last executing test programs:

4m23.866458604s ago: executing program 32 (id=840):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000060000000000000000850000000f000000c5000000a0ef010095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000200)='kmem_cache_free\x00', r3}, 0x10)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$binfmt_elf64(r2, 0x0, 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])

3m37.112785128s ago: executing program 33 (id=2035):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
r0 = io_uring_setup(0x6280, &(0x7f0000000080)={0x0, 0x10000000, 0x1, 0x0, 0x1d2})
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r1, 0xc0105500, &(0x7f0000000140)={0x80, 0x6, 0x303, 0xfffd, 0x13, 0x0, 0x0})
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000240)={0x0, 0x300, &(0x7f0000000040)=[{0x0}], 0x0, 0x1}, 0x20)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0xfffffffffffffffe)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32=0x0, @ANYBLOB="c081e35c4c8ec438c53a8fa615af213e218d27f385819b091c0f2a91aeb0d0fa6aa3c7b9331454eb77bdf22a0c988895b1c72ec2f04e0affae321ebd0b", @ANYRES64=r3], 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = socket$inet(0x2, 0x3, 0x30)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r5, 0x10e, 0xc, &(0x7f0000000180)={0x5}, 0x10)
write(r5, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f0000000000000200020000", 0x1c)
getsockopt$inet_mreqsrc(r4, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f0000000080)=0x2c)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000006c0)='sched_switch\x00'}, 0x18)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000280)='./file1\x00', 0x8, &(0x7f0000000080), 0x4, 0x4f3, &(0x7f00000012c0)="$eJzs3c9vVEUcAPDvbru0lEJBOahRQUTRELY/gIZwES4aQ0iMxJMHqO3SNN1lm26JtHIoR+8kknjSP8GbBxNOHrx505sXPJigEg018bDmvV3apb+1P9Z2P5/k9b2ZWfY702Vm9g3sTgAt62hEzEbEnoi4FhE99fxM/YgLtSN53ONHt4fnHt0ezkS1euW3TFqe5EXDn0nsqz9nZ0S8/07ER5mlcSvTM+NDxWJhsp7unSpN9FamZ06NZes5A4P9g33nTp8d2LS2Hil99fDtsUsffPP1Sw++n33zk6Ra3Z/uT8sa27GZak3PRXdDXntEXNqKYE3SXv/7w86T9LZnIuJY2v97oi19NQGA3axa7YlqT2MaANjtkvv/7shk8/W1gO7IZvP52hre4ejKFsuVqZM95Zs3RiJdwzoYuez1sWKhr75WeDBymSTdn14vpAeeSt8tnI6IQxFxt2NvWp4fLhdHmvnGBwBa2L5F8/+fHbX5HwDY5TqbXQEAYNuZ/wGg9Zj/AaD1/Iv536cDAWCXcP8PAK3H/A8ArWfN+f/O9tQDANgW712+nBzVudr3Xz/5pu5TI4XKeL50czg/XJ6cyI+Wy6PFQn64Wl3r+Yrl8kT/mflkZXrmaql888bU1bHS0GjhaiG3lY0BANbl0JH7PyaT/uz5vekRDXs5mKthd8s2uwJA07Q1uwJA0/g8D7SuddzjWwaAXW6ZLXqfsuJ/Ebpn81fYqU48b/0fWtVG1v+tHcDO9t/W/9/a9HoA288cDq2rWs3Y8x8AWow1fmBD//4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALao7PTLZfLoX+GzyM5vPR+yPiIORy1wfKxb6IuJARPzQketI0v3NrjQAsEHZXzL1/b9O9BzvXly6J/NXR3qOiI8/v/LZraGpqcn+JP/3+fype/X8gT3NaAAA0OjC0qzaPF0/N9zIP350e/jJsZ1VfHixtrloEneuftRK2qM9PXdGLiK6/sjU0zXJ+5W2TYg/eycinlto/62GCN3pGkht59PF8ZPY+7cg/sLvf3H87FPxs2lZcs6lv4tnN6Eu0GruX6yNk/W+l3Sxev/LxtH0vHz/70xHqI1Lxr9kLJlbMv5l58e/tiXxM2mfPzqfXr0mD898++6SzGpPrexOxAvty8XPzMfPLD/+5o6vs40/vfjysZXKql9EnFi2/U92pC6lw2zvVGmitzI9c2qsNDRaGC3cGBgY7B/sO3f67EBvukZd+/ndcjF+PX/ywErxk/Z3rRC/c/X2x2vrbP+Xf1/78JVV4r/x6vKv/+FV4idz4uvrjD/UdWHF7buT+CMrtH+N1z9OrjP+g59nRtb5UABgG1SmZ8aHisXC5BoXyXvNtR7jYmdexGzEZj1huigREf+HdrnYyEWzRyZgqy10+mbXBAAAAAAAAAAAAAAAWEllema8Y4s/rdXsNgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB7/RMAAP//TwTJNg==")
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x8901, 0x0)
ioctl$TUNSETOFFLOAD(r6, 0xc004743e, 0x110c23003f)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)

2m10.003718053s ago: executing program 34 (id=3736):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'vlan0\x00', <r1=>0x0})
unshare(0x62040200)
r2 = gettid()
sendmsg$nl_route(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000005f00)=ANY=[@ANYBLOB="2800000010000100"/20, @ANYRES32=r1, @ANYBLOB="6d3082610000000008001300", @ANYRES32=r2], 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

2m6.313696903s ago: executing program 35 (id=3905):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000006000000000084e27fa40000000f000000c5000000a029b30095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r0 = io_uring_setup(0x3efe, &(0x7f0000000000)={0x0, 0x0, 0x800, 0xfffffffc, 0xc3})
io_uring_register$IORING_REGISTER_ENABLE_RINGS(r0, 0xc, 0x2000000, 0x0)

1m59.544407463s ago: executing program 36 (id=4002):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000007b00000000000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000080)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=@ipv6_newrule={0x30, 0x20, 0x1, 0x70bd26, 0x25dfdbfb, {0xa, 0x10, 0x0, 0xfe, 0x1, 0x0, 0x0, 0x6, 0x11}, [@FRA_DST={0x14, 0x1, @loopback}]}, 0x30}, 0x1, 0x0, 0x0, 0x24008000}, 0x0)

1m58.116369425s ago: executing program 37 (id=4027):
io_uring_setup(0x7c8c, &(0x7f00000000c0)={0x0, 0xa3e5, 0x8, 0x3, 0x1fd})
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r0, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='veth1_to_bond\x00', 0x10)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x4e22, 0x0, @private1}, 0x1c)
r1 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r1, 0x1, 0x4000000000000002, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
connect$inet6(r1, &(0x7f0000000240)={0xa, 0x4e22, 0x0, @private1}, 0x1c)

1m42.510156527s ago: executing program 7 (id=4358):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c030000160001000000000000000000fc010000000000000000000000000000fe88000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000000006c000000ac141400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e3bc40c7f8fd73d61164fc7d15648a9e0070949687000000000000000000000000000000000000000000000000000000227bf23d3ba4560ebd7000000000"], 0x34c}}, 0x44)

1m42.495422998s ago: executing program 7 (id=4359):
fsopen(&(0x7f0000000400)='autofs\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5}, 0x38)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b7040000000000008500"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r0, 0x0, 0x80000000000}, 0x18)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000b600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x97a1}, 0x18)
r3 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x6, 0x0)
mq_timedreceive(r3, &(0x7f0000004600)=""/102381, 0xfffffceb, 0x0, 0x0)

1m42.477348148s ago: executing program 7 (id=4360):
unshare(0x2040400)
r0 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
r1 = socket(0x15, 0x5, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x14, &(0x7f0000000040)={0x0, 0x2710}, 0x10)
recvmsg(r1, &(0x7f0000003780)={0x0, 0x0, 0x0}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x2, 0x9, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r2}, &(0x7f0000000200), &(0x7f0000000280)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000380)='kfree\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0}}, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x41)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)={0x1a8, r7, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x180, 0x8, 0x0, 0x1, [{0x9c, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x50, 0x9, 0x0, 0x1, [{0x4c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x1}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "eff93d58460ea431f2cb4a6894ddb2834088d7445bf5afdd0619ce173f1db717"}]}, {0xe0, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x9, 0x7, @empty, 0x3}}, @WGPEER_A_ALLOWEDIPS={0x98, 0x9, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x1}}]}]}]}]}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000)
r8 = openat$cgroup_ro(r5, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r8, 0xc0502100, &(0x7f0000000b00))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f00000007c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000050000000100000000000000000000000000003f00e37326df18e4be6b46085c653af703468b665ec310f74bbb5c686fed55fb1c214c58baae40b5ed469715c9edcfdf8f8874ce3dfcc498e94f7a0eb3971c4e00c03647a7718382ee580d8b9709de073a0017d1b5e30fa0f2e19c049b2e"], &(0x7f0000000400)=""/195, 0x29, 0xc3, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r10}, 0x10)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000100), r11)
sendmsg$NLBL_CIPSOV4_C_ADD(r11, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x1d0, r12, 0x1, 0x0, 0x25dfdbff, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x4}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x1b0, 0xc, 0x0, 0x1, [{0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5b54b56}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xe844}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x71cb2ef7}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5f237358}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x687675ce}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4d1938c0}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7d00}]}, {0x54, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1278c908}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x51e3}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xcdf2}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7addd376}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1da339f1}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xacd9}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6f71a7d7}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xa44}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7caad82d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1e52}]}, {0x4c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xa435}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2f97fbc6}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9c80}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xced4}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x97fa}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x38b1f8b}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x65e6}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5d812486}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x3394}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xfe95}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x79ae}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xa482}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xbad0}]}, {0x4}, {0x34, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7ff4c28}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5810}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x4459}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xb33c}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x144b69b7}]}, {0x4c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7a5a}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1cbe77f1}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xa177}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x84ed}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xd553}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8b93}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5ab6}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x304f9ab2}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x389a}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xe921}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4a3e5a3a}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xe615}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x281c74be}]}]}]}, 0x1d0}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)

1m42.440211408s ago: executing program 7 (id=4363):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@quota}, {@oldalloc}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x3, 0x434, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLZFKNiK+IOCWkVj44+WFlQOXjSaeNDERA94rG0hlYUaWhMhjVZj8GhIvBuPJv4FnvRi1JOJV70bEmJ6AT2tmd2ZdrvdLW3ZdtH9fJKB92be5n2/O/N238zrBtC1hrN/koj9EfF7RAzUqmsbDNf+u7m8OPX38uJUEpXKW38l1XY3lheniqbF6/rzykgakX6WxJEm/c5funxuslyeuZjXxxbOvz82f+nys7PnJ8/OnJ25MHHq1MkT4y88P/FcW/LMYrox9NHc0cOvvXP1janTV9/9+dukyL8hjzYZ3ujgE5VKm7vrrAN15aSng4GwJaWIyE5Xb3X8D0QpVk/eQLz6aUeDA3ZUpVKp9Lc+vFQB/seS6HQEQGcUX/TZ/W+x7dLU445w/aXaDVCW9818qx3piTRv09twf9tOwxFxeumfr7ItduY5BADAGt9n859nms3/0ri/rt3d+drQYETcExEHI+LeiDgUEfdFVNs+EBEPbrH/xkWS9fOf9Nq2EtukbP73Yr62tXb+V8z+YrCU1w5U8+9NzsyWZ47n78lI9O7J6uMb9PHDK7990epY/fwv27L+i7lgHse1nj1rXzM9uTB5OznXu/5JxFBPs/yTlZWAJCIOR8TQNvuYfeqbo62O3Tr/DbRhnanydcSTtfO/FA35F5KN1yfH7oryzPGx4qpY75dfr7zZqv/byr8NsvO/r+n1v5L/YFK/Xju/9T6u/PF5y3ua7V7/fcnb1XJfvu/DyYWFi+MRfcnrtaDr90+svraoF+2z/EeONR//B2P1nTgSEdlF/FBEPBwRj+SxPxoRj0XEsQ3y/+nlx9/bfv47K8t/ekvnf7XQF417mhdK5378bk2ng1vJPzv/J6ulkXzPZj7/NhPX9q5mAAAA+O9JI2J/JOnoSjlNR0drfy9/KPal5bn5hafPzH1wYbr2G4HB6E2LJ10Ddc9Dx/Pb+qI+0VA/kT83/rK0t1ofnZorT3c6eehy/S3Gf+bPUqejA3ac32tB9zL+oXsZ/9C9jH/oXk3G/95OxAHsvmbf/x93IA5g9zWMf8t+0EXc/0P3Mv6hexn/0JXm98atfySvoLCuEOkdEYbCDhU6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHv8GAAD//5LX5s8=")
creat(&(0x7f0000000340)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x42)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x13, 0x0, "ef359f41a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4eb4b78c66ee677df701905b9aafab4ffffffff00", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300e6d6ae9ef30bea2a004000", [0x2]})
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, &(0x7f0000001240)='./file1\x00', 0x2)

1m42.289846621s ago: executing program 8 (id=4364):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x90020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x1, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x2, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r2}, 0x10)
r3 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r3, 0x5412, &(0x7f00000006c0)=0x5f)

1m42.281728461s ago: executing program 7 (id=4365):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x3a}, {0x0, 0x0, 0x7, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x4004)

1m42.167939743s ago: executing program 8 (id=4370):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001240)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040), 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000c40)='sys_enter\x00', r1}, 0x10)
fsmount(0xffffffffffffffff, 0x1, 0x1)

1m42.144408333s ago: executing program 8 (id=4372):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001000030428bd70000003000000000400", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="140012800c0001006d616376746170"], 0x44}}, 0x0)

1m42.114923834s ago: executing program 8 (id=4375):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@quota}, {@oldalloc}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x3, 0x434, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLZFKNiK+IOCWkVj44+WFlQOXjSaeNDERA94rG0hlYUaWhMhjVZj8GhIvBuPJv4FnvRi1JOJV70bEmJ6AT2tmd2ZdrvdLW3ZdtH9fJKB92be5n2/O/N238zrBtC1hrN/koj9EfF7RAzUqmsbDNf+u7m8OPX38uJUEpXKW38l1XY3lheniqbF6/rzykgakX6WxJEm/c5funxuslyeuZjXxxbOvz82f+nys7PnJ8/OnJ25MHHq1MkT4y88P/FcW/LMYrox9NHc0cOvvXP1janTV9/9+dukyL8hjzYZ3ujgE5VKm7vrrAN15aSng4GwJaWIyE5Xb3X8D0QpVk/eQLz6aUeDA3ZUpVKp9Lc+vFQB/seS6HQEQGcUX/TZ/W+x7dLU445w/aXaDVCW9818qx3piTRv09twf9tOwxFxeumfr7ItduY5BADAGt9n859nms3/0ri/rt3d+drQYETcExEHI+LeiDgUEfdFVNs+EBEPbrH/xkWS9fOf9Nq2EtukbP73Yr62tXb+V8z+YrCU1w5U8+9NzsyWZ47n78lI9O7J6uMb9PHDK7990epY/fwv27L+i7lgHse1nj1rXzM9uTB5OznXu/5JxFBPs/yTlZWAJCIOR8TQNvuYfeqbo62O3Tr/DbRhnanydcSTtfO/FA35F5KN1yfH7oryzPGx4qpY75dfr7zZqv/byr8NsvO/r+n1v5L/YFK/Xju/9T6u/PF5y3ua7V7/fcnb1XJfvu/DyYWFi+MRfcnrtaDr90+svraoF+2z/EeONR//B2P1nTgSEdlF/FBEPBwRj+SxPxoRj0XEsQ3y/+nlx9/bfv47K8t/ekvnf7XQF417mhdK5378bk2ng1vJPzv/J6ulkXzPZj7/NhPX9q5mAAAA+O9JI2J/JOnoSjlNR0drfy9/KPal5bn5hafPzH1wYbr2G4HB6E2LJ10Ddc9Dx/Pb+qI+0VA/kT83/rK0t1ofnZorT3c6eehy/S3Gf+bPUqejA3ac32tB9zL+oXsZ/9C9jH/oXk3G/95OxAHsvmbf/x93IA5g9zWMf8t+0EXc/0P3Mv6hexn/0JXm98atfySvoLCuEOkdEYbCDhU6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHv8GAAD//5LX5s8=")
creat(&(0x7f0000000340)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x42)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x13, 0x0, "ef359f41a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4eb4b78c66ee677df701905b9aafab4ffffffff00", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300e6d6ae9ef30bea2a004000", [0x2]})
renameat2(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, &(0x7f0000001240)='./file1\x00', 0x2)

1m42.041881925s ago: executing program 7 (id=4377):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r3}, 0x18)
shmat(0x0, &(0x7f0000ff6000/0x4000)=nil, 0x400c)

1m42.041554325s ago: executing program 38 (id=4377):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b704000008000000850000009500000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000280)='sched_switch\x00', r3}, 0x18)
shmat(0x0, &(0x7f0000ff6000/0x4000)=nil, 0x400c)

1m41.902744127s ago: executing program 8 (id=4384):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
socket$tipc(0x1e, 0x5, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'gre0\x00'})
socket$packet(0x11, 0x3, 0x300)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000002c0)={'syztnl2\x00', &(0x7f0000000340)={'syztnl0\x00', 0x0, 0x20, 0x700, 0x0, 0x7ff, {{0x12, 0x4, 0x3, 0x8, 0x48, 0x67, 0x0, 0x0, 0x2f, 0x0, @multicast1, @empty, {[@cipso={0x86, 0xe, 0x3, [{0x1, 0x3, "b7"}, {0x1, 0x5, "70ff32"}]}, @timestamp_addr={0x44, 0x24, 0x38, 0x1, 0x8, [{@broadcast, 0x9}, {@remote, 0x5}, {@broadcast, 0xaf20}, {@broadcast}]}]}}}}})
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
request_key(&(0x7f0000000340)='user\x00', &(0x7f0000000380)={'syz', 0x3}, &(0x7f00000003c0)=')\x00', 0x0)

1m41.868482157s ago: executing program 2 (id=4388):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000570000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fffffff, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000030000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000020900010073797a30000000000900030073797a3200000000240b0000060a010400000000000000000100000008000b4000000000fc0a048028000180080001006c6f67001c0002800e00024073797a6b616c6c65720000000800054000000008d00a01800e000100696d6d656469617465000000bc0a0280640002804c0002800900020073797a32000000000900020073797a310000000008000180fffffffc0900020073797a31000000000800034000009c920900020073797a300000000008000180ffffffff14000280080003400000000808000180fffffffb0800014000000002080001400000000b500002804b000100fa62d7ba9ceeacf9aa4f832b78f35731f355d63e192a72aef5e68a05d1b806151b6bd1e2d74abafd383790ad363fdc1b7766748630b48f9beefdb33c86d5835a470b5ffd20d7e9006c0102805c00028008000180fffffffe0900020073797a30000000000900020073797a320000000008000180ffffffff0900020073797a320000000008000180fffffffd0900020073797a310000000008000180fffffffc0800034000000e5628000280080003400000000608000340000000070900020073797a320000000008000180fffffffe540002800900020073797a320000000008000180fffffffe0800034000000000080003400000000008000340000000090900020073797a310000000008000180fffffffe080003400000800108000180fffffffd8e000100818ce881ff18470752e86442e8b77ddcfc7a4c87f05cd36147be26c85cc854cc117db1906007a5a8c298f4724c8c743d46ec7f3ba478d9dfb10bbe9e4fdfc2188d62db9bb1364fed383fe0b0c3fbbab83959470cb0ffb14765c32f10b54d99531d04caaf264214997543a1c63637d9a3a20b7ce9312e545626eb375c88462c198f35cf8a11616de4fa0c000098020280eb00010099c8e680eb4d0e7f78e1fb62226ae541d997c8cb51c5ebd0bb7e2730b61310dcd7525807288a7ad8c00f6aa230a1d1b876ddb0e188384e7c79cd8af94a02451a04d8f116bde38077da45650d82bdd1767b03e3f35bc4a5769e659d8cdb6d9d9d717c78b50f6b3ac899b07a9eaf2c989654de7d6609299bad01ca1f3fa8b6229a6c69627a07f627880e902231b20368f3ae64fd12fc37afeb95f14a4dc3d0bc5f6e2afd0fc8ef6982054cffa703ee1376654019ad6d2add9052c5d2f2e0ba3318f931b2c5f2dcce5cbca6093c64d23b64e2f2061da3dd5983644280de22d592b63b5d7f6b571beb005400010041bbc64da6bacaad1bebec23352accccbca40d6ba87943f82df945bf4ccc5250a0c2b2cb13793380f424b280bfb960885af6df4afa26efa8fcd7a1243389ef3fcf1d709f775a9cd1dfb2b84fd03e5d70f800010001950b7c0ec30534e476b721ba6e82d03078fe63b683918ecbbb9c339c8cdd63689339ac43acd5973f4aac8720a98d18e13b98e11e291f3f3621ed29c717639f84bdd28810da6ae30538775f15e00133741e9de3f96f69ab363752fa962b3c71041ba1e463a91d782a968d9febb648b66e71a6827c53b3be014b785f61c4fd46fef00658f64cdd465edb61ba4c5f00849b2935c485da99a38489ecc29837433ac5446c3922d73153fd8fb2368a5ce4201760ca6778f570b7fcb38be633a02d57c5884b6bcbaf3bc28ca7686edb5d59e1b823a8f0f5ff788625995d51c16413783c6290a9714bd4dcbd2a388139f3e46f69916f335c0002800900020073797a3000000000080003400000000908000180000000000900020073797a3000000000080003400000000808000180fffffffd080003400000000408000340fffffff908000180fffffffb0800034000000003a80002801c000280080003400000020008000340fffffff508000340000000001400028008000340000000050800034000000007720001001c2cce526d2ee30fb33f426450278cb35ac06b1cef15fefc26b5c17a8c9251bed316fccb5588f2e071fc355537fcf458cf14217f16ce4c12a4b559f3e807c94c6cc4f418baebc6024b74b9dbc5ef66dbbe91812ea247db80670c101ed494f105ad9c09b4eaf8d5c133b46a311c1a00001c0302802000028008000180fffffffc0900020073797a320000000008000340000000035c00028008000180fffffffc08000180fffffffc08000180fffffffb0900020073797a300000000008000340000000060900020073797a30000000000900020073797a31000000000900020073797a310000000008000180fffffffbf6000100330e5af714359ac9da33381a13071148dbe4293800e6be0290efbb549850cda132ca27a55553fd77c3067504c4596086f4001f53d49e8111395ebccb983c6b04735a58ab2617dfc62123b09c8dc5a47154667414dc28e8369829764b2e3cc23303a882890bad6d3a70d9e15701ec8c4c15a46d38c9ed6bc8658f8a45a02083f563324a27c649bab7cbcb485c289bd8df0a040128df6891ab48095977e0463f8e3ed7ba6df976ee30768954dfeb3f08c942b2c9384aa0b78baf92ecf5e4d73788afb1bc5a8f7c4b454897cd8bcac7f19cdd949fac66756da3b9311e13362eee317df853f6bc7e4638eb145a1484d3780e09b50000c8000100d5c1e4159bf770e02e6e1ebe911d7513709588175328d2e11f2ebf3f6967c49bedcb2a5459a45272bb8084e3bb55ea7a80166d97ec16457ed7d2a834d9aafdb2a54110ddc7975eaeda4f897ec7d533c27df0ce5ff92cfedadc67fff850ee5d07822d72b27af229d17ad2f8d802ae40d98f373e348a04b4f0270c71f82319de3a0331f165204896e0e448cf7ea0f8eb32a312fda6716f72f0234742fe6708ad0adf587ea21d94b8c8f5080028dda1e21d3d9ac82d8edd12941631b72b692ecc262d6ae12393000100c56deda494a09379df59bad8f0f17376b307ce49571034af728b1c4bf694e3b91406b976944238ab36ccaf40e3d92952ba87aa27af6353a82868c9508577a1b6a349fce75b3e4952b04b9527f496b5555e6db110dec07430b01446635eff12f136dbcb54fd4dc90b02e1bc6488ed74efd9eeb1b6de6e2a234f6c323df5c28a0352d03b34ee4f64ab614078125aa3cc0048000280080003400000000c08000340000000010900020073797a310000000008000180fffffffd0800034000008000080003400000dc5b08000180fffffffc08000180fffffffb2c0202804b000100cece2d8ff50c68c1060c2e691ddc50c6d87b46b4e5f6695010163d98bac2d9d7693cff0ec1e2107f58d3c305c78e5a596df92f1dbe80793dce5424be9e7951890023db7d0b9b2700e5000100f46e4b21dd4b92221713eece21b0e3bfb3fe995725eca78713a8d11ac82a6aefeeeab4720bd136479523ccafa34771afedeafc55275842bb7adb37ff3c93b19d9d5139f8b67ee81e380faa9506e6c8e5956cf7efc9828438d340aa4bfe771769c6ddb2f8c31049c1fc37e8f28812ea0aadd0caa7e32f6bb4b2b7a4473e5fa876c87bf285a503660ea12a0cfff6863a87c64ea83c31e737e278edcad77cb964828c7049d335e25156fd4d1c2faada6a8363794fe487155fbfd7c2e1b8504d4a744357734f51fca0426ffe929280df27411f8a90a067b285e970fa1e403722ae91dd000000f400010073e22ba6603d1c92836887468b100c2dc430efeb2ef19c66bd0582fe94df7b5a20292fdfbd2009980dbf9651685f7713bfb0f42583e452670f29e2cabf848fcdcb7a2067f0b257efd7dc927e540584b08f026e14be231afa797e36410d8ad6cbced8c5d2cce2f5a8b75713e57b3161b5b4ce78f283bf59a04f90bc1c5a4371abed0124c621ecb51b6166ad39f14216c09456232b7ea8dd7058bbbeae8b1c13df7ffa1515a359309683421d783f4fb00547cb06b3f974e65f28397c2c16675436a414b6e28d61800c35bdc05f9837e14491ce0fa7c0fbf6f61dd8f7eceac62373ed913de212a188ad5fa12d0eab8a0b440900010073797a30"], 0xb98}}, 0x0)

1m41.836468738s ago: executing program 2 (id=4390):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ffb, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00', r2}, 0x10)
r3 = socket(0x2, 0x5, 0x0)
sendmmsg$inet_sctp(r3, &(0x7f00000032c0)=[{&(0x7f0000002e40)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000200)="f9", 0x1}], 0x1, 0x0, 0x0, 0x80020}], 0x1, 0x81939689759cebf6)
sendmmsg$inet_sctp(r3, &(0x7f0000000bc0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000001c0)=[{0x0, 0x2}], 0x1, &(0x7f0000000140)=ANY=[@ANYBLOB="30000000000000008400000001000000000000000c0000000000000000002b0388edb6556900"/51, @ANYRES32=0x0], 0x30}], 0x1, 0x0)

1m41.793088218s ago: executing program 2 (id=4392):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x989, 0x0, 0x10}, 0x9c)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000a00)=@newqdisc={0x74, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x48, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x403, 0x8001, 0x400}, 0xa5, 0x4, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}, @TCA_TBF_PBURST={0x8, 0x7, 0x1e1e}, @TCA_TBF_PRATE64={0xc, 0x5, 0xafa8d36186c14c7d}]}}]}, 0x74}}, 0x44080)
sendmmsg$inet6(r0, &(0x7f0000003f00)=[{{0x0, 0xf, &(0x7f0000000300)=[{&(0x7f0000000140)="a2", 0x1a058}], 0x1}}], 0x1, 0x0)

1m41.71796673s ago: executing program 2 (id=4394):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@quota}, {@oldalloc}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x3, 0x434, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLZFKNiK+IOCWkVj44+WFlQOXjSaeNDERA94rG0hlYUaWhMhjVZj8GhIvBuPJv4FnvRi1JOJV70bEmJ6AT2tmd2ZdrvdLW3ZdtH9fJKB92be5n2/O/N238zrBtC1hrN/koj9EfF7RAzUqmsbDNf+u7m8OPX38uJUEpXKW38l1XY3lheniqbF6/rzykgakX6WxJEm/c5funxuslyeuZjXxxbOvz82f+nys7PnJ8/OnJ25MHHq1MkT4y88P/FcW/LMYrox9NHc0cOvvXP1janTV9/9+dukyL8hjzYZ3ujgE5VKm7vrrAN15aSng4GwJaWIyE5Xb3X8D0QpVk/eQLz6aUeDA3ZUpVKp9Lc+vFQB/seS6HQEQGcUX/TZ/W+x7dLU445w/aXaDVCW9818qx3piTRv09twf9tOwxFxeumfr7ItduY5BADAGt9n859nms3/0ri/rt3d+drQYETcExEHI+LeiDgUEfdFVNs+EBEPbrH/xkWS9fOf9Nq2EtukbP73Yr62tXb+V8z+YrCU1w5U8+9NzsyWZ47n78lI9O7J6uMb9PHDK7990epY/fwv27L+i7lgHse1nj1rXzM9uTB5OznXu/5JxFBPs/yTlZWAJCIOR8TQNvuYfeqbo62O3Tr/DbRhnanydcSTtfO/FA35F5KN1yfH7oryzPGx4qpY75dfr7zZqv/byr8NsvO/r+n1v5L/YFK/Xju/9T6u/PF5y3ua7V7/fcnb1XJfvu/DyYWFi+MRfcnrtaDr90+svraoF+2z/EeONR//B2P1nTgSEdlF/FBEPBwRj+SxPxoRj0XEsQ3y/+nlx9/bfv47K8t/ekvnf7XQF417mhdK5378bk2ng1vJPzv/J6ulkXzPZj7/NhPX9q5mAAAA+O9JI2J/JOnoSjlNR0drfy9/KPal5bn5hafPzH1wYbr2G4HB6E2LJ10Ddc9Dx/Pb+qI+0VA/kT83/rK0t1ofnZorT3c6eehy/S3Gf+bPUqejA3ac32tB9zL+oXsZ/9C9jH/oXk3G/95OxAHsvmbf/x93IA5g9zWMf8t+0EXc/0P3Mv6hexn/0JXm98atfySvoLCuEOkdEYbCDhU6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHv8GAAD//5LX5s8=")
creat(&(0x7f0000000340)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x42)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x13, 0x0, "ef359f41a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4eb4b78c66ee677df701905b9aafab4ffffffff00", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300e6d6ae9ef30bea2a004000", [0x2]})
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0xffffffffffffff9c, 0x0, 0x2)

1m41.623174272s ago: executing program 2 (id=4399):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000570000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x21, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x10000, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fffffff, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000030000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000020900010073797a30000000000900030073797a3200000000240b0000060a010400000000000000000100000008000b4000000000fc0a048028000180080001006c6f67001c0002800e00024073797a6b616c6c65720000000800054000000008d00a01800e000100696d6d656469617465000000bc0a0280640002804c0002800900020073797a32000000000900020073797a310000000008000180fffffffc0900020073797a31000000000800034000009c920900020073797a300000000008000180ffffffff14000280080003400000000808000180fffffffb0800014000000002080001400000000b500002804b000100fa62d7ba9ceeacf9aa4f832b78f35731f355d63e192a72aef5e68a05d1b806151b6bd1e2d74abafd383790ad363fdc1b7766748630b48f9beefdb33c86d5835a470b5ffd20d7e9006c0102805c00028008000180fffffffe0900020073797a30000000000900020073797a320000000008000180ffffffff0900020073797a320000000008000180fffffffd0900020073797a310000000008000180fffffffc0800034000000e5628000280080003400000000608000340000000070900020073797a320000000008000180fffffffe540002800900020073797a320000000008000180fffffffe0800034000000000080003400000000008000340000000090900020073797a310000000008000180fffffffe080003400000800108000180fffffffd8e000100818ce881ff18470752e86442e8b77ddcfc7a4c87f05cd36147be26c85cc854cc117db1906007a5a8c298f4724c8c743d46ec7f3ba478d9dfb10bbe9e4fdfc2188d62db9bb1364fed383fe0b0c3fbbab83959470cb0ffb14765c32f10b54d99531d04caaf264214997543a1c63637d9a3a20b7ce9312e545626eb375c88462c198f35cf8a11616de4fa0c000098020280eb00010099c8e680eb4d0e7f78e1fb62226ae541d997c8cb51c5ebd0bb7e2730b61310dcd7525807288a7ad8c00f6aa230a1d1b876ddb0e188384e7c79cd8af94a02451a04d8f116bde38077da45650d82bdd1767b03e3f35bc4a5769e659d8cdb6d9d9d717c78b50f6b3ac899b07a9eaf2c989654de7d6609299bad01ca1f3fa8b6229a6c69627a07f627880e902231b20368f3ae64fd12fc37afeb95f14a4dc3d0bc5f6e2afd0fc8ef6982054cffa703ee1376654019ad6d2add9052c5d2f2e0ba3318f931b2c5f2dcce5cbca6093c64d23b64e2f2061da3dd5983644280de22d592b63b5d7f6b571beb005400010041bbc64da6bacaad1bebec23352accccbca40d6ba87943f82df945bf4ccc5250a0c2b2cb13793380f424b280bfb960885af6df4afa26efa8fcd7a1243389ef3fcf1d709f775a9cd1dfb2b84fd03e5d70f800010001950b7c0ec30534e476b721ba6e82d03078fe63b683918ecbbb9c339c8cdd63689339ac43acd5973f4aac8720a98d18e13b98e11e291f3f3621ed29c717639f84bdd28810da6ae30538775f15e00133741e9de3f96f69ab363752fa962b3c71041ba1e463a91d782a968d9febb648b66e71a6827c53b3be014b785f61c4fd46fef00658f64cdd465edb61ba4c5f00849b2935c485da99a38489ecc29837433ac5446c3922d73153fd8fb2368a5ce4201760ca6778f570b7fcb38be633a02d57c5884b6bcbaf3bc28ca7686edb5d59e1b823a8f0f5ff788625995d51c16413783c6290a9714bd4dcbd2a388139f3e46f69916f335c0002800900020073797a3000000000080003400000000908000180000000000900020073797a3000000000080003400000000808000180fffffffd080003400000000408000340fffffff908000180fffffffb0800034000000003a80002801c000280080003400000020008000340fffffff508000340000000001400028008000340000000050800034000000007720001001c2cce526d2ee30fb33f426450278cb35ac06b1cef15fefc26b5c17a8c9251bed316fccb5588f2e071fc355537fcf458cf14217f16ce4c12a4b559f3e807c94c6cc4f418baebc6024b74b9dbc5ef66dbbe91812ea247db80670c101ed494f105ad9c09b4eaf8d5c133b46a311c1a00001c0302802000028008000180fffffffc0900020073797a320000000008000340000000035c00028008000180fffffffc08000180fffffffc08000180fffffffb0900020073797a300000000008000340000000060900020073797a30000000000900020073797a31000000000900020073797a310000000008000180fffffffbf6000100330e5af714359ac9da33381a13071148dbe4293800e6be0290efbb549850cda132ca27a55553fd77c3067504c4596086f4001f53d49e8111395ebccb983c6b04735a58ab2617dfc62123b09c8dc5a47154667414dc28e8369829764b2e3cc23303a882890bad6d3a70d9e15701ec8c4c15a46d38c9ed6bc8658f8a45a02083f563324a27c649bab7cbcb485c289bd8df0a040128df6891ab48095977e0463f8e3ed7ba6df976ee30768954dfeb3f08c942b2c9384aa0b78baf92ecf5e4d73788afb1bc5a8f7c4b454897cd8bcac7f19cdd949fac66756da3b9311e13362eee317df853f6bc7e4638eb145a1484d3780e09b50000c8000100d5c1e4159bf770e02e6e1ebe911d7513709588175328d2e11f2ebf3f6967c49bedcb2a5459a45272bb8084e3bb55ea7a80166d97ec16457ed7d2a834d9aafdb2a54110ddc7975eaeda4f897ec7d533c27df0ce5ff92cfedadc67fff850ee5d07822d72b27af229d17ad2f8d802ae40d98f373e348a04b4f0270c71f82319de3a0331f165204896e0e448cf7ea0f8eb32a312fda6716f72f0234742fe6708ad0adf587ea21d94b8c8f5080028dda1e21d3d9ac82d8edd12941631b72b692ecc262d6ae12393000100c56deda494a09379df59bad8f0f17376b307ce49571034af728b1c4bf694e3b91406b976944238ab36ccaf40e3d92952ba87aa27af6353a82868c9508577a1b6a349fce75b3e4952b04b9527f496b5555e6db110dec07430b01446635eff12f136dbcb54fd4dc90b02e1bc6488ed74efd9eeb1b6de6e2a234f6c323df5c28a0352d03b34ee4f64ab614078125aa3cc0048000280080003400000000c08000340000000010900020073797a310000000008000180fffffffd0800034000008000080003400000dc5b08000180fffffffc08000180fffffffb2c0202804b000100cece2d8ff50c68c1060c2e691ddc50c6d87b46b4e5f6695010163d98bac2d9d7693cff0ec1e2107f58d3c305c78e5a596df92f1dbe80793dce5424be9e7951890023db7d0b9b2700e5000100f46e4b21dd4b92221713eece21b0e3bfb3fe995725eca78713a8d11ac82a6aefeeeab4720bd136479523ccafa34771afedeafc55275842bb7adb37ff3c93b19d9d5139f8b67ee81e380faa9506e6c8e5956cf7efc9828438d340aa4bfe771769c6ddb2f8c31049c1fc37e8f28812ea0aadd0caa7e32f6bb4b2b7a4473e5fa876c87bf285a503660ea12a0cfff6863a87c64ea83c31e737e278edcad77cb964828c7049d335e25156fd4d1c2faada6a8363794fe487155fbfd7c2e1b8504d4a744357734f51fca0426ffe929280df27411f8a90a067b285e970fa1e403722ae91dd000000f400010073e22ba6603d1c92836887468b100c2dc430efeb2ef19c66bd0582fe94df7b5a20292fdfbd2009980dbf9651685f7713bfb0f42583e452670f29e2cabf848fcdcb7a2067f0b257efd7dc927e540584b08f026e14be231afa797e36410d8ad6cbced8c5d2cce2f5a8b75713e57b3161b5b4ce78f283bf59a04f90bc1c5a4371abed0124c621ecb51b6166ad39f14216c09456232b7ea8dd7058bbbeae8b1c13df7ffa1515a359309683421d783f4fb00547cb06b3f974e65f28397c2c16675436a414b6e28d61800c35bdc05f9837e14491ce0fa7c0fbf6f61dd8f7eceac62373ed913de212a188ad5fa12d0eab8a0b440900010073797a30"], 0xb98}}, 0x0)

1m41.561920623s ago: executing program 8 (id=4401):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x100006, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xb}, 0x1c)
syz_emit_ethernet(0x3e, &(0x7f0000019340)={@multicast, @multicast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "030100", 0x8, 0x11, 0x1, @remote, @mcast2, {[], {0x4e20, 0xe22, 0x8}}}}}}, 0x0)

1m41.561750363s ago: executing program 39 (id=4401):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x100006, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xb}, 0x1c)
syz_emit_ethernet(0x3e, &(0x7f0000019340)={@multicast, @multicast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "030100", 0x8, 0x11, 0x1, @remote, @mcast2, {[], {0x4e20, 0xe22, 0x8}}}}}}, 0x0)

1m41.506690053s ago: executing program 0 (id=4405):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r0)
sendmsg$NLBL_MGMT_C_ADD(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000004c0)=ANY=[@ANYBLOB="040100", @ANYRES16=r1, @ANYBLOB="cd3e00000000000000f3010000000800020005000000ce00010043ecf8a077157cd8bc7347043314cdcbb6b9bb84e5bcdb7f9af2eacc913a7640e8332d1daa67516c7f094b740c631f17ae43df88a8ebd26792040200006f64e62cd3404917f3be657330adff7fffffffffffff7412935536f4406edcdc8a3779814659bebb63d2c301a5e2568cb3696d7ed2b43a13e9096385b4cb17bf6d8436e77f709e436462ad3ba28f73bf36e8e358673326e220d60a9d3d7e3c932faf89062b965db52beeff385e442adbb8d87480d48f4b3d4530e85283000008000700ffffffff080008000000000006000b000a"], 0x104}}, 0x0)

1m41.459605004s ago: executing program 0 (id=4407):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001000030428bd70000003000000000400", @ANYRES32=0x0, @ANYBLOB, @ANYRES32, @ANYBLOB="140012800c0001006d616376746170"], 0x44}}, 0x0)

1m41.407827045s ago: executing program 0 (id=4408):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@newtaction={0x224, 0x30, 0x10, 0xf0bd29, 0x25dfdbff, {}, [{0x210, 0x1, [@m_connmark={0x134, 0x1d, 0x0, 0x0, {{0xd}, {0x3c, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x6, 0x1, 0xa477, 0x9}, 0x7}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x2, 0x17400, 0x1, 0x4, 0x6}, 0xa}}]}, {0xc9, 0x6, "7afd1283f536f3c4f159e7d29034c3d3eb198716e3d5036111755c80ce3866b27c48a5b0c96943b0f52326fb1cdfdfd075f57654e10c7e4c94d42c5950d0cfeb25b65f33a9b9ec463d92006c2c9d6fe9d55bc2d89fc43eca80f651dbd4104a2e48c5f6bcba9dcb613a4412a42774a1b22b11d9b3cb093067a4bbbf38d4a4ca51f7afe1f6f9f2bb4a605c330a13f33d0f87f855d32103c3b6bece52858231562d4698fbcfc8b5bb2cb6a5e1cc63b2f7cf002c230c07f7590b701aa7de6d9ffe314fa42b47fa"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_sample={0xd8, 0x1e, 0x0, 0x0, {{0xb}, {0x4}, {0xab, 0x6, "b994bedd346bce0500000000000000d115251a878473985c1ed7a3d4fca80601598de37da823754e06000000b3a3c993afbb7ebbbe1526dab34d44b5c23c87b684ba0a43c6d997aa4921c5a813b871326a35619082cefce7336f46644321281eb0d25aefbb3a49f1569225f999328fd102ad19375fb7bbd7b7fcbf6d8b3d9c2e08d675477de0b8bb08de621609e209dc52b7268675f10327caafcbe9c5553649bdc97cc8419d23"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}, 0x224}}, 0x48000)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

1m41.363209286s ago: executing program 0 (id=4409):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@quota}, {@oldalloc}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x3, 0x434, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLZFKNiK+IOCWkVj44+WFlQOXjSaeNDERA94rG0hlYUaWhMhjVZj8GhIvBuPJv4FnvRi1JOJV70bEmJ6AT2tmd2ZdrvdLW3ZdtH9fJKB92be5n2/O/N238zrBtC1hrN/koj9EfF7RAzUqmsbDNf+u7m8OPX38uJUEpXKW38l1XY3lheniqbF6/rzykgakX6WxJEm/c5funxuslyeuZjXxxbOvz82f+nys7PnJ8/OnJ25MHHq1MkT4y88P/FcW/LMYrox9NHc0cOvvXP1janTV9/9+dukyL8hjzYZ3ujgE5VKm7vrrAN15aSng4GwJaWIyE5Xb3X8D0QpVk/eQLz6aUeDA3ZUpVKp9Lc+vFQB/seS6HQEQGcUX/TZ/W+x7dLU445w/aXaDVCW9818qx3piTRv09twf9tOwxFxeumfr7ItduY5BADAGt9n859nms3/0ri/rt3d+drQYETcExEHI+LeiDgUEfdFVNs+EBEPbrH/xkWS9fOf9Nq2EtukbP73Yr62tXb+V8z+YrCU1w5U8+9NzsyWZ47n78lI9O7J6uMb9PHDK7990epY/fwv27L+i7lgHse1nj1rXzM9uTB5OznXu/5JxFBPs/yTlZWAJCIOR8TQNvuYfeqbo62O3Tr/DbRhnanydcSTtfO/FA35F5KN1yfH7oryzPGx4qpY75dfr7zZqv/byr8NsvO/r+n1v5L/YFK/Xju/9T6u/PF5y3ua7V7/fcnb1XJfvu/DyYWFi+MRfcnrtaDr90+svraoF+2z/EeONR//B2P1nTgSEdlF/FBEPBwRj+SxPxoRj0XEsQ3y/+nlx9/bfv47K8t/ekvnf7XQF417mhdK5378bk2ng1vJPzv/J6ulkXzPZj7/NhPX9q5mAAAA+O9JI2J/JOnoSjlNR0drfy9/KPal5bn5hafPzH1wYbr2G4HB6E2LJ10Ddc9Dx/Pb+qI+0VA/kT83/rK0t1ofnZorT3c6eehy/S3Gf+bPUqejA3ac32tB9zL+oXsZ/9C9jH/oXk3G/95OxAHsvmbf/x93IA5g9zWMf8t+0EXc/0P3Mv6hexn/0JXm98atfySvoLCuEOkdEYbCDhU6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHv8GAAD//5LX5s8=")
creat(&(0x7f0000000340)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x42)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x13, 0x0, "ef359f41a4ae6dddfbd1ce5d29c2ee5e5c9d000ff8ee09e737ff0edf110ff4eb4b78c66ee677df701905b9aafab4ffffffff00", "cba3d625780820d1cbf7db71038259ca171ce1a311ef97e4298d1e14ef01060000e9009600fdff00000000000000000000000000000000000400", "d300e6d6ae9ef30bea2a004000", [0x2]})
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0xffffffffffffff9c, 0x0, 0x2)

1m41.221624208s ago: executing program 2 (id=4413):
openat$nvram(0xffffffffffffff9c, 0x0, 0x88002, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffea4, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socket(0xb, 0x800, 0xe519)
acct(&(0x7f0000000140)='./file0\x00')

1m41.221492838s ago: executing program 40 (id=4413):
openat$nvram(0xffffffffffffff9c, 0x0, 0x88002, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffea4, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
socket(0xb, 0x800, 0xe519)
acct(&(0x7f0000000140)='./file0\x00')

1m41.1242184s ago: executing program 0 (id=4414):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x989, 0x0, 0x10}, 0x9c)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000a00)=@newqdisc={0x74, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x48, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x4, 0x2, 0x0, 0x0, 0x7, 0x8}, {0x12, 0x3, 0x0, 0x403, 0x8001, 0x400}, 0xa5, 0x4, 0x10000000}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}, @TCA_TBF_PBURST={0x8, 0x7, 0x1e1e}, @TCA_TBF_PRATE64={0xc, 0x5, 0xafa8d36186c14c7d}]}}]}, 0x74}}, 0x44080)
sendmmsg$inet6(r0, &(0x7f0000003f00)=[{{0x0, 0xf, &(0x7f0000000300)=[{&(0x7f0000000140)="a2", 0x1a058}], 0x1}}], 0x1, 0x0)

1m40.836837884s ago: executing program 0 (id=4415):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, 0x0, 0x4004)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x3a}, {0x0, 0x0, 0x7, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x4004)

1m40.814727204s ago: executing program 41 (id=4415):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, 0x0, 0x4004)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x3a}, {0x0, 0x0, 0x7, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x4004)

1m23.785923649s ago: executing program 3 (id=4839):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e20, @local}]}, &(0x7f0000000100)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000180)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x989, 0x0, 0x10}, 0x9c)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00'})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x44080)
sendmmsg$inet6(r0, &(0x7f0000003f00)=[{{0x0, 0xf, &(0x7f0000000300)=[{&(0x7f0000000140)="a2", 0x1a058}], 0x1}}], 0x1, 0x0)

1m23.73524305s ago: executing program 3 (id=4840):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001240)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000300)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000180)='%+9llu \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYBLOB="0000000000000000b70500000800000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000c40)='sys_enter\x00', r2}, 0x10)
fsmount(0xffffffffffffffff, 0x1, 0x1)

1m23.665314081s ago: executing program 3 (id=4842):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000180)='kmem_cache_free\x00', r0}, 0x18)
lsm_list_modules(&(0x7f0000000040), &(0x7f0000000080), 0x0)

1m23.630510072s ago: executing program 3 (id=4843):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@quota}, {@oldalloc}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x3, 0x434, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLZFKNiK+IOCWkVj44+WFlQOXjSaeNDERA94rG0hlYUaWhMhjVZj8GhIvBuPJv4FnvRi1JOJV70bEmJ6AT2tmd2ZdrvdLW3ZdtH9fJKB92be5n2/O/N238zrBtC1hrN/koj9EfF7RAzUqmsbDNf+u7m8OPX38uJUEpXKW38l1XY3lheniqbF6/rzykgakX6WxJEm/c5funxuslyeuZjXxxbOvz82f+nys7PnJ8/OnJ25MHHq1MkT4y88P/FcW/LMYrox9NHc0cOvvXP1janTV9/9+dukyL8hjzYZ3ujgE5VKm7vrrAN15aSng4GwJaWIyE5Xb3X8D0QpVk/eQLz6aUeDA3ZUpVKp9Lc+vFQB/seS6HQEQGcUX/TZ/W+x7dLU445w/aXaDVCW9818qx3piTRv09twf9tOwxFxeumfr7ItduY5BADAGt9n859nms3/0ri/rt3d+drQYETcExEHI+LeiDgUEfdFVNs+EBEPbrH/xkWS9fOf9Nq2EtukbP73Yr62tXb+V8z+YrCU1w5U8+9NzsyWZ47n78lI9O7J6uMb9PHDK7990epY/fwv27L+i7lgHse1nj1rXzM9uTB5OznXu/5JxFBPs/yTlZWAJCIOR8TQNvuYfeqbo62O3Tr/DbRhnanydcSTtfO/FA35F5KN1yfH7oryzPGx4qpY75dfr7zZqv/byr8NsvO/r+n1v5L/YFK/Xju/9T6u/PF5y3ua7V7/fcnb1XJfvu/DyYWFi+MRfcnrtaDr90+svraoF+2z/EeONR//B2P1nTgSEdlF/FBEPBwRj+SxPxoRj0XEsQ3y/+nlx9/bfv47K8t/ekvnf7XQF417mhdK5378bk2ng1vJPzv/J6ulkXzPZj7/NhPX9q5mAAAA+O9JI2J/JOnoSjlNR0drfy9/KPal5bn5hafPzH1wYbr2G4HB6E2LJ10Ddc9Dx/Pb+qI+0VA/kT83/rK0t1ofnZorT3c6eehy/S3Gf+bPUqejA3ac32tB9zL+oXsZ/9C9jH/oXk3G/95OxAHsvmbf/x93IA5g9zWMf8t+0EXc/0P3Mv6hexn/0JXm98atfySvoLCuEOkdEYbCDhU6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHv8GAAD//5LX5s8=")
creat(&(0x7f0000000340)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000500)='./bus\x00', 0x0, 0x42)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0/file0\x00', 0xffffffffffffff9c, &(0x7f0000001240)='./file1\x00', 0x2)

1m23.552671803s ago: executing program 3 (id=4845):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000980)=ANY=[@ANYBLOB="84000000", @ANYRES16=r1], 0x84}}, 0x4)

1m23.151761799s ago: executing program 3 (id=4862):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a300000000058000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000041c"], 0xa0}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)

1m23.12184588s ago: executing program 42 (id=4862):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a300000000058000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000041c"], 0xa0}, 0x1, 0x0, 0x0, 0x20000080}, 0x0)

4.126156294s ago: executing program 4 (id=6058):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014fa0000b7030000000008008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000020000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
removexattr(&(0x7f0000000200)='./cgroup\x00', &(0x7f0000000240)=@known='user.incfs.metadata\x00')
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r5}, 0x10)
rt_sigaction(0x19, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r6 = epoll_create(0x7)
epoll_ctl$EPOLL_CTL_MOD(r6, 0x3, r3, &(0x7f0000000180)={0x1})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r7 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r7, 0x2, &(0x7f0000000040)=0x7)
r8 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSTI(r8, 0x5412, &(0x7f0000000000))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
connect$unix(r9, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r10, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r9, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001a80)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
r11 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x28c82)
mmap(&(0x7f0000301000/0x4000)=nil, 0x4000, 0x0, 0x13012, r11, 0x0)
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="440000001000090600"/20, @ANYRES32=0x0, @ANYBLOB="adffa888000000001c00128009000100626f6e64000000000c000280050001000600000008000a0079"], 0x44}}, 0x0)

4.002002026s ago: executing program 9 (id=6060):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c030000160001000000000000000000fc010000000000000000000000000000fe88000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000000006c000000ac141400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e3bc40c7f8fd73d61164fc7d15648a9e0070949687000000000000000000000000000000000000000000000000000000227bf23d3ba4560ebd700000"], 0x34c}}, 0x44)

3.895146848s ago: executing program 9 (id=6061):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000a80)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000200)={0x38, r3, 0xc4fc9e906872338b, 0x20, 0x0, {{0x15}, {@val={0x8}, @val={0xc, 0x99, {0xfffffffc}}}}, [@NL80211_ATTR_TID_CONFIG={0x10, 0x11d, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x8, 0xd, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x4}]}]}]}]}, 0x38}}, 0x0)

3.702122991s ago: executing program 9 (id=6063):
r0 = socket$igmp6(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r0, 0x29, 0x22, &(0x7f0000000000)={{0xa, 0x0, 0x101, @loopback, 0x18000}, {0xa, 0x0, 0xfffffffd, @dev={0xfe, 0x80, '\x00', 0x3}, 0x4}, 0x0, {[0x6, 0x0, 0x0, 0xfffffef9, 0x0, 0x1, 0x5, 0x200000]}}, 0x5c)

3.545240004s ago: executing program 9 (id=6066):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
capset(&(0x7f0000000100)={0x20071026}, &(0x7f0000000140))
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000180)={0x2, 0x4, @local}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000005"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000440)={'#! ', './file1'}, 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r4, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff})
ioctl$FIDEDUPERANGE(r5, 0xc0189436, &(0x7f00000005c0)=ANY=[@ANYBLOB="fdffffffffcf3b316b9cffffffffffff7f"])
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
socket$kcm(0x10, 0x400000002, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r8, 0x0, 0x7}, 0x18)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x400000000010, 0x3, 0x0)

3.238913748s ago: executing program 4 (id=6070):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
syz_open_dev$tty20(0xc, 0x4, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
clock_nanosleep(0xfffffff2, 0xca9a3b, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x13)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)

2.660167518s ago: executing program 6 (id=6079):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000100000000000000040000850000006d00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000440)={@multicast, @local, @void, {@llc_tr={0x11, {@snap={0xaa, 0x0, 'N', "76ee7e", 0x6, "86607428a20b748ab6e7bdf4c6d886cfa6b0bdff"}}}}}, &(0x7f00000000c0)={0x1, 0x2, [0x5ff, 0xcc6, 0x4a0, 0x65d]})

2.631005139s ago: executing program 6 (id=6080):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x21081e, &(0x7f00000002c0), 0x1, 0x4f2, &(0x7f0000000600)="$eJzs3U1vG1sZAODXzpeTm97kXu4CENBSCgVVdRK3jaouoKwQQpUQXYLUhsSNothxFDulCV2k/wGJSqxgyQ9g3RV7Ngh2bMoCiY8I1FRiYTTjSeomdpOSNI7i55FGM+eMM+85ieec+nXtE0DfuhQRWxExHBEPI2Iiq89lW9xtbcnjXm0/nd/Zfjqfi2bz/j9z6fmkLtp+JvFRds1CRPzoexE/zR2MW9/YXJ6rVMprWXmqUV2dqm9sXl+qzi2WF8srpdLszOz07Ru3SifW14vV4ezoyy//sPWtnyfNGs9q2vtxklpdH9qLE9nv/AcfIlgPDETEYPb8yVzoZXt4P/mI+DQiLqf3/0QMpH9NAOA8azYnojnRXgYAzrt8mgPL5YtZLmA88vlisZXD+yzG8pVavXHtUW19ZaGVK5uMofyjpUp5OssVTsZQLinPpMdvyqV95RsR8UlE/GJkNC0X52uVhV7+wwcA+thH++b//4y05n8A4Jwr9LoBAMCpM/8DQP8x/wNA/zH/A0D/Mf8DQP8x/wNA/zH/A0Bf+eG9e8nW3Mm+/3rh8cb6cu3x9YVyfblYXZ8vztfWVouLtdpi+p091cOuV6nVVmduxvqTyW+v1htT9Y3NB9Xa+krjQfq93g/KQ6fSKwDgXT65+OLPuYjYujOabtG2loO5Gs63fK8bAPTMQK8bAPSM1b6gfx3jNb70AJwTHZbofUshIkb3VzabzeaHaxLwgV39gvw/9Ku2/L//BQx9Rv4f+lfX/P+BF/vAedNs5o665n8c9YEAwNkmxw90ef//02z/2+zNgZ8s7H/E8/0VPlEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/9hd/7eYrdwxHvl8sRhxISImYyj3aKlSno6IjyPiTyNDI0l5psdtBgCOK/+3XLb+19WJK+P7zw7nXo+k+4j42a/u//LJXKOx9sek/l979Y3nWX2pF+0HAA6zO0+n+7YX8q+2n87vbqfZnr9/NyIKrfg728Oxsxd/MAbTfSGGImLs37ms3JJry10cx9aziPh8p/7nYjzNgbRWPt0fP4l94VTj59+Kn0/PtfbJ7+JzJ9AW6DcvkvHnbqf7Lx+X0n3n+7+QjlDHl41/yaXmd9Ix8E383fFvoMv4d+moMW7+/vuto9GD555FfHEwYjf2Ttv4sxs/1yX+lYOX6+gvX/rK5W7nmr+OuBqd47fHmmpUV6fqG5vXl6pzi+XF8kqpNDszO337xq3SVJqjnuo+G/zjzrWPu51L+j/WJX7hkP5//Wjdj9/89+GPv/qO+N/8Wqf4+fjsHfGTOfEbR4w/N/a7QrdzSfyFLv0/7O9/7YjxX/5188Cy4QBA79Q3NpfnKpXymgMHZ/8gecqegWZ0PPjOacUajvf6qWbz/4rVbcQ4iawbcBbs3fQR8brXjQEAAAAAAAAAAAAAADo6jU8s9bqPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CwAA//8wuNJ1")

2.448045881s ago: executing program 6 (id=6084):
syz_usb_connect(0x2, 0x2d, 0x0, 0x0)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x145842, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
getsockopt$inet_mreqn(r0, 0x0, 0x24, &(0x7f0000000000)={@dev, @rand_addr, <r1=>0x0}, &(0x7f0000000040)=0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@ringbuf_output={{0x18, 0x2, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x43}}]}, 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', r1, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0xe, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
mount(&(0x7f0000000100), &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x8c, &(0x7f0000000300)='trans=rdma,')

2.390568332s ago: executing program 4 (id=6086):
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4, @perf_bp={0x0, 0x4}, 0x2402, 0x0, 0x800000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0102000000000000000067"], 0x30}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
syz_open_dev$vcsn(&(0x7f0000000140), 0x2, 0x14403)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
r5 = syz_io_uring_setup(0x503, &(0x7f0000000140)={0x0, 0x1184, 0x80, 0x0, 0x45}, &(0x7f0000000000)=<r6=>0x0, &(0x7f00000000c0)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}})
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_BIND_MAP(0x23, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='rdma.current\x00', 0x275a, 0x0)
fsetxattr(r8, &(0x7f0000000000)=@known='security.selinux\x00', &(0x7f0000000080)=':\x00', 0xffdf, 0x0)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0)

1.641928484s ago: executing program 6 (id=6092):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r0, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r1 = socket$inet6(0xa, 0x3, 0xff)
r2 = dup2(r1, r1)
sendmmsg$unix(r2, &(0x7f0000002480)=[{{&(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="100000000000000001000000010000001c00000000000000010000000200000b", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x30, 0x4004801}}], 0x1, 0x4008890)
openat$full(0xffffffffffffff9c, 0x0, 0x10103, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc0000000, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000040), 0xfe, 0x4f2, &(0x7f0000000b00)="$eJzs3d9rHFsdAPDvTHbvbdpcN1d9uF6wLbaSFO0maWwbfKgKok8Ftb7XmGxDyCZbkk3bhKIp/gGCiAq+6JMvgn+AIP0TRCjou6gooq0++FAd2d3ZmKa7+UE3u97s5wMnc8782O85GebsnJlhJ4ChdTEiJiMiy7LsSkSU8vlpnmKnlRrrvXj+eKGRksiyO39LIsnntT/r7Xx6Lt/sTER87csR30xej7uxtb0yX61W1vPyVH01eZll21eXV+eXKkuVtdnZmRtzN+euz033pJ3jEXHri3/6wXd/9qVbv/r0w9/f/cvkt1oNbNnbjl5qNb3Y/F+0FSJi/SSCDUih2cKW6wOuCwAAB2uc7384Ij4REVeiFCPNszkAAADgNMk+NxYvk9b9PwAAAOB0SiNiLJK0nD/vOxZpWi63nuH9aJxNq7WN+qey0u71gvEopveWq5Xp/NmB8SgmjfJM/oxtu3xtX3k2It6NiO+XRpvl8kKtujjQKx8AAAAwPM7tG///s9Qa/wMAAACnzPigKwAAAACcOON/AAAAOP2M/wEAAOBU+8rt242Utd9/vfhga3Ol9uDqYmVjpby6uVBeqK3fLy/VakvN3+xbPezzqrXa/c/E2uajqXploz61sbV9d7W2uVa/u/zKK7ABAACAPnr3wtPfJRGx89nRNCKyZM+yYkQ2snflQv/rB5yc9Dgr//Hk6gH038igKwAMjFN6GF7FQVcAGLjD+oGuD+/8uvd1AQAATsbEx3bv/zdTw1v5smSgNQNOWn7/P3Gsw/Bx/x+Gl/t/MLyKB50BGBTAqZce4VB/8/v/WXasSgEAAD031kxJWs7HAWORpuVyxDvN1wIUk3vL1cp0RHwoIn5bKr7dKM80t0xcHgAAAAAAAAAAAAAAAAAAAAAAAACAI8qyJLIuRnfXAQAAAD7IItI/J/n7vyZKl8f2Xx94K/lXqTmNiIc/vvPDR/P1+vpMY/7fd+fXf5TPv9bvqxcAAABAJ+1xenscDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99OL544V26mfcv34hIsY7xS/Emeb0TBQj4uw/kijs2S6JiJEexN95EhHvdYqfNKoV43kt9sdPI2J0wPHP9SA+DLOnjf7n852OvzQuNqedj79Cnt5U9/4v3e3/Rrr0f+90+sD09VnvP/vFVNf4TyLeL3Tuf9rxky7xLx2xjd/4+vZ2t2XZTyMmOn7/JK/EmkoK96c2travLq/OL1WWKmuzszM35m7OXZ+bnrq3XK3kfzvG+N7Hf/mfg9p/tkv88UPaf/mI7f/3s0fPP9LKFvctKsZPsmzyUuf9/16X+O3vvk/mu7tRnmjnd1r5vc7//DfnLxzQ/sUu7T9s/08esf1XvvqdPxxxVQCgDza2tlfmq9XK+vEyScTOG2wuM1yZ0ehj0Pk4aJ32SWwf6vPtPNT/xS44dmZwfRIAAHAy/nfSP+iaAAAAAAAAAAAAAAAAAAAAwPA67GfAogc/J7Y/5s5gmgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcKD/BgAA//+6ychX")
rt_sigqueueinfo(0x0, 0x0, &(0x7f0000000fc0)={0x0, 0x0, 0x200})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x400c0c0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e0000000000000000180100", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa2000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
unlink(0x0)

1.135750122s ago: executing program 6 (id=6094):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x800000f, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000002000000851000000600000018020000", @ANYRES32, @ANYBLOB="00000000000000006600020000000000180000000000000000000000000000009500040000000000360a020000000000180100002020782500000000002020207b1a00fe00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a00000004000000fd0f000007000000000000003d65571c65970b4445270d0d7606ba6d828d377bb6bb18e7465bcdc48e615d0349866b15ea8f2e4d0742fa286306735d2926a17096208a3d5ad8389c11a934a1b9fa36f4a5c74e37ecad7cf137d09f7dcad56d0fe6fce3763a0e9362b561a4078c4246918a89cc3f9c3bdd3d8b17cdd3d5ac8741b59f5a5cc459a10937249c82344d9d3efbac0b1672d043d2426f9a39f653effd85aa649c02bce2bb6cd8da550113d86e95521a494ffd02a05fbb34a1076fde5672b74b073a9cb9cc2586d0c4d9a22a7ea89f5e04c903471aeb4ed02e68d5bb18a9df75761f", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000940)={&(0x7f0000000640)='console\x00', r1}, 0x10)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000540), &(0x7f0000000080), 0x619}, 0x38)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x40000)
readv(r3, &(0x7f0000000080)=[{&(0x7f0000000380)=""/79, 0x4f}], 0x1)

1.131943842s ago: executing program 1 (id=6095):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c030000160001000000000000000000fc010000000000000000000000000000fe88000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000000006c000000ac141400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e3bc40c7f8fd73d61164fc7d15648a9e0070949687000000000000000000000000000000000000000000000000000000227bf23d3ba4560ebd70000000"], 0x34c}}, 0x44)

1.015730995s ago: executing program 1 (id=6096):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x4, &(0x7f0000000800)=ANY=[@ANYBLOB="1800"/13, @ANYRES64=0x0], &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r1, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab190c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)={'pim6reg1\x00', <r2=>0x0})
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000500)={0x8}, 0x8)
r3 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x1, @rand_addr=0x64010101}, 0x10)
listen(r3, 0x8)
r4 = accept4(r3, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r4, 0x84, 0x10, &(0x7f0000000280)=@assoc_value={<r5=>0x0, 0x4}, &(0x7f00000002c0)=0x8)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000600)=ANY=[@ANYRES32=r2, @ANYRES32=r0, @ANYBLOB='5\x00\x00\x005\x00', @ANYRES32=r0, @ANYBLOB="fd83824c46af9fe5222a7095428642adb38f73d2ba43998f29330c6d8db3bb1b27b0de441c3b320c1dd08e19ce07369a6b26f1b3b77159b1c672af489dc3c319e678d6dce5419fd655481ba4e9ef3ea45a433ac77f4c79d99d7930e6794d8a79805d20d43e9df8d1a32f674670b74d54777fccd7b38e8ebb62179e2efc81f56c6f2fd0290ea3d39d959bd503945fe408910b8c2336dc4a7f961809d1b30246bd73d34d9f457285b9dfd079283f8770801efa1c3caeff0ccd", @ANYRES64=0x0], 0x20)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRES16=r5], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
fdatasync(0xffffffffffffffff)
unshare(0x68040200)
r8 = syz_open_procfs(0x0, &(0x7f0000000700)='uid_map\x00')
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='tegra_dma_isr\x00', r7, 0x0, 0x403}, 0x18)
listxattr(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_STATS(r8, &(0x7f0000000940)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000900)={&(0x7f00000008c0)={0x14, 0x5, 0x1, 0x201, 0x0, 0x0, {0x1, 0x0, 0x9}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4040000}, 0x40)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYRESDEC=r9], &(0x7f00000001c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r10}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
ioctl$PPPIOCSFLAGS1(r8, 0x40047459, &(0x7f0000000980)=0x8020000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x8031, 0xffffffffffffffff, 0xc6ed4000)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f00000009c0)=[r6], 0x1)
r11 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r11, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f8, 0x0, 0x940c, 0x3002, 0x0, 0x2c0, 0x328, 0x3d8, 0x3d8, 0x328, 0x3d8, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @private1, [0xffffff00, 0x0, 0xffffffff, 0xffffff00], [0xffffffff, 0xffffffff, 0xff000000, 0xff], 'geneve0\x00', 'veth1_to_bridge\x00', {0xff}, {0xff}, 0x11, 0x81, 0x6, 0x1d}, 0x0, 0x1d0, 0x1f0, 0x0, {}, [@common=@srh={{0x30}, {0x2b, 0x2, 0x5, 0x4, 0x6, 0x401, 0x1}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00', 0x4}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xd0, 0x138, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1, 0x2, 0xfffffffc, 0x0, '\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x458)

653.55513ms ago: executing program 5 (id=6099):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000032500000000000000000018110000", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000850000000f000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
fstatfs(r2, &(0x7f0000000100)=""/253)

603.703731ms ago: executing program 5 (id=6100):
rseq(&(0x7f0000000340), 0x20, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000640)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)

553.283322ms ago: executing program 5 (id=6101):
unshare(0x2040400)
r0 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
r1 = socket(0x15, 0x5, 0x0)
setsockopt$sock_timeval(r1, 0x1, 0x14, &(0x7f0000000040)={0x0, 0x2710}, 0x10)
recvmsg(r1, &(0x7f0000003780)={0x0, 0x0, 0x0}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x2, 0x9, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r2}, &(0x7f0000000200), &(0x7f0000000280)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000380)='kfree\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000880)=@newtaction={0x7c, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x68, 0x1, [@m_tunnel_key={0x64, 0x1, 0x0, 0x0, {{0xf}, {0x34, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0xb, @private1={0xfc, 0x1, '\x00', 0x1}}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x7c}}, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x41)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000007c0)={0x1a8, r7, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_PEERS={0x180, 0x8, 0x0, 0x1, [{0x9c, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x50, 0x9, 0x0, 0x1, [{0x4c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x1}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "eff93d58460ea431f2cb4a6894ddb2834088d7445bf5afdd0619ce173f1db717"}]}, {0xe0, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}, @WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x9, 0x7, @empty, 0x3}}, @WGPEER_A_ALLOWEDIPS={0x98, 0x9, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {0x5}}]}, {0x1c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x2}}]}, {0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x1}}]}]}]}]}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}]}, 0x1a8}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000)
r8 = openat$cgroup_ro(r5, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1, 0x0, 0x1, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r8, 0xc0502100, &(0x7f0000000b00))
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000980)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f00000007c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000050000000100000000000000000000000000003f00e37326df18e4be6b46085c653af703468b665ec310f74bbb5c686fed55fb1c214c58baae40b5ed469715c9edcfdf8f8874ce3dfcc498e94f7a0eb3971c4e00c03647a7718382ee580d8b9709de073a0017d1b5e30fa0f2e19c049b2e"], &(0x7f0000000400)=""/195, 0x29, 0xc3, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r10}, 0x10)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000100), r11)
sendmsg$NLBL_CIPSOV4_C_ADD(r11, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x1d0, r12, 0x1, 0x0, 0x25dfdbff, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x4}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x1b0, 0xc, 0x0, 0x1, [{0x3c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5b54b56}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xe844}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x71cb2ef7}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5f237358}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x687675ce}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4d1938c0}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7d00}]}, {0x54, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1278c908}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x51e3}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xcdf2}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7addd376}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1da339f1}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xacd9}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x6f71a7d7}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xa44}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7caad82d}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x1e52}]}, {0x4c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xa435}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2f97fbc6}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x9c80}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xced4}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x97fa}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x38b1f8b}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x65e6}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x5d812486}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x3394}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xfe95}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x79ae}]}, {0x14, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xa482}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xbad0}]}, {0x4}, {0x34, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7ff4c28}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5810}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x4459}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x7}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xb33c}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x144b69b7}]}, {0x4c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7a5a}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1cbe77f1}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xa177}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x84ed}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xd553}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8b93}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x5ab6}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x304f9ab2}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x389a}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xe921}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4a3e5a3a}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xe615}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x281c74be}]}]}]}, 0x1d0}, 0x1, 0x0, 0x0, 0x4004000}, 0x0)

552.575742ms ago: executing program 1 (id=6102):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r2, 0x0, 0x6}, 0x18)
sendmsg$key(r0, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000b00)=ANY=[@ANYBLOB="020300000b0000000000000000000000030006000000000002000000e000000100000000000000000200010000001c000000fb18000000000300050000000000020000007f0000010000000000000000010018"], 0x58}, 0x1, 0x7}, 0x0)

545.535892ms ago: executing program 4 (id=6103):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x4, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d00000095", @ANYRES64=0x0], &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r1, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab190c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)={'pim6reg1\x00', <r2=>0x0})
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000500)={0x8}, 0x8)
r3 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x1, @rand_addr=0x64010101}, 0x10)
listen(r3, 0x8)
r4 = accept4(r3, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r4, 0x84, 0x10, &(0x7f0000000280)=@assoc_value={<r5=>0x0, 0x4}, &(0x7f00000002c0)=0x8)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000600)=ANY=[@ANYRES32=r2, @ANYRES32=r0, @ANYBLOB='5\x00\x00\x005\x00\x00\x00', @ANYRES32=r0, @ANYBLOB="fd83824c46af9fe5222a7095428642adb38f73d2ba43998f29330c6d8db3bb1b27b0de441c3b320c1dd08e19ce07369a6b26f1b3b77159b1c672af489dc3c319e678d6dce5419fd655481ba4e9ef3ea45a433ac77f4c79d99d7930e6794d8a79805d20d43e9df8d1a32f674670b74d54777fccd7b38e8ebb62179e2efc81f56c6f2fd0290ea3d39d959bd503945fe408910b8c2336dc4a7f961809d1b30246bd73d34d9f457285b9dfd079283f8770801efa1c3caeff0ccd", @ANYRES64=0x0], 0x20)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRES16=r5], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
fdatasync(0xffffffffffffffff)
unshare(0x68040200)
r8 = syz_open_procfs(0x0, &(0x7f0000000700)='uid_map\x00')
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='tegra_dma_isr\x00', r7, 0x0, 0x403}, 0x18)
listxattr(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_STATS(r8, &(0x7f0000000940)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000900)={&(0x7f00000008c0)={0x14, 0x5, 0x1, 0x201, 0x0, 0x0, {0x1, 0x0, 0x9}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4040000}, 0x40)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYRESDEC=r9], &(0x7f00000001c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
symlink(&(0x7f0000000180)='./file0\x00', &(0x7f0000000380)='./file0\x00')
ioctl$PPPIOCSFLAGS1(r8, 0x40047459, &(0x7f0000000980)=0x8020000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x8031, 0xffffffffffffffff, 0xc6ed4000)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f00000009c0)=[r6], 0x1)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r10, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f8, 0x0, 0x940c, 0x3002, 0x0, 0x2c0, 0x328, 0x3d8, 0x3d8, 0x328, 0x3d8, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @private1, [0xffffff00, 0x0, 0xffffffff, 0xffffff00], [0xffffffff, 0xffffffff, 0xff000000, 0xff], 'geneve0\x00', 'veth1_to_bridge\x00', {0xff}, {0xff}, 0x11, 0x81, 0x6, 0x1d}, 0x0, 0x1d0, 0x1f0, 0x0, {}, [@common=@srh={{0x30}, {0x2b, 0x2, 0x5, 0x4, 0x6, 0x401, 0x1}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00', 0x4}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xd0, 0x138, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1, 0x2, 0xfffffffc, 0x0, '\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x458)

517.576782ms ago: executing program 5 (id=6104):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r0, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r1 = socket$inet6(0xa, 0x3, 0xff)
r2 = dup2(r1, r1)
sendmmsg$unix(r2, &(0x7f0000002480)=[{{&(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="100000000000000001000000010000001c00000000000000010000000200000b", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x30, 0x4004801}}], 0x1, 0x4008890)
openat$full(0xffffffffffffff9c, 0x0, 0x10103, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc0000000, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000040), 0xfe, 0x4f2, &(0x7f0000000b00)="$eJzs3d9rHFsdAPDvTHbvbdpcN1d9uF6wLbaSFO0maWwbfKgKok8Ftb7XmGxDyCZbkk3bhKIp/gGCiAq+6JMvgn+AIP0TRCjou6gooq0++FAd2d3ZmKa7+UE3u97s5wMnc8782O85GebsnJlhJ4ChdTEiJiMiy7LsSkSU8vlpnmKnlRrrvXj+eKGRksiyO39LIsnntT/r7Xx6Lt/sTER87csR30xej7uxtb0yX61W1vPyVH01eZll21eXV+eXKkuVtdnZmRtzN+euz033pJ3jEXHri3/6wXd/9qVbv/r0w9/f/cvkt1oNbNnbjl5qNb3Y/F+0FSJi/SSCDUih2cKW6wOuCwAAB2uc7384Ij4REVeiFCPNszkAAADgNMk+NxYvk9b9PwAAAOB0SiNiLJK0nD/vOxZpWi63nuH9aJxNq7WN+qey0u71gvEopveWq5Xp/NmB8SgmjfJM/oxtu3xtX3k2It6NiO+XRpvl8kKtujjQKx8AAAAwPM7tG///s9Qa/wMAAACnzPigKwAAAACcOON/AAAAOP2M/wEAAOBU+8rt242Utd9/vfhga3Ol9uDqYmVjpby6uVBeqK3fLy/VakvN3+xbPezzqrXa/c/E2uajqXploz61sbV9d7W2uVa/u/zKK7ABAACAPnr3wtPfJRGx89nRNCKyZM+yYkQ2snflQv/rB5yc9Dgr//Hk6gH038igKwAMjFN6GF7FQVcAGLjD+oGuD+/8uvd1AQAATsbEx3bv/zdTw1v5smSgNQNOWn7/P3Gsw/Bx/x+Gl/t/MLyKB50BGBTAqZce4VB/8/v/WXasSgEAAD031kxJWs7HAWORpuVyxDvN1wIUk3vL1cp0RHwoIn5bKr7dKM80t0xcHgAAAAAAAAAAAAAAAAAAAAAAAACAI8qyJLIuRnfXAQAAAD7IItI/J/n7vyZKl8f2Xx94K/lXqTmNiIc/vvPDR/P1+vpMY/7fd+fXf5TPv9bvqxcAAABAJ+1xenscDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC99OL544V26mfcv34hIsY7xS/Emeb0TBQj4uw/kijs2S6JiJEexN95EhHvdYqfNKoV43kt9sdPI2J0wPHP9SA+DLOnjf7n852OvzQuNqedj79Cnt5U9/4v3e3/Rrr0f+90+sD09VnvP/vFVNf4TyLeL3Tuf9rxky7xLx2xjd/4+vZ2t2XZTyMmOn7/JK/EmkoK96c2travLq/OL1WWKmuzszM35m7OXZ+bnrq3XK3kfzvG+N7Hf/mfg9p/tkv88UPaf/mI7f/3s0fPP9LKFvctKsZPsmzyUuf9/16X+O3vvk/mu7tRnmjnd1r5vc7//DfnLxzQ/sUu7T9s/08esf1XvvqdPxxxVQCgDza2tlfmq9XK+vEyScTOG2wuM1yZ0ehj0Pk4aJ32SWwf6vPtPNT/xS44dmZwfRIAAHAy/nfSP+iaAAAAAAAAAAAAAAAAAAAAwPA67GfAogc/J7Y/5s5gmgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcKD/BgAA//+6ychX")
rt_sigqueueinfo(0x0, 0x0, &(0x7f0000000fc0)={0x0, 0x0, 0x200})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b704000008000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r5}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0207a20802"], 0x10}}, 0x400c0c0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e0000000000000000180100", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa2000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
unlink(0x0)

381.823925ms ago: executing program 9 (id=6105):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000380)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
chdir(&(0x7f0000000200)='./file0\x00')
lsetxattr$security_selinux(&(0x7f00000001c0)='.\x00', &(0x7f0000000240), &(0x7f0000000280)='system_u:object_r:fsadm_exec_t:s0\x00', 0x1001, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b00000"], 0x0, 0x8, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fe4, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f00000009c0)='kfree\x00', r2}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=@deltaction={0x4c, 0x18, 0x1, 0x0, 0x25dfdbfe, {0xa}, [@TCA_ACT_TAB={0x38, 0x1, [{0xc, 0x80, 0x0, 0x0, @TCA_ACT_INDEX={0x8}}, {0x14, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0x6, 0x1, 'tunnel_key\x00'}}, {0x14, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}]}]}, 0x4c}}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
setxattr$security_selinux(&(0x7f0000000100)='.\x00', &(0x7f0000000140), &(0x7f0000000180)='system_u:object_r:man_t:s0\x00', 0x1b, 0x2)

280.606166ms ago: executing program 9 (id=6106):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3ff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x3, 0x3, 0x0, @void, @value, @void, @value}, 0x50)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000004700)={'team0\x00', <r3=>0x0})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000004c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
io_setup(0x8, &(0x7f00000001c0)=<r6=>0x0)
io_submit(r6, 0x1, &(0x7f0000000080)=[&(0x7f0000000540)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x2}])
write(r4, 0x0, 0x0)
recvmmsg$unix(r4, &(0x7f00000031c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x400101a2, 0x0)
connect$unix(r5, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e)
r7 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r7, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f0000000000), 0x4)
sendmsg$NL80211_CMD_SET_QOS_MAP(r7, &(0x7f0000000680)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000600)={&(0x7f00000005c0)={0x34, 0x0, 0x1, 0x70bd2a, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x9, 0x39}}}}, [@NL80211_ATTR_QOS_MAP={0x14, 0xc7, {[{0x7, 0x2}, {0xb, 0x2}, {0x1, 0x6}, {0xb9, 0x2}], "e353e9bafa79a554"}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x40000)
r8 = getpid()
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b702000014000000b7030000010000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r11}, 0x10)
r12 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r9, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r12, 0x1, 0x0, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r8}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r7, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
ppoll(&(0x7f0000000000)=[{r0, 0x2011}, {r0, 0x2000}], 0x2, &(0x7f0000000040), &(0x7f0000000080)={[0x7]}, 0x8)
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r3, {}, {}, {0x8, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x8881}, 0x0)
r13 = syz_genetlink_get_family_id$team(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000480)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000440)={&(0x7f0000000bc0)={0x408, r13, 0x200, 0x70bd25, 0x25dfdbff, {}, [{{0x8}, {0x1b0, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xbab}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_count={{0x24}, {0x5}, {0x8, 0x4, 0xb7b}}}, {0x3c, 0x1, @name={{0x24}, {0x5}, {0xb, 0x4, 'random\x00'}}}, {0x4c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x58000}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x8000}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}]}}, {{0x8, 0x1, r3}, {0xb8, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r3}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r3}}}]}}, {{0x8, 0x1, r3}, {0x174, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup_enabled={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r3}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x10}}, {0x8, 0x6, r3}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x38, 0x1, @activeport={{0x24}, {0x5}, {0x8, 0x4, r3}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8}}, {0x8}}}]}}]}, 0x408}, 0x1, 0x0, 0x0, 0x4040008}, 0x1)
shmget(0x0, 0x4000, 0x8, &(0x7f0000ffb000/0x4000)=nil)

279.621906ms ago: executing program 1 (id=6107):
rseq(&(0x7f0000000240)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r0=>0x0}, 0x0)
setresuid(0x0, r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x10)
request_key(&(0x7f00000003c0)='ceph\x00', &(0x7f0000000400)={'syz', 0x2}, &(0x7f0000000700)='\x00', 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000b80)={[{@nombcache}, {@abort}, {@dioread_lock}, {@norecovery}, {@discard}, {@lazytime}, {@noload}, {@usrquota}, {@noauto_da_alloc}]}, 0xfe, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='freezer.self_freezing\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000480)={'#! ', './file1'}, 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext, 0x40a0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x74, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000000)=ANY=[@ANYRESDEC=0x0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000200)='mm_page_free\x00', r4}, 0x10)
r5 = io_uring_setup(0x3eee, &(0x7f0000000080)={0x0, 0x6d33, 0x80, 0x0, 0x4000000})
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)

194.489978ms ago: executing program 5 (id=6108):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
r1 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r1, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r1, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x2c}], 0x1}}], 0x48}, 0x0)

148.732308ms ago: executing program 1 (id=6109):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x6}, 0x18)
linkat(0xffffffffffffffff, &(0x7f0000002d40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffffff, 0x0, 0x1800)

147.682528ms ago: executing program 4 (id=6110):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x10, &(0x7f00000000c0)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000850000000f000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
r2 = getpid()
r3 = syz_pidfd_open(r2, 0x0)
fstatfs(r3, &(0x7f0000000100)=""/253)

126.416029ms ago: executing program 5 (id=6111):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x11, 0x4, &(0x7f0000000800)=ANY=[@ANYBLOB="1800"/13, @ANYRES64=0x0], &(0x7f00000000c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r1, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab190c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)={'pim6reg1\x00', <r2=>0x0})
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000500)={0x8}, 0x8)
r3 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x1, @rand_addr=0x64010101}, 0x10)
listen(r3, 0x8)
r4 = accept4(r3, 0x0, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r4, 0x84, 0x10, &(0x7f0000000280)=@assoc_value={<r5=>0x0, 0x4}, &(0x7f00000002c0)=0x8)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000600)=ANY=[@ANYRES32=r2, @ANYRES32=r0, @ANYBLOB='5\x00\x00\x005\x00', @ANYRES32=r0, @ANYBLOB="fd83824c46af9fe5222a7095428642adb38f73d2ba43998f29330c6d8db3bb1b27b0de441c3b320c1dd08e19ce07369a6b26f1b3b77159b1c672af489dc3c319e678d6dce5419fd655481ba4e9ef3ea45a433ac77f4c79d99d7930e6794d8a79805d20d43e9df8d1a32f674670b74d54777fccd7b38e8ebb62179e2efc81f56c6f2fd0290ea3d39d959bd503945fe408910b8c2336dc4a7f961809d1b30246bd73d34d9f457285b9dfd079283f8770801efa1c3caeff0ccd", @ANYRES64=0x0], 0x20)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYRES16=r5], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x1, 0x0, 0x7ffc1ffb}]})
fdatasync(0xffffffffffffffff)
unshare(0x68040200)
r8 = syz_open_procfs(0x0, &(0x7f0000000700)='uid_map\x00')
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000480)='tegra_dma_isr\x00', r7, 0x0, 0x403}, 0x18)
listxattr(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_STATS(r8, &(0x7f0000000940)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000900)={&(0x7f00000008c0)={0x14, 0x5, 0x1, 0x201, 0x0, 0x0, {0x1, 0x0, 0x9}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4040000}, 0x40)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYRESDEC=r9], &(0x7f00000001c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r10}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
ioctl$PPPIOCSFLAGS1(r8, 0x40047459, &(0x7f0000000980)=0x8020000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x8031, 0xffffffffffffffff, 0xc6ed4000)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f00000009c0)=[r6], 0x1)
r11 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r11, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f8, 0x0, 0x940c, 0x3002, 0x0, 0x2c0, 0x328, 0x3d8, 0x3d8, 0x328, 0x3d8, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @private1, [0xffffff00, 0x0, 0xffffffff, 0xffffff00], [0xffffffff, 0xffffffff, 0xff000000, 0xff], 'geneve0\x00', 'veth1_to_bridge\x00', {0xff}, {0xff}, 0x11, 0x81, 0x6, 0x1d}, 0x0, 0x1d0, 0x1f0, 0x0, {}, [@common=@srh={{0x30}, {0x2b, 0x2, 0x5, 0x4, 0x6, 0x401, 0x1}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x2, 0x0, 'syz0\x00', 0x4}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xd0, 0x138, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1, 0x2, 0xfffffffc, 0x0, '\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x458)

120.025589ms ago: executing program 1 (id=6112):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
syz_open_dev$tty20(0xc, 0x4, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000100)=0x5)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
clock_nanosleep(0xfffffff2, 0xca9a3b, &(0x7f0000000000)={0x77359400}, 0xfffffffffffffffe)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x13)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000280))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, 0x0)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)

69.68627ms ago: executing program 4 (id=6113):
perf_event_open(&(0x7f00000000c0)={0x2, 0x80, 0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x4, @perf_bp={0x0, 0x4}, 0x2402, 0x0, 0x800000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0102000000000000000067"], 0x30}}, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
syz_open_dev$vcsn(&(0x7f0000000140), 0x2, 0x14403)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r4}, 0x10)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
r5 = syz_io_uring_setup(0x503, &(0x7f0000000140)={0x0, 0x1184, 0x80, 0x0, 0x45}, &(0x7f0000000000)=<r6=>0x0, &(0x7f00000000c0)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}})
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_BIND_MAP(0x23, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='rdma.current\x00', 0x275a, 0x0)
fsetxattr(r8, &(0x7f0000000000)=@known='security.selinux\x00', &(0x7f0000000080)=':\x00', 0xffdf, 0x0)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, 0x0)

0s ago: executing program 6 (id=6114):
r0 = syz_io_uring_setup(0x76b0, &(0x7f0000000000)={0x0, 0xf96, 0x40, 0x0, 0x1ee}, &(0x7f00000001c0), &(0x7f0000000200)) (async)
r1 = memfd_create(&(0x7f0000000280)='nl80211\x00', 0x7) (async)
r2 = creat(&(0x7f0000000400)='./file1/file0\x00', 0x21) (async)
r3 = memfd_secret(0x80000)
r4 = open$dir(&(0x7f0000000340)='./file0\x00', 0xd0000, 0x1) (async)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x513, &(0x7f0000000c40)="$eJzs3W1rZFcdAPD/vcmk2d3UTFVkLdgWW9ktujNJY9so0lYQfVVQ6/s1JpMQMsmEzKRuQtEsfgBBRAU/gG8EP4Ag+xFEWND3oqKI7upL3St35kbzMJMMySSzTn4/OJlz7sP5n3PJ3LkPh3sDuLJeioh3ImIsIl6NiOlielqk2OukfLnHjz5YzFMSWfbe35JIimn7deXl8Yi4Uaw2GRFf/0rEt5LjcZs7u2sL9XptqyhXW+ub1ebO7p3V9YWV2kptY25u9o35N+dfn5/JCufqZzki3vrSn370/Z99+a1ffebbv7/7l9vfyZv1hY912h0Ri+cK0EOn7lJ7W+zLt9HWRQQbkrw/pbFhtwIAgH7kx/gfjohPto//p2OsfTQHAAAAjJLs7an4VxKRAQAAACMrjYipSNJKMRZgKtK0UumM4f1oXE/rjWbr08uN7Y2lfF5EOUrp8mq9NlOMFS5HKcnLs8UY2/3ya0fKcxHxXET8cPpau1xZbNSXhn3xAwAAAK6IGy8ePv//53TazgMAAAAjptyzAAAAAIwKp/wAAAAw+pz/AwAAwEj76rvv5inbf4/30vs722uN9+8s1ZprlfXtxcpiY2uzstJorLSf2bd+Wn31RmPzs7Gxfa/aqjVb1ebO7t31xvZG6+7qoVdgAwAAAJfouRcf/C6JiL3PX2unKJ4DCHDIH4fdAGCQxobdAGBoxofdAGBoSqcuYQ8Boy45Zf7xwTuda4Xx64tpDwAAMHi3Pn78/v9EMe/0awPA/zNjfQDg6nF3D66u0llHAN4cdEuAYflQ5+OZXvN7Pryjj/v/nWsMWXamhgEAAAMz1U5JWimO06ciTSuViGfbrwUoJcur9dpMcX7w2+nSM3l5tr1mcuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgI8uSyAAAAICRFpH+OWk/zT/i1vQrU4evDhx569dP3/vxvYVWa2s2YiL5+3Q+aSIiWj8ppr+WeSUAAAAAPAU65+nF5+ywWwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn86IPF/XSZcf/6xYgod4s/HpPtz8koRcT1fyQxfmC9JCLGBhB/735E3OwWP4knWZaVi1Z0i3/tguOX25ume/w0Im4MID5cZQ/y/c873b5/abzU/uz+/Rsv0nn13v+l/93/jfXY/zx7pNzL8w9/Ue0Z/37E8+Pd9z/78ZNO/EMh8sLLffbxm9/Y3e0640CV3eIfjFVtrW9Wmzu7d1bXF1ZqK7WNubnZN+bfnH99fqa6vFqvFX+7hvnBJ3755KT+X+8Rv3y4/8e2/yt99T6Lfz+89+gjnUKpW/zbL3f//b3ZI35a/PZ9qsjn82/t5/c6+YNe+PlvXjip/0s9+j95Sv9v99X/+NyrX/veH7rOObY1AIDL0NzZXVuo12tbJ2Qm+1jmkjNvPx3NGGAmno5mDCuTfbfz/3i+es65+rFMdp7Vx2MAzZg49j0di7NWmETs5XX1+Q8JAACMmP8d9J90BwkAAAAAAAAAAAAAAAAAAAC4SGd8LNlkRPS98NGYe8PpKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAif4TAAD//4RX0Xo=") (async)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000840)=ANY=[@ANYBLOB="180020000000000000000000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r6}, 0x10) (async)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r7, 0x0, 0xb, 0x8509)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r5, 0xc028660f, &(0x7f00000000c0)={0x0, r8, 0x0, 0x0, 0xfba2, 0x8}) (async)
io_uring_register$IORING_REGISTER_FILES_UPDATE(r0, 0x6, &(0x7f00000003c0)={0x6, 0x0, &(0x7f0000000380)=[r1, r2, r3, r4]}, 0x4) (async)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x48) (async)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000180)='workqueue_activate_work\x00', r10}, 0x10) (async)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

474] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  389.326794][T17486] loop9: detected capacity change from 0 to 512
[  389.341620][T17484] bridge0: port 3(team0) entered blocking state
[  389.347946][T17484] bridge0: port 3(team0) entered disabled state
[  389.350354][T17474] EXT4-fs (loop4): 1 truncate cleaned up
[  389.367494][T17484] team0: entered allmulticast mode
[  389.372652][T17484] C: entered allmulticast mode
[  389.377533][T17484] team_slave_1: entered allmulticast mode
[  389.388463][T17484] bridge0: port 3(team0) entered blocking state
[  389.394818][T17484] bridge0: port 3(team0) entered forwarding state
[  389.404484][T17486] ext4 filesystem being mounted at /269/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  389.500264][T17502] sch_tbf: burst 7710 is lower than device lo mtu (65550) !
[  389.512111][T17506] loop5: detected capacity change from 0 to 512
[  389.519178][T17506] EXT4-fs: Ignoring removed bh option
[  389.524600][T17506] EXT4-fs: Ignoring removed mblk_io_submit option
[  389.539920][T17506] ext4 filesystem being mounted at /178/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  389.582535][T17517] 9p: Unknown access argument +: -22
[  389.646134][T17521] loop5: detected capacity change from 0 to 512
[  389.653026][T17521] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  389.662162][T17521] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  389.671180][T17521] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended
[  389.680104][T17521] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  389.688251][T17521] System zones: 0-2, 18-18, 34-34
[  389.693767][T17521] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  389.708773][T17521] EXT4-fs (loop5): 1 truncate cleaned up
[  389.773885][T17525] loop5: detected capacity change from 0 to 1024
[  389.780763][T17525] EXT4-fs: Ignoring removed nobh option
[  389.786410][T17525] EXT4-fs: Ignoring removed bh option
[  389.802592][T17525] IPv6: NLM_F_CREATE should be specified when creating new route
[  389.845824][T17532] 9p: Unknown access argument +: -22
[  390.052695][T17549] loop5: detected capacity change from 0 to 512
[  390.059712][T17549] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  390.068939][T17549] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  390.087935][T17549] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended
[  390.097034][T17549] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  390.105183][T17549] System zones: 0-2, 18-18, 34-34
[  390.110793][T17549] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  390.126666][T17549] EXT4-fs (loop5): 1 truncate cleaned up
[  390.143493][T17552] loop9: detected capacity change from 0 to 1024
[  390.150387][T17552] EXT4-fs: Ignoring removed nobh option
[  390.156014][T17552] EXT4-fs: Ignoring removed bh option
[  390.394904][T17564] xt_socket: unknown flags 0xd0
[  390.745791][T17595] loop9: detected capacity change from 0 to 1024
[  390.753696][T17595] EXT4-fs: Ignoring removed nobh option
[  390.759324][T17595] EXT4-fs: Ignoring removed bh option
[  390.848455][T17607] sctp: [Deprecated]: syz.1.5448 (pid 17607) Use of struct sctp_assoc_value in delayed_ack socket option.
[  390.848455][T17607] Use struct sctp_sack_info instead
[  390.879079][T17605] loop9: detected capacity change from 0 to 1024
[  390.900921][T17605] EXT4-fs: Ignoring removed nobh option
[  390.906679][T17605] EXT4-fs: Ignoring removed bh option
[  391.111343][T17612] xt_socket: unknown flags 0xd0
[  391.169462][T17618] sctp: [Deprecated]: syz.6.5451 (pid 17618) Use of struct sctp_assoc_value in delayed_ack socket option.
[  391.169462][T17618] Use struct sctp_sack_info instead
[  391.199794][T17622] sch_tbf: burst 3298 is lower than device lo mtu (851990) !
[  391.216326][T17622] 9pnet_fd: Insufficient options for proto=fd
[  391.335781][T17632] loop5: detected capacity change from 0 to 512
[  391.355940][T17633] sch_tbf: burst 7710 is lower than device lo mtu (65550) !
[  391.369484][T17632] EXT4-fs (loop5): too many log groups per flexible block group
[  391.377346][T17632] EXT4-fs (loop5): failed to initialize mballoc (-12)
[  391.390773][T17632] EXT4-fs (loop5): mount failed
[  391.511276][T17646] sctp: [Deprecated]: syz.5.5463 (pid 17646) Use of struct sctp_assoc_value in delayed_ack socket option.
[  391.511276][T17646] Use struct sctp_sack_info instead
[  391.659039][T17656] loop6: detected capacity change from 0 to 256
[  391.695522][T17654] __nla_validate_parse: 13 callbacks suppressed
[  391.695536][T17654] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5466'.
[  391.723777][T17657] xt_socket: unknown flags 0xd0
[  391.833389][T17665] loop6: detected capacity change from 0 to 512
[  391.850440][T17665] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  391.859673][T17665] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  391.868859][T17667] loop5: detected capacity change from 0 to 512
[  391.878369][T17665] EXT4-fs (loop6): warning: checktime reached, running e2fsck is recommended
[  391.889124][T17670] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5468'.
[  391.902313][T17670] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  391.912297][T17665] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  391.918224][T17667] batadv1: entered allmulticast mode
[  391.927115][T17665] System zones: 0-2, 18-18, 34-34
[  391.930397][T17667] 8021q: adding VLAN 0 to HW filter on device batadv1
[  391.939185][T17665] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  391.955473][T17665] EXT4-fs (loop6): 1 truncate cleaned up
[  392.054010][T17680] bond1: entered promiscuous mode
[  392.059121][T17680] bond1: entered allmulticast mode
[  392.070695][T17680] 8021q: adding VLAN 0 to HW filter on device bond1
[  392.081614][T17680] bond1 (unregistering): Released all slaves
[  392.090636][T17682] sch_tbf: burst 7710 is lower than device lo mtu (851990) !
[  392.114814][T17687] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  392.122612][T17687] 9pnet_fd: Insufficient options for proto=fd
[  392.628713][T17699] netlink: 'syz.1.5482': attribute type 29 has an invalid length.
[  392.638654][T17700] xt_socket: unknown flags 0xd0
[  392.640533][T17699] netlink: 'syz.1.5482': attribute type 29 has an invalid length.
[  392.653121][T17699] netlink: 500 bytes leftover after parsing attributes in process `syz.1.5482'.
[  392.718884][T17708] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5485'.
[  392.763156][   T29] kauditd_printk_skb: 235 callbacks suppressed
[  392.763181][   T29] audit: type=1400 audit(1744909286.467:11046): avc:  denied  { associate } for  pid=17711 comm="syz.1.5488" name="memory.events.local" scontext=root:object_r:unlabeled_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  392.797221][T17716] sch_tbf: burst 7710 is lower than device lo mtu (65550) !
[  392.844411][   T29] audit: type=1326 audit(1744909286.547:11047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17713 comm="syz.9.5489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  392.868268][   T29] audit: type=1326 audit(1744909286.547:11048): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17713 comm="syz.9.5489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  392.892140][   T29] audit: type=1326 audit(1744909286.547:11049): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17713 comm="syz.9.5489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  392.915636][   T29] audit: type=1326 audit(1744909286.547:11050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17713 comm="syz.9.5489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  392.939225][   T29] audit: type=1326 audit(1744909286.547:11051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17713 comm="syz.9.5489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  392.962806][   T29] audit: type=1326 audit(1744909286.547:11052): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17713 comm="syz.9.5489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  392.986595][   T29] audit: type=1326 audit(1744909286.547:11053): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17713 comm="syz.9.5489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  393.010152][   T29] audit: type=1326 audit(1744909286.547:11054): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17713 comm="syz.9.5489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  393.033926][   T29] audit: type=1326 audit(1744909286.547:11055): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17713 comm="syz.9.5489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  393.139103][T17727] loop5: detected capacity change from 0 to 512
[  393.154012][T17730] loop6: detected capacity change from 0 to 1024
[  393.161163][T17730] EXT4-fs: Ignoring removed nobh option
[  393.166863][T17730] EXT4-fs: Ignoring removed bh option
[  393.177162][T17727] EXT4-fs: Ignoring removed bh option
[  393.182653][T17727] EXT4-fs: Ignoring removed mblk_io_submit option
[  393.198739][T17727] ext4 filesystem being mounted at /200/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  393.219417][T17730] IPv6: NLM_F_CREATE should be specified when creating new route
[  393.679940][T17748] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5503'.
[  393.856478][T17752] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5498'.
[  393.873574][T17756] netlink: 'syz.1.5505': attribute type 29 has an invalid length.
[  393.884432][T17753] 9p: Unknown access argument +: -22
[  393.891537][T17757] sch_tbf: burst 3298 is lower than device lo mtu (851990) !
[  393.899630][T17757] 9pnet_fd: Insufficient options for proto=fd
[  393.918416][T17756] netlink: 'syz.1.5505': attribute type 29 has an invalid length.
[  393.927109][T17756] netlink: 500 bytes leftover after parsing attributes in process `syz.1.5505'.
[  393.936755][T17759] sctp: [Deprecated]: syz.4.5506 (pid 17759) Use of struct sctp_assoc_value in delayed_ack socket option.
[  393.936755][T17759] Use struct sctp_sack_info instead
[  393.970535][T17761] loop6: detected capacity change from 0 to 1024
[  394.015528][T17761] EXT4-fs: Ignoring removed nobh option
[  394.021137][T17761] EXT4-fs: Ignoring removed bh option
[  394.028051][T17763] sch_tbf: burst 7710 is lower than device lo mtu (65550) !
[  394.046702][T17767] bond1: entered promiscuous mode
[  394.051798][T17767] bond1: entered allmulticast mode
[  394.105034][T17767] 8021q: adding VLAN 0 to HW filter on device bond1
[  394.116123][T17767] bond1 (unregistering): Released all slaves
[  394.167109][T17783] netlink: 596 bytes leftover after parsing attributes in process `syz.9.5512'.
[  394.235693][T17793] netlink: 'syz.5.5519': attribute type 29 has an invalid length.
[  394.244102][T17793] netlink: 'syz.5.5519': attribute type 29 has an invalid length.
[  394.273474][T17795] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5520'.
[  394.336661][T17799] sch_tbf: burst 7710 is lower than device lo mtu (851990) !
[  394.348851][T17801] 9p: Unknown access argument +: -22
[  394.453425][T17805] sctp: [Deprecated]: syz.5.5524 (pid 17805) Use of struct sctp_assoc_value in delayed_ack socket option.
[  394.453425][T17805] Use struct sctp_sack_info instead
[  394.941953][T17812] bond1: entered promiscuous mode
[  394.947093][T17812] bond1: entered allmulticast mode
[  394.952422][T17812] 8021q: adding VLAN 0 to HW filter on device bond1
[  394.962269][T17812] bond1 (unregistering): Released all slaves
[  395.086768][T17820] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5529'.
[  395.111537][T17823] netlink: 'syz.1.5530': attribute type 29 has an invalid length.
[  395.120131][T17823] netlink: 'syz.1.5530': attribute type 29 has an invalid length.
[  395.137234][T17825] sctp: [Deprecated]: syz.4.5531 (pid 17825) Use of struct sctp_assoc_value in delayed_ack socket option.
[  395.137234][T17825] Use struct sctp_sack_info instead
[  395.218914][T17833] loop6: detected capacity change from 0 to 1024
[  395.226643][T17833] EXT4-fs: Ignoring removed nobh option
[  395.232293][T17833] EXT4-fs: Ignoring removed bh option
[  395.510942][T17851] sch_tbf: burst 7710 is lower than device lo mtu (65550) !
[  395.901619][T17855] netlink: 'syz.9.5543': attribute type 29 has an invalid length.
[  395.910107][T17855] netlink: 'syz.9.5543': attribute type 29 has an invalid length.
[  395.977605][T17863] loop9: detected capacity change from 0 to 512
[  395.984359][T17863] EXT4-fs: Ignoring removed i_version option
[  396.150441][T17868] loop6: detected capacity change from 0 to 1024
[  396.158588][T17868] EXT4-fs: Ignoring removed nobh option
[  396.164399][T17868] EXT4-fs: Ignoring removed bh option
[  396.242436][T17878] loop4: detected capacity change from 0 to 512
[  396.253021][T17878] EXT4-fs: Ignoring removed i_version option
[  396.259230][T17881] loop6: detected capacity change from 0 to 512
[  396.260619][T17878] EXT4-fs error (device loop4): ext4_get_journal_inode:5798: comm syz.4.5553: inode #196608: comm syz.4.5553: iget: illegal inode #
[  396.266897][T17881] EXT4-fs: Ignoring removed bh option
[  396.283051][T17878] EXT4-fs (loop4): no journal found
[  396.284991][T17881] EXT4-fs: Ignoring removed mblk_io_submit option
[  396.290139][T17878] EXT4-fs (loop4): can't get journal size
[  396.318240][T17878] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  396.332825][T17878] EXT4-fs (loop4): Errors on filesystem, clearing orphan list.
[  396.355215][T17888] loop5: detected capacity change from 0 to 1164
[  396.355441][T17881] ext4 filesystem being mounted at /147/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  396.415303][T17892] loop5: detected capacity change from 0 to 512
[  396.442590][T17892] EXT4-fs (loop5): too many log groups per flexible block group
[  396.450340][T17892] EXT4-fs (loop5): failed to initialize mballoc (-12)
[  396.457831][T17892] EXT4-fs (loop5): mount failed
[  396.506104][T17897] FAULT_INJECTION: forcing a failure.
[  396.506104][T17897] name failslab, interval 1, probability 0, space 0, times 0
[  396.518842][T17897] CPU: 0 UID: 0 PID: 17897 Comm: syz.6.5559 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(voluntary) 
[  396.518867][T17897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  396.518879][T17897] Call Trace:
[  396.518884][T17897]  <TASK>
[  396.518935][T17897]  dump_stack_lvl+0xf6/0x150
[  396.519032][T17897]  dump_stack+0x15/0x1a
[  396.519048][T17897]  should_fail_ex+0x261/0x270
[  396.519073][T17897]  should_failslab+0x8f/0xb0
[  396.519194][T17897]  kmem_cache_alloc_noprof+0x59/0x340
[  396.519215][T17897]  ? audit_log_start+0x37f/0x6e0
[  396.519238][T17897]  audit_log_start+0x37f/0x6e0
[  396.519278][T17897]  ? kstrtouint+0x7b/0xc0
[  396.519301][T17897]  audit_seccomp+0x4b/0x130
[  396.519319][T17897]  __seccomp_filter+0x694/0x10e0
[  396.519364][T17897]  ? vfs_write+0x669/0x950
[  396.519388][T17897]  ? putname+0xe1/0x100
[  396.519474][T17897]  __secure_computing+0x7e/0x160
[  396.519500][T17897]  syscall_trace_enter+0xcf/0x1f0
[  396.519615][T17897]  ? fpregs_assert_state_consistent+0x83/0xa0
[  396.519651][T17897]  do_syscall_64+0xaa/0x1c0
[  396.519676][T17897]  ? clear_bhb_loop+0x25/0x80
[  396.519722][T17897]  ? clear_bhb_loop+0x25/0x80
[  396.519742][T17897]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.519762][T17897] RIP: 0033:0x7fb24d2be169
[  396.519776][T17897] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  396.519793][T17897] RSP: 002b:00007fb24b927038 EFLAGS: 00000246 ORIG_RAX: 000000000000004b
[  396.519835][T17897] RAX: ffffffffffffffda RBX: 00007fb24d4e5fa0 RCX: 00007fb24d2be169
[  396.519847][T17897] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000005
[  396.519859][T17897] RBP: 00007fb24b927090 R08: 0000000000000000 R09: 0000000000000000
[  396.519870][T17897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  396.519880][T17897] R13: 0000000000000000 R14: 00007fb24d4e5fa0 R15: 00007ffdd1e5d9d8
[  396.519896][T17897]  </TASK>
[  396.736088][T14911] EXT4-fs unmount: 49 callbacks suppressed
[  396.736105][T14911] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  396.761801][T17901] __nla_validate_parse: 6 callbacks suppressed
[  396.761814][T17901] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5561'.
[  396.762250][T17903] sctp: [Deprecated]: syz.5.5560 (pid 17903) Use of struct sctp_assoc_value in delayed_ack socket option.
[  396.762250][T17903] Use struct sctp_sack_info instead
[  396.816226][T13805] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  396.891153][T17914] sch_tbf: burst 7710 is lower than device lo mtu (851990) !
[  396.924596][T17915] loop6: detected capacity change from 0 to 512
[  396.943658][T17915] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  396.964215][T17915] ext4 filesystem being mounted at /150/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  397.131700][T17930] loop5: detected capacity change from 0 to 512
[  397.157370][T17930] EXT4-fs (loop5): too many log groups per flexible block group
[  397.165282][T17930] EXT4-fs (loop5): failed to initialize mballoc (-12)
[  397.288684][T17930] EXT4-fs (loop5): mount failed
[  397.900346][T17942] loop4: detected capacity change from 0 to 512
[  397.924176][T17942] EXT4-fs: Ignoring removed i_version option
[  397.948232][T17942] EXT4-fs error (device loop4): ext4_get_journal_inode:5798: comm syz.4.5574: inode #196608: comm syz.4.5574: iget: illegal inode #
[  398.028246][T17942] EXT4-fs (loop4): no journal found
[  398.033483][T17942] EXT4-fs (loop4): can't get journal size
[  398.063978][T17942] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  398.074332][T17942] EXT4-fs (loop4): Errors on filesystem, clearing orphan list.
[  398.086269][T17942] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  398.184117][   T29] kauditd_printk_skb: 202 callbacks suppressed
[  398.184134][   T29] audit: type=1326 audit(1744909291.868:11256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17941 comm="syz.4.5574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f109264e169 code=0x7ffc0000
[  398.213965][   T29] audit: type=1326 audit(1744909291.868:11257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17941 comm="syz.4.5574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f109264e169 code=0x7ffc0000
[  398.237614][   T29] audit: type=1326 audit(1744909291.868:11258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17941 comm="syz.4.5574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f109264e169 code=0x7ffc0000
[  398.261229][   T29] audit: type=1326 audit(1744909291.868:11259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17941 comm="syz.4.5574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f109264e169 code=0x7ffc0000
[  398.284860][   T29] audit: type=1326 audit(1744909291.868:11260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17941 comm="syz.4.5574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f109264e169 code=0x7ffc0000
[  398.308432][   T29] audit: type=1326 audit(1744909291.868:11261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17941 comm="syz.4.5574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f109264e169 code=0x7ffc0000
[  398.332196][   T29] audit: type=1326 audit(1744909291.868:11262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17941 comm="syz.4.5574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f109264e169 code=0x7ffc0000
[  398.356039][   T29] audit: type=1326 audit(1744909291.868:11263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17941 comm="syz.4.5574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f109264e169 code=0x7ffc0000
[  398.379645][   T29] audit: type=1326 audit(1744909291.868:11264): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17941 comm="syz.4.5574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=298 compat=0 ip=0x7f109264e169 code=0x7ffc0000
[  398.403318][   T29] audit: type=1326 audit(1744909291.868:11265): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17941 comm="syz.4.5574" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f109264e169 code=0x7ffc0000
[  398.496995][T17949] netlink: 4 bytes leftover after parsing attributes in process `syz.9.5576'.
[  398.509626][T14911] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  398.656588][T17958] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5580'.
[  398.855032][T17967] netlink: 16 bytes leftover after parsing attributes in process `syz.9.5584'.
[  398.882599][T17969] loop9: detected capacity change from 0 to 512
[  398.899755][T17969] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.5585: bg 0: block 288: padding at end of block bitmap is not set
[  398.920372][T17969] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  398.980865][T17969] EXT4-fs error (device loop9): ext4_clear_blocks:876: inode #13: comm syz.9.5585: attempt to clear invalid blocks 1024 len 1
[  399.026937][T17969] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #13: comm syz.9.5585: invalid indirect mapped block 1819239214 (level 0)
[  399.055870][T17969] EXT4-fs (loop9): 1 truncate cleaned up
[  399.081857][T17969] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  399.191009][T17969] random: crng reseeded on system resumption
[  399.642550][T13805] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  399.696065][T17985] loop9: detected capacity change from 0 to 1024
[  399.703987][T17985] EXT4-fs: Ignoring removed nobh option
[  399.709579][T17985] EXT4-fs: Ignoring removed bh option
[  399.746696][T17985] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  399.781128][T13805] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  399.967099][T17993] loop9: detected capacity change from 0 to 2048
[  400.002719][T17993] vlan2: entered allmulticast mode
[  400.214813][T18000] netlink: 16 bytes leftover after parsing attributes in process `syz.9.5594'.
[  400.398132][T16019] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  400.588075][T18021] netlink: 'syz.1.5602': attribute type 29 has an invalid length.
[  400.596395][T18021] netlink: 'syz.1.5602': attribute type 29 has an invalid length.
[  400.605060][T18021] netlink: 596 bytes leftover after parsing attributes in process `syz.1.5602'.
[  400.788589][T18027] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  400.929956][T18030] netlink: 16 bytes leftover after parsing attributes in process `syz.4.5605'.
[  401.150675][T18034] 9p: Unknown access argument +: -22
[  401.374259][T18040] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5609'.
[  401.396072][T18040] FAULT_INJECTION: forcing a failure.
[  401.396072][T18040] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  401.409274][T18040] CPU: 1 UID: 0 PID: 18040 Comm: syz.6.5609 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(voluntary) 
[  401.409321][T18040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  401.409333][T18040] Call Trace:
[  401.409341][T18040]  <TASK>
[  401.409370][T18040]  dump_stack_lvl+0xf6/0x150
[  401.409430][T18040]  dump_stack+0x15/0x1a
[  401.409480][T18040]  should_fail_ex+0x261/0x270
[  401.409503][T18040]  should_fail+0xb/0x10
[  401.409524][T18040]  should_fail_usercopy+0x1a/0x20
[  401.409582][T18040]  _copy_from_iter+0xd8/0xd10
[  401.409652][T18040]  ? kmalloc_reserve+0x16e/0x190
[  401.409673][T18040]  ? __build_skb_around+0x199/0x1f0
[  401.409690][T18040]  ? __alloc_skb+0x227/0x320
[  401.409706][T18040]  ? __virt_addr_valid+0x1ed/0x250
[  401.409784][T18040]  ? __check_object_size+0x367/0x510
[  401.409815][T18040]  netlink_sendmsg+0x492/0x720
[  401.409837][T18040]  ? __pfx_netlink_sendmsg+0x10/0x10
[  401.409857][T18040]  __sock_sendmsg+0x140/0x180
[  401.409930][T18040]  ____sys_sendmsg+0x350/0x4e0
[  401.409954][T18040]  __sys_sendmsg+0x1a0/0x240
[  401.409983][T18040]  __x64_sys_sendmsg+0x46/0x50
[  401.410006][T18040]  x64_sys_call+0x26f3/0x2e10
[  401.410049][T18040]  do_syscall_64+0xc9/0x1c0
[  401.410091][T18040]  ? clear_bhb_loop+0x25/0x80
[  401.410196][T18040]  ? clear_bhb_loop+0x25/0x80
[  401.410212][T18040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.410276][T18040] RIP: 0033:0x7fb24d2be169
[  401.410291][T18040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.410308][T18040] RSP: 002b:00007fb24b927038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  401.410326][T18040] RAX: ffffffffffffffda RBX: 00007fb24d4e5fa0 RCX: 00007fb24d2be169
[  401.410336][T18040] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000004
[  401.410345][T18040] RBP: 00007fb24b927090 R08: 0000000000000000 R09: 0000000000000000
[  401.410399][T18040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  401.410468][T18040] R13: 0000000000000000 R14: 00007fb24d4e5fa0 R15: 00007ffdd1e5d9d8
[  401.410482][T18040]  </TASK>
[  401.658961][T18043] sctp: [Deprecated]: syz.6.5610 (pid 18043) Use of struct sctp_assoc_value in delayed_ack socket option.
[  401.658961][T18043] Use struct sctp_sack_info instead
[  401.721569][T18050] 9p: Unknown access argument +: -22
[  402.146401][T18059] loop4: detected capacity change from 0 to 1024
[  402.182498][T18059] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  402.193746][T18059] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  402.292365][T18063] loop6: detected capacity change from 0 to 512
[  402.300357][T18059] JBD2: no valid journal superblock found
[  402.306246][T18059] EXT4-fs (loop4): Could not load journal inode
[  402.326045][T18063] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  402.335274][T18063] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  402.373586][T18063] EXT4-fs (loop6): warning: checktime reached, running e2fsck is recommended
[  402.382959][T18063] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  402.402189][T18063] System zones: 0-2, 18-18, 34-34
[  402.409900][T18063] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  402.435459][T18063] EXT4-fs (loop6): 1 truncate cleaned up
[  402.441805][T18063] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  402.590693][T18067] sctp: [Deprecated]: syz.1.5619 (pid 18067) Use of struct sctp_assoc_value in delayed_ack socket option.
[  402.590693][T18067] Use struct sctp_sack_info instead
[  402.614239][T16019] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  402.728153][T18071] netlink: 24 bytes leftover after parsing attributes in process `syz.9.5621'.
[  402.978474][T18089] loop6: detected capacity change from 0 to 1024
[  403.000365][T18089] EXT4-fs: Ignoring removed nobh option
[  403.006180][T18089] EXT4-fs: Ignoring removed bh option
[  403.037371][T18089] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  403.088046][T16019] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  403.236206][T18110] loop6: detected capacity change from 0 to 512
[  403.254856][T18110] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  403.267603][T18110] ext4 filesystem being mounted at /161/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  403.570695][T18115] loop9: detected capacity change from 0 to 512
[  403.604463][T18115] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  403.613597][T18115] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[  403.647837][T18115] EXT4-fs (loop9): warning: checktime reached, running e2fsck is recommended
[  403.657173][T18115] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  403.672384][T18115] System zones: 0-2, 18-18, 34-34
[  403.678585][T18115] EXT4-fs warning (device loop9): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  403.698965][T18115] EXT4-fs (loop9): 1 truncate cleaned up
[  403.711962][T18115] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  403.811688][T13805] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  403.864595][T18124] loop5: detected capacity change from 0 to 1024
[  403.871419][T18124] EXT4-fs: Ignoring removed nobh option
[  403.877131][T18124] EXT4-fs: Ignoring removed bh option
[  403.886040][T18122] netlink: 16 bytes leftover after parsing attributes in process `syz.9.5638'.
[  403.897104][T18124] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  403.939204][T14893] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  403.969933][T18136] loop5: detected capacity change from 0 to 1024
[  404.006007][T18136] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  404.039385][T18140] loop4: detected capacity change from 0 to 512
[  404.046221][T18136] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  404.047195][T18140] EXT4-fs: Ignoring removed bh option
[  404.057174][T18136] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (59422!=20869)
[  404.072263][T18140] EXT4-fs: Ignoring removed mblk_io_submit option
[  404.076681][T18136] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  404.080168][T16019] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  404.102435][T18138] loop9: detected capacity change from 0 to 512
[  404.124498][T18136] EXT4-fs error (device loop5): __ext4_iget:5025: inode #17: block 1803188595: comm syz.5.5642: invalid block
[  404.124991][T18140] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  404.140047][T18136] EXT4-fs (loop5): no journal found
[  404.159320][T18140] ext4 filesystem being mounted at /252/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  404.188838][T18152] FAULT_INJECTION: forcing a failure.
[  404.188838][T18152] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  404.194986][T18138] EXT4-fs (loop9): too many log groups per flexible block group
[  404.202046][T18152] CPU: 1 UID: 0 PID: 18152 Comm: syz.1.5649 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(voluntary) 
[  404.202075][T18152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  404.202086][T18152] Call Trace:
[  404.202093][T18152]  <TASK>
[  404.202101][T18152]  dump_stack_lvl+0xf6/0x150
[  404.202285][T18152]  dump_stack+0x15/0x1a
[  404.202300][T18152]  should_fail_ex+0x261/0x270
[  404.202324][T18152]  should_fail+0xb/0x10
[  404.202343][T18152]  should_fail_usercopy+0x1a/0x20
[  404.202367][T18152]  _copy_from_iter+0xd8/0xd10
[  404.202401][T18152]  ? kmalloc_reserve+0x16e/0x190
[  404.202422][T18152]  ? __build_skb_around+0x199/0x1f0
[  404.202443][T18152]  ? __alloc_skb+0x227/0x320
[  404.202532][T18152]  ? __virt_addr_valid+0x1ed/0x250
[  404.202550][T18152]  ? __check_object_size+0x367/0x510
[  404.202571][T18152]  netlink_sendmsg+0x492/0x720
[  404.202648][T18152]  ? __pfx_netlink_sendmsg+0x10/0x10
[  404.202673][T18152]  __sock_sendmsg+0x140/0x180
[  404.202689][T18152]  ____sys_sendmsg+0x350/0x4e0
[  404.202781][T18152]  __sys_sendmsg+0x1a0/0x240
[  404.202814][T18152]  __x64_sys_sendmsg+0x46/0x50
[  404.202836][T18152]  x64_sys_call+0x26f3/0x2e10
[  404.202855][T18152]  do_syscall_64+0xc9/0x1c0
[  404.202896][T18152]  ? clear_bhb_loop+0x25/0x80
[  404.202915][T18152]  ? clear_bhb_loop+0x25/0x80
[  404.202933][T18152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.202952][T18152] RIP: 0033:0x7f3792dee169
[  404.202966][T18152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  404.203061][T18152] RSP: 002b:00007f3791457038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  404.203077][T18152] RAX: ffffffffffffffda RBX: 00007f3793015fa0 RCX: 00007f3792dee169
[  404.203087][T18152] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  404.203096][T18152] RBP: 00007f3791457090 R08: 0000000000000000 R09: 0000000000000000
[  404.203106][T18152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  404.203115][T18152] R13: 0000000000000000 R14: 00007f3793015fa0 R15: 00007ffdd6d78a58
[  404.203129][T18152]  </TASK>
[  404.325466][T18158] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5651'.
[  404.329620][T18138] EXT4-fs (loop9): failed to initialize mballoc (-12)
[  404.436577][T18138] EXT4-fs (loop9): mount failed
[  404.445697][T18160] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5652'.
[  404.459047][T18160] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5652'.
[  404.472369][T18160] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5652'.
[  404.489928][T18162] loop5: detected capacity change from 0 to 1024
[  404.505706][T18162] EXT4-fs: Ignoring removed nobh option
[  404.511351][T18162] EXT4-fs: Ignoring removed bh option
[  404.536953][T18162] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  404.564708][T14893] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  404.577305][T14911] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  404.632624][T18176] loop9: detected capacity change from 0 to 512
[  404.696070][T18181] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5660'.
[  404.705280][T18181] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5660'.
[  404.775790][T18184] loop5: detected capacity change from 0 to 512
[  404.847281][T18184] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  404.870848][T18176] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  404.885619][T18184] ext4 filesystem being mounted at /230/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  404.898134][T18176] ext4 filesystem being mounted at /325/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  404.990969][T18198] netlink: 52 bytes leftover after parsing attributes in process `syz.6.5665'.
[  405.000093][T18198] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5665'.
[  405.402151][   T29] kauditd_printk_skb: 139 callbacks suppressed
[  405.402163][   T29] audit: type=1326 audit(1744909299.099:11405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18201 comm="syz.1.5667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3792dee169 code=0x7ffc0000
[  405.434319][   T29] audit: type=1326 audit(1744909299.139:11406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18201 comm="syz.1.5667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7f3792dee169 code=0x7ffc0000
[  405.457933][   T29] audit: type=1326 audit(1744909299.139:11407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18201 comm="syz.1.5667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3792dee169 code=0x7ffc0000
[  405.481634][   T29] audit: type=1326 audit(1744909299.139:11408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18201 comm="syz.1.5667" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3792dee169 code=0x7ffc0000
[  405.518980][T14893] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.582666][T18211] 9pnet_fd: Insufficient options for proto=fd
[  405.656699][T18226] loop4: detected capacity change from 0 to 512
[  405.668296][T18226] EXT4-fs: Ignoring removed i_version option
[  405.680620][T18226] EXT4-fs error (device loop4): ext4_get_journal_inode:5798: comm syz.4.5672: inode #196608: comm syz.4.5672: iget: illegal inode #
[  405.703777][T18226] EXT4-fs (loop4): no journal found
[  405.709024][T18226] EXT4-fs (loop4): can't get journal size
[  405.716373][T18226] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  405.727189][T18229] loop5: detected capacity change from 0 to 512
[  405.733006][T18226] EXT4-fs (loop4): Errors on filesystem, clearing orphan list.
[  405.734065][T18229] EXT4-fs: Ignoring removed i_version option
[  405.749232][T18229] EXT4-fs error (device loop5): ext4_get_journal_inode:5798: comm syz.5.5673: inode #196608: comm syz.5.5673: iget: illegal inode #
[  405.752112][T18226] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  405.788367][T18229] EXT4-fs (loop5): no journal found
[  405.793698][T18229] EXT4-fs (loop5): can't get journal size
[  405.817288][T18229] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  405.828097][T18229] EXT4-fs (loop5): Errors on filesystem, clearing orphan list.
[  405.863075][T18229] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  405.928283][   T29] audit: type=1326 audit(1744909299.589:11409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18224 comm="syz.4.5672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f109264e169 code=0x7ffc0000
[  405.952080][   T29] audit: type=1326 audit(1744909299.589:11410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18224 comm="syz.4.5672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f109264e169 code=0x7ffc0000
[  405.975703][   T29] audit: type=1326 audit(1744909299.589:11411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18224 comm="syz.4.5672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f109264e169 code=0x7ffc0000
[  405.999378][   T29] audit: type=1326 audit(1744909299.589:11412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18224 comm="syz.4.5672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f109264e169 code=0x7ffc0000
[  406.023302][   T29] audit: type=1326 audit(1744909299.589:11413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18224 comm="syz.4.5672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f109264e169 code=0x7ffc0000
[  406.047065][   T29] audit: type=1326 audit(1744909299.589:11414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18224 comm="syz.4.5672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f109264e169 code=0x7ffc0000
[  406.435752][T14893] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.447403][T14911] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.547778][T18250] ipvlan2: entered promiscuous mode
[  406.560175][T18250] bridge0: port 3(ipvlan2) entered blocking state
[  406.566778][T18250] bridge0: port 3(ipvlan2) entered disabled state
[  406.610334][T18250] ipvlan2: entered allmulticast mode
[  406.615781][T18250] bridge0: entered allmulticast mode
[  406.627813][T13805] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.654393][T18250] ipvlan2: left allmulticast mode
[  406.659488][T18250] bridge0: left allmulticast mode
[  406.667445][T18260] FAULT_INJECTION: forcing a failure.
[  406.667445][T18260] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  406.681003][T18260] CPU: 1 UID: 0 PID: 18260 Comm: syz.9.5683 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(voluntary) 
[  406.681030][T18260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  406.681041][T18260] Call Trace:
[  406.681047][T18260]  <TASK>
[  406.681054][T18260]  dump_stack_lvl+0xf6/0x150
[  406.681091][T18260]  dump_stack+0x15/0x1a
[  406.681106][T18260]  should_fail_ex+0x261/0x270
[  406.681190][T18260]  should_fail+0xb/0x10
[  406.681210][T18260]  should_fail_usercopy+0x1a/0x20
[  406.681316][T18260]  _copy_from_user+0x1c/0xa0
[  406.681341][T18260]  sctp_setsockopt+0xcc/0xf00
[  406.681400][T18260]  sock_common_setsockopt+0x64/0x80
[  406.681419][T18260]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  406.681438][T18260]  __sys_setsockopt+0x187/0x200
[  406.681461][T18260]  __x64_sys_setsockopt+0x66/0x80
[  406.681484][T18260]  x64_sys_call+0x2a09/0x2e10
[  406.681539][T18260]  do_syscall_64+0xc9/0x1c0
[  406.681598][T18260]  ? clear_bhb_loop+0x25/0x80
[  406.681617][T18260]  ? clear_bhb_loop+0x25/0x80
[  406.681636][T18260]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.681674][T18260] RIP: 0033:0x7ff67e8de169
[  406.681689][T18260] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.681784][T18260] RSP: 002b:00007ff67cf47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  406.681802][T18260] RAX: ffffffffffffffda RBX: 00007ff67eb05fa0 RCX: 00007ff67e8de169
[  406.681814][T18260] RDX: 0000000000000072 RSI: 0000000000000084 RDI: 0000000000000003
[  406.681825][T18260] RBP: 00007ff67cf47090 R08: 000000000000000c R09: 0000000000000000
[  406.681859][T18260] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  406.681871][T18260] R13: 0000000000000000 R14: 00007ff67eb05fa0 R15: 00007ffe546afc38
[  406.681887][T18260]  </TASK>
[  407.068097][T18268] loop6: detected capacity change from 0 to 512
[  407.087532][T18268] EXT4-fs (loop6): too many log groups per flexible block group
[  407.095822][T18268] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  407.114483][T18268] EXT4-fs (loop6): mount failed
[  407.539538][T18282] sctp: [Deprecated]: syz.1.5692 (pid 18282) Use of struct sctp_assoc_value in delayed_ack socket option.
[  407.539538][T18282] Use struct sctp_sack_info instead
[  407.693045][T18287] loop4: detected capacity change from 0 to 512
[  407.721245][T18287] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  407.753275][T18287] ext4 filesystem being mounted at /260/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  407.774728][T18291] sctp: [Deprecated]: syz.1.5694 (pid 18291) Use of struct sctp_assoc_value in delayed_ack socket option.
[  407.774728][T18291] Use struct sctp_sack_info instead
[  408.015137][T18294] FAULT_INJECTION: forcing a failure.
[  408.015137][T18294] name failslab, interval 1, probability 0, space 0, times 0
[  408.028086][T18294] CPU: 1 UID: 0 PID: 18294 Comm: syz.9.5695 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(voluntary) 
[  408.028157][T18294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  408.028172][T18294] Call Trace:
[  408.028180][T18294]  <TASK>
[  408.028188][T18294]  dump_stack_lvl+0xf6/0x150
[  408.028210][T18294]  dump_stack+0x15/0x1a
[  408.028226][T18294]  should_fail_ex+0x261/0x270
[  408.028251][T18294]  should_failslab+0x8f/0xb0
[  408.028279][T18294]  kmem_cache_alloc_noprof+0x59/0x340
[  408.028341][T18294]  ? audit_log_start+0x37f/0x6e0
[  408.028358][T18294]  ? prep_new_page+0x52/0x1c0
[  408.028379][T18294]  audit_log_start+0x37f/0x6e0
[  408.028498][T18294]  audit_seccomp+0x4b/0x130
[  408.028518][T18294]  __seccomp_filter+0x694/0x10e0
[  408.028547][T18294]  ? __alloc_frozen_pages_noprof+0x17e/0x360
[  408.028580][T18294]  ? __rcu_read_unlock+0x4e/0x70
[  408.028611][T18294]  ? __mod_node_page_state+0x1c/0x80
[  408.028639][T18294]  __secure_computing+0x7e/0x160
[  408.028665][T18294]  syscall_trace_enter+0xcf/0x1f0
[  408.028693][T18294]  do_syscall_64+0xaa/0x1c0
[  408.028730][T18294]  ? clear_bhb_loop+0x25/0x80
[  408.028747][T18294]  ? clear_bhb_loop+0x25/0x80
[  408.028766][T18294]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  408.028788][T18294] RIP: 0033:0x7ff67e8dcb7c
[  408.028800][T18294] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  408.028815][T18294] RSP: 002b:00007ff67cf47030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  408.028831][T18294] RAX: ffffffffffffffda RBX: 00007ff67eb05fa0 RCX: 00007ff67e8dcb7c
[  408.028842][T18294] RDX: 000000000000000f RSI: 00007ff67cf470a0 RDI: 0000000000000006
[  408.028854][T18294] RBP: 00007ff67cf47090 R08: 0000000000000000 R09: 0000000000000000
[  408.028866][T18294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  408.028887][T18294] R13: 0000000000000000 R14: 00007ff67eb05fa0 R15: 00007ffe546afc38
[  408.028903][T18294]  </TASK>
[  408.421269][T18303] __nla_validate_parse: 6 callbacks suppressed
[  408.421284][T18303] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5699'.
[  408.466953][T18305] loop5: detected capacity change from 0 to 512
[  408.485169][T18305] EXT4-fs: Ignoring removed bh option
[  408.490648][T18305] EXT4-fs: Ignoring removed mblk_io_submit option
[  408.531711][T18305] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  408.557702][T18305] ext4 filesystem being mounted at /236/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  408.587478][T18315] 9p: Unknown access argument +: -22
[  408.705139][T18319] sctp: [Deprecated]: syz.6.5704 (pid 18319) Use of struct sctp_assoc_value in delayed_ack socket option.
[  408.705139][T18319] Use struct sctp_sack_info instead
[  408.751655][T14893] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  409.255450][T18336] loop9: detected capacity change from 0 to 8192
[  409.316416][T18337] xt_socket: unknown flags 0xd0
[  409.322424][T18336]  loop9: p1 p2 p3 p4
[  409.326619][T18336] loop9: p1 size 108922248 extends beyond EOD, truncated
[  409.336354][T18336] loop9: p2 start 861536256 is beyond EOD, truncated
[  409.343090][T18336] loop9: p3 start 851968 is beyond EOD, truncated
[  409.349536][T18336] loop9: p4 size 65536 extends beyond EOD, truncated
[  409.375258][ T3003]  loop9: p1 p2 p3 p4
[  409.380543][ T3003] loop9: p1 size 108922248 extends beyond EOD, truncated
[  409.395722][T18336] netlink: 12 bytes leftover after parsing attributes in process `syz.9.5709'.
[  409.419477][ T3003] loop9: p2 start 861536256 is beyond EOD, truncated
[  409.426234][ T3003] loop9: p3 start 851968 is beyond EOD, truncated
[  409.432689][ T3003] loop9: p4 size 65536 extends beyond EOD, truncated
[  409.486504][ T4994] udevd[4994]: inotify_add_watch(7, /dev/loop9p4, 10) failed: No such file or directory
[  409.530430][T18344] 9p: Unknown access argument +: -22
[  409.614610][T18357] loop6: detected capacity change from 0 to 512
[  409.628433][T18357] EXT4-fs: Ignoring removed i_version option
[  409.643903][T18357] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  409.662289][T18357] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5715'.
[  409.671327][T18357] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5715'.
[  409.680362][T18357] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5715'.
[  409.715992][T18368] loop9: detected capacity change from 0 to 512
[  409.727793][T14911] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  409.749233][T18372] 9p: Unknown access argument +: -22
[  409.758031][T18368] EXT4-fs (loop9): too many log groups per flexible block group
[  409.765774][T18368] EXT4-fs (loop9): failed to initialize mballoc (-12)
[  409.772735][T18368] EXT4-fs (loop9): mount failed
[  409.931603][T18398] hub 2-0:1.0: USB hub found
[  409.936565][T18398] hub 2-0:1.0: 8 ports detected
[  409.953173][T18399] xt_socket: unknown flags 0xd0
[  410.107913][T18404] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.154342][T18404] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.155850][T18405] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5725'.
[  410.178421][T18405] team0 (unregistering): Failed to send options change via netlink (err -105)
[  410.187716][T18405] team0 (unregistering): Failed to send port change of device C via netlink (err -105)
[  410.197790][T18405] team0 (unregistering): Port device C removed
[  410.206587][T18405] team0 (unregistering): Failed to send options change via netlink (err -105)
[  410.215933][T18405] team0 (unregistering): Failed to send port change of device team_slave_1 via netlink (err -105)
[  410.230537][T18405] team0 (unregistering): Port device team_slave_1 removed
[  410.244575][T18404] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.313149][T18404] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.378780][T18404] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  410.390065][T18404] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  410.401416][T18404] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  410.413240][T18404] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  410.457716][T16019] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.596420][T18428] loop6: detected capacity change from 0 to 512
[  410.615547][T18428] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  410.630773][T18428] ext4 filesystem being mounted at /183/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  410.670467][T18435] loop4: detected capacity change from 0 to 512
[  410.713946][T18435] EXT4-fs (loop4): too many log groups per flexible block group
[  410.721725][T18435] EXT4-fs (loop4): failed to initialize mballoc (-12)
[  410.730657][T18435] EXT4-fs (loop4): mount failed
[  410.846967][T18443] netlink: 'syz.5.5733': attribute type 29 has an invalid length.
[  410.857834][T18445] loop4: detected capacity change from 0 to 512
[  410.896994][T18445] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  410.901642][T18443] netlink: 'syz.5.5733': attribute type 29 has an invalid length.
[  410.910140][T18445] EXT4-fs (loop4): orphan cleanup on readonly fs
[  410.957087][T18445] __quota_error: 195 callbacks suppressed
[  410.957106][T18445] Quota error (device loop4): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  411.012701][   T29] audit: type=1326 audit(1744909304.710:11608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18438 comm="syz.9.5731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  411.058949][T18445] EXT4-fs warning (device loop4): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  411.093169][   T29] audit: type=1326 audit(1744909304.740:11609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18438 comm="syz.9.5731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  411.116812][   T29] audit: type=1326 audit(1744909304.750:11610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18438 comm="syz.9.5731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  411.131642][T18445] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  411.140474][   T29] audit: type=1326 audit(1744909304.750:11611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18438 comm="syz.9.5731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  411.170829][   T29] audit: type=1326 audit(1744909304.750:11612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18438 comm="syz.9.5731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  411.174955][T18445] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.5732: bg 0: block 40: padding at end of block bitmap is not set
[  411.194504][   T29] audit: type=1326 audit(1744909304.750:11613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18438 comm="syz.9.5731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff67e8e0087 code=0x7ffc0000
[  411.194530][   T29] audit: type=1326 audit(1744909304.750:11614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18438 comm="syz.9.5731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7ff67e8dfffc code=0x7ffc0000
[  411.194557][   T29] audit: type=1326 audit(1744909304.750:11615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18438 comm="syz.9.5731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7ff67e8dff34 code=0x7ffc0000
[  411.279635][   T29] audit: type=1326 audit(1744909304.750:11616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18438 comm="syz.9.5731" exe="/root/syz-executor" sig=0 arch=c000003e syscall=45 compat=0 ip=0x7ff67e8dff34 code=0x7ffc0000
[  411.306525][T18445] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  411.317150][T18445] EXT4-fs (loop4): 1 truncate cleaned up
[  411.323653][T18453] sctp: [Deprecated]: syz.9.5736 (pid 18453) Use of struct sctp_assoc_value in delayed_ack socket option.
[  411.323653][T18453] Use struct sctp_sack_info instead
[  411.345303][T18445] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  411.438374][T18456] loop5: detected capacity change from 0 to 512
[  411.482676][T18456] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  411.506825][T18456] ext4 filesystem being mounted at /245/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  411.598716][T18464] loop9: detected capacity change from 0 to 512
[  411.619444][T18464] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  411.628617][T18464] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[  411.643747][T18464] EXT4-fs (loop9): warning: checktime reached, running e2fsck is recommended
[  411.655738][T18464] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  411.665286][T18464] System zones: 0-2, 18-18, 34-34
[  411.670718][T18464] EXT4-fs warning (device loop9): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  411.699699][T14911] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  411.699772][T18464] EXT4-fs (loop9): 1 truncate cleaned up
[  411.717860][T18464] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  411.749038][T18467] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5740'.
[  411.787996][T13805] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  411.809100][T18469] netlink: 28 bytes leftover after parsing attributes in process `syz.9.5741'.
[  411.857819][T18471] netlink: 12 bytes leftover after parsing attributes in process `syz.9.5742'.
[  411.882789][T18473] loop9: detected capacity change from 0 to 512
[  411.891846][T18473] EXT4-fs: Ignoring removed i_version option
[  411.898495][T18473] EXT4-fs error (device loop9): ext4_get_journal_inode:5798: comm syz.9.5743: inode #196608: comm syz.9.5743: iget: illegal inode #
[  411.917340][T18473] EXT4-fs (loop9): no journal found
[  411.922605][T18473] EXT4-fs (loop9): can't get journal size
[  411.934851][T18473] EXT4-fs (loop9): warning: mounting fs with errors, running e2fsck is recommended
[  411.952504][T18473] EXT4-fs (loop9): Errors on filesystem, clearing orphan list.
[  411.962560][T18473] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  412.122353][T13805] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  412.158492][T18481] loop9: detected capacity change from 0 to 1024
[  412.166448][T18481] EXT4-fs: Ignoring removed nobh option
[  412.172158][T18481] EXT4-fs: Ignoring removed bh option
[  412.190939][T14893] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  412.211677][T18481] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  412.227727][T18485] loop5: detected capacity change from 0 to 512
[  412.240405][T18485] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  412.249556][T18485] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  412.291725][T13805] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  412.305286][T18485] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended
[  412.315907][T18485] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  412.326112][T18485] System zones: 0-2, 18-18, 34-34
[  412.332032][T16019] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  412.344845][T18485] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  412.363014][T18485] EXT4-fs (loop5): 1 truncate cleaned up
[  412.369406][T18485] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  412.506705][T14893] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  412.703833][T18514] loop5: detected capacity change from 0 to 1024
[  412.715911][T18514] EXT4-fs: Ignoring removed nobh option
[  412.721688][T18514] EXT4-fs: Ignoring removed bh option
[  412.790001][T18514] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  412.898978][T18519] netlink: 28 bytes leftover after parsing attributes in process `syz.4.5754'.
[  413.012607][T14893] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.271253][T18538] sctp: [Deprecated]: syz.9.5762 (pid 18538) Use of struct sctp_assoc_value in delayed_ack socket option.
[  413.271253][T18538] Use struct sctp_sack_info instead
[  413.480272][T18544] loop6: detected capacity change from 0 to 512
[  413.499709][T18544] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  413.508873][T18544] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  413.547791][T18544] EXT4-fs (loop6): warning: checktime reached, running e2fsck is recommended
[  413.560112][T18544] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  413.568375][T18544] System zones: 0-2, 18-18, 34-34
[  413.577781][T18544] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  413.626482][T18544] EXT4-fs (loop6): 1 truncate cleaned up
[  413.651602][T18544] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  413.706204][T16019] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.718651][T18550] sctp: [Deprecated]: syz.9.5766 (pid 18550) Use of struct sctp_assoc_value in delayed_ack socket option.
[  413.718651][T18550] Use struct sctp_sack_info instead
[  413.806198][T18552] loop6: detected capacity change from 0 to 512
[  413.861438][T18552] EXT4-fs: Ignoring removed i_version option
[  413.966510][T18552] EXT4-fs error (device loop6): ext4_get_journal_inode:5798: comm syz.6.5767: inode #196608: comm syz.6.5767: iget: illegal inode #
[  414.005784][T18552] EXT4-fs (loop6): no journal found
[  414.011101][T18552] EXT4-fs (loop6): can't get journal size
[  414.018382][T18552] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  414.031931][T18556] loop9: detected capacity change from 0 to 512
[  414.038838][T18556] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  414.047960][T18556] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[  414.065110][T18552] EXT4-fs (loop6): Errors on filesystem, clearing orphan list.
[  414.089141][T18552] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  414.107627][T18556] EXT4-fs (loop9): warning: checktime reached, running e2fsck is recommended
[  414.117901][T18560] netlink: 'syz.4.5769': attribute type 29 has an invalid length.
[  414.118843][T18556] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  414.131176][T18560] netlink: 'syz.4.5769': attribute type 29 has an invalid length.
[  414.145340][T18560] __nla_validate_parse: 3 callbacks suppressed
[  414.145356][T18560] netlink: 500 bytes leftover after parsing attributes in process `syz.4.5769'.
[  414.154334][T18556] System zones: 0-2, 18-18, 34-34
[  414.169777][T18556] EXT4-fs warning (device loop9): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  414.187788][T18556] EXT4-fs (loop9): 1 truncate cleaned up
[  414.195947][T18556] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  414.209530][T18563] netlink: 12 bytes leftover after parsing attributes in process `syz.4.5770'.
[  414.235334][T16019] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  414.285567][    C1] IPv4: Oversized IP packet from 172.20.20.24
[  414.385983][T13805] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  414.434924][T18570] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5774'.
[  414.671555][T18578] loop9: detected capacity change from 0 to 512
[  414.697230][T18578] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  414.745829][T18578] ext4 filesystem being mounted at /352/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  415.039750][T18583] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18583 comm=syz.6.5776
[  415.294092][T13805] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  415.305470][T18587] loop4: detected capacity change from 0 to 512
[  415.335427][T18589] sctp: [Deprecated]: syz.9.5778 (pid 18589) Use of struct sctp_assoc_value in delayed_ack socket option.
[  415.335427][T18589] Use struct sctp_sack_info instead
[  415.424796][T18594] netlink: 44 bytes leftover after parsing attributes in process `syz.6.5779'.
[  415.433875][T18594] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5779'.
[  415.442932][T18594] netlink: 44 bytes leftover after parsing attributes in process `syz.6.5779'.
[  415.512731][T18587] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  415.611021][T18587] ext4 filesystem being mounted at /277/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  415.670289][T18601] loop9: detected capacity change from 0 to 512
[  415.683393][T18601] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  415.692541][T18601] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[  415.719918][T18604] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5783'.
[  415.730826][T18601] EXT4-fs (loop9): warning: checktime reached, running e2fsck is recommended
[  415.742984][T18601] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  415.760752][T18601] System zones: 0-2, 18-18, 34-34
[  415.766495][T18601] EXT4-fs warning (device loop9): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  415.782594][T18601] EXT4-fs (loop9): 1 truncate cleaned up
[  415.800120][T18601] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  415.843815][T18608] loop9: detected capacity change from 0 to 512
[  415.857924][T18608] EXT4-fs (loop9): feature flags set on rev 0 fs, running e2fsck is recommended
[  415.867150][T18608] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[  415.888616][T18608] EXT4-fs (loop9): warning: checktime reached, running e2fsck is recommended
[  415.899105][T18611] sctp: [Deprecated]: syz.1.5786 (pid 18611) Use of struct sctp_assoc_value in delayed_ack socket option.
[  415.899105][T18611] Use struct sctp_sack_info instead
[  415.965312][T18608] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  415.973594][   T29] kauditd_printk_skb: 240 callbacks suppressed
[  415.973605][   T29] audit: type=1326 audit(1744909309.681:11857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18610 comm="syz.1.5786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f3792decad0 code=0x7ffc0000
[  416.041187][T18608] System zones: 0-2, 18-18, 34-34
[  416.049093][T18608] EXT4-fs warning (device loop9): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  416.073799][   T29] audit: type=1326 audit(1744909309.711:11858): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18610 comm="syz.1.5786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3792dee169 code=0x7ffc0000
[  416.097439][   T29] audit: type=1326 audit(1744909309.711:11859): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18610 comm="syz.1.5786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3792dee169 code=0x7ffc0000
[  416.113156][T18608] EXT4-fs (loop9): 1 truncate cleaned up
[  416.121023][   T29] audit: type=1326 audit(1744909309.711:11860): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18610 comm="syz.1.5786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3792dee169 code=0x7ffc0000
[  416.150233][   T29] audit: type=1326 audit(1744909309.711:11861): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18610 comm="syz.1.5786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3792dee169 code=0x7ffc0000
[  416.173918][   T29] audit: type=1326 audit(1744909309.711:11862): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18610 comm="syz.1.5786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3792dee169 code=0x7ffc0000
[  416.197543][   T29] audit: type=1326 audit(1744909309.711:11863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18610 comm="syz.1.5786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=194 compat=0 ip=0x7f3792dee169 code=0x7ffc0000
[  416.221223][   T29] audit: type=1326 audit(1744909309.711:11864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18610 comm="syz.1.5786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3792dee169 code=0x7ffc0000
[  416.244941][   T29] audit: type=1326 audit(1744909309.711:11865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18610 comm="syz.1.5786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f3792dee169 code=0x7ffc0000
[  416.268761][   T29] audit: type=1326 audit(1744909309.711:11866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18610 comm="syz.1.5786" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3792dee169 code=0x7ffc0000
[  416.558939][T18620] netlink: 16 bytes leftover after parsing attributes in process `syz.9.5789'.
[  416.617797][T18624] netlink: 36 bytes leftover after parsing attributes in process `syz.1.5791'.
[  416.836998][T18632] loop6: detected capacity change from 0 to 512
[  417.103028][T18632] ext4 filesystem being mounted at /195/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  417.142012][T18638] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5795'.
[  417.202346][T18639] loop9: detected capacity change from 0 to 512
[  417.211278][T18641] 9p: Unknown access argument +: -22
[  417.381975][T18639] ext4 filesystem being mounted at /358/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  418.065180][T18651] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  418.124104][T18652] team0 (unregistering): Failed to send options change via netlink (err -105)
[  418.153666][T18652] team0 (unregistering): Failed to send port change of device C via netlink (err -105)
[  418.184310][T18652] team0 (unregistering): Port device C removed
[  418.316543][T18652] team0 (unregistering): Failed to send options change via netlink (err -105)
[  418.327712][T18652] team0 (unregistering): Failed to send port change of device team_slave_1 via netlink (err -105)
[  418.342334][T18652] team0 (unregistering): Port device team_slave_1 removed
[  418.355453][T18654] netlink: 'syz.4.5801': attribute type 29 has an invalid length.
[  418.363595][T18657] netlink: 'syz.4.5801': attribute type 29 has an invalid length.
[  418.510757][T18651] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  418.544064][T18666] loop5: detected capacity change from 0 to 512
[  418.563515][T18666] EXT4-fs: Ignoring removed bh option
[  418.568937][T18666] EXT4-fs: Ignoring removed mblk_io_submit option
[  418.589217][T18662] bond1: entered promiscuous mode
[  418.594401][T18662] bond1: entered allmulticast mode
[  418.599765][T18662] 8021q: adding VLAN 0 to HW filter on device bond1
[  418.610685][T18662] bond1 (unregistering): Released all slaves
[  418.696468][T18651] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  418.716145][T18666] ext4 filesystem being mounted at /257/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  418.763155][T18651] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  418.818364][T18651] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  418.847143][T18651] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  418.863605][T18651] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  418.877885][T18651] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  418.915536][T18680] loop5: detected capacity change from 0 to 512
[  418.935486][T18680] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.5809: bg 0: block 288: padding at end of block bitmap is not set
[  418.950077][T18680] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  418.959124][T18680] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.5809: attempt to clear invalid blocks 1024 len 1
[  418.973007][T18680] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.5809: invalid indirect mapped block 1819239214 (level 0)
[  418.987903][T18680] EXT4-fs (loop5): 1 truncate cleaned up
[  419.004746][T18685] loop9: detected capacity change from 0 to 1024
[  419.011735][T18685] EXT4-fs: Ignoring removed nobh option
[  419.017346][T18685] EXT4-fs: Ignoring removed bh option
[  419.089381][T18680] random: crng reseeded on system resumption
[  419.145040][T18693] netlink: 'syz.1.5814': attribute type 29 has an invalid length.
[  419.156332][T18693] netlink: 'syz.1.5814': attribute type 29 has an invalid length.
[  419.164588][T18691] loop9: detected capacity change from 0 to 512
[  419.164985][T18693] __nla_validate_parse: 7 callbacks suppressed
[  419.164997][T18693] netlink: 500 bytes leftover after parsing attributes in process `syz.1.5814'.
[  419.192021][T18691] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  419.203931][T18691] EXT4-fs (loop9): 1 truncate cleaned up
[  419.215571][T18691] FAULT_INJECTION: forcing a failure.
[  419.215571][T18691] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  419.228832][T18691] CPU: 0 UID: 0 PID: 18691 Comm: syz.9.5812 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(voluntary) 
[  419.228848][T18691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  419.228855][T18691] Call Trace:
[  419.228859][T18691]  <TASK>
[  419.228890][T18691]  dump_stack_lvl+0xf6/0x150
[  419.228904][T18691]  dump_stack+0x15/0x1a
[  419.228912][T18691]  should_fail_ex+0x261/0x270
[  419.228926][T18691]  should_fail+0xb/0x10
[  419.228938][T18691]  should_fail_usercopy+0x1a/0x20
[  419.228992][T18691]  strncpy_from_user+0x25/0x230
[  419.229024][T18691]  ? getname_flags+0x81/0x3b0
[  419.229036][T18691]  getname_flags+0xb0/0x3b0
[  419.229046][T18691]  __x64_sys_unlink+0x21/0x40
[  419.229060][T18691]  x64_sys_call+0x2358/0x2e10
[  419.229124][T18691]  do_syscall_64+0xc9/0x1c0
[  419.229139][T18691]  ? clear_bhb_loop+0x25/0x80
[  419.229152][T18691]  ? clear_bhb_loop+0x25/0x80
[  419.229163][T18691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  419.229174][T18691] RIP: 0033:0x7ff67e8de169
[  419.229183][T18691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  419.229192][T18691] RSP: 002b:00007ff67cf47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[  419.229203][T18691] RAX: ffffffffffffffda RBX: 00007ff67eb05fa0 RCX: 00007ff67e8de169
[  419.229276][T18691] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000180
[  419.229288][T18691] RBP: 00007ff67cf47090 R08: 0000000000000000 R09: 0000000000000000
[  419.229296][T18691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  419.229303][T18691] R13: 0000000000000000 R14: 00007ff67eb05fa0 R15: 00007ffe546afc38
[  419.229312][T18691]  </TASK>
[  419.458375][T18704] loop5: detected capacity change from 0 to 512
[  419.482385][T18704] EXT4-fs: Ignoring removed bh option
[  419.487827][T18704] EXT4-fs: Ignoring removed mblk_io_submit option
[  419.557464][T18704] ext4 filesystem being mounted at /260/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  419.588927][T18706] loop9: detected capacity change from 0 to 512
[  419.616829][T18706] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.5818: bg 0: block 288: padding at end of block bitmap is not set
[  419.643648][T18706] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  419.670631][T18706] EXT4-fs error (device loop9): ext4_clear_blocks:876: inode #13: comm syz.9.5818: attempt to clear invalid blocks 1024 len 1
[  419.709714][T18706] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #13: comm syz.9.5818: invalid indirect mapped block 1819239214 (level 0)
[  419.737676][T18706] EXT4-fs (loop9): 1 truncate cleaned up
[  419.771367][T18714] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5819'.
[  419.875477][T18706] random: crng reseeded on system resumption
[  419.985783][T18721] loop5: detected capacity change from 0 to 512
[  420.004261][T18721] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.5822: bg 0: block 288: padding at end of block bitmap is not set
[  420.034243][T18721] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  420.043078][    C0] vcan0: j1939_tp_rxtimer: 0xffff888104f7d200: rx timeout, send abort
[  420.051342][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888104f7d200: 0x2f000: (3) A timeout occurred and this is the connection abort to close the session.
[  420.074888][T18721] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.5822: attempt to clear invalid blocks 1024 len 1
[  420.095792][T18726] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5824'.
[  420.112733][T18726] bridge0: port 3(team0) entered disabled state
[  420.119601][T18721] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.5822: invalid indirect mapped block 1819239214 (level 0)
[  420.139512][T18726] team0 (unregistering): left allmulticast mode
[  420.145857][T18726] C: left allmulticast mode
[  420.150446][T18726] team_slave_1: left allmulticast mode
[  420.155968][T18726] bridge0: port 3(team0) entered disabled state
[  420.166484][T18721] EXT4-fs (loop5): 1 truncate cleaned up
[  420.173601][T18726] C: left promiscuous mode
[  420.185619][T18726] team0 (unregistering): Port device C removed
[  420.200360][T18726] team_slave_1: left promiscuous mode
[  420.216508][T18726] team0 (unregistering): Failed to send options change via netlink (err -105)
[  420.234570][T18726] team0 (unregistering): Failed to send port change of device team_slave_1 via netlink (err -105)
[  420.253729][T18726] team0 (unregistering): Port device team_slave_1 removed
[  420.286476][T18721] random: crng reseeded on system resumption
[  420.361881][T18732] netlink: 'syz.9.5825': attribute type 29 has an invalid length.
[  420.385885][T18732] netlink: 'syz.9.5825': attribute type 29 has an invalid length.
[  420.401155][T18732] netlink: 500 bytes leftover after parsing attributes in process `syz.9.5825'.
[  420.485292][T18740] 9p: Unknown access argument +: -22
[  420.559897][T18743] sctp: [Deprecated]: syz.5.5829 (pid 18743) Use of struct sctp_assoc_value in delayed_ack socket option.
[  420.559897][T18743] Use struct sctp_sack_info instead
[  420.631196][T18745] loop6: detected capacity change from 0 to 512
[  420.637886][T18745] EXT4-fs: Ignoring removed i_version option
[  420.657152][T18745] EXT4-fs error (device loop6): ext4_get_journal_inode:5798: comm syz.6.5830: inode #196608: comm syz.6.5830: iget: illegal inode #
[  420.733089][T18745] EXT4-fs (loop6): no journal found
[  420.738340][T18745] EXT4-fs (loop6): can't get journal size
[  420.766641][T18745] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  420.783720][T18745] EXT4-fs (loop6): Errors on filesystem, clearing orphan list.
[  421.114531][T18759] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5833'.
[  421.197927][T18753] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.236724][T18759] team0 (unregistering): Failed to send options change via netlink (err -105)
[  421.241139][T18758] xt_socket: unknown flags 0xd0
[  421.246044][T18759] team0 (unregistering): Failed to send port change of device C via netlink (err -105)
[  421.261126][T18759] team0 (unregistering): Port device C removed
[  421.291726][T18759] team0 (unregistering): Failed to send options change via netlink (err -105)
[  421.309936][T18759] team0 (unregistering): Failed to send port change of device team_slave_1 via netlink (err -105)
[  421.330048][T18759] team0 (unregistering): Port device team_slave_1 removed
[  421.365948][T18753] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.395165][T18764] netlink: 12 bytes leftover after parsing attributes in process `syz.9.5836'.
[  421.445028][T18753] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.456663][T18766] netlink: 'syz.9.5837': attribute type 29 has an invalid length.
[  421.465769][T18766] netlink: 'syz.9.5837': attribute type 29 has an invalid length.
[  421.478021][T18766] netlink: 500 bytes leftover after parsing attributes in process `syz.9.5837'.
[  421.522824][T18753] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.537674][T18768] netlink: 16 bytes leftover after parsing attributes in process `syz.6.5838'.
[  421.587752][T18753] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  421.599572][T18753] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  421.611810][T18753] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  421.623256][T18753] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  421.640013][T18773] loop6: detected capacity change from 0 to 512
[  421.689235][T18773] ext4 filesystem being mounted at /203/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  422.285312][T18799] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  422.321214][T18799] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  422.336719][T18802] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5844'.
[  422.371285][T18799] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  422.431356][T18799] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  422.487413][T18837] loop6: detected capacity change from 0 to 512
[  422.495027][T18799] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  422.514509][T18837] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.5846: bg 0: block 288: padding at end of block bitmap is not set
[  422.557279][T18837] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  422.589138][T18837] EXT4-fs error (device loop6): ext4_clear_blocks:876: inode #13: comm syz.6.5846: attempt to clear invalid blocks 1024 len 1
[  422.611630][T18799] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  422.641077][T18799] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  422.666159][T18837] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #13: comm syz.6.5846: invalid indirect mapped block 1819239214 (level 0)
[  422.687614][T18799] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  422.703512][T18837] EXT4-fs (loop6): 1 truncate cleaned up
[  422.801514][T18874] sctp: [Deprecated]: syz.9.5848 (pid 18874) Use of struct sctp_assoc_value in delayed_ack socket option.
[  422.801514][T18874] Use struct sctp_sack_info instead
[  422.828407][   T29] kauditd_printk_skb: 164 callbacks suppressed
[  422.828423][   T29] audit: type=1326 audit(1744909316.532:12031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18872 comm="syz.9.5848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  422.858275][   T29] audit: type=1326 audit(1744909316.532:12032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18872 comm="syz.9.5848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  422.881928][   T29] audit: type=1326 audit(1744909316.532:12033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18872 comm="syz.9.5848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=75 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  422.905545][   T29] audit: type=1326 audit(1744909316.532:12034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18872 comm="syz.9.5848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  422.929230][   T29] audit: type=1326 audit(1744909316.532:12035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18872 comm="syz.9.5848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  422.953837][T18877] netlink: 596 bytes leftover after parsing attributes in process `syz.4.5849'.
[  422.955147][   T29] audit: type=1326 audit(1744909316.572:12036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18872 comm="syz.9.5848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  422.986596][   T29] audit: type=1326 audit(1744909316.572:12037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18872 comm="syz.9.5848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff67e8dcad0 code=0x7ffc0000
[  423.010277][   T29] audit: type=1326 audit(1744909316.572:12038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18872 comm="syz.9.5848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  423.028203][T18837] random: crng reseeded on system resumption
[  423.033876][   T29] audit: type=1326 audit(1744909316.572:12039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18872 comm="syz.9.5848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  423.063470][   T29] audit: type=1326 audit(1744909316.572:12040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18872 comm="syz.9.5848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff67e8de169 code=0x7ffc0000
[  423.145729][T18879] bond1: entered promiscuous mode
[  423.150851][T18879] bond1: entered allmulticast mode
[  423.166380][T18879] 8021q: adding VLAN 0 to HW filter on device bond1
[  423.190550][T18879] bond1 (unregistering): Released all slaves
[  423.470865][T18907] loop6: detected capacity change from 0 to 512
[  423.495406][T18907] EXT4-fs (loop6): too many log groups per flexible block group
[  423.503241][T18907] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  423.513680][T18907] EXT4-fs (loop6): mount failed
[  423.629136][T18918] loop5: detected capacity change from 0 to 512
[  423.638005][T18918] EXT4-fs: Ignoring removed bh option
[  423.643547][T18918] EXT4-fs: Ignoring removed mblk_io_submit option
[  423.674789][T18918] ext4 filesystem being mounted at /270/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  423.863937][T18939] loop5: detected capacity change from 0 to 512
[  423.886775][T18939] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.5865: bg 0: block 288: padding at end of block bitmap is not set
[  423.901797][T18939] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  423.914082][T18939] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.5865: attempt to clear invalid blocks 1024 len 1
[  423.928710][T18939] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.5865: invalid indirect mapped block 1819239214 (level 0)
[  423.948873][T18939] EXT4-fs (loop5): 1 truncate cleaned up
[  424.040580][T18939] random: crng reseeded on system resumption
[  424.046215][T18949] loop9: detected capacity change from 0 to 512
[  424.062932][T18949] EXT4-fs: Ignoring removed i_version option
[  424.072277][T18949] EXT4-fs error (device loop9): ext4_get_journal_inode:5798: comm syz.9.5870: inode #196608: comm syz.9.5870: iget: illegal inode #
[  424.100041][T18949] EXT4-fs (loop9): no journal found
[  424.105291][T18949] EXT4-fs (loop9): can't get journal size
[  424.112567][T18949] EXT4-fs (loop9): warning: mounting fs with errors, running e2fsck is recommended
[  424.128977][T18949] EXT4-fs (loop9): Errors on filesystem, clearing orphan list.
[  424.205106][T18967] loop9: detected capacity change from 0 to 512
[  424.223386][T18967] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.5875: bg 0: block 288: padding at end of block bitmap is not set
[  424.248892][T18967] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  424.266348][T18967] EXT4-fs error (device loop9): ext4_clear_blocks:876: inode #13: comm syz.9.5875: attempt to clear invalid blocks 1024 len 1
[  424.284592][T18967] EXT4-fs error (device loop9): ext4_free_branches:1023: inode #13: comm syz.9.5875: invalid indirect mapped block 1819239214 (level 0)
[  424.299073][T18967] EXT4-fs (loop9): 1 truncate cleaned up
[  424.633851][T18993] 9p: Unknown access argument +: -22
[  424.861689][T18989] bond1: entered promiscuous mode
[  424.866815][T18989] bond1: entered allmulticast mode
[  424.872378][T18989] 8021q: adding VLAN 0 to HW filter on device bond1
[  424.888013][T18989] bond1 (unregistering): Released all slaves
[  424.960075][T19007] __nla_validate_parse: 3 callbacks suppressed
[  424.960092][T19007] netlink: 36 bytes leftover after parsing attributes in process `syz.5.5885'.
[  424.975544][T19007] netlink: 16 bytes leftover after parsing attributes in process `syz.5.5885'.
[  424.984526][T19007] netlink: 36 bytes leftover after parsing attributes in process `syz.5.5885'.
[  425.070834][T19009] loop9: detected capacity change from 0 to 512
[  425.082070][T19009] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  425.090243][T19009] EXT4-fs (loop9): orphan cleanup on readonly fs
[  425.096884][T19009] EXT4-fs warning (device loop9): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  425.112101][T19009] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  425.119300][T19009] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.5888: bg 0: block 40: padding at end of block bitmap is not set
[  425.133731][T19009] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  425.143026][T19009] EXT4-fs (loop9): 1 truncate cleaned up
[  425.547343][T19018] bond1: entered promiscuous mode
[  425.552461][T19018] bond1: entered allmulticast mode
[  425.557908][T19018] 8021q: adding VLAN 0 to HW filter on device bond1
[  425.651761][T19018] bond1 (unregistering): Released all slaves
[  425.815892][T19023] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5893'.
[  425.867731][T19032] loop6: detected capacity change from 0 to 512
[  425.880068][T19032] EXT4-fs (loop6): too many log groups per flexible block group
[  425.887808][T19032] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  425.895089][T19032] EXT4-fs (loop6): mount failed
[  425.940293][T19038] loop6: detected capacity change from 0 to 512
[  425.948170][T19038] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  425.957321][T19038] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  425.966916][T19038] EXT4-fs (loop6): warning: checktime reached, running e2fsck is recommended
[  425.976109][T19038] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  425.984396][T19038] System zones: 0-2, 18-18, 34-34
[  425.990581][T19038] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  426.007960][T19038] EXT4-fs (loop6): 1 truncate cleaned up
[  426.024542][T19041] netlink: 16 bytes leftover after parsing attributes in process `syz.9.5898'.
[  426.577651][T19056] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5905'.
[  426.592271][T19056] team0 (unregistering): Port device team_slave_0 removed
[  426.601434][T19056] team0 (unregistering): Port device team_slave_1 removed
[  426.672755][T19060] 9p: Unknown access argument +: -22
[  426.743098][T19066] loop6: detected capacity change from 0 to 512
[  426.752371][T19066] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  426.761586][T19066] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  426.775011][T19066] EXT4-fs (loop6): warning: checktime reached, running e2fsck is recommended
[  426.784351][T19066] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  426.793172][T19066] System zones: 0-2, 18-18, 34-34
[  426.798713][T19066] EXT4-fs warning (device loop6): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  426.809932][T19064] random: crng reseeded on system resumption
[  426.814123][T19066] EXT4-fs (loop6): 1 truncate cleaned up
[  426.825470][T19066] EXT4-fs mount: 40 callbacks suppressed
[  426.825482][T19066] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  426.864376][T16019] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  426.900531][T19072] loop6: detected capacity change from 0 to 512
[  426.907216][T19072] EXT4-fs: Ignoring removed i_version option
[  426.926391][T19072] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  426.950580][T19072] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5912'.
[  426.959698][T19072] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5912'.
[  426.968778][T19072] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5912'.
[  427.742153][T16019] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  427.776548][T19091] 9p: Unknown access argument +: -22
[  428.635799][T19108] bond1: entered promiscuous mode
[  428.640914][T19108] bond1: entered allmulticast mode
[  428.646179][T19108] 8021q: adding VLAN 0 to HW filter on device bond1
[  428.699531][T19108] bond1 (unregistering): Released all slaves
[  428.820254][T19124] loop6: detected capacity change from 0 to 512
[  428.833354][T19127] 9p: Unknown access argument +: -22
[  428.855178][T19113] xt_socket: unknown flags 0xd0
[  428.862477][T19124] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  428.870982][T19124] EXT4-fs (loop6): orphan cleanup on readonly fs
[  428.877538][T19124] __quota_error: 144 callbacks suppressed
[  428.877552][T19124] Quota error (device loop6): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  428.893937][T19124] EXT4-fs warning (device loop6): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  428.910660][T19124] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  428.920809][T19124] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.5929: bg 0: block 40: padding at end of block bitmap is not set
[  428.938482][T19124] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  428.947922][T19124] EXT4-fs (loop6): 1 truncate cleaned up
[  428.958961][T19124] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  428.976529][   T29] audit: type=1326 audit(1744909322.683:12184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19122 comm="syz.6.5929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  429.014158][T16019] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  429.028694][   T29] audit: type=1326 audit(1744909322.683:12185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19122 comm="syz.6.5929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  429.052387][   T29] audit: type=1326 audit(1744909322.683:12186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19122 comm="syz.6.5929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  429.075996][   T29] audit: type=1326 audit(1744909322.683:12187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19122 comm="syz.6.5929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  429.082103][T19150] sctp: [Deprecated]: syz.6.5934 (pid 19150) Use of struct sctp_assoc_value in delayed_ack socket option.
[  429.082103][T19150] Use struct sctp_sack_info instead
[  429.099878][   T29] audit: type=1326 audit(1744909322.683:12188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19122 comm="syz.6.5929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  429.139615][   T29] audit: type=1326 audit(1744909322.683:12189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19122 comm="syz.6.5929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  429.163323][   T29] audit: type=1326 audit(1744909322.683:12190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19122 comm="syz.6.5929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  429.186965][   T29] audit: type=1326 audit(1744909322.683:12191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19122 comm="syz.6.5929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  429.210692][   T29] audit: type=1326 audit(1744909322.683:12192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19122 comm="syz.6.5929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  429.308487][T19160] loop5: detected capacity change from 0 to 1024
[  429.317946][T19160] EXT4-fs: Ignoring removed nobh option
[  429.323592][T19160] EXT4-fs: Ignoring removed bh option
[  429.425896][T19160] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  429.575695][T14893] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  430.247911][T19171] bond1: entered promiscuous mode
[  430.253042][T19171] bond1: entered allmulticast mode
[  430.258425][T19171] 8021q: adding VLAN 0 to HW filter on device bond1
[  430.297538][T19171] bond1 (unregistering): Released all slaves
[  430.317386][T19176] loop6: detected capacity change from 0 to 512
[  430.392357][T19176] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  430.469464][T19176] EXT4-fs (loop6): orphan cleanup on readonly fs
[  430.576602][T19184] bond1: entered promiscuous mode
[  430.581780][T19184] bond1: entered allmulticast mode
[  430.587126][T19184] 8021q: adding VLAN 0 to HW filter on device bond1
[  430.598241][T19184] bond1 (unregistering): Released all slaves
[  431.415778][T19176] EXT4-fs warning (device loop6): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  431.472228][T19176] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  431.488672][T19176] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.5942: bg 0: block 40: padding at end of block bitmap is not set
[  431.555290][T19176] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  431.564413][T19176] EXT4-fs (loop6): 1 truncate cleaned up
[  431.588393][T19176] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  431.675479][T19183] random: crng reseeded on system resumption
[  431.738437][T19195] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  431.755725][T19199] xt_socket: unknown flags 0xd0
[  431.788638][T19201] netlink: 4 bytes leftover after parsing attributes in process `syz.4.5948'.
[  431.802578][T19195] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  431.836963][T16019] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  431.889430][T19195] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  431.910119][T19212] loop6: detected capacity change from 0 to 512
[  431.911411][T19207] 9p: Unknown access argument +: -22
[  431.917126][T19213] sctp: [Deprecated]: syz.1.5952 (pid 19213) Use of struct sctp_assoc_value in delayed_ack socket option.
[  431.917126][T19213] Use struct sctp_sack_info instead
[  431.948677][T19212] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  431.958434][T19212] EXT4-fs (loop6): orphan cleanup on readonly fs
[  431.966940][T19212] EXT4-fs warning (device loop6): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  431.984156][T19212] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  432.018010][T19195] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  432.035597][T19212] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.5950: bg 0: block 40: padding at end of block bitmap is not set
[  432.077875][T19212] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  432.091780][T19212] EXT4-fs (loop6): 1 truncate cleaned up
[  432.098081][T19212] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  432.122316][T19195] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  432.134313][T19195] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  432.146125][T19195] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  432.158384][T19195] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  432.188839][T16019] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  432.243957][T19234] loop9: detected capacity change from 0 to 512
[  432.279881][T19234] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  432.298325][T19234] EXT4-fs (loop9): orphan cleanup on readonly fs
[  432.317232][T19234] EXT4-fs warning (device loop9): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  432.352241][T19234] EXT4-fs (loop9): Cannot turn on quotas: error -117
[  432.390298][T19234] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.5960: bg 0: block 40: padding at end of block bitmap is not set
[  432.432465][T19234] EXT4-fs error (device loop9) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  432.461641][T19234] EXT4-fs (loop9): 1 truncate cleaned up
[  432.467657][T19234] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  432.795806][T19251] loop5: detected capacity change from 0 to 512
[  432.819482][T19249] xt_socket: unknown flags 0xd0
[  432.851878][T19251] EXT4-fs (loop5): too many log groups per flexible block group
[  432.859606][T19251] EXT4-fs (loop5): failed to initialize mballoc (-12)
[  432.866480][T19251] EXT4-fs (loop5): mount failed
[  432.925575][T19259] loop6: detected capacity change from 0 to 512
[  432.928359][T19258] bond1: entered promiscuous mode
[  432.936895][T19258] bond1: entered allmulticast mode
[  432.939218][T19259] EXT4-fs: Ignoring removed i_version option
[  432.942458][T19258] 8021q: adding VLAN 0 to HW filter on device bond1
[  432.959527][T19258] bond1 (unregistering): Released all slaves
[  432.969391][T19259] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  432.986624][T19259] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5967'.
[  432.995681][T19259] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5967'.
[  433.004745][T19259] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5967'.
[  433.041960][T19264] sctp: [Deprecated]: syz.4.5968 (pid 19264) Use of struct sctp_assoc_value in delayed_ack socket option.
[  433.041960][T19264] Use struct sctp_sack_info instead
[  433.088764][T13805] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  433.366045][T19276] bond1: entered promiscuous mode
[  433.371212][T19276] bond1: entered allmulticast mode
[  433.376535][T19276] 8021q: adding VLAN 0 to HW filter on device bond1
[  433.388293][T19276] bond1 (unregistering): Released all slaves
[  433.638832][T19284] random: crng reseeded on system resumption
[  433.770927][T16019] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  433.807593][T19288] xt_socket: unknown flags 0xd0
[  433.812597][T19291] loop6: detected capacity change from 0 to 1024
[  433.823256][T19291] EXT4-fs: Ignoring removed nobh option
[  433.828949][T19291] EXT4-fs: Ignoring removed bh option
[  433.850283][T19291] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  433.882518][T16019] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  433.939378][   T29] kauditd_printk_skb: 248 callbacks suppressed
[  433.939447][   T29] audit: type=1326 audit(1744909327.654:12438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19301 comm="syz.6.5982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  433.974242][   T29] audit: type=1326 audit(1744909327.654:12439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19301 comm="syz.6.5982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  433.997920][   T29] audit: type=1326 audit(1744909327.654:12440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19301 comm="syz.6.5982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=118 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  434.021585][   T29] audit: type=1326 audit(1744909327.654:12441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19301 comm="syz.6.5982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  434.098659][   T29] audit: type=1326 audit(1744909327.814:12442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19309 comm="syz.1.5986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3792dee169 code=0x7ffc0000
[  434.134646][   T29] audit: type=1326 audit(1744909327.814:12443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19309 comm="syz.1.5986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3792dee169 code=0x7ffc0000
[  434.135265][T19312] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5987'.
[  434.158381][   T29] audit: type=1326 audit(1744909327.814:12444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19309 comm="syz.1.5986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3792dee169 code=0x7ffc0000
[  434.158410][   T29] audit: type=1326 audit(1744909327.814:12445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19309 comm="syz.1.5986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3792dee169 code=0x7ffc0000
[  434.158433][   T29] audit: type=1326 audit(1744909327.834:12446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19309 comm="syz.1.5986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3792dee169 code=0x7ffc0000
[  434.158499][   T29] audit: type=1326 audit(1744909327.834:12447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19309 comm="syz.1.5986" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3792dee169 code=0x7ffc0000
[  434.328527][T19317] loop6: detected capacity change from 0 to 512
[  434.344480][T19317] EXT4-fs (loop6): too many log groups per flexible block group
[  434.352221][T19317] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  434.359175][T19317] EXT4-fs (loop6): mount failed
[  434.433997][T19321] xt_socket: unknown flags 0xd0
[  434.695941][T19333] bond1: entered promiscuous mode
[  434.701066][T19333] bond1: entered allmulticast mode
[  434.706355][T19333] 8021q: adding VLAN 0 to HW filter on device bond1
[  434.717062][T19333] bond1 (unregistering): Released all slaves
[  434.872661][T19339] 9p: Unknown access argument +: -22
[  435.029320][T19347] netlink: 16 bytes leftover after parsing attributes in process `syz.5.6000'.
[  435.064356][T19350] loop5: detected capacity change from 0 to 512
[  435.087183][T19350] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.6001: bg 0: block 288: padding at end of block bitmap is not set
[  435.103338][T19353] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5999'.
[  435.112409][T19353] netlink: 16 bytes leftover after parsing attributes in process `syz.1.5999'.
[  435.121372][T19353] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5999'.
[  435.136486][T19350] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  435.145727][T19350] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.6001: attempt to clear invalid blocks 1024 len 1
[  435.162703][T19350] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.6001: invalid indirect mapped block 1819239214 (level 0)
[  435.178570][T19350] EXT4-fs (loop5): 1 truncate cleaned up
[  435.184609][T19350] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  435.261046][T19350] random: crng reseeded on system resumption
[  435.280700][T19355] 9p: Unknown access argument +: -22
[  435.343165][T19358] sctp: [Deprecated]: syz.6.6003 (pid 19358) Use of struct sctp_assoc_value in delayed_ack socket option.
[  435.343165][T19358] Use struct sctp_sack_info instead
[  435.371928][T19360] FAULT_INJECTION: forcing a failure.
[  435.371928][T19360] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  435.385124][T19360] CPU: 0 UID: 0 PID: 19360 Comm: syz.4.6004 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(voluntary) 
[  435.385153][T19360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  435.385166][T19360] Call Trace:
[  435.385220][T19360]  <TASK>
[  435.385231][T19360]  dump_stack_lvl+0xf6/0x150
[  435.385250][T19360]  dump_stack+0x15/0x1a
[  435.385288][T19360]  should_fail_ex+0x261/0x270
[  435.385308][T19360]  should_fail+0xb/0x10
[  435.385411][T19360]  should_fail_usercopy+0x1a/0x20
[  435.385430][T19360]  _copy_from_user+0x1c/0xa0
[  435.385528][T19360]  update_filter+0x4e/0x590
[  435.385545][T19360]  __tun_chr_ioctl+0xf0b/0x1590
[  435.385564][T19360]  tun_chr_ioctl+0x27/0x30
[  435.385578][T19360]  ? __pfx_tun_chr_ioctl+0x10/0x10
[  435.385592][T19360]  __se_sys_ioctl+0xc9/0x140
[  435.385629][T19360]  __x64_sys_ioctl+0x43/0x50
[  435.385646][T19360]  x64_sys_call+0x168d/0x2e10
[  435.385661][T19360]  do_syscall_64+0xc9/0x1c0
[  435.385738][T19360]  ? clear_bhb_loop+0x25/0x80
[  435.385769][T19360]  ? clear_bhb_loop+0x25/0x80
[  435.385783][T19360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  435.385801][T19360] RIP: 0033:0x7f109264e169
[  435.385813][T19360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  435.385847][T19360] RSP: 002b:00007f1090cb7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  435.385861][T19360] RAX: ffffffffffffffda RBX: 00007f1092875fa0 RCX: 00007f109264e169
[  435.385870][T19360] RDX: 0000200000000380 RSI: 00000000400454d1 RDI: 0000000000000003
[  435.385879][T19360] RBP: 00007f1090cb7090 R08: 0000000000000000 R09: 0000000000000000
[  435.385888][T19360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  435.385897][T19360] R13: 0000000000000000 R14: 00007f1092875fa0 R15: 00007ffc317478c8
[  435.385910][T19360]  </TASK>
[  435.610952][T19363] sctp: [Deprecated]: syz.9.6005 (pid 19363) Use of struct sctp_assoc_value in delayed_ack socket option.
[  435.610952][T19363] Use struct sctp_sack_info instead
[  435.844274][T19374] 9p: Unknown access argument +: -22
[  435.907830][T14893] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  436.035736][T19401] loop5: detected capacity change from 0 to 1024
[  436.045871][T19401] EXT4-fs: Ignoring removed nobh option
[  436.051628][T19401] EXT4-fs: Ignoring removed bh option
[  436.071361][T19401] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  436.122521][T14893] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  436.122849][T19409] xt_socket: unknown flags 0xd0
[  436.164567][T19413] loop5: detected capacity change from 0 to 512
[  436.172904][T19413] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  436.182016][T19413] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  436.201286][T19413] EXT4-fs (loop5): warning: checktime reached, running e2fsck is recommended
[  436.210259][T19413] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  436.218444][T19413] System zones: 0-2, 18-18, 34-34
[  436.223825][T19413] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1132: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  436.239361][T19413] EXT4-fs (loop5): 1 truncate cleaned up
[  436.245471][T19413] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  436.247870][T19418] 9p: Unknown access argument +: -22
[  436.273553][T14893] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  436.432111][T19434] netlink: 16 bytes leftover after parsing attributes in process `syz.6.6031'.
[  436.440378][T19437] xt_socket: unknown flags 0xd0
[  436.467773][T19440] loop6: detected capacity change from 0 to 512
[  436.474363][T19440] EXT4-fs: Ignoring removed bh option
[  436.479840][T19440] EXT4-fs: Ignoring removed mblk_io_submit option
[  436.501704][T19440] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  436.514342][T19440] ext4 filesystem being mounted at /247/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  436.590386][T16019] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  436.648246][T19445] xt_socket: unknown flags 0xd0
[  436.676711][T19452] 9p: Unknown access argument +: -22
[  436.830862][T19465] __nla_validate_parse: 2 callbacks suppressed
[  436.830877][T19465] netlink: 40 bytes leftover after parsing attributes in process `syz.6.6043'.
[  436.848529][T19465] netlink: 'syz.6.6043': attribute type 11 has an invalid length.
[  436.856399][T19465] netlink: 448 bytes leftover after parsing attributes in process `syz.6.6043'.
[  436.975846][T19472] xt_socket: unknown flags 0xd0
[  437.019993][T19475] netlink: 'syz.9.6047': attribute type 29 has an invalid length.
[  437.031940][T19475] netlink: 'syz.9.6047': attribute type 29 has an invalid length.
[  437.044380][T19475] netlink: 500 bytes leftover after parsing attributes in process `syz.9.6047'.
[  437.071481][T19479] sctp: [Deprecated]: syz.9.6050 (pid 19479) Use of struct sctp_assoc_value in delayed_ack socket option.
[  437.071481][T19479] Use struct sctp_sack_info instead
[  437.094684][T19481] 9p: Unknown access argument +: -22
[  437.681937][T19498] random: crng reseeded on system resumption
[  437.760082][T19513] netlink: 16 bytes leftover after parsing attributes in process `syz.9.6057'.
[  437.814166][T19526] netlink: 'syz.9.6060': attribute type 29 has an invalid length.
[  437.823078][T19526] netlink: 'syz.9.6060': attribute type 29 has an invalid length.
[  437.831860][T19526] netlink: 500 bytes leftover after parsing attributes in process `syz.9.6060'.
[  438.030666][T19532] bond1: entered promiscuous mode
[  438.035782][T19532] bond1: entered allmulticast mode
[  438.041075][T19532] 8021q: adding VLAN 0 to HW filter on device bond1
[  438.051270][T19532] bond1 (unregistering): Released all slaves
[  438.288744][T19580] xt_socket: unknown flags 0xd0
[  438.577312][T19586] FAULT_INJECTION: forcing a failure.
[  438.577312][T19586] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  438.590436][T19586] CPU: 1 UID: 0 PID: 19586 Comm: syz.5.6069 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(voluntary) 
[  438.590511][T19586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  438.590523][T19586] Call Trace:
[  438.590529][T19586]  <TASK>
[  438.590536][T19586]  dump_stack_lvl+0xf6/0x150
[  438.590556][T19586]  dump_stack+0x15/0x1a
[  438.590569][T19586]  should_fail_ex+0x261/0x270
[  438.590590][T19586]  should_fail+0xb/0x10
[  438.590668][T19586]  should_fail_usercopy+0x1a/0x20
[  438.590692][T19586]  _copy_to_user+0x20/0xa0
[  438.590716][T19586]  simple_read_from_buffer+0xb2/0x130
[  438.590757][T19586]  proc_fail_nth_read+0x103/0x140
[  438.590778][T19586]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  438.590796][T19586]  vfs_read+0x1b2/0x710
[  438.590861][T19586]  ? __rcu_read_unlock+0x4e/0x70
[  438.590883][T19586]  ? __fget_files+0x186/0x1c0
[  438.590975][T19586]  ksys_read+0xeb/0x1b0
[  438.590996][T19586]  __x64_sys_read+0x42/0x50
[  438.591016][T19586]  x64_sys_call+0x2a3b/0x2e10
[  438.591037][T19586]  do_syscall_64+0xc9/0x1c0
[  438.591109][T19586]  ? clear_bhb_loop+0x25/0x80
[  438.591129][T19586]  ? clear_bhb_loop+0x25/0x80
[  438.591149][T19586]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  438.591169][T19586] RIP: 0033:0x7f97e41dcb7c
[  438.591184][T19586] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  438.591257][T19586] RSP: 002b:00007f97e2847030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  438.591276][T19586] RAX: ffffffffffffffda RBX: 00007f97e4405fa0 RCX: 00007f97e41dcb7c
[  438.591289][T19586] RDX: 000000000000000f RSI: 00007f97e28470a0 RDI: 0000000000000005
[  438.591301][T19586] RBP: 00007f97e2847090 R08: 0000000000000000 R09: 0000000000000000
[  438.591311][T19586] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  438.591350][T19586] R13: 0000000000000000 R14: 00007f97e4405fa0 R15: 00007ffd4185bc28
[  438.591368][T19586]  </TASK>
[  438.854325][T19595] netlink: 'syz.5.6071': attribute type 29 has an invalid length.
[  438.880716][T19595] netlink: 'syz.5.6071': attribute type 29 has an invalid length.
[  438.906949][T19595] netlink: 500 bytes leftover after parsing attributes in process `syz.5.6071'.
[  438.957103][T19599] netlink: 28 bytes leftover after parsing attributes in process `syz.5.6072'.
[  439.142423][T19611] 9p: Unknown access argument +: -22
[  439.194047][T19620] loop6: detected capacity change from 0 to 512
[  439.225725][T19625] netlink: 'syz.1.6081': attribute type 29 has an invalid length.
[  439.246916][T19620] EXT4-fs (loop6): too many log groups per flexible block group
[  439.254617][T19620] EXT4-fs (loop6): failed to initialize mballoc (-12)
[  439.266863][T19620] EXT4-fs (loop6): mount failed
[  439.273511][T19625] netlink: 'syz.1.6081': attribute type 29 has an invalid length.
[  439.284707][T19631] sg_write: data in/out 100888583/87 bytes for SCSI command 0xd4-- guessing data in;
[  439.284707][T19631]    program syz.5.6082 not setting count and/or reply_len properly
[  439.310630][T19625] netlink: 500 bytes leftover after parsing attributes in process `syz.1.6081'.
[  439.333997][T19633] netlink: 'syz.1.6083': attribute type 29 has an invalid length.
[  439.343021][T19633] netlink: 500 bytes leftover after parsing attributes in process `syz.1.6083'.
[  439.418447][T19640] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[  439.418447][T19640]    program syz.5.6082 not setting count and/or reply_len properly
[  439.446752][T19639] netlink: 28 bytes leftover after parsing attributes in process `syz.4.6086'.
[  439.451834][T19641] xt_socket: unknown flags 0xd0
[  440.044811][T19656] bond1: entered promiscuous mode
[  440.049926][T19656] bond1: entered allmulticast mode
[  440.055182][T19656] 8021q: adding VLAN 0 to HW filter on device bond1
[  440.149387][T19656] bond1 (unregistering): Released all slaves
[  440.243088][T19659] loop6: detected capacity change from 0 to 512
[  440.330944][T19659] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  440.346574][T19659] EXT4-fs (loop6): orphan cleanup on readonly fs
[  440.353401][T19659] __quota_error: 294 callbacks suppressed
[  440.353413][T19659] Quota error (device loop6): v2_read_file_info: Block with free entry 1 out of range (1, 6).
[  440.369536][T19659] EXT4-fs warning (device loop6): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  440.389224][T19659] EXT4-fs (loop6): Cannot turn on quotas: error -117
[  440.418043][T19659] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.6092: bg 0: block 40: padding at end of block bitmap is not set
[  440.454880][T19659] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  440.486902][T19659] EXT4-fs (loop6): 1 truncate cleaned up
[  440.505594][T19659] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  440.628190][   T29] audit: type=1326 audit(1744909334.345:12742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19658 comm="syz.6.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  440.680370][T16019] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  440.696455][   T29] audit: type=1326 audit(1744909334.365:12743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19658 comm="syz.6.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  440.720160][   T29] audit: type=1326 audit(1744909334.365:12744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19658 comm="syz.6.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  440.743743][   T29] audit: type=1326 audit(1744909334.365:12745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19658 comm="syz.6.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  440.767401][   T29] audit: type=1326 audit(1744909334.365:12746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19658 comm="syz.6.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  440.791062][   T29] audit: type=1326 audit(1744909334.365:12747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19658 comm="syz.6.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  440.814747][   T29] audit: type=1326 audit(1744909334.365:12748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19658 comm="syz.6.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  440.838345][   T29] audit: type=1326 audit(1744909334.365:12749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19658 comm="syz.6.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  440.859382][T19668] sctp: [Deprecated]: syz.1.6096 (pid 19668) Use of struct sctp_assoc_value in delayed_ack socket option.
[  440.859382][T19668] Use struct sctp_sack_info instead
[  440.861970][   T29] audit: type=1326 audit(1744909334.365:12750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19658 comm="syz.6.6092" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb24d2be169 code=0x7ffc0000
[  441.087246][T19675] 9p: Unknown access argument +: -22
[  441.264226][T19686] sctp: [Deprecated]: syz.4.6103 (pid 19686) Use of struct sctp_assoc_value in delayed_ack socket option.
[  441.264226][T19686] Use struct sctp_sack_info instead
[  441.317490][T19692] loop5: detected capacity change from 0 to 512
[  441.343885][T19692] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  441.388062][T19700] loop9: detected capacity change from 0 to 1024
[  441.392511][T19692] EXT4-fs (loop5): orphan cleanup on readonly fs
[  441.395154][T19700] EXT4-fs: Ignoring removed nobh option
[  441.406508][T19700] EXT4-fs: Ignoring removed bh option
[  441.425349][T19692] EXT4-fs warning (device loop5): ext4_enable_quotas:7170: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  441.454893][T19692] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  441.466129][T19700] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  441.483218][T19692] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.6104: bg 0: block 40: padding at end of block bitmap is not set
[  441.510986][T19692] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  441.523143][T13805] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  441.532466][T19692] EXT4-fs (loop5): 1 truncate cleaned up
[  441.539500][T19692] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  441.608404][T14893] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  441.643300][T19713] netdevsim netdevsim9 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.688108][T19713] netdevsim netdevsim9 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.707591][T19729] sctp: [Deprecated]: syz.5.6111 (pid 19729) Use of struct sctp_assoc_value in delayed_ack socket option.
[  441.707591][T19729] Use struct sctp_sack_info instead
[  441.738756][T19713] netdevsim netdevsim9 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  441.805782][T19734] ==================================================================
[  441.813898][T19734] BUG: KCSAN: data-race in call_rcu / mtree_range_walk
[  441.820760][T19734] 
[  441.823086][T19734] write to 0xffff88810ffd1c08 of 8 bytes by task 19733 on cpu 1:
[  441.830798][T19734]  call_rcu+0x49/0x430
[  441.834868][T19734]  mas_replace_node+0x2fd/0x430
[  441.839726][T19734]  mas_wr_store_entry+0x1e80/0x2460
[  441.844942][T19734]  mas_store_prealloc+0x6d5/0x960
[  441.849977][T19734]  vma_iter_store_new+0x1d3/0x210
[  441.855010][T19734]  vma_complete+0x12b/0x570
[  441.859532][T19734]  __split_vma+0x56c/0x630
[  441.863951][T19734]  vma_modify+0x105/0x200
[  441.868286][T19734]  vma_modify_flags+0x10a/0x140
[  441.873144][T19734]  mprotect_fixup+0x30f/0x5d0
[  441.877816][T19734]  do_mprotect_pkey+0x6ce/0x9a0
[  441.882663][T19734]  __x64_sys_mprotect+0x48/0x60
[  441.887516][T19734]  x64_sys_call+0x272f/0x2e10
[  441.892197][T19734]  do_syscall_64+0xc9/0x1c0
[  441.896705][T19734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  441.902592][T19734] 
[  441.904906][T19734] read to 0xffff88810ffd1c08 of 8 bytes by task 19734 on cpu 0:
[  441.912527][T19734]  mtree_range_walk+0x143/0x460
[  441.917380][T19734]  mas_walk+0x16e/0x320
[  441.921531][T19734]  lock_vma_under_rcu+0xa7/0x340
[  441.926482][T19734]  exc_page_fault+0x150/0x6a0
[  441.931154][T19734]  asm_exc_page_fault+0x26/0x30
[  441.935995][T19734] 
[  441.938310][T19734] Reported by Kernel Concurrency Sanitizer on:
[  441.944452][T19734] CPU: 0 UID: 0 PID: 19734 Comm: syz.6.6114 Not tainted 6.15.0-rc2-syzkaller-00048-gc62f4b82d571 #0 PREEMPT(voluntary) 
[  441.956954][T19734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  441.967003][T19734] ==================================================================
[  441.980070][T19713] netdevsim netdevsim9 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  442.043848][T19713] netdevsim netdevsim9 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  442.070731][T19713] netdevsim netdevsim9 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  442.095335][T19713] netdevsim netdevsim9 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  442.111348][T19713] netdevsim netdevsim9 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  447.475585][T10319] unregister_netdevice: waiting for batadv0 to become free. Usage count = 3
[  447.484296][T10319] unregister_netdevice: waiting for batadv0 to become free. Usage count = 3