ? do_wp_page+0x1011/0x2340
[  130.795925][ T8718]  do_wp_page+0x1019/0x2340
[  130.800519][ T8718]  ? __rcu_read_lock+0x36/0x50
[  130.805376][ T8718]  ? __rcu_read_lock+0x36/0x50
[  130.810188][ T8718]  handle_mm_fault+0xc47/0x2a80
[  130.815195][ T8718]  exc_page_fault+0x3b9/0x650
[  130.819938][ T8718]  asm_exc_page_fault+0x26/0x30
[  130.824870][ T8718] RIP: 0033:0x7ff5440f1833
[  130.829364][ T8718] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  130.849149][ T8718] RSP: 002b:00007ff542ea64a0 EFLAGS: 00010202
[  130.855336][ T8718] RAX: 0000000000000400 RBX: 00007ff542ea6540 RCX: 00007ff53aa87000
[  130.863364][ T8718] RDX: 00007ff542ea66e0 RSI: 0000000000000000 RDI: 00007ff542ea65e0
[  130.871363][ T8718] RBP: 00000000000000f9 R08: 0000000000000008 R09: 00000000000000a8
[  130.879427][ T8718] R10: 00000000000000c0 R11: 00007ff542ea6540 R12: 0000000000000001
[  130.887603][ T8718] R13: 00007ff5442b5ae0 R14: 0000000000000020 R15: 00007ff542ea65e0
[  130.895618][ T8718]  </TASK>
[  130.898823][ T8718] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  130.927323][ T8718] loop0: detected capacity change from 0 to 2048
[  130.987309][ T8460] 8021q: adding VLAN 0 to HW filter on device batadv0
[  131.017084][ T8718] EXT4-fs (loop0): failed to initialize system zone (-117)
[  131.031815][ T8718] EXT4-fs (loop0): mount failed
[  131.157581][ T8750] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1569'.
[  131.251816][ T8761] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1571'.
[  131.312455][ T8688] 9pnet_fd: p9_fd_create_tcp (8688): problem connecting socket to 127.0.0.1
[  131.348994][ T8776] usb usb8: usbfs: process 8776 (syz.5.1572) did not claim interface 0 before use
[  131.370096][ T8460] veth0_vlan: entered promiscuous mode
[  131.384388][ T8460] veth1_vlan: entered promiscuous mode
[  131.425797][ T8460] veth0_macvtap: entered promiscuous mode
[  131.449676][ T8460] veth1_macvtap: entered promiscuous mode
[  131.460169][ T8782] loop0: detected capacity change from 0 to 512
[  131.479279][ T8782] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1575: bg 0: block 35: padding at end of block bitmap is not set
[  131.494017][ T8782] EXT4-fs (loop0): Remounting filesystem read-only
[  131.501399][ T8782] EXT4-fs (loop0): 1 truncate cleaned up
[  131.507592][ T8782] EXT4-fs mount: 42 callbacks suppressed
[  131.507607][ T8782] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.528535][ T8782] SELinux: (dev loop0, type ext4) getxattr errno 5
[  131.539229][ T8460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  131.549745][ T8460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.559604][ T8460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  131.570171][ T8460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.580199][ T8460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  131.584567][ T8782] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.590646][ T8460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.601663][ T8460] batman_adv: batadv0: Interface activated: batadv_slave_0
[  131.674111][ T8460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  131.684678][ T8460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.694575][ T8460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  131.705062][ T8460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.714934][ T8460] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  131.725441][ T8460] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  131.739525][ T8460] batman_adv: batadv0: Interface activated: batadv_slave_1
[  131.778831][ T8460] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  131.787608][ T8460] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  131.796530][ T8460] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  131.805314][ T8460] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  131.807570][ T8805] loop5: detected capacity change from 0 to 764
[  131.823122][ T8803] loop3: detected capacity change from 0 to 2048
[  131.842561][ T8805] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  131.894988][ T8803] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.954178][ T8803] Invalid ELF header magic: != ELF
[  132.057332][ T8803] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  132.162754][ T8803] EXT4-fs (loop3): Delayed block allocation failed for inode 16 at logical offset 16 with max blocks 16 with error 28
[  132.175370][ T8803] EXT4-fs (loop3): This should not happen!! Data will be lost
[  132.175370][ T8803] 
[  132.185527][ T8803] EXT4-fs (loop3): Total free blocks count 0
[  132.191652][ T8803] EXT4-fs (loop3): Free/Dirty block details
[  132.197577][ T8803] EXT4-fs (loop3): free_blocks=2415919104
[  132.203366][ T8803] EXT4-fs (loop3): dirty_blocks=16
[  132.208504][ T8803] EXT4-fs (loop3): Block reservation details
[  132.214514][ T8803] EXT4-fs (loop3): i_reserved_data_blocks=1
[  132.235869][ T8846] loop6: detected capacity change from 0 to 512
[  132.272542][ T8803] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  132.282084][ T8846] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1587: bg 0: block 35: padding at end of block bitmap is not set
[  132.298652][ T8853] loop5: detected capacity change from 0 to 164
[  132.316852][ T8846] EXT4-fs (loop6): Remounting filesystem read-only
[  132.343672][ T8846] EXT4-fs (loop6): 1 truncate cleaned up
[  132.350194][ T8846] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.363548][ T8846] SELinux: (dev loop6, type ext4) getxattr errno 5
[  132.372299][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.372308][ T8846] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.441289][ T8863] loop0: detected capacity change from 0 to 512
[  132.467263][ T8863] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1592: bg 0: block 35: padding at end of block bitmap is not set
[  132.503169][ T8863] EXT4-fs (loop0): Remounting filesystem read-only
[  132.537912][ T8863] EXT4-fs (loop0): 1 truncate cleaned up
[  132.544051][ T8863] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.567868][ T8874] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1593'.
[  132.573622][ T8863] SELinux: (dev loop0, type ext4) getxattr errno 5
[  132.600969][ T8863] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.612252][ T8877] loop3: detected capacity change from 0 to 128
[  132.654034][ T8877] syz.3.1594[8877] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  132.654161][ T8877] syz.3.1594[8877] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  132.670753][ T8877] syz.3.1594[8877] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  132.696537][ T8880] usb usb8: usbfs: process 8880 (syz.6.1595) did not claim interface 0 before use
[  132.808441][ T8885] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1596'.
[  132.850488][ T8888] loop6: detected capacity change from 0 to 1024
[  132.876210][ T8888] EXT4-fs (loop6): filesystem too large to mount safely on this system
[  133.000960][ T8897] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1600'.
[  133.217925][   T29] kauditd_printk_skb: 947 callbacks suppressed
[  133.218011][   T29] audit: type=1326 audit(1729988287.001:5505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8876 comm="syz.3.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcf20fe56e7 code=0x7ffc0000
[  133.247752][   T29] audit: type=1326 audit(1729988287.001:5506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8876 comm="syz.3.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcf20f8a099 code=0x7ffc0000
[  133.271104][   T29] audit: type=1326 audit(1729988287.001:5507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8876 comm="syz.3.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcf20fe56e7 code=0x7ffc0000
[  133.294489][   T29] audit: type=1326 audit(1729988287.001:5508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8876 comm="syz.3.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcf20f8a099 code=0x7ffc0000
[  133.318010][   T29] audit: type=1326 audit(1729988287.001:5509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8876 comm="syz.3.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcf20fe56e7 code=0x7ffc0000
[  133.341491][   T29] audit: type=1326 audit(1729988287.001:5510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8876 comm="syz.3.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcf20f8a099 code=0x7ffc0000
[  133.364942][   T29] audit: type=1326 audit(1729988287.001:5511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8876 comm="syz.3.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcf20fe56e7 code=0x7ffc0000
[  133.388358][   T29] audit: type=1326 audit(1729988287.001:5512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8876 comm="syz.3.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcf20f8a099 code=0x7ffc0000
[  133.411780][   T29] audit: type=1326 audit(1729988287.001:5513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8876 comm="syz.3.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fcf20fe56e7 code=0x7ffc0000
[  133.435204][   T29] audit: type=1326 audit(1729988287.001:5514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8876 comm="syz.3.1594" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcf20f8a099 code=0x7ffc0000
[  133.472313][ T8906] usb usb8: usbfs: process 8906 (syz.1.1603) did not claim interface 0 before use
[  134.164482][ T8929] FAULT_INJECTION: forcing a failure.
[  134.164482][ T8929] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  134.177654][ T8929] CPU: 0 UID: 0 PID: 8929 Comm: syz.5.1612 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  134.188373][ T8929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  134.198501][ T8929] Call Trace:
[  134.201806][ T8929]  <TASK>
[  134.204762][ T8929]  dump_stack_lvl+0xf2/0x150
[  134.209398][ T8929]  dump_stack+0x15/0x20
[  134.213620][ T8929]  should_fail_ex+0x223/0x230
[  134.218397][ T8929]  should_fail+0xb/0x10
[  134.222651][ T8929]  should_fail_usercopy+0x1a/0x20
[  134.227791][ T8929]  _copy_to_user+0x20/0xa0
[  134.232290][ T8929]  finalize_log+0x89/0x110
[  134.236737][ T8929]  btf_new_fd+0x520/0x790
[  134.241241][ T8929]  bpf_btf_load+0x115/0x130
[  134.245785][ T8929]  __sys_bpf+0x686/0x7a0
[  134.250151][ T8929]  __x64_sys_bpf+0x43/0x50
[  134.254625][ T8929]  x64_sys_call+0x2625/0x2d60
[  134.259414][ T8929]  do_syscall_64+0xc9/0x1c0
[  134.263976][ T8929]  ? clear_bhb_loop+0x55/0xb0
[  134.268761][ T8929]  ? clear_bhb_loop+0x55/0xb0
[  134.273495][ T8929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.279448][ T8929] RIP: 0033:0x7f0fcb2ce719
[  134.283961][ T8929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.303648][ T8929] RSP: 002b:00007f0fc9f47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  134.312129][ T8929] RAX: ffffffffffffffda RBX: 00007f0fcb485f80 RCX: 00007f0fcb2ce719
[  134.320139][ T8929] RDX: 0000000000000028 RSI: 0000000020000080 RDI: 0000000000000012
[  134.328136][ T8929] RBP: 00007f0fc9f47090 R08: 0000000000000000 R09: 0000000000000000
[  134.336163][ T8929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  134.344447][ T8929] R13: 0000000000000001 R14: 00007f0fcb485f80 R15: 00007fff45e93748
[  134.352635][ T8929]  </TASK>
[  134.356252][ T8931] SET target dimension over the limit!
[  134.397258][ T8933] netlink: 16382 bytes leftover after parsing attributes in process `syz.5.1615'.
[  134.456945][ T8941] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1615'.
[  134.494047][ T8940] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1618'.
[  134.520809][ T8946] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1619'.
[  134.690775][ T8957] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1623'.
[  134.728961][ T8960] usb usb8: usbfs: process 8960 (syz.6.1624) did not claim interface 0 before use
[  134.896455][ T8966] loop6: detected capacity change from 0 to 512
[  134.923621][ T8966] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1626: bg 0: block 35: padding at end of block bitmap is not set
[  134.925431][ T8969] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1627'.
[  134.952007][ T8966] EXT4-fs (loop6): Remounting filesystem read-only
[  134.959662][ T8966] EXT4-fs (loop6): 1 truncate cleaned up
[  134.965820][ T8966] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.978869][ T8966] SELinux: (dev loop6, type ext4) getxattr errno 5
[  134.993132][ T8973] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  135.004249][ T8966] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.148103][ T8978] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1631'.
[  135.213918][ T8983] netlink: 16382 bytes leftover after parsing attributes in process `syz.3.1632'.
[  135.236297][ T8983] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1632'.
[  135.269940][ T8988] loop5: detected capacity change from 0 to 512
[  135.297791][ T8988] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.316132][ T8988] ext4 filesystem being mounted at /272/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  135.347468][ T9002] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1638'.
[  135.366486][ T9005] usb usb8: usbfs: process 9005 (syz.6.1641) did not claim interface 0 before use
[  135.376189][ T9002] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  135.419395][ T9003] tmpfs: Bad value for 'mpol'
[  135.457799][ T9012] FAULT_INJECTION: forcing a failure.
[  135.457799][ T9012] name failslab, interval 1, probability 0, space 0, times 0
[  135.470549][ T9012] CPU: 1 UID: 0 PID: 9012 Comm: syz.6.1644 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  135.481307][ T9012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  135.491388][ T9012] Call Trace:
[  135.494687][ T9012]  <TASK>
[  135.497642][ T9012]  dump_stack_lvl+0xf2/0x150
[  135.502326][ T9012]  dump_stack+0x15/0x20
[  135.506541][ T9012]  should_fail_ex+0x223/0x230
[  135.511298][ T9012]  ? vm_area_dup+0x98/0x130
[  135.515906][ T9012]  should_failslab+0x8f/0xb0
[  135.520523][ T9012]  kmem_cache_alloc_noprof+0x4c/0x290
[  135.525969][ T9012]  vm_area_dup+0x98/0x130
[  135.530347][ T9012]  copy_mm+0x60b/0x10e0
[  135.534538][ T9012]  copy_process+0xd5b/0x1f90
[  135.539158][ T9012]  kernel_clone+0x167/0x5e0
[  135.543678][ T9012]  ? vfs_write+0x596/0x920
[  135.548134][ T9012]  ? __pfx_kfree_link+0x10/0x10
[  135.553020][ T9012]  __x64_sys_clone+0xe8/0x120
[  135.557786][ T9012]  x64_sys_call+0x2d23/0x2d60
[  135.562527][ T9012]  do_syscall_64+0xc9/0x1c0
[  135.567044][ T9012]  ? clear_bhb_loop+0x55/0xb0
[  135.571749][ T9012]  ? clear_bhb_loop+0x55/0xb0
[  135.576437][ T9012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.582403][ T9012] RIP: 0033:0x7f3699fbe719
[  135.586860][ T9012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.606571][ T9012] RSP: 002b:00007f3698c30fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  135.615025][ T9012] RAX: ffffffffffffffda RBX: 00007f369a175f80 RCX: 00007f3699fbe719
[  135.623058][ T9012] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000001000
[  135.631056][ T9012] RBP: 00007f3698c31090 R08: 0000000000000000 R09: 0000000000000000
[  135.639126][ T9012] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000002
[  135.647126][ T9012] R13: 0000000000000000 R14: 00007f369a175f80 R15: 00007ffeb5860c08
[  135.655115][ T9012]  </TASK>
[  135.673641][ T9014] loop0: detected capacity change from 0 to 512
[  135.689139][ T3891] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.706600][ T9018] loop1: detected capacity change from 0 to 512
[  135.728093][ T9014] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1645: bg 0: block 35: padding at end of block bitmap is not set
[  135.768375][ T9014] EXT4-fs (loop0): Remounting filesystem read-only
[  135.782462][ T9014] EXT4-fs (loop0): 1 truncate cleaned up
[  135.792996][ T9014] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  135.800112][ T9028] FAULT_INJECTION: forcing a failure.
[  135.800112][ T9028] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  135.817908][ T9014] SELinux: (dev loop0, type ext4) getxattr errno 5
[  135.818082][ T9028] CPU: 0 UID: 0 PID: 9028 Comm: syz.1.1649 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  135.824820][ T9014] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.835176][ T9028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  135.835196][ T9028] Call Trace:
[  135.835204][ T9028]  <TASK>
[  135.835214][ T9028]  dump_stack_lvl+0xf2/0x150
[  135.865353][ T9028]  dump_stack+0x15/0x20
[  135.869596][ T9028]  should_fail_ex+0x223/0x230
[  135.874327][ T9028]  should_fail+0xb/0x10
[  135.878560][ T9028]  should_fail_usercopy+0x1a/0x20
[  135.883719][ T9028]  _copy_to_user+0x20/0xa0
[  135.888211][ T9028]  bpf_verifier_vlog+0x2ef/0x4d0
[  135.893185][ T9028]  __btf_verifier_log+0x80/0xb0
[  135.898106][ T9028]  ? should_fail_ex+0xd7/0x230
[  135.902967][ T9028]  ? btf_parse_hdr+0x1c0/0x3a0
[  135.907790][ T9028]  ? should_fail_ex+0xd7/0x230
[  135.912579][ T9028]  btf_parse_hdr+0x1d3/0x3a0
[  135.917190][ T9028]  btf_new_fd+0x270/0x790
[  135.921637][ T9028]  bpf_btf_load+0x115/0x130
[  135.926167][ T9028]  __sys_bpf+0x686/0x7a0
[  135.930786][ T9028]  __x64_sys_bpf+0x43/0x50
[  135.935229][ T9028]  x64_sys_call+0x2625/0x2d60
[  135.939923][ T9028]  do_syscall_64+0xc9/0x1c0
[  135.944440][ T9028]  ? clear_bhb_loop+0x55/0xb0
[  135.949126][ T9028]  ? clear_bhb_loop+0x55/0xb0
[  135.953824][ T9028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.959814][ T9028] RIP: 0033:0x7f86389ae719
[  135.964321][ T9028] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  135.983941][ T9028] RSP: 002b:00007f8637627038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  135.992445][ T9028] RAX: ffffffffffffffda RBX: 00007f8638b65f80 RCX: 00007f86389ae719
[  136.000537][ T9028] RDX: 0000000000000028 RSI: 00000000200000c0 RDI: 0000000000000012
[  136.008634][ T9028] RBP: 00007f8637627090 R08: 0000000000000000 R09: 0000000000000000
[  136.016760][ T9028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.024855][ T9028] R13: 0000000000000000 R14: 00007f8638b65f80 R15: 00007ffde3489bd8
[  136.033278][ T9028]  </TASK>
[  136.652040][ T9062] loop0: detected capacity change from 0 to 512
[  136.660740][ T9068] loop1: detected capacity change from 0 to 736
[  136.700833][ T9062] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.738036][ T9062] ext4 filesystem being mounted at /383/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.757716][ T3391] hid (null): unknown global tag 0xe
[  136.763171][ T3391] hid (null): unknown global tag 0xd
[  136.772814][ T3391] hid-generic 0008:D00A:0007.0004: unknown main item tag 0x3
[  136.780280][ T3391] hid-generic 0008:D00A:0007.0004: unexpected long global item
[  136.804021][ T3391] hid-generic 0008:D00A:0007.0004: probe with driver hid-generic failed with error -22
[  136.843697][ T9062] EXT4-fs error (device loop0): ext4_xattr_block_get:596: inode #13: comm syz.0.1663: corrupted xattr block 63: invalid header
[  136.865750][ T9062] EXT4-fs (loop0): Remounting filesystem read-only
[  136.872408][ T9062] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop0 ino=13
[  136.889169][ T9062] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=13
[  136.905179][ T9062] SELinux: inode_doinit_use_xattr:  getxattr returned 5 for dev=loop0 ino=13
[  136.992849][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.005116][ T9110] netlink: 'syz.1.1675': attribute type 4 has an invalid length.
[  137.031169][ T9107] loop5: detected capacity change from 0 to 512
[  137.067947][ T9107] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1684: bg 0: block 35: padding at end of block bitmap is not set
[  137.083387][ T9107] EXT4-fs (loop5): Remounting filesystem read-only
[  137.090323][ T9107] EXT4-fs (loop5): 1 truncate cleaned up
[  137.094805][ T9122] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  137.096529][ T9107] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.115441][ T9107] SELinux: (dev loop5, type ext4) getxattr errno 5
[  137.123109][ T9107] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.251650][ T9140] usb usb8: usbfs: process 9140 (syz.3.1680) did not claim interface 0 before use
[  137.268623][ T9135] tmpfs: Bad value for 'mpol'
[  137.304643][ T9144] SELinux:  policydb version 2048108817 does not match my version range 15-33
[  137.331487][ T9144] SELinux: failed to load policy
[  137.809377][ T9174] loop5: detected capacity change from 0 to 1024
[  137.817670][ T9175] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  137.829029][ T9174] EXT4-fs: Ignoring removed orlov option
[  137.834766][ T9174] EXT4-fs: Ignoring removed nomblk_io_submit option
[  137.901693][ T9174] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.914651][ T9181] tmpfs: Bad value for 'mpol'
[  137.943783][ T3891] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.966350][ T9186] loop6: detected capacity change from 0 to 1024
[  137.973178][ T9186] EXT4-fs: Ignoring removed orlov option
[  137.978978][ T9186] EXT4-fs: Ignoring removed nomblk_io_submit option
[  137.991923][ T9190] usb usb8: usbfs: process 9190 (syz.5.1697) did not claim interface 0 before use
[  138.003542][ T9183] loop0: detected capacity change from 0 to 2048
[  138.020327][ T9186] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.022166][ T9194] FAULT_INJECTION: forcing a failure.
[  138.022166][ T9194] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  138.045529][ T9194] CPU: 1 UID: 0 PID: 9194 Comm: syz.5.1699 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  138.056286][ T9194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  138.066459][ T9194] Call Trace:
[  138.069766][ T9194]  <TASK>
[  138.072723][ T9194]  dump_stack_lvl+0xf2/0x150
[  138.077420][ T9194]  dump_stack+0x15/0x20
[  138.081598][ T9194]  should_fail_ex+0x223/0x230
[  138.086345][ T9194]  should_fail+0xb/0x10
[  138.090578][ T9194]  should_fail_usercopy+0x1a/0x20
[  138.095612][ T9194]  _copy_to_user+0x20/0xa0
[  138.100108][ T9194]  bpf_verifier_vlog+0x2ef/0x4d0
[  138.105220][ T9194]  __btf_verifier_log+0x80/0xb0
[  138.110094][ T9194]  ? should_fail_ex+0xd7/0x230
[  138.114893][ T9194]  ? btf_parse_hdr+0x1c0/0x3a0
[  138.119696][ T9194]  ? should_fail_ex+0xd7/0x230
[  138.124484][ T9194]  btf_parse_hdr+0x1d3/0x3a0
[  138.129187][ T9194]  btf_new_fd+0x270/0x790
[  138.133663][ T9194]  bpf_btf_load+0x115/0x130
[  138.138180][ T9194]  __sys_bpf+0x686/0x7a0
[  138.142436][ T9194]  __x64_sys_bpf+0x43/0x50
[  138.147045][ T9194]  x64_sys_call+0x2625/0x2d60
[  138.151833][ T9194]  do_syscall_64+0xc9/0x1c0
[  138.156428][ T9194]  ? clear_bhb_loop+0x55/0xb0
[  138.161166][ T9194]  ? clear_bhb_loop+0x55/0xb0
[  138.165924][ T9194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.171843][ T9194] RIP: 0033:0x7f0fcb2ce719
[  138.176276][ T9194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  138.196075][ T9194] RSP: 002b:00007f0fc9f47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  138.204508][ T9194] RAX: ffffffffffffffda RBX: 00007f0fcb485f80 RCX: 00007f0fcb2ce719
[  138.212561][ T9194] RDX: 0000000000000028 RSI: 00000000200000c0 RDI: 0000000000000012
[  138.220637][ T9194] RBP: 00007f0fc9f47090 R08: 0000000000000000 R09: 0000000000000000
[  138.228628][ T9194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.236814][ T9194] R13: 0000000000000000 R14: 00007f0fcb485f80 R15: 00007fff45e93748
[  138.244850][ T9194]  </TASK>
[  138.275275][ T9183] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.347048][ T8460] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.368785][   T29] kauditd_printk_skb: 1879 callbacks suppressed
[  138.368811][   T29] audit: type=1326 audit(1729988292.201:7394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9204 comm="syz.5.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fcb2ce719 code=0x7ffc0000
[  138.454606][   T29] audit: type=1326 audit(1729988292.201:7395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9204 comm="syz.5.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0fcb2ce719 code=0x7ffc0000
[  138.478291][   T29] audit: type=1326 audit(1729988292.201:7396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9204 comm="syz.5.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fcb2ce719 code=0x7ffc0000
[  138.501706][   T29] audit: type=1326 audit(1729988292.201:7397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9204 comm="syz.5.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0fcb2d0637 code=0x7ffc0000
[  138.525138][   T29] audit: type=1326 audit(1729988292.201:7398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9204 comm="syz.5.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7f0fcb2d05ac code=0x7ffc0000
[  138.548567][   T29] audit: type=1326 audit(1729988292.201:7399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9204 comm="syz.5.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f0fcb2d04e4 code=0x7ffc0000
[  138.572004][   T29] audit: type=1326 audit(1729988292.201:7400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9204 comm="syz.5.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7f0fcb2d04e4 code=0x7ffc0000
[  138.595343][   T29] audit: type=1326 audit(1729988292.201:7401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9204 comm="syz.5.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f0fcb2cd3aa code=0x7ffc0000
[  138.618643][   T29] audit: type=1326 audit(1729988292.201:7402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9204 comm="syz.5.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0fcb2ce719 code=0x7ffc0000
[  138.642219][   T29] audit: type=1326 audit(1729988292.201:7403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9204 comm="syz.5.1701" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f0fcb2ce719 code=0x7ffc0000
[  138.708729][ T9237] loop6: detected capacity change from 0 to 1024
[  138.715638][ T9237] EXT4-fs: Ignoring removed orlov option
[  138.721620][ T9237] EXT4-fs: Ignoring removed nomblk_io_submit option
[  138.740257][ T9236] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  138.754921][ T9237] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.795911][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.848952][ T8460] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.897767][ T9252] loop0: detected capacity change from 0 to 256
[  138.925399][ T9252] vfat: Bad value for 'uid'
[  138.930043][ T9252] vfat: Bad value for 'uid'
[  138.993709][ T9252] loop0: detected capacity change from 0 to 512
[  139.001352][ T9275] loop3: detected capacity change from 0 to 2048
[  139.019069][ T9252] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  139.075033][ T9275] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.095067][ T9252] EXT4-fs error (device loop0): ext4_orphan_get:1388: inode #17: comm syz.0.1711: iget: bad i_size value: -6917529027641081756
[  139.109330][ T9252] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.1711: couldn't read orphan inode 17 (err -117)
[  139.121974][ T9252] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  139.143599][ T9288] loop6: detected capacity change from 0 to 2048
[  139.193936][ T9288] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.194979][ T9293] loop1: detected capacity change from 0 to 1024
[  139.213146][ T9293] EXT4-fs: Ignoring removed orlov option
[  139.219034][ T9293] EXT4-fs: Ignoring removed nomblk_io_submit option
[  139.230447][ T9293] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.232790][ T3315] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.266267][ T9297] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  139.276541][ T3319] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.314591][ T9303] FAULT_INJECTION: forcing a failure.
[  139.314591][ T9303] name failslab, interval 1, probability 0, space 0, times 0
[  139.327389][ T9303] CPU: 0 UID: 0 PID: 9303 Comm: syz.0.1729 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  139.338094][ T9303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  139.348245][ T9303] Call Trace:
[  139.351529][ T9303]  <TASK>
[  139.354491][ T9303]  dump_stack_lvl+0xf2/0x150
[  139.359107][ T9303]  dump_stack+0x15/0x20
[  139.363272][ T9303]  should_fail_ex+0x223/0x230
[  139.368026][ T9303]  ? security_file_alloc+0x32/0x100
[  139.373291][ T9303]  should_failslab+0x8f/0xb0
[  139.377892][ T9303]  kmem_cache_alloc_noprof+0x4c/0x290
[  139.383450][ T9303]  security_file_alloc+0x32/0x100
[  139.388622][ T9303]  alloc_empty_file+0x121/0x2f0
[  139.393513][ T9303]  alloc_file_pseudo+0xc3/0x140
[  139.398382][ T9303]  __shmem_file_setup+0x1bb/0x1f0
[  139.403550][ T9303]  shmem_file_setup+0x3b/0x50
[  139.408246][ T9303]  __se_sys_memfd_create+0x31d/0x5c0
[  139.413557][ T9303]  __x64_sys_memfd_create+0x31/0x40
[  139.418778][ T9303]  x64_sys_call+0x2891/0x2d60
[  139.423538][ T9303]  do_syscall_64+0xc9/0x1c0
[  139.428094][ T9303]  ? clear_bhb_loop+0x55/0xb0
[  139.432790][ T9303]  ? clear_bhb_loop+0x55/0xb0
[  139.437561][ T9303]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.443490][ T9303] RIP: 0033:0x7ff54422e719
[  139.447926][ T9303] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.467545][ T9303] RSP: 002b:00007ff542ea6e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  139.475967][ T9303] RAX: ffffffffffffffda RBX: 000000000000053d RCX: 00007ff54422e719
[  139.484122][ T9303] RDX: 00007ff542ea6ef0 RSI: 0000000000000000 RDI: 00007ff5442a1b9a
[  139.492104][ T9303] RBP: 0000000020000b80 R08: 00007ff542ea6bb7 R09: 00007ff542ea6e40
[  139.500173][ T9303] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000000
[  139.508149][ T9303] R13: 00007ff542ea6ef0 R14: 00007ff542ea6eb0 R15: 00000000200001c0
[  139.516172][ T9303]  </TASK>
[  139.562711][ T3325] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.595186][ T6374] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  139.613591][ T9318] ==================================================================
[  139.621741][ T9318] BUG: KCSAN: data-race in mas_wr_store_entry / mtree_range_walk
[  139.629594][ T9318] 
[  139.631939][ T9318] write to 0xffff8881125ebd60 of 8 bytes by task 9311 on cpu 1:
[  139.639592][ T9318]  mas_wr_store_entry+0x146b/0x2d00
[  139.644834][ T9318]  mas_store_prealloc+0x6bf/0x960
[  139.649905][ T9318]  commit_merge+0x441/0x740
[  139.654490][ T9318]  vma_expand+0x211/0x360
[  139.658869][ T9318]  vma_merge_new_range+0x2cf/0x3e0
[  139.664094][ T9318]  mmap_region+0x81a/0x1710
[  139.668634][ T9318]  do_mmap+0x718/0xb60
[  139.672743][ T9318]  vm_mmap_pgoff+0x133/0x290
[  139.677371][ T9318]  ksys_mmap_pgoff+0xd0/0x330
[  139.682131][ T9318]  x64_sys_call+0x1884/0x2d60
[  139.686849][ T9318]  do_syscall_64+0xc9/0x1c0
[  139.690848][ T9324] FAULT_INJECTION: forcing a failure.
[  139.690848][ T9324] name failslab, interval 1, probability 0, space 0, times 0
[  139.691368][ T9318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.704020][ T9324] CPU: 1 UID: 0 PID: 9324 Comm: syz.5.1736 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  139.709883][ T9318] 
[  139.709892][ T9318] read to 0xffff8881125ebd60 of 8 bytes by task 9318 on cpu 0:
[  139.720549][ T9324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  139.722867][ T9318]  mtree_range_walk+0x1b4/0x460
[  139.730398][ T9324] Call Trace:
[  139.730408][ T9324]  <TASK>
[  139.740447][ T9318]  mas_walk+0x16e/0x320
[  139.745285][ T9324]  dump_stack_lvl+0xf2/0x150
[  139.748558][ T9318]  lock_vma_under_rcu+0x95/0x260
[  139.751486][ T9324]  dump_stack+0x15/0x20
[  139.755623][ T9318]  exc_page_fault+0x150/0x650
[  139.760198][ T9324]  should_fail_ex+0x223/0x230
[  139.765118][ T9318]  asm_exc_page_fault+0x26/0x30
[  139.769263][ T9324]  ? copy_net_ns+0x143/0x430
[  139.773929][ T9318] 
[  139.773935][ T9318] value changed: 0x00007f86375c4fff -> 0x00007f86375a3fff
[  139.778622][ T9324]  should_failslab+0x8f/0xb0
[  139.783460][ T9318] 
[  139.783466][ T9318] Reported by Kernel Concurrency Sanitizer on:
[  139.788033][ T9324]  __kmalloc_cache_noprof+0x4b/0x2a0
[  139.790350][ T9318] CPU: 0 UID: 0 PID: 9318 Comm: syz.1.1732 Not tainted 6.12.0-rc4-syzkaller-00261-g850925a8133c #0
[  139.797445][ T9324]  copy_net_ns+0x143/0x430
[  139.802027][ T9318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  139.804368][ T9324]  create_new_namespaces+0x228/0x430
[  139.810532][ T9318] ==================================================================
[  139.815803][ T9324]  unshare_nsproxy_namespaces+0xe6/0x120
[  139.860335][ T9324]  ksys_unshare+0x3c9/0x6e0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  139.864890][ T9324]  __x64_sys_unshare+0x1f/0x30
[  139.869693][ T9324]  x64_sys_call+0x2c8d/0x2d60
[  139.874408][ T9324]  do_syscall_64+0xc9/0x1c0
[  139.878932][ T9324]  ? clear_bhb_loop+0x55/0xb0
[  139.883619][ T9324]  ? clear_bhb_loop+0x55/0xb0
[  139.888308][ T9324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  139.894240][ T9324] RIP: 0033:0x7f0fcb2ce719
[  139.898662][ T9324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  139.919040][ T9324] RSP: 002b:00007f0fc9f47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  139.927468][ T9324] RAX: ffffffffffffffda RBX: 00007f0fcb485f80 RCX: 00007f0fcb2ce719
[  139.935484][ T9324] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000068040200
[  139.943477][ T9324] RBP: 00007f0fc9f47090 R08: 0000000000000000 R09: 0000000000000000
[  139.951465][ T9324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  139.959478][ T9324] R13: 0000000000000001 R14: 00007f0fcb485f80 R15: 00007fff45e93748
[  139.967616][ T9324]  </TASK>
[  140.019327][ T6374] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.036601][ T8460] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.102219][ T6374] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.211361][ T6374] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  140.308348][ T6374] bridge_slave_1: left allmulticast mode
[  140.314053][ T6374] bridge_slave_1: left promiscuous mode
[  140.319812][ T6374] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.329141][ T6374] bridge_slave_0: left allmulticast mode
[  140.336305][ T6374] bridge_slave_0: left promiscuous mode
[  140.342918][ T6374] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.480131][ T6374] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  140.490297][ T6374] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  140.500471][ T6374] bond0 (unregistering): Released all slaves
[  140.559821][ T6374] IPVS: stopping backup sync thread 7073 ...
[  140.568876][ T6374] hsr_slave_0: left promiscuous mode
[  140.574650][ T6374] hsr_slave_1: left promiscuous mode
[  140.580647][ T6374] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  140.588345][ T6374] batman_adv: batadv0: Removing interface: batadv_slave_0
[  140.596905][ T6374] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  140.604492][ T6374] batman_adv: batadv0: Removing interface: batadv_slave_1
[  140.615162][ T6374] veth1_macvtap: left promiscuous mode
[  140.620756][ T6374] veth0_macvtap: left promiscuous mode
[  140.626339][ T6374] veth1_vlan: left promiscuous mode
[  140.631817][ T6374] veth0_vlan: left promiscuous mode
[  140.994893][ T6374] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.041555][ T6374] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.092017][ T6374] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.141113][ T6374] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.206923][ T6374] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.261722][ T6374] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.302748][ T6374] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.351640][ T6374] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.435786][ T6374] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.470848][ T6374] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.511037][ T6374] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.581696][ T6374] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.644806][ T6374] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.681471][ T6374] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.731666][ T6374] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.781109][ T6374] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  141.849074][ T6374] bridge_slave_1: left allmulticast mode
[  141.854835][ T6374] bridge_slave_1: left promiscuous mode
[  141.860639][ T6374] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.868522][ T6374] bridge_slave_0: left allmulticast mode
[  141.874199][ T6374] bridge_slave_0: left promiscuous mode
[  141.879986][ T6374] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.888261][ T6374] bridge_slave_1: left allmulticast mode
[  141.893913][ T6374] bridge_slave_1: left promiscuous mode
[  141.899708][ T6374] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.907667][ T6374] bridge_slave_0: left allmulticast mode
[  141.913618][ T6374] bridge_slave_0: left promiscuous mode
[  141.919348][ T6374] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.927655][ T6374] bridge_slave_1: left allmulticast mode
[  141.933392][ T6374] bridge_slave_1: left promiscuous mode
[  141.939089][ T6374] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.946863][ T6374] bridge_slave_0: left allmulticast mode
[  141.952638][ T6374] bridge_slave_0: left promiscuous mode
[  141.958349][ T6374] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.966475][ T6374] bridge_slave_1: left allmulticast mode
[  141.972226][ T6374] bridge_slave_1: left promiscuous mode
[  141.977956][ T6374] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.985927][ T6374] bridge_slave_0: left allmulticast mode
[  141.991731][ T6374] bridge_slave_0: left promiscuous mode
[  141.997471][ T6374] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.104776][ T6374] bridge0: left promiscuous mode
[  142.197652][ T6374] team0: Port device vlan2 removed
[  142.370131][ T6374] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  142.380625][ T6374] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  142.390797][ T6374] bond0 (unregistering): Released all slaves
[  142.399691][ T6374] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  142.410263][ T6374] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  142.420308][ T6374] bond0 (unregistering): Released all slaves
[  142.429176][ T6374] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  142.439491][ T6374] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  142.450018][ T6374] bond0 (unregistering): Released all slaves
[  142.459169][ T6374] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  142.469448][ T6374] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  142.480070][ T6374] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  142.489471][ T6374] bond0 (unregistering): Released all slaves
[  142.523126][ T6374] tipc: Disabling bearer <udp:s>
[  142.528195][ T6374] tipc: Left network mode
[  142.532862][ T6374] tipc: Disabling bearer <udp:s>
[  142.538398][ T6374] tipc: Left network mode
[  142.545136][ T6374] IPVS: stopping master sync thread 5487 ...
[  142.553867][ T6374] hsr_slave_0: left promiscuous mode
[  142.560053][ T6374] hsr_slave_1: left promiscuous mode
[  142.566108][ T6374] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  142.573764][ T6374] batman_adv: batadv0: Removing interface: batadv_slave_0
[  142.582246][ T6374] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.589901][ T6374] batman_adv: batadv0: Removing interface: batadv_slave_1
[  142.599906][ T6374] hsr_slave_0: left promiscuous mode
[  142.605756][ T6374] hsr_slave_1: left promiscuous mode
[  142.611633][ T6374] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  142.619116][ T6374] batman_adv: batadv0: Removing interface: batadv_slave_0
[  142.627937][ T6374] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.635437][ T6374] batman_adv: batadv0: Removing interface: batadv_slave_1
[  142.646384][ T6374] hsr_slave_0: left promiscuous mode
[  142.654098][ T6374] hsr_slave_0: left promiscuous mode
[  142.660806][ T6374] hsr_slave_1: left promiscuous mode
[  142.666621][ T6374] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  142.674105][ T6374] batman_adv: batadv0: Removing interface: batadv_slave_0
[  142.682212][ T6374] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.689672][ T6374] batman_adv: batadv0: Removing interface: batadv_slave_1
[  142.702074][ T6374] veth1_macvtap: left promiscuous mode
[  142.707612][ T6374] veth0_macvtap: left promiscuous mode
[  142.713266][ T6374] veth1_vlan: left promiscuous mode
[  142.718557][ T6374] veth0_vlan: left promiscuous mode
[  142.724331][ T6374] veth1_macvtap: left promiscuous mode
[  142.729877][ T6374] veth0_macvtap: left promiscuous mode
[  142.735405][ T6374] veth1_vlan: left promiscuous mode
[  142.740763][ T6374] veth0_vlan: left promiscuous mode
[  142.746614][ T6374] veth1_macvtap: left promiscuous mode
[  142.752229][ T6374] veth1_vlan: left promiscuous mode
[  142.757476][ T6374] veth0_vlan: left promiscuous mode
[  142.763117][ T6374] veth1_macvtap: left promiscuous mode
[  142.768653][ T6374] veth0_macvtap: left promiscuous mode
[  142.774290][ T6374] veth1_vlan: left promiscuous mode
[  142.779635][ T6374] veth0_vlan: left promiscuous mode
[  142.966493][ T6374] team0 (unregistering): Port device team_slave_1 removed
[  142.976394][ T6374] team0 (unregistering): Port device team_slave_0 removed
[  143.036793][ T6374] team0 (unregistering): Port device team_slave_1 removed
[  143.046509][ T6374] team0 (unregistering): Port device team_slave_0 removed