last executing test programs:

8m41.500522786s ago: executing program 3 (id=266):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x1f, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x784, &(0x7f0000001900)="$eJzs3c1rHOUfAPDvbN7aNL9fIghaTwFBA6UbU2Or6KHiQQQLBT3bLpttqNlkS3dTmhDQIoIXQcWDoJeefak3r75c9V/w5EEsVdNixYNEZrPTbJvdNEmTbHU/H5js88zM5pnvPDPzPLvzMBtA1xpN/+QiDkbEe0nEcGN+EhF99VRvxPHV9W4uLxXTKYmVlVd+S+rr3FheKkbTe1IHGpmHI+LbtyMO5daXW11YnCmUy6Xzjfx4bfbceHWhPyIK06Xp0tzRicnJI8eeOnZ052L944fFoavvv/j4F8f/euuhK+9+l8TxGGosa45jp4zGaGOf9KW78DYv7HRhHZZ0egPYlvTU7Fk9y+NgDEdPPQUA/Je9ERErAECXSbT/ANBlsu8BbiwvFbOps99I7K1rz0fEvtX4s/ubq0t6G/fs9tXvgw7eSG67M5JExMgOlD8aEZ989dpn6ZTmf3y2u/Y/0DlvXoqI0yOj66//yboxC1v1xAbL+huvo3fM77b2Bzrp67T/83Sr/l/uVv8nWvR/Blqcu9tx1/N//w4UsoG0//dc09i2m03xN4z0NHL/q/f5+pIzZ8ul9Nr2/4gYi76BND+xQRlj1/++3m5Zc//v9w9e/zQtP31dWyP3S+/A7e+ZKtQK9xJzs2uXIh7pbRV/cqv+kzb935ObLOOlZ975uN2yNP403mxaH380RiftjpXLEY+1rP+1EW3J2vjExcNnZ+8YnzhePxzGs4OihS9/+miwXfnN9Z9OafnZZ4G9kNb/4MbxjyTN4zWrWy/j+8vD37Rbdvf4Wx///cmr9XTWj7hYqNXOT0T0Jy+vn39k7b1ZPls/jX/s0dbn/0bHf/qZ8HSrgFrUdO/VXz/ffvy7K41/akv1v/XElZszPe3K31z9T9ZTY405m7n+bXYD72XfAQAAAAAAAAAAAAAAAAAAAAAAAMBm5SJiKJJc/lY6l8vnV3/D+8EYzJUr1dqhM5X5uamo/1b2SPTlskddDjc9D3Wi8Tz8LH/kjvyTEfFARHw4sD/JnqM41eHYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBzoM3v/6d+Huj01gEAu2ZfpzcAANhz2n8A6D7afwDoPtp/AOg+2n8A6D7afwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHbZyRMn0mnlz+WlYpqfurAwP1O5cHiqVJ3Jz84X88WhOJefrlSmy6V8sTJ7t/9XrlTOTcbc/MXxWqlaG68uLJ6arczP1U6dnS1Ml06V+vYkKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYmurC4kyhXC6dl9hGYuX+2IzOJ3oah9MuFJFEROcD3HAL74/N2OFEhy9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8S/wQAAP//iZYeGw==")
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r5, 0x0, 0x0)
r6 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@bridge_delneigh={0x28, 0x1c, 0xcafe28741a3524c9, 0x70bd2b, 0x25dfdbfb, {0x7, 0x0, 0x0, r7, 0x80, 0x1e, 0xa}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1b}}]}, 0x28}, 0x1, 0x0, 0x0, 0xc0041}, 0x0)
sendmsg$GTP_CMD_ECHOREQ(r5, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4ffc221eaf6dc33}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x24, 0x0, 0x8, 0x70bd27, 0x25dfdbfd, {}, [@GTPA_PEER_ADDRESS={0x8, 0x4, @initdev={0xac, 0x1e, 0x0, 0x0}}, @GTPA_LINK={0x8, 0x1, r7}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x10)
ioctl$FIBMAP(r5, 0x1, &(0x7f0000000000)=0x7)

8m39.437976946s ago: executing program 3 (id=272):
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r0}, 0x10)
creat(&(0x7f00000002c0)='./file0\x00', 0x6)
readlink(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)=""/92, 0x5c)

8m39.296255668s ago: executing program 3 (id=274):
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')

8m39.289641588s ago: executing program 3 (id=275):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000080), 0x64, 0x50a, &(0x7f0000000200)="$eJzs3UFvG1kdAPD/OHZp2nSTBQ6wEsvCLkorqJ1s2DbiUIqE4FQJKPcSEieK4sRR7LRNVEEqPgASQoDECS5ckPgASKgSF44IqRKcQYBACFo4cIDOyvY4TVM7cVs3TuPfT5rMmzfz/H/P0YznzTzNBDC03oqIqxHxKE3TCxExnuXnsil2WlNju4cP7sw3piTS9Po/k0iyvPZnJdn8bFbsdER87csR30yejlvb2l6Zq1TKG9lyqb66XqptbV9cXp1bKi+V12Zmpi/NXp59b3aqL+08FxFXvvjXH3z3Z1+68qvP3PrTjb+f/1ajWmPZ+r3teEb5g1a2ml5ofhd7C2w8Z7DjKN9sYWa00xYjT+Xcfcl1AgCgs8Y5/gcj4pMRcSHGY+Tg01kAAADgFZR+fiz+l0SknZ3qkg8AAAC8QnLNMbBJrpiNBRiLXK5YbI3h/XCcyVWqtfqnF6ubawutsbITUcgtLlfKU9lY4YkoJI3l6Wb68fK7+5ZnIuL1iPj++GhzuThfrSwM+uIHAAAADImz+/r//xlv9f8BAACAE2Zi0BUAAAAAXjr9fwAAADj59P8BAADgRPvKtWuNKW2//3rh5tbmSvXmxYVybaW4ujlfnK9urBeXqtWl5jP7Vg/7vEq1uv7ZWNu8XaqXa/VSbWv7xmp1c61+Y/mJV2ADAAAAR+j1j9/7QxIRO58bbU4Np3or2uNmwHGV300l2bzDbv3H11rzvxxRpYAjMTLoCgADkx90BYCBKQy6AsDAJYes7zp457fZ/BP9rQ8AANB/kx/tfv8/d2DJnYNXA8eenRiGl/v/MLya9/97HcnrZAFOlIIzABh6L3z//1Bp+kwVAgAA+m6sOSW5YnZ5byxyuWIx4lzztQCFZHG5Up6KiNci4vfjhQ80lqebJZND+wwAAAAAAAAAAAAAAAAAAAAAAAAAQEuaJpECAAAAJ1pE7m/Jr1vP8p8cf2ds//WBU8l/xyN7ReitH1//4e25en1jupH/r938+o+y/HcHcQUDAAAAhsIzvcC/3U9v9+MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJ8ePrgz356OMu4/vhARE53i5+N0c346ChFx5t9J5PeUy0XESB/ijzb+fKRT/KRRrd2Q++Mn7bIvaOfugfFjIvsWOsU/24f4MMzuNY4/Vzvtf7l4qznvvP/lI55Yfl7dj3+xe/wb6bL/n+sxxhv3f1HqGv9uxBv5zsefdvykS/y3e4z/ja9vb3dbl/4kYrLj70/yRKxSfXW9VNvavri8OrdUXiqvzcxMX5q9PPve7FRpcblSzv52jPG9j/3y0UHtP9Ml/sQh7X+nx/b///7tBx9qJQud4p9/u0P83/w02+Lp+O3fvk9l6cb6yXZ6p5Xe682f/+7Ng9q/0KX9h/3/z/fY/gtf/c6fe9wUADgCta3tlblKpbxxYhONXvoxqIbEMUx8u68fmKZp2tinXuBzkjgOX0szMegjEwAA0G+PT/oHXRMAAAAAAAAAAAAAAAAAAAAYXkfxOLH9MXd2U0k/HqENAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANAX7wcAAP//ZWfZVg==")
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
r1 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
mknod$loop(0x0, 0x2020, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f00000001c0)={'filter\x00', 0x5, 0x4, 0x3f0, 0x110, 0x0, 0x0, 0x308, 0x308, 0x220, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @private, @empty}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @local, @private}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)
write$binfmt_register(r1, &(0x7f00000000c0)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x9, 0x3a, '+\'', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x2a)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10)
r4 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

8m38.788047695s ago: executing program 3 (id=277):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
getrandom(&(0x7f0000000280)=""/17, 0x11, 0x2)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x24d}, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
bpf$MAP_CREATE(0x300000000000000, &(0x7f0000000100)=@base={0x18, 0x4, 0x41, 0x0, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4003, 0x1}, 0x48)

8m38.623116938s ago: executing program 3 (id=278):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}}, 0x24}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000800)=ANY=[@ANYBLOB="600000001000370400"/20, @ANYRES32], 0x60}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {}, {0x5, 0x1}}}, 0x24}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

8m38.593693688s ago: executing program 32 (id=278):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}}, 0x24}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000800)=ANY=[@ANYBLOB="600000001000370400"/20, @ANYRES32], 0x60}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {}, {0x5, 0x1}}}, 0x24}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

5m6.098339954s ago: executing program 2 (id=1837):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000004c0)='mm_page_free\x00', r0, 0x0, 0x178}, 0x18)
r1 = gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$int_in(r2, 0x5452, &(0x7f0000b28000)=0x3)
fcntl$setsig(r2, 0xa, 0x12)
poll(&(0x7f0000b2c000)=[{r3}], 0x2c, 0xffffffffffbffff8) (fail_nth: 7)
dup2(r2, r3)
fcntl$setown(r2, 0x8, r1)
tkill(r1, 0x13)

5m5.67937577s ago: executing program 2 (id=1838):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x1)

5m5.563676272s ago: executing program 2 (id=1840):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000940)=ANY=[@ANYRESHEX], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f0000000000), &(0x7f0000000180)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x47, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000980)='mm_page_free\x00', r2}, 0x18)
r4 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f0000000200)={[{@max_batch_time={'max_batch_time', 0x3d, 0x358}}, {@resuid}, {@lazytime}]}, 0x3, 0x44b, &(0x7f00000004c0)="$eJzs282PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rClJYO9PdLLpxz77lzztN7T3vOPW0AI2sq+yeJ2BoRf0bERD3bXGCq/t/Vy2cXrl0+u5BEtfruP0mt3JXLZxeKosV5W/LMdBqRfpHE7jb1rpw+c3y+Ulk6lednV098NLty+swLx07MH106unRy/6FDBw/MvfzS/hf7EmfWpiu7Pl3es/OtD755+/BXTfG3xNEnU90OPl2t9rm64drWkE7GhtgQ1qUUEdnlKtf6/0SUYu3iTcSbnw+1ccBAVavV6pbOh89VgXtYEs15XR5GRfFBn81/i611EPDq4IYfQ3fptfoEKIv7ar7Vj4xFmpcpt8xv+2kqIt4/9+932RaDeQ4BANDkp2z883y78V8aDzWUuy9fG5qMiPsjYntEPBAROyLiwYha2Ycj4pF11t+6SHLj+Ce92FNgtygb/72Sr201j/+K0V9MlvLctlr85eTIscrSvvw1mY7ypiw/16WOn9/44+tOxxrHf9mW1V+MBfN2XBzb1HzO4vzq/O3E3OjS+YhdY+3iT66vBCQRsTMidvVYx7Fnf9jT6djN4++iD+tM1e8jnqlf/3PREn8h6b4+Ofu/qCztmy3uihv99vuFdzrVf1vx90F2/f/f9v6/Hv9k0rheu7L+Oi789WXHOU2v9/948l4tPZ7v+2R+dfXUXMR4crje6Mb9+9fOLfJF+Sz+6b3t+//2WHsldkdEdhM/GhGPRcTjedufiIgnI2Jvl/h/ff2pD3uPf7Cy+BfXdf3XEuPRuqd9onT8lx+bKp28If5r3a//wVpqOt9zK+9/t9Ku3u5mAAAAuPukEbE1knTmejpNZ2bq35ffEZFWlldWnzuy/PHJxfpvBCYj0uJJ10TD89C5fFpfz5+PiPpXC4rjB/Lnxt+WNtfyMwvLlcVhBw8jbkuH/p/5uzTs1gED5/daMLr0fxhd+j+MLv0fRleb/r95GO0A7rx2n/+fDaEdwJ3X0v8t+8EIMf+H0aX/w+jS/2EkrWyOm/9Ivmui+Es9nn7PJqK8IZoxsESkG6IZGzZRvsv7xfDekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrpvwAAAP//9gndaw==")
r5 = open$dir(&(0x7f00000002c0)='./file1\x00', 0x210600, 0x6)
getdents(r5, &(0x7f0000000380)=""/176, 0xb0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000b80)=ANY=[@ANYRES8=<r7=>0xffffffffffffffff], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r7, @ANYRES32=r9], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0xd, 0xc, &(0x7f0000000ac0)=ANY=[@ANYRES32=r6, @ANYRES32=r4, @ANYRES32=r3, @ANYRESDEC=r9, @ANYRES8, @ANYRES32=r2, @ANYRESDEC=r4], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x17, 0x0, 0x0, 0x0, 0x0, r8, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
getsockopt$IP_VS_SO_GET_DAEMON(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000300), &(0x7f0000000a00)=0x30)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r10}, 0x10)
add_key(&(0x7f0000000380)='asymmetric\x00', 0x0, &(0x7f0000000880)="10", 0x1, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r8}, 0x10)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x18, 0xb, &(0x7f0000000b00)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000f7850000002d0000"], &(0x7f0000000040)='GPL\x00', 0x5, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r11}, 0x10)
rmdir(0x0)
r12 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$TUNSETIFF(r12, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
ioctl$TUNSETSTEERINGEBPF(r12, 0x800454e0, &(0x7f0000000080)=r6)
ioctl$TUNSETFILTEREBPF(r12, 0x800454e1, &(0x7f0000000100)=r6)
close(r12)
perf_event_open(&(0x7f00000002c0)={0x5, 0x80, 0x3, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @perf_bp={&(0x7f0000000bc0), 0x1}, 0x100002, 0x1, 0xfffbfffb, 0x2, 0x6, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r13 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r13, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)

5m5.320294695s ago: executing program 2 (id=1843):
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'team0\x00', <r0=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', r0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xa, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="660a0000004000fc63690061114c000000000085000000d200001cd31d2500000000f7"], &(0x7f0000000000)='GPL\x00'}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r1}, 0x38)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100000100000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r4}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000000000000000000000000851000000600000018020000", @ANYRES32, @ANYRES16=r5], &(0x7f0000000000)='GPL\x00', 0x2}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)={0x20, 0x0, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [{{0x8}, {0x4}}]}, 0x20}, 0x1, 0x1000000, 0x0, 0x24004000}, 0x24040840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000dc0)=@delchain={0x1d4, 0x65, 0x2, 0x70bd27, 0x5dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x801b}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_RATE={0x6, 0x5, {0x8, 0x81}}, @filter_kind_options=@f_bpf={{0x8}, {0x198, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x15c, 0x1, [@m_simple={0xd0, 0x1e, 0x0, 0x0, {{0xb}, {0xa4, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x68f6, 0x6, 0x2, 0x8, 0x9}}, @TCA_DEF_DATA={0x9, 0x3, '/-@@\x00'}, @TCA_DEF_DATA={0x3d, 0x3, '\x00\x94\xe4\xe2X\xce\xbar\x069\xf3\xff\x8d\x94\x1ao\xa1,\xa4\xc1\xcc\x1e\x9aS>\a\xd2R\x85\v\x80\xea\x1e\xc8W\xea\x99\xacos\x80\x1d\x8b\xd9`Ewb\xa5&iu@\xfd\x8c\xde\x00'}, @TCA_DEF_DATA={0x1e, 0x3, 'cpuacct.usage_percpu_user\x00'}, @TCA_DEF_DATA={0x1a, 0x3, 'mcast_rejoin_interval\x00'}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_connmark={0x88, 0x15, 0x0, 0x0, {{0xd}, {0x58, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x800, 0xfffff801, 0x6, 0x0, 0x4cb}, 0x2}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x172a, 0x0, 0x5, 0x10000, 0x3fe}, 0xf2b}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x2, 0xb, 0x3, 0x0, 0x8}, 0xc8}}]}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}, @TCA_BPF_OPS={{0x6, 0x4, 0x2}, {0x14, 0x5, [{0x8, 0xf, 0x3, 0x9}, {0x4, 0xa, 0x6, 0x1}]}}, @TCA_BPF_FD={0x8}]}}]}, 0x1d4}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r3, 0x40605346, &(0x7f00000008c0)={0x8, 0x2, {0x3, 0x2, 0x48, 0x1, 0x9}, 0x2})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r7=>r2, {0xee00, 0xffffffffffffffff}}, './file0\x00'})
accept$nfc_llcp(r7, &(0x7f0000000580), &(0x7f00000006c0)=0x60)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYRESDEC, @ANYRES32, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f0000000a00)={[], [{@flag='rw'}, {@smackfsfloor={'smackfsfloor', 0x3d, 'kfree\x00'}}, {@flag='dirsync'}, {@subj_type={'subj_type', 0x3d, 'cpuacct.usage_percpu_user\x00'}}, {@smackfshat={'smackfshat', 0x3d, 'team0\x00'}}]}, 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r8 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r8, 0x40086602, &(0x7f00000001c0)=0x10)
r9 = socket(0x10, 0x803, 0x0)
sendto(r9, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r9, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r6, 0x0, 0x80000000000}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r10 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r10, &(0x7f00000014c0)={0x2, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="021800001c000000000000000000000005000500000000000a00000000000000fe8000000000000000000000200000aa00000000000000000800120000000000000000000000000006000000000000000000000000000000e0000002000000000000000000000000fc01000000000000000000000000000005000600000000000a0000000000000000000000000000000000000000000000000000000000000008001900000000000a"], 0xe0}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000080)='net/rt6_stats\x00')
r11 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r11, &(0x7f0000000880)=[{&(0x7f0000000440)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0)
sendmmsg$inet_sctp(r11, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000240)=[{&(0x7f0000000300)='5', 0x1}], 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="30000000000000008400000001000000000000000c"], 0x30}], 0x1, 0x0)

5m5.060018529s ago: executing program 2 (id=1844):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r0, &(0x7f0000000000)='2', 0x1, 0x4fed0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004900)='./file1\x00', 0x4042, 0xf8)
writev(r1, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x64000}], 0x1) (fail_nth: 10)

5m4.627948175s ago: executing program 2 (id=1849):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000300)={@rand_addr=0x64010101, @empty, 0x0, 0x1, [@multicast2]}, 0x14)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000140), 0x1, 0x4fa, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
write$cgroup_int(r5, 0x0, 0x0)
r6 = syz_open_dev$evdev(&(0x7f0000000000), 0x9468, 0x0)
ioctl$EVIOCGMTSLOTS(r6, 0x8040450a, 0x0)

5m4.627707635s ago: executing program 33 (id=1849):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000300)={@rand_addr=0x64010101, @empty, 0x0, 0x1, [@multicast2]}, 0x14)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000840)=@abs={0x0, 0x0, 0x4e20}, 0x9)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000140), 0x1, 0x4fa, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
write$cgroup_int(r5, 0x0, 0x0)
r6 = syz_open_dev$evdev(&(0x7f0000000000), 0x9468, 0x0)
ioctl$EVIOCGMTSLOTS(r6, 0x8040450a, 0x0)

3m13.566817587s ago: executing program 1 (id=2913):
r0 = timerfd_create(0x7, 0x800)
timerfd_settime(r0, 0x3, &(0x7f00000003c0)={{}, {0x77359400}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000005c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730302b66a99f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca20508011132153c528f7bca92980a3223c5b9cdddedb0a14adddf9a6e70a26b5c0ee0879c349814bee9d96d8bd23db4e801d49201ae84090455682794098afa42b34196b1d849020eeeb1ef48d003d71524683d7cdfa841bca708414fb8ff49742420d1ab7fa678aa4806d5247616e8bc0b02887f8efe9310ccf9bec1c9b7f6671c9d59ac6b09b4436cafdd1887c8e884c930d21ace088ccc99a94d4b33da2fc1b1310bb607a9ad65844655de1ac9fd36d12e07a821fb950368a970c58fb4f3"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
syz_socket_connect_nvme_tcp()
socket$nl_generic(0x10, 0x3, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r6, &(0x7f0000000480)={0x0, 0x60, &(0x7f0000000140)={&(0x7f00000002c0)={0x1c, r7, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)

3m12.717843479s ago: executing program 1 (id=2925):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x2f, &(0x7f0000000140)={0x0, 0xfffffffffffffe83}, 0x1, 0x0, 0x0, 0x959}, 0x8010)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]})
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0x14)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0x19)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x72c09debee3ff0ef)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="400000006800010079a766b7123e0f61fc799dbbb703001000fdffff7f00000000000000000c0002000100000015000000140006007f0000010000000000000000000000000600030001000000"], 0x40}, 0x1, 0x0, 0x0, 0x4008018}, 0x4000080)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
rmdir(0x0)

3m12.63196713s ago: executing program 1 (id=2926):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
r2 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x3000009, 0x46031, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x7}, 0x8164, 0x10000, 0x4, 0x1, 0x8, 0x200, 0x4b, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000200), 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sched_rr_get_interval(0x0, 0x0)
sendmsg$TIPC_NL_NET_GET(r3, &(0x7f00000004c0)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000480)={&(0x7f0000000440)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x4040004)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_ADD_NAN_FUNCTION(r4, &(0x7f0000000600)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000140)=ANY=[], 0x14}}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), r2)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_TARGET(r5, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000300)={&(0x7f00000001c0)={0x14, 0x0, 0x2, 0x70bd28, 0x25dfdbfc, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x44000)
mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x110c23c000, 0x3, 0x2})
timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa40}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000180)='mm_page_free\x00', r6, 0x0, 0x1000000}, 0x18)
r7 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1a1})
io_uring_register$IORING_REGISTER_BUFFERS(r7, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

3m11.695921914s ago: executing program 1 (id=2937):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f0000000200)=0x7ffffffc)
close(0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000003840), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002bbd7000fedbdf255500"], 0x30}}, 0x4044840)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r3=>0xffffffffffffffff, {<r4=>0xffffffffffffffff}}, './bus\x00'})
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x3c1, 0x3, 0x410, 0x0, 0x168, 0x0, 0x0, 0xa, 0x340, 0x250, 0x250, 0x340, 0x250, 0x3, 0x0, {[{{@ipv6={@private0={0xfc, 0x0, '\x00', 0x1}, @dev={0xfe, 0x80, '\x00', 0x33}, [0xff, 0x0, 0xff, 0xff000000], [0xffffff00, 0xff000000, 0xff, 0xff000000], 'xfrm0\x00', 'veth1_to_bond\x00', {}, {0xff}, 0x0, 0x3, 0x2}, 0x0, 0x228, 0x268, 0x0, {0x0, 0x28e}, [@common=@inet=@hashlimit3={{0x158}, {'caif0\x00', {0x0, 0x7ff, 0x0, 0x1, 0x0, 0x6, 0x1000}, {0xfffffffffffffff6}}}, @inet=@rpfilter={{0x28}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "48c01c5140d722edd3fb24545886bbd1be494201b400"}}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{}, {0x0, 0x8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x470)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x80000000, 0x0)
bind$unix(0xffffffffffffffff, &(0x7f0000000040)=@abs={0x1, 0x0, 0x4e24}, 0x6e)
ioctl$SIOCGETMIFCNT_IN6(0xffffffffffffffff, 0x89e0, 0x0)
syz_clone(0x200, &(0x7f0000000380), 0x0, &(0x7f0000000400), &(0x7f0000000440), &(0x7f0000000b00)="6e24373932ec4135c653b360e937b1021ae96b3450d293224aa91550bb3780cff94c54763a9017b5d254c0d35fe824551ac4652002796694b97d4d1ff108589cf392d3f6a28bbb810a37dff73520285f26eff1bf048e68de0292bd0e31fc96c81c4de77a41def489fbffd8e3bb39e3be85bfb0479ce980120ecd94eb706ce14ee172f8aeb215281902311f452994c20aba9d3138119e9a4e7ef1c31f78fbd70eee7555932e8226e0f2eaf6b3d416c307031cb2894a224147014b6600d466d3caa929406fe91ce5f508378dc930f1fe8e0fd500c7b472dd35050374d9c1a37efe5a433a5e587365cb2426253e61600953779f598031c3faccad2052")
mq_notify(r4, &(0x7f00000012c0)={0x0, 0xd, 0x4, @thr={&(0x7f0000002340)="5497085c33ac6610b00488019464a4e01b5ce6da30d4218e78b47c698422701231359a5989409f97381468eeded629d686527b903cb4c9451876ffffdd203c86cfa1c9b3a1c332295406d96c1a28bf2c31e0c678ba908bcebd2c0bda261edd03216d7116d042ba70f980c26c9193c079341a04852ce031f8ac111ee0712b5cf0c1311b15bb0323f8a6d709d98052693d382635eb67013ba3d16de377b14f2c8c057b6b88bd8b0745f01ff120e46b3f0449d9d715ec9046b3bcbeb2554d6739dbc3720b1c65353b176eaee56a07a37e35001bd13e5f5314d6143477fcd284b1948b21bc0dd6adf435be7854517dfa1141038d4102012bd78a1b7352b856d53a6275007e3642270eea1ca0dab97239471efa2fd4a271c7976ef879c82f59757db01623507430aa2f88e93dcf035f2e502ad5165b9cd56d2940c2d8d1fdddd5350a683a251fc17d26794f45ab723b74eacae9bb38f5f4d903e58e0567f0a7b9395552dac2471a4bfac98c24ad1967415c965d9facfd6dc2e850615970424e4196cc79b71694f8802488a647c5b1295e3ed17984f9e4540412b847bfa403ddb6010fa17bc97e2818f4f0f66a19a5642af2a8aee6f4a95263e6ca9c7f9141eff7d5dc1d4ffd8a09891eb1d61159c189539ec5b94888bc076bbace7a5d55e79b27e8a7c9c3268bdb908b2575af82f5ed96a32a8f6330aa832c4123b7e558463c73ade658c695451fb3b422ac5dba5303bcd60ec949ca275f8396f8070196e2f0ff03780ff8bee378728f4ce1d5aece32ce4f3f539422aab86a0988fb4f08f42a856db28bde6ad33c2fed5a03bda47f1e30b573074c8b949e245062d5930eabb079d1edc1b50fd0fd510daf4c9fb56b79a94d9dfa33f51e2df47ccfeb1b9d6295d1c67e066fd1e298c74b28f0f89285ab3c1f6cf54f3e680f88bcd851eb603cb1293c5e0d00539bad07a6d6eb7013aadc4ad129ceceaca945a1d2847bc52845b13e501085b107611b693328850d7911035c89699d9783188e8eb6ffe3cfbd6ae06ac4c922a90ab9d84c26bdf173042cf175a83b1122fc4cc0c7f88d601881f0d96447f3561c69ac160beacc2bfdd577385d5719255d106e1c35a045695f197806580a3d47a40c3d337ce8cb34ed6b9d866f350494e1361e378c48a38058d28152e463db610fa1f958ada0c70050a085ee3bc67040cde16bfe14b908cd5675fb5458922b738682cdbbad0e6c02af4c80e4f898cb1d9558819895bf052815ce0fe1f75964c14aa826c95d7d660cba1efc90e6fb9b95620ca64fc1070e01c2f66f5ae04688a71b6fffe535020b1efc5e9bb19cf3251a46f54874b0ed34db5361bb63169f24049015c7f5406a5fa929de8f870dd4aeb032af752303b99582f550c7539a280321b32b7c98b2175c46a980e7c91e3b3e4e1c8d5ebeea046d7c9576e1e3f2844ab7daa02464b4b7eff87abde51acb0df5d94bc6bb0ffcd6864cbc3ec56f0e39756823e71af83ae77757c221a3cca41ec386cf6143a8ed4a632989d407c56f17fec7ba6c12afc3b2bd53034ec017f60ef23f91ba242599d057ad5896ddf99c221f37d512001fb336666688a979b82a665c743dade25051a6156e98913d80e870a7c3dc79d0f327e1a0dbd7e301de3137acf8e4f46091d2e578b515af4882fd98877aff3548d63d1c0bcca64173020c8480bd705416456afeb11f149f10544ed432af0e233697d79e2ca70e15828ab4db2a16f399815f39d391beda64b1b49a57f9af43bc720f557a468b73604d8cdb1e8115473c6f2caa8e147bfb0473061e535f1c3a05548b6848a6e53210057d493ea2b73b6564c1f0de9040532bb41c53186383e6c5373932b420bf6e236bdc93a7e1ace12443255b94c5ce4122f978d60cec3b75a8ae3aca46142c010d906e416d9089398fcfab3cd62db5c67c6eaa2821c3072cd9a75112d6d4f327255fe9650fa83dd0300f65fb5482d0cf3a50b5487c47442e35bff9a0c67f00afd2c268ae01817ae15e381dda03da3618adb5ec0488fafab05c3cca61f9ad5836e5410d98bc9ade4c0d3199e5c9569b9d84496ed8545b6a345d9045ea6241a1956c323cc7d457ff6bbb31a39a86ebad8c06ad4ea84a33abae885886884fa2a0a0d2be1576e4ff1f78a039d91c1099431b5a5ce9213d2a286409447e2d6c8484d5dc4bfbad39c25f02700860aa65a64196cf032b978f34ea2beb53999c43404ba469cbd821e42d2b79263097e25c93b0477cf81a8cc55757d0e5ded9a851e48d21db4afc9a8a3868d428bf0a8073c7fbf61f49cfbc5dfaef4724943d28d24c0f99b901b86202c2e86ce19097498d93b90ef33254c3b0d5644dcd0696b2b8924840de73c51d6b63613c691d375062e722cd54f186ee7e62c523cea89b4763d8e2fc87c4b4b3bff50ca9740efa1e64476d702cf4344c2a76bf03e5de88463e6033943aa668a5ae665b8ae793f7ab720bbb5ac0d38fb104823950bd6147113318292e7477541284c3049fd569f9616032a37fd2096a0e5ad860b04a85b28e31bfe2c619f2e463207373ffa125504ad4ad9824e63099d0e0e8d1823808e0ffd70db4571959b706c1a62784ac4b8d6c2d021ab0551d65301a9370e7eb35861229e706119408d3380eda9e9340118967bccce09195e2684ff9a6736d29b428522759f90b62fcf89419ddab38ace5841bb8129f3a4dd655d0c686a8ada31ac34b6aa98e4735cfc5fca55db68890f2612a7786d46a39564ad209a7d90aeaa3e77d648fe9305dc232f37f089c54f279e57274199e5f6b32edd577c621e551c521d0f2576f93cf165943f56746f0134bd9ddc90e2f6de5efeee4edf395914ae034bd2b73bb8d1c298290337f639788da3b4aec6a30d6e4617bdd0c7f7460dca0caf20fb86989c0dfa126a938246de2e46b7be5cc5d660f88cb38be8ba7d08fe710b28c7643055723f76d27df548cb4dba266ea859abb046801013a6d55b0dc33d4dc0ecea3ed6e6b93492f3a0b1120c45196ab6d03606e7e2a1163373fa8d7be3ff5eb41a2bcdc9090a11258a8e376895f8df968f0c80f27342242494022a84582c75b04b6090626f739fef100cedd3afd1fde1b937fd5945c8b53fc2d9c67699ab30f05a8b0b535f0d40b727b02caf5235b44608509792d7f90ee6e50c0e830a1b7bf83b258602394ef985f320276e80eae64ab6662c524d9091859b514f6aafd9270124e0ee1aa0c5a484f2ffeae813196a54e400f7ea31700f3f8a3324024219f23ce67b89b98143bd21828e86fd6be2f3a7d28957df52ccc9d683c0a4b6b2ba9db1861980d772d799f1a158f64869382bd47d004d8e6d4fcf0603011eefcedd67f13b30f32597a86c53e0d2a19d695340fb24d75f6d979ee228feb5696d25383568d331d5352e24a84d636e1cd280913a3846589ed7560708ae3dbe1eb5688369badbf0a22c62df6c96acded6e35b2afca76b40c266b5612cc6ed8eb03634c2707e52c2888a8cc6b65f2906eadf0d1577fef963d931d85ea7b7edfa4b7f3484ab43d6c81a60c3bdea524c2fca66d4b5ac95fbe002fb6f45a76400cd61d3a3479fb6789e0328b207f66cfe2460658d57519457c87642c7d1601225a1aa296fe96258f7f9ed2b1969609904c96ab269796b9c12dd2eb886e8c01f4fe7aae91a6b087aa10f8abd7382133e4584f5561c27ba10a864687fc5c1b6d34ac5f709844bf1479d5ed2d5a77077c53f8b9eb2a47d940b0ea9770ae3686053a9fe9cbe4c9a5ed783b0e549800222647fdcd3a024d3850b4f442a51f8ba1d52ca7c5c9ddda9689e68abcace5e38750de708fbc8ebd73bb3569c47224c868641e1aaa214211c17e6d642377bab5864cd87ff9b055faf8940a469ba7b2ba30a2a59a682cede6bd9822ac73ce24bf97432462552e168141b3a5067ba8db2e7d27e6466b422835a75e8068c42726f0f24c760eea101a5a13948fe65e748f16747b946b49b0a10be47ac1f631bd550188887d252510c6f242f6aa98f8cb51418504595135c64ddd56196b1a8ef67f7806eb33f77562bc3f0a5ced0dd61c85e0517be9f84ffa53b7b907061968f19456a56a9c335be0a22eea0d36895490455b6bff1f8539de0dc96aa8a869853085e9099f2e230ebf8a130322160db90381649d8b6351483866ac2951b14c02bad3992abcebbc0b4c5c6098de5aeb62a380e1d3e880ef5f8baa643c876f449b1decaa8ea671493480b6772074cbe25afcf0a8d816382e16cc04d95186c82799ed89fc3e06d886689036008941fdab99e92f944a7b1e054dacb64d1cef73af2842d6d1f7e8f5d4b4a0f5d8ff1e138c8f307d39bc612462124e5d4161f8c0b86e0741fa7c670b02193a81f88bd411ff894f42407c076822dc185811a780632c3f04062fe7a9c756f7a311a8a6b5d86c4944eadaef46f80914af97353b71e6cd3f613d0447205d2fffa7cfc9d0fe838e7d946eaa58c7c4b7d6f2df3854798cd55c0527dc65fb4cb5315f75a3822bd57a540e9f11eafe9da8d19f663b9bad320eb93ca2ea671fe9ba903ba29881e3b2a76e815b6433d8f7d4fe16ee065f684a2da4901c5612b34718bd1a885e27e139db89d284a5ed7106b54a5473b0c8455b14184a5b6598afda37f3fd13cf1f130669191a3c29067b0bcdb8782ad26bad9e50466acc8a70cbba577fccb7e529ecaec2dc692a09525937214c0a3e351603a0f5f7b1b6566d82360349e6048595e11e13674956d66c3f5b5f21c1719d2102732f06203e91ad8184cdad0fda83a169be50f39a9ac54c86ded41a338457cdf0329820d8b906271d9c937035dd266555e21a2f0aaacaca584442cf77b280dc8ca7dfa0b3b44492f5b54cd395f733d6edeac79ce4212fff1185a0ad46ace0be4c827b7f3ccbbdee466470d486a6fc1ef5130b8ddf709788ba082b3f718d1e827a32adfb253b626a4c40e96855bb58a293c42bcfd37a2a8d9b07d75e1986887dad1a17e8533c2c4e56f7363a335d13deec541a9e2c4d7e7ba669ddb9589a9e32705b3fcfc5438edb537dc5a051a3e6bd28b9eaada703aae45b2e5dd861a09f66194b396c41a5b17897f4540ef799e5a75f3721ab6fd22a2250dd33f4f2be1abec3f8ea17409add9f94d849e91e007875a86a046607aa808f581b6dfd425956a2a7b76a0741b78a38fbaf20aaec2b6d4da1a5d38ef8d8d819b3adcd11a9f13f4bc8673178706ba38b83c74c83caf4198cdea5e160993e8955927f048f1312fe9cf8ca0220ad8ba2922b518aa7dd2e56a81444258d27e381955b90a95bae75edf42809c2a2c31be27d56fa6a6944b8ad7bb179da7cc4f63ae6f9cad55713ad831d5a69b60a0727f3b662f70cfe3a7e81d433de7a8d8cd66802c8ab05d64b1e5bb187bdf480d9c7195bf11c82e517cac02b297766d3277bdc8e57024f08555d7bc9fd155e2b74ec7860bfc881a0f5d40cf0e793237f4c3ea982a7612a02744f6b07d46bdafc87d13008c1dd2dc42d1105546aa058aa6191c213f06c2514f8b16e32921a4c49b09a3ab4288343506994d3324a09e3701dfc2be9224170ed979d85444f455b50b797c7f6b3152f872069dbce7acf47d8e2e7e2e80df567161c000eab029f2aec0ada602c136997b4685a49bd9cbb73d82870006bbd2c35fc47dbad64fd472e0b9f32ee00de39d5db42d74338cd4c8de53ac298cae21bc494392290198d3108892f9b459e6b4f4784700721059b2c3627053c03a553ab1b3dce56af5eb75949c5af66397f8c7c48e636748d8e7c14a37e1a0454ffca3e2c3d51c4924bd3", &(0x7f0000000d00)="f38bb06603d205fee83d759bb8dd28491d35ea1ab686720695854e7f1d127cb985501143da4029caa7f44e8903fcd748e246f4d57001e365faae94defea55872dd76757ba788fbdb538e9c8e8ad6d579e3c3a0d8c52cf3c4cec9a0a70f430c576f71953883ace9722fed4b1854f20f14ace66cbb30cb060e6dddbe870474b3ac1fba4525485d6f6dc03a5b20c551ff5446abd4d890aa58e899839eecae3b5dd51f47be4cff00aad07820a3a908bca939ef1968010e1b94d6355173df04f1b3ccba5e1caea0d4b17e4ee37c3a0a42b327cec85256c6aa838201c351137c3d869bdade203f10952e01693c655a87340feed4efa6b124"}})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000e00)={0x3, 0x2000007d, &(0x7f0000000c00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000006500000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000590000919eacc7d20095084af6b2d8baba341a9d8d0f6cf04c34d4da5f0c93bb0d866eb83e8d244582e33ff1e66a80bc26336515163ab80202c1f02e8e011bca369a1b737413d2e870810534900d75f0c0acf9df0f4755904e611d295fd920f2e8cf172e634a2289f684260df4c3f791"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0xf}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f00000000c0), r3)
openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000300)={[{@usrquota}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x800}}, {@quota}, {@stripe={'stripe', 0x3d, 0x2}}, {@abort}]}, 0x1, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f0000000300), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='kfree\x00', r6, 0x0, 0x2}, 0x18)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r7, &(0x7f00000002c0)=@pppol2tpin6={0x18, 0x1, {0x0, r7, 0x8, 0x0, 0x0, 0x0, {0xa, 0x20, 0xeb, @rand_addr=' \x01\x00', 0xf0}}}, 0x32)
unlink(&(0x7f0000000180)='./file1\x00')

3m11.327987419s ago: executing program 1 (id=2939):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020148100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='xen_mc_entry\x00', r0, 0x0, 0x4000}, 0x18)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r1}, 0x18)
r2 = socket(0x28, 0x80000, 0x1)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
sendmsg$IPSET_CMD_LIST(r2, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="6c000000070601010000000000000000050000010900020073797a3100000000050001000700000005000100070000000800064000000009050001000700000005000100070000000900020073797a3100000000080006400000000205000100070000000800064009a42b28e80f57076d030fd6767b86b250565ec8f1b35367db740a10efc7c6f297f1cfb0280260338b1d9b7385223e475b705d43bbed4547bfabf6426350ead4b06154bb746ba70c353e2a601c319746473becbdf7aff90c7a2b0f22c7819a567dc5c53a8a68fb4776efc2bc53710126a1c95727352ddf81e7b71e4c591880364daba03d7399f6586928a6e2f058611aa897"], 0x6c}, 0x1, 0x0, 0x0, 0x4004800}, 0x2004c090)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f0000fff000/0x1000)=nil)
sendmsg$NL80211_CMD_JOIN_MESH(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[], 0x1a000}, 0x1, 0x0, 0x0, 0x803}, 0x8044)

3m10.239236475s ago: executing program 1 (id=2951):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000057"], 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r2}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
close(r0)

3m10.185831036s ago: executing program 34 (id=2951):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000057"], 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000080000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r2}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
close(r0)

4.029999871s ago: executing program 5 (id=5037):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
quotactl_fd$Q_SETQUOTA(r0, 0xffffffff80000800, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r3 = memfd_secret(0x80000)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x6, 0x5, &(0x7f0000000040)=@framed={{0x56, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0xc}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
fcntl$setlease(r3, 0x400, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000001140)={[{@errors_continue}, {@data_err_abort}, {@init_itable}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b0}}, {@noblock_validity}, {@grpquota}, {@nobh}, {@user_xattr}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4}}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f00000004c0)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSET(r5, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f00000002c0)={'wg0\x00'})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r7, &(0x7f0000003580)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000380)="a1", 0x1}], 0x1, &(0x7f0000000800)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r6, @ANYBLOB="0000000014"], 0x30, 0x40400d1}}], 0x1, 0x10)
pipe(&(0x7f00000002c0)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
splice(r6, 0x0, r8, 0x0, 0xa86, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r10 = openat(r8, &(0x7f0000000080)='./file1\x00', 0x20acc3, 0x5c)
ioctl$FS_IOC_RESVSP(r10, 0x40305839, &(0x7f0000000180)={0x0, 0x1, 0x2, 0xffe})
sendmsg$kcm(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000e40)="d8000000180081064a81f782da02b904021d080400007c09e8fe55a10a0015c0050014a603600e1208000f0000000401a00016009a00014004000000036010fab94dcf5c0461c1d6900094007134cf6ee080000190d0a2ac922353a606487ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00320db70103000040fad95667dc06dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x48084)
r11 = socket(0x10, 0x3, 0x0)
write(r11, &(0x7f0000000240)="aefc00001a0025f01d85bc04fef7681d020b49ff708800008003280008021000ac0a1410bc71176a36ede498534108e58342fa94a235a2a441f9", 0xfcae)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r10, 0x84, 0x1a, &(0x7f0000001240)={<r12=>0x0, 0x1000, "2fb3ab7676376d123f1a00cb97153765f1a9c2d61eea3cd2e0dbf75577af4cd048ba8e23bdf3a6b56fbcf068bfac1dd586d0dc6527ab92f6346df9c01c933aa057c37025da49135ced93dda2e7c75a070b3930e8f2a4f2f2aeca2446a0483159f8dbbc15209068edd45f15ecf40d8973cd08885bea2b7924da2de4b615c7ed69f307bf70dee03a34abd9cc02b9341f3fc2682ec4ee27c690ebee783e9e5af3486370e25c4963486088f42cd2846128e19a2e8c7fb5b9c951e83d931fd3be16f7979433eee149efa5fcbd79609f3363f5310b09a7fc4d9b57e5a50431c07e28eabcfbce2e3f4b265617579663ba5f6f7df9e1ba3f88bc1dcef981fbdb4a2b5588d5d17be989e8042dff25e40b389af1aa40f255cdc5bb6ead8b614e6cd7f517967117a7f13d3ab073046652307d501ff1732a1aaebeac6cff395344d1f0fff89ed223d5938c0ed1cec4bcac82b59a80dc3c7f9addb03f99a4fb54e458478e3431800ec78dd59edc67cbbc5e7e3ca89d1e280f6589192f70ba71bb467b555791a7fc3aec4dede241a40dd34c69964e3f2bfb8f9100513670f42911858760aa1fa6cd3a915bf86bc88f6e5a85d4451427a3b629d16c2fbede671a9ea9d7508c1113320a7f3a7529ae337ee0bd61d6c8d2938a88b2742d3f7784af1d83c83d40c46623d631568822627551a6d95e77995bfcf6e957316a0967a0e659d25e595fafd7984a061bdf6e2752eb9850cdf3c09cac4206608b1102f8421042e23ee49249e5715256328971b3dc79c6f737408c5f68486844db36e5fb54a11091b6d0dc9f74d550917187f71b25a3af917f8ce89a5321ada85f56f55776de41103ab44c08af8fe8f611151d52d9bffb207c6e7ef426da43e4e5771270bd42c212d62e8878e5d9b733237cc0e5df7661240628722c1777d89f13f980d87611069468fcd0ee97ef6bb56b4a64925d8807b36c4ebbb22be0fe228400eb5d765a92a0251c766e207e723ff1fd98acb2c72f8a9ee4d9ffde1cbb666a65ef4e88616297d329c432c69a49f990556774225d7b1f3cfd5c7f86cf519a1f7e4fb34e64cae578b86ae2bf6cd945a095b369f094132b57bf8241490524c9bbd5a8c0108f7fb7238c0ab7334175f441d401a7f5008aa3827248877af17afa537f25c898817df7b7b669761b64179684275c3b12ab38734b163f5a99568f8f192ea5c514a79e8bdcabe2716f259c9631475a22579cc34c49d4a6f748a2e5b5bbcc83cbde3a0d68f7728515663e823421202886752395f38f264d7aec10f366f1cfe9c01e33bb3214052011ff3a4c6c2c21ca4f9d32be894a027dad2b178a4965abe4088db26d5ffbfb83ec333aa78bf822dd522833b910dcceba959730e4fb59216e521d6d0eabe0f57580fc180808534ca7935b5cadcb2e2169f02d552c4a4ac7c55c9d34e20380e61d034dc060ad938b46de22a8e99f2a8ce00d98e93e46755e731a838e3eea7ce3d0967354855e3fe583dc3ef14de18dec5f9d41bcf3ea22814b8556128353e0c236afab5123d18276e29b193f5bdb6e5112656d04bb48018d8efd216c7e96cdabc516f2e35cab6f8856f7b1adf76c7e9c478eb3758528a833409d33997e0131db1e8b689af8173e2c806044a43245a884d1ee5ece835d6a061b7c2885b44cc36bc6c24f3ca164ede9ea0f63cdc53abffca07432ace3abc22179412dde43f83d970b2d3d130d9c5e83fdbdc889d2e9cd7aefa9c7761e8d030a929a95eb458f3f6547a06e4f6307781a064ec97e9114d453228cf8d4b81c02d4241da562f016c8fe1000df990a9794af5a23e4a5e84f513b9949e34ce3e5ae7ee8bd39b4490fbca0fb008c0a282f430d0b25e2b319dccf55e3afb22ebbefc32e330c3da089200b521f25388bb6843f8af56ee2d231bf503d42bd7efdeb434fd12930ffe424d494d833d1d1474a5bdeb4f77e913498d55650ec0f1c16ad18801848668630641bf988547bd0286ac7fca9db359dbe3c01747a63997de3944c9764f419e2c29beafb11faec5275640884c7422e2860f9006202c65f19dfccbb9393afffb60158a1e5a16d0f99cf4215f31d44d0ddf12b8ccde38e53cf22c9c968e24fdcf8d6f2ca5b538f55e849aa40ad2c9008be2aded4b68de033b161b555d661da258184b1a51af56421c74441e43dcd23c15063ec3b1945ab3b1869e2704278b7e7d55104e34ad528cc838ad7db078bd011f0f2c526dd7635923171068251b1602893f05ffad244d6e0c8ba370e3c6ac28f68ea6cb74274424c7a64d5014c05e793a2c5d5b2a66e408f7ddfaa7ece95b04bd9e9834e6075e6ccbb108dbfba51cf7b0dcf1f14b926e66064a274edfd03f48757d412f20758259538c4128d49482f314820111dc4aa290eeaa0b417c279ff0e583d9e0a3b0d7768f10ebe669613c4639aa6f6c6ab2819b843768a3c44e98a61acad6ed73e2d3020851ff8eb4933ba776a5cf35d68eb6ff7eec83a08f5e94294802a1b9a4e2c41ed236ba71547c8a8b88e7376a1407d4f307052c6a33fc1703df247be71a2bb6997cdabf00306b60e50a0935b29d32473e84f250541f340368071a73bd25d397fef42a118dbe69a2666fc3582048c2417a4e294797f9c58ff29a72405334df4d1ceb481d73ae2618767f2590135b5527521e684fb69b0a628cc388a1427ed3fb723dc61c459fdb653e90022f83fef5c7573d6e43fd0cdc577b12e27abee699cd6988f1f92381b310f3128e1f51d45267d5d20ee4852183fb611037ae0625a0667a70bd6e404e9ebaafef27d1132e26fdf48af3c699c1b8d925698327b4c16983836cff08e0a548d4f119111c8675f92a80049f0e7f49524695735a75e67d7cb85edda8314d16cea0224561c1416ac4919946388742cdd89f6d1198773d9a407dc690f3c0e5a36eec0273f4be9a41310ca036710c0e4214a87ec41cb20290d6178420b18ef6e23431c2e5663729625ed8e6738ece2c50776a2e490db0a39916c58c80697e950e0767d81ae59ca2028b2159913f56514080523d7cade941a7b618e8d8bc8f53ee2688efe1d3d6e5efc150c3aaeb43ccce4cec743dcc548d6b525efa6e4dd6691822dee0aa28d217d33407d9e53c72ecea2ddc0781c949837928773f8c1f5ef9557ffd259d6d82c87d09a96e587b655b29a993783e875cc72a7c93b9a583dfb24edea08a025b7463473fcf89cd944dd8c0e4914a7e5a404d0c08528e1c55c7d303cc455b17847c4221100da6f8e8f9ad64b6bf95b62f426502323b20ba221ee0a3fa2ed91770f4d1f02bebf1fdf9a795243c14f6dd4ae2327d1443150225ffc0917dbc2f149352888157c59660a4521e55765d79d5871fec0c267dbb1d3e002298eb02f3158077c4bb6e19cc81bcc3b291151b470c86ccb6ddb9249e34403f96ccb1656c36b2608673eee4adeb39109e87f18e8ffa6590fcc977b044edcc68f23660a34c4795ecad4fbcdcad13b5d5c02e98156962ea8c16f72040f311f2a02112f2a45b3d11dca4e8a07a9597dbd5fa03b80cb0be3eb0019c787be72464b0f5269ed8337a6e0b5bccf1d3c127e980dc8e9649c37c8d1a6b0d14a9588bc6b7cf9be1e7b3c88dac149f73de349d00eae956ff3d6592b59a91e2878a8e546729484c2f66aebd9742709bf036c61470cbd0997d2f885c3f35c64b73af58f106ea4cddf93d2e17e9d1683ba7a457a400954912d8133f799a79cff549a6933e91e178dd05a8a2db96d88ab09dcfb3e3a470cdfb2858249b8cbe02152924aac0529267117d278f3bcb111de7da695b1f304e71ab65203988f8b5015c9b63055f6a2002d2b9c463e6318ef35b926e33d3bbe8c979a09efc59f84975c415396d06925ad3d79670305eff9c8ea21889e2227853f0a1753011091663845b01995352272fc4208c97fe9485249fc2fd3c26d268317f42031305ffdeeb76be2bec421efe4298ff6d86e3ec5ea4fd9f14ee9e94feb3a1fd77e9697d1211253d06b36a53ec0a30695424cad3257e07ab9bf5e2f9c9b242e1df9795261a5e6ced2fa9dc59e4330abf4a0721e3d0a28d060b0d7ced3eefbb316f33ab885826dd608e25b0ad6be3a91568332ac3f5dc9ad002e0af8c384f463f9c9b5ec21e0bdaccebbe79d5f29514c829f16fa5805eae2e012b22a467e7c6a32673f4da2dfd9e223aef6b810f00dfff678444ccdb7146592221d3a9b1788589302399fb062d8b19c95d8b61d3de71b48c93a47cc1ccf4d3dde1bb19ca44ebf8e2dd7cb71bb66a47d6a6be32621f20a206e166d369ace7633faf748c62c5b7b5af0c92542581ee07834219e34b6a67eff55f5aabec8c3b238ac8f007e4ce713114c6f9de78759c2de0080091451fc6a491d3268b59b6f9d5b7ac5b3639e60de86604e30983271a8027731a47baced8d1ba1311f331661b6ec0f0d1c5eac0c191090d83af0e3bafa1af638933a50e8b9d29130c39347cb6514ec2b2b188554aa842cdd5e05e97cf226a814506a5809b65963b48e6048ea7daf3b1d2ea91d32e91e7b25daedb569a21dd5a1c299eb4c5cfd0548bdeab862935c682937c265813b812a70ddf46ab768fffc560759b2a558b21d30f30d380de28e97d312fe2a1d9aa0ca12f213ad3e21e0888b21dbc31566910721947d8399e44a121b5fe80e3ca85d2406a5f886af982d6350eeebc75a8717a12f2d3d318dd8075b725d5cc04d4088ef1a942e55240505ce7cf8252c8a607a14515e97b0717a4a7c23a88e535b13bd4b2dc3cfeee01fb6f0afe7265fe068a805499782e12fa17bc4e4582893a10ebe4c002f0eea814374b130fd01883c02f27fcf9d2440bcac4903df887f746fbf38692901e4a59b9cd04a916aebbb8be9ecd1d90fb5e66335b184d7b0eb8f8627b0d3b516344717bd784c01bc72dac8278a919962e41685ca52f4a475b1949f624f38bdce40588e6b75b87200f5fdf6d8beb3d6af3bbd17b7960af41a8c4e169e21680a51d4cbe4db9e7535333b5076a03ab7c56bf8fe901e3392b3d19f582d48cdd054c3735665bc9341cb2c4ff50e3321a271d45d0cec42bb4a9eeb06741fed8a5141df8f16e32a6edf12909b44dc960ac337e6b0fea361e32180199d74ec188e52e0c31afe54eee5b65f49c9805e7c82d3b8635e9d65131aae39761481da3b59712b8befa1c2a7d59d63180ecf11a063b4f7bef7d29cbaf004b1af49e89b4d4f611cb6247e029aacca0cf4da7bdeb9dd6ad1df9c5442f71695fef4094c9a12493a017242278e66ade329535dd91ca2c8e1f3e92d96fe04cc85695f697ef3d8b762cc8a469f10a0c18a88dec5994e71f480fb50160bbda257a0e38b8549a77b049b12dc98b8b03e60aa5b5e7295056f01d6f76b9abe489317bca4df516e3a951b5f91b22162a0adf4d5554cbdebb42a4d168e3e7bd6e9c225bc788e91d1318f5d9280653e1574ec3e1152f89eabccd10aba454e189cf971c242f111bab8df7d611db64a94ef1f83ea6e425bdcb2da7d20afe65d46b3e29e01011547570629bca18979b1ea0d3692776a9c253d6e08f2dc899e68bd7d7ac90248fac0d95c0f9a8f7d4825141bd7a2896cfdd7dcd3491662a1c0b46696f84d17cf729b47368f9b040a2ea0cd7d73f9e7c67d2454e9b5431893d1845471c8092b923b51e6fee7dbefc91101d3afda72b5fc826ae7a580e6578600f1ca034b5aa4a1130752355986da1e81e0f6b2a88dece90bcf471133934cdeabc7c2fced61c3385b46eef9bcb543b7ec2bb3b17bc1e0187916b91a95c427b5c276c9a72df3a2994a06e1"}, &(0x7f0000000a40)=0x1008)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r11, 0x84, 0x1, &(0x7f0000000a80)={r12, 0xfc00, 0xde86, 0x6, 0x10000, 0x7}, 0x14)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r0, 0xc0189373, &(0x7f0000000200)={{0x1, 0x1, 0x18, <r13=>r2, {0x9}}, './file0\x00'})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r13, 0x8933, &(0x7f00000003c0)={'batadv0\x00', <r14=>0x0})
sendmsg$nl_route_sched(r13, &(0x7f0000000480)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)=@deltfilter={0x2c, 0x2d, 0x100, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r14, {0xffec, 0x43b40752e42a1616}, {0xa, 0x4}, {0xa, 0x5}}, [@TCA_CHAIN={0x8, 0xb, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x2000000}, 0x4)
close(r3)

1.046245014s ago: executing program 7 (id=5077):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000380)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x5}, 0x18)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="02130000050000000000000000000000030008"], 0x28}}, 0x0)

1.036137105s ago: executing program 5 (id=5078):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kmem_cache_free\x00', r1}, 0x18)
getxattr(0x0, &(0x7f0000000200)=@random={'osx.', 'kmem_cache_free\x00'}, 0x0, 0x0)

1.017216805s ago: executing program 7 (id=5080):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000001600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000040002850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x2000)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x56)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r4, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000040)={&(0x7f0000000240)=@newchain={0x88c, 0x64, 0x800, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0xffe0, 0xe}, {0xd, 0x10}, {0x2, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x82c, 0x2, [@TCA_FLOWER_KEY_CVLAN_ETH_TYPE={0x6, 0x4f, 0x88a8}, @TCA_FLOWER_KEY_ENC_KEY_ID={0x8, 0x1a, 0x2}, @TCA_FLOWER_KEY_IPV4_SRC_MASK={0x8, 0xb, 0xff000000}, @TCA_FLOWER_KEY_ARP_SIP_MASK={0x8, 0x3a, 0xffffff00}, @TCA_FLOWER_ACT={0x7d4, 0x3, [@m_xt={0x2ac, 0x17, 0x0, 0x0, {{0x7}, {0x1a4, 0x2, 0x0, 0x1, [@TCA_IPT_TARG={0x102, 0x6, {0x2b17, 'nat\x00', 0xff, 0xff, "0b26fc609078861c0f57f5708cd0ab799605c6bf6669497d77570cfbe2cf2f75e66149e5ef37eaf947b348de5a195f241f0eb4893f06996d828705d4a120d981d0e3b97e21d17530dd8cea0622c16dde235147328882b27fdce1ddf421097228d05225a3a9ebff397429533098d2569c3412fd6e72d14655bc2afab345ea4d5870489f927c7354b007de1c34d464e71ea58d448ffd78d1a83ba3434c265f3e7a63d731bf13be73567c04016d51ee421c28bcc9aa3bf78c0ae2a6c236cb2bfa6f1f42c82223cc0525631d0f41cf13b8e7474e6f82055c76f7"}}, @TCA_IPT_TARG={0x91, 0x6, {0x5, 'nat\x00', 0x2, 0x72e6, "c7d13b574ba8dd89e3af698ed8e7a355b14f29c13c05cac3c7fcd136906ebd9c91aa40448a923d26cc589718a5cc7d5c74497dbd5f16f6e45125d37b4343830d68d50e49e12d4c2ebcb67ceb4a350db37a3253a8eed5cbc2219ac5dcddcc3366cc9ad5533b95f5"}}, @TCA_IPT_HOOK={0x8, 0x2, 0x1}]}, {0xe3, 0x6, "79f9eb34bef5aab35e587abda1ff6a56f2239365b78c8f85028d690eb72f2582fd1270d123e9b53d7f42948b108de27474842836726ed684d3afdbe65f4415393ffe01898efe9aa1947105678944a9bb0bb2ba4f4f0897d680e4ee983723fca25999189059b3fffeb4602aef5ebb93d47edecc651554fd3d312458ec1c002c561fa84b46e1e878fff80d3cc5a2a66a8c93a0c9381ea542c172f966d254a5c57ac181749619412d2043972a16fc0197ee28f050459e78d757a42270bfcdcefa3b14c3f5a2290b7b0aad8e4190a892fc67953504b25be29cee6c6f285e915e23"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}, @m_gact={0x140, 0x17, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x9, 0x5, 0x7, 0x9, 0x3}}]}, {0xfb, 0x6, "36bef0809976a5c50a8ebe4f254d09325e58a45111133c952f4463f7012219e8c6c8b81be0de7eaf070cca65c42a0b3230a8f47fdc0d80e7daed73b4f7ec06a9f542f815c313439f9e4d5624a8c981da2ee88486bce899e9b8e55cd7b29d7b1979fdff5b4c8f920848b67a5ce56d85b564dee20fa4caa6709485dd9ab52f7c909d5284a42736cde46c279063daf23820cd9c138c0e5f866e8c8f3eeb70e041d22b7032f758dabde08beac331d30168c46e1bc8b712a4e5025004b53daa7fa93a3bad952bdb00676bf7d5f87203a4e8af3980d0d6b6640beb816387b6b23621c821d9e86ac43a21314cb03bfa603618298d9a6682c4cc3c"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_mpls={0x98, 0xc, 0x0, 0x0, {{0x9}, {0x4}, {0x69, 0x6, "29768822cc88e594990f6ddd7bdcc3ae1b2b2cf35469e6e7fdf9dc1e8feaafb956644fa26dadbc2e56706e8c9537be12e29153b8fb00e5da8d2ca9dc287fc36eb12f716f909d5ff3d23d461569cc32ec537933f6eb9d3480eacde32088ba5238adccf44c7a"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_csum={0x120, 0x5, 0x0, 0x0, {{0x9}, {0x58, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x5a74, 0x8, 0x20000000, 0xaea, 0x2}, 0x11}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x3ff, 0x5, 0x3, 0xa, 0x7}, 0x42}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x0, 0x38, 0x3, 0x3, 0xf}, 0x4d}}]}, {0xa0, 0x6, "7f3e9a028cab1e08c5f660cbd85da36528a63ffe180017fb5ba651ea1c73eedf8cac07879b6eb538b9ecb5bcf3f47ec0f9c385b4d183965ad8faa8590bd4dbdf638a94397441eda9cfa1e2d765ef6dabdfdbad2ab9c960b8399648bc2b0baeb17820891a39453184d313dcb479d237c88b0d6c680995663554a7596c29a7650dd0420aec5ae0de6c7d2c0bb13311605b96a0deaea25cb34b8c8fc2c0"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x2, 0x3}}}}, @m_mirred={0x48, 0x13, 0x0, 0x0, {{0xb}, {0x4}, {0x1a, 0x6, "ceedea051f9d751784b284fda60d7eb8b536f270d0ed"}, {0xc}, {0xc, 0x8, {0x3, 0x559fd566a1965f8f}}}}, @m_bpf={0xb0, 0x5, 0x0, 0x0, {{0x8}, {0x10, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}]}, {0x7a, 0x6, "5c08c8694ac9a7ba6433fea578e2f4942ec1591332df1f3ad1575191016c27cec8cabdc2e91caf247ab38ceefb9eb96453d3452a05a3eed40145ef498aa5968d0fd365c23b1195f295ae71fca8aa24f5ebda37627f21278e661efb7bf9fd40547817e5fa1268298c3f9afcece715d9a44c1eac9d7b42"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_csum={0x134, 0x16, 0x0, 0x0, {{0x9}, {0x3c, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0xff, 0x3ff, 0x20000000, 0x1, 0x4}, 0x72}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x94c, 0x7, 0x32b3d804dca35d2a, 0x6, 0x7}, 0x7b}}]}, {0xce, 0x6, "dc1790b154f3b0aee7e48376182d9d61754f7c356209cbb67d9711d33e0527d6ad7d9f4e66a95b2fe4ef8cff154ddb24c8e6f543700f619c352c92f0b6e81b2f4ca4b94d8e7aa6bcc22949341102624753fda885ee618abd92e8b6254fdfafff747f42b6f89816605cafd790f45673a0e8882aa4b04d7c949b2c73bf3f05e64409f0ca2f356029028373ee0184026baf7c502fdcfea1bd7927c936e8c2eec55a894ef7b576f614775ac3939f428f92ce5a6bb0a08e78bc8d4e3d2c1391a5220bc13c7285ee08375f6ba1"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}, @TCA_FLOWER_KEY_MPLS_TTL={0x5, 0x43, 0x6}, @TCA_FLOWER_KEY_SCTP_DST={0x6}, @TCA_FLOWER_KEY_ARP_SIP={0x8, 0x39, @empty}, @TCA_FLOWER_KEY_IPV4_DST_MASK={0x8}, @TCA_FLOWER_KEY_IPV6_DST={0x14, 0x10, @dev={0xfe, 0x80, '\x00', 0x1c}}]}}, @TCA_RATE={0x6, 0x5, {0x3, 0xb}}, @TCA_CHAIN={0x8, 0xb, 0x7}, @TCA_CHAIN={0x8, 0xb, 0x5}, @filter_kind_options=@f_basic={{0xa}, {0x4}}, @TCA_RATE={0x6, 0x5, {0xc0, 0x5}}]}, 0x88c}, 0x1, 0x0, 0x0, 0x4000054}, 0x20000840)
ioctl$SG_GET_VERSION_NUM(r2, 0x2284, &(0x7f0000000080))
socket$nl_generic(0x10, 0x3, 0x10)

1.009266565s ago: executing program 5 (id=5081):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
creat(&(0x7f00000000c0)='./file0\x00', 0xec)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018004000800395032303030"], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000800)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x101, 0x0, 0x0, 0x41100, 0x59}, 0x94)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100000100000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r3}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
creat(&(0x7f00000003c0)='./file0\x00', 0x36)

988.861825ms ago: executing program 4 (id=5082):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000e40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a40000000060a0b040000000000000000020000001400048010000180090001006d617371000000000900010073797a30000000000900020073797a320000000014000000110001"], 0x68}}, 0x0)
r1 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r1, &(0x7f0000001000)={&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001040)="5346f7f875528ef24043c68e0418", 0xe}], 0x1, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x810, 0x8, {0x0, @local, @loopback}}}], 0x20}, 0x0)

987.405445ms ago: executing program 5 (id=5083):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x10}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xf00, &(0x7f0000000040)=[{&(0x7f00000000c0)="5c00000014006b02c84e21100af32c6e0a0675f8d34460400000000100005c1e6182949a36c23d3b48dfd8cdbf9367b498fa51f60a64c9f4d493803792684b71bdd70000b6c0504bb9183132be471b93c91b5d7870743719b4b53cf2", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

912.165136ms ago: executing program 4 (id=5084):
epoll_pwait2(0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00330b60ce00000016e8a12fac3cc61d0116162f330065c906b92aa60bc2302b9b6306eb57f18c1d7933", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x15, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="e21a54c17b01ab94000200000800fd0018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000085100000f5ffffffbf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000240)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41000, 0x2d, '\x00', 0x0, @sk_reuseport, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(r0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
listen(r2, 0xfffffffc)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x9, 0x3, 0x8, 0x2, 0x2}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000400)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3fffffa}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3ff}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_generic(0x10, 0x3, 0x10)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x210a0, 0x80e1}, [@IFLA_GROUP={0x52, 0x1b, 0xfffffff8}]}, 0x28}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000b00000000000000070000000c0001800500020001"], 0x20}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0700000004000000080200000e"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x14, 0x8, &(0x7f0000003900)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @lirc_mode2=0x10}, 0x94)
accept$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000080)=0x14)
r7 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
writev(r7, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r8 = getpid()
r9 = gettid()
rt_tgsigqueueinfo(r8, r9, 0x34, &(0x7f0000000640)={0x6, 0x0, 0x4})

911.886136ms ago: executing program 5 (id=5085):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000008c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000e868495fb58d00b6ad1f50ad32d6ad25dfd73a015e0ca6a0f68a7d007dc6751dfb265a0e3ccae669e173a64bc1cfd514600650a58f145ff1205fc9ddaa275e687d452d64e7cc957d77578f4c25235138d5521f9453559c35da860e8efbc64e57cbb7aee976f2b54421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983cd44c05bd0a48dfe3e26e7a23129d6606ed28a69989d552af6d9a9df2c3af36e0360070011bbecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f163d1a1a83109753f54b21cd027edd68149ee99eebc6f7d6dd4aed4af7588c8e1b44ccb19e810879b81a7000000e7ffffff00000000d7900a820b63278f4e9a217b98ef7042ad2a928903000000cbe43a1ed25268816b00000000000009d27d753a30a147b24a48435bd8a568669596e9e0867958e1dd7a0defb6670c06054002238260000000000040587c1ed797aa21a38e1e389f640a0b8b0000000000a835ad0f61ba739cd0c31b05c00fba8a4aee676d7caa2e53b91a68ff2e60da7b01a2e5785a238afa4aba70c08b0d71b6f72d6a8d87fb08533d97ad96d3943c4cc8306dac433a5cdf78b04963d679d5a5d07e618a1ef9057fec00f9e93021f5a8d30e716de8cde9c6000000000c3b64d10f0939b42b33ab2a8717096c58bb3bb1d457d8bb96870f5a7e2ba31fd69bb80235d957eaa9a40b764e5381ffa604aaafb76a980e72b408f686b185736693089213b4e140f8f38e5589663115093889deb646122a5dc5a9e5ba4d37749a36b880110e2bf524b79bc91105f1d3f7d0de694a9417d68694f17ba5e27ea1cec518b93fadcfe0de010ae9be3273ff73c34b5695080a35bfa5c69e3b533e1b939c81b3beda037b7191cb0000000000000000000010e5d683b8938db5c305cf7e6e62a6890ba9e1f4ee64f8202b59de5036569febfaa95f4633db108b2f786333ec7bacc927f4a1785165b5d2444b4c022bb5cff472e6a0c8ee9d6d8df83b704669147b732ac508c9b9f0ca0a1ce45319d43d4643eb285835daf2065b57bebd61ad6671296c27253a5f9688d57c91ccd40ffe2dbc5dd1613a2e6f5b363cc8d205ce6ef3c3c6ded7dd3dfdb39008d8997213f68cdc971c1d6fdacb7729a5560880a77525e9cfb94ef1735dfe74e6b948697f7e3580436b532a82e315d56b17a5dba98436"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
openat$nci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x106263, 0x10000, 0x0, 0x1, 0x8, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = fsopen(&(0x7f0000000040)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
fchownat(r2, &(0x7f0000000080)='.\x00', 0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r3}, 0x0, &(0x7f0000000040)}, 0x20)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000740)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r4}, 0x10)
pause()
ptrace$pokeuser(0x6, 0x0, 0x358, 0x0)
epoll_create(0x3ff)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000002c0)='generic_add_lease\x00', r5}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d0000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x2040, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000100)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@nobarrier}, {@data_err_ignore}, {@resgid}, {@data_err_ignore}, {@jqfmt_vfsv0}, {@nobh}, {@user_xattr}, {@bh}, {@usrquota}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")

901.165377ms ago: executing program 7 (id=5086):
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
unshare(0x2040600)
r1 = getpgid(0x0)
syz_pidfd_open(r1, 0x0)
newfstatat(0xffffffffffffff9c, 0xffffffffffffffff, 0x0, 0x1000)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
r2 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0)
sendmsg$rds(r0, &(0x7f0000000400)={&(0x7f00000000c0)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f00000003c0)=[{0x0}, {&(0x7f00000001c0)=""/79, 0x4f}, {&(0x7f0000000240)=""/76, 0x4c}], 0x3, 0x0, 0x0, 0x8000}, 0x4008000)
preadv2(r4, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1, 0x0, 0x4, 0x1)

884.595927ms ago: executing program 7 (id=5087):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000180)={<r1=>0x0, 0x4, 0x5}, &(0x7f00000001c0)=0x8)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000003c0)={r1, @in={{0x2, 0x4e20, @private=0xa010101}}, 0xffff, 0x53, 0x18ee2940, 0xfffffbff, 0x28, 0x9, 0x8}, &(0x7f0000000240)=0x9c)
ioctl$int_in(r0, 0x5421, &(0x7f0000000280)=0x80000001)
write$binfmt_aout(0xffffffffffffffff, &(0x7f0000000480)=ANY=[], 0xff2e)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0000fa00ea8000"})
r2 = syz_open_pts(0xffffffffffffffff, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x18)
dup3(r2, 0xffffffffffffffff, 0x0)

820.122908ms ago: executing program 7 (id=5088):
ioperm(0xffffffffffffff56, 0x4, 0x1ff)
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0), 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x20042, 0x45)
r1 = open(&(0x7f0000000200)='./file2\x00', 0x100, 0x123)
copy_file_range(r1, 0x0, r0, 0x0, 0x3df1, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000100)={0xa, &(0x7f0000000700)=[{0x8, 0x8, 0x5, 0x5e}, {0x4, 0x3, 0x4, 0x472}, {0xfff, 0x3, 0x7}, {0x7, 0xf2, 0x1f, 0x2}, {0xd, 0x23, 0x80, 0x7}, {0xffff, 0x9, 0x1, 0x3ff}, {0xb60, 0x0, 0x5, 0x6}, {0x40, 0x5, 0x3, 0x2}, {0x2, 0x1, 0x4, 0x7}, {0x80, 0x10, 0x0, 0x9}]})
fallocate(r2, 0x20, 0x0, 0x8000)
ioctl$RTC_ALM_SET(r1, 0x40247007, &(0x7f0000000000)={0xa, 0x25, 0xe, 0x18, 0x6, 0x8, 0x9, 0xbc, 0xffffffffffffffff})
r3 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{}, {0x10000002}]}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
close(r4)
setsockopt$sock_attach_bpf(r3, 0x84, 0x6e, &(0x7f0000000000), 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = msgget$private(0x0, 0x785)
msgsnd(r6, &(0x7f00000002c0)={0x1}, 0x8, 0x800)
msgrcv(r6, &(0x7f0000000140)={0x0, ""/131}, 0x8b, 0x1, 0x1000)
msgrcv(r6, &(0x7f0000000780)={0x0, ""/34}, 0x2a, 0x1, 0x3000)
mprotect(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1000008)
perf_event_open(&(0x7f0000000e00)={0x4, 0x80, 0x37, 0x1, 0x1, 0x0, 0x0, 0xa, 0xcd7d0, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, @perf_bp={&(0x7f0000000040), 0x1}, 0x693d, 0x5, 0x0, 0x1, 0x8, 0x7fff, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$ETHTOOL_MSG_FEATURES_GET(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000800)=ANY=[@ANYBLOB="180000005e799eeb4b129a65dc9fc29421a7c064893a9593d1b91402948addcdcca780c74f77e42cb09dcffc6aea9d84b299b3035127f4506b1d604759b0258b33c1869f2cde4430a53dd0370085b8aecf6171670213b13178db304f7b3b53f07efea22f200ee775971493db2beff4be9cae062426cee231f6ab2bb428c5f797057375c91087fff52367d91ef5aef67308ac61b734b8", @ANYRES16=0x0, @ANYBLOB="010029bd7000ffdbdf250b00000004000180"], 0x18}, 0x1, 0x0, 0x0, 0x80}, 0x8080)

592.355221ms ago: executing program 0 (id=5095):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x10}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xf00, &(0x7f0000000040)=[{&(0x7f00000000c0)="5c00000014006b02c84e21100af32c6e0a0675f8d34460400000000100005c1e6182949a36c23d3b48dfd8cdbf9367b498fa51f60a64c9f4d493803792684b71bdd70000b6c0504bb9183132be471b93c91b5d7870743719b4b53cf2", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

540.286322ms ago: executing program 0 (id=5096):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x10, &(0x7f00000000c0)={[{@grpjquota, 0x4a}, {@init_itable}, {@jqfmt_vfsold}, {@noquota}, {@bsdgroups}, {@usrjquota, 0x22}, {@nojournal_checksum}, {@errors_remount}], [], 0x2c}, 0x84, 0x4c2, &(0x7f0000000980)="$eJzs3DtvHEUcAPD/rh+JSYxNeOYBMQSExcOOnWdBAwIpDRIIhEJpbCcKcRIUGymJLGwQCiXKJwBKJD4BFTQIqEC0IFqEFCE3CRRo0d7tOWff+fyIz0dyv5909uzu7M7Mzoy9M6O9ANrWQP4jidgZEb9GRF95c2mEgfKvmwuz438vzI4nkWVv/JWU4t1YmB2vRK2ct6PYGEwj0o+T2Fsn3enLV86OTU1NXiy2h2fOvTc8ffnK82fOjZ2ePD15fvT48cOHeo4dHT2yKeXszfO654ML+3afePvaq+Mnr73zw1d5frPi+PaaM/rXmUJHzZ6BGFh6L6s8tc6r/9/1VoWTzhZmhHXJW21eXV2l/t8XHXGr8vrilY9amjmgqbIsy7bV7F38XzafVUuS8gnAXSLRpaFNVf7R31jIR6qz49Xj+XZw/cUojYDyct8sPuUjnZHmY/j+8tioWR6IiJPz/3yWf2LZfAoAQDN8kz//PFd+7qh8ykfSeKgq3r3F2lB/RNwXEbsi4v7i+eXBiFLchyPikSVXn1s1/YFl27XPPz/3bLhwa5A//71QrG0tff5LK1H6O4qt3lL5u5JTZ6YmDxb3ZDC6tuXbI7WXXpxW+/blXz5dKf2Bque//JOnX3kWLPLxZ+eyCbqJsZmx2y13xfUPS1N6c7XlTxZXAvKRwe6I2LOB6+f37MwzX+6re7ByixuWv4FNWGfKvoh4ulz/87Gs/LnuIlR/fXLk2NHRI8PbY2ry4HClVdT68aerrxXBmqHE6vXfXHn937PY/su/y0cWVy77k+r12un1p3H1t09WHNNstP13J2+Wwt3FvktjMzMXRyK6k/na/aO3zr001rMkfl7+wQP1+/+uiH8/L87bGxF5I340Ih6LiP1F3h+PiCci4kCD8n//0pPv1qv7tZW/ufLyT9T9+7dS/a8/0HH2u69XSn9t9X+4FBos9kyMzdQu1y+z1gzezr0DAACAO8X+iNgZSTpUTMftjDQdGorYsTiDMj3z7KkL75+fKL8j0B9daWWmq69qPnSkmBvOt/OzRqu28+OHSvPGWZZlPaXtofELU72tLTq0vR0r9P/cH7WvtAB3m3Wto630RhtwR9r4Onq2qfkAtp73taF96f/Qvtbc/5v5JhzQEvX6/1zEzRZkBdhi9fr/Wy3IB7D1jP+hfen/0L5q+3/aknwAW+p23utvFNh1okGcpLM5ia4cSKPxtwD0R6zvgr+nEZuTw45NLWnPGup0e2xGWpGuGqezwRcxvF57w/PoW9Qk0q1tfo0D2yJilda72NjmKoErzc5Yq/8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbI7/AgAA//+7BdPO")
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000040)=ANY=[@ANYBLOB="15"], 0x15)
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2390024, &(0x7f0000000000))

478.719253ms ago: executing program 0 (id=5097):
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
unshare(0x2040600)
r1 = getpgid(0x0)
syz_pidfd_open(r1, 0x0)
newfstatat(0xffffffffffffff9c, 0xffffffffffffffff, 0x0, 0x1000)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
r2 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0)
sendmsg$rds(r0, &(0x7f0000000400)={&(0x7f00000000c0)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000140)=""/42, 0x2a}, {&(0x7f00000001c0)=""/79, 0x4f}, {&(0x7f0000000240)=""/76, 0x4c}], 0x3, 0x0, 0x0, 0x8000}, 0x4008000)
preadv2(r4, 0x0, 0x0, 0x0, 0x4, 0x1)

418.703474ms ago: executing program 0 (id=5098):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffa000/0x3000)=nil)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000100ff03850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000180)={&(0x7f0000000000)=""/60, 0x0, 0x1000, 0x5, 0x1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={0x0, 0xffffffffffffffff, 0x0, 0x178}, 0x18)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000580), 0x5, 0x4f3, &(0x7f00000005c0)="$eJzs3d1rW+cZAPBHku3YibN8bIwkgyWQQfZBLH8wYm+DsattF4GxwG42yDxb8TLLkbHkLDa5cLa7XOxibLRQetH7/gW9aa4aAqXXLb3tVUloUxfakoKKjiTHH5KjtraU+Px+cKJzzqvoeV/Zz+uj97xHJ4DUOlf7JxMxHBHvRMSx+ubWJ5yrP6w/vj1TWzJRrV75KJM8r7bdfGrz/x2JiLWIGIyIP/424m+ZnXHLK6vz08ViYamxna8sLObLK6sXry9MzxXmCjfGJi9NTU2OToxP7Vlb7/7nH3cvv/H7gdc/+/fD+/99681atYYbZZvbsZfqTe+PE5v29UXEr/YjWA/kGu0Z6nVF+EZqP7/vRsT5JP+PRS75aXbmyb7WDNhv1Wq1+mX1ULvitSpwYGWTY+BMdiQi6uvZ7MhI/Rj+e3E4WyyVKz+7Vlq+MVs/Vj4e/dlr14uF0cZnhePRn6ltjyXrT7fHt21PRCTHwP/LDSXbIzOl4mx3uzpgmyPb8v/TXD3/gZTo/CM/cNDIf0gv+Q/pJf8hveQ/pJf8h/SS/5Be8h/SS/5DerXK/6M9qAfQfbv9/R/oYj2ArvrD5cu1pdq8/n325sryfOnmxdlCeX5kYXlmZKa0tDgyVyrNJdfsLDzr9Yql0uLYz2P5Vr5SKFfy5ZXVqwul5RuVq8l1/VcL/V1pFdCJE2fvvZeJiLVfDCVLbPqTL1fhYKtWM9Hra5CB3sj1ugMCesapP0ivr/EZv+2XhAEvthZf0bth8Ejbol/H4r5UB+iC7G6FTx50ryJA11047fwfpJXxf0gv4/+QXo7xgd3G/6NxL7+WjP/DC2vX8X/gQBtuc/+vo5vu3TUaEd+JiHdz/Yea9/oCDoLsh5nG8f+FYz8a3l46kPk8OUUwEBH/fOXKS7emK5Wlsdr+jzf2V15u7B/vRf2B9raO8DXztJnHAEB6rT++PdNcuhn30W/qkxB2xu9rjE0OJkcwh9czW+YqZPZo7sLanYg41Sp+pnG/8/qZj8PruR3xTzYeM/WXSOrbl9w3vTvxT2+K/8NN8c9863cF0uFerf8ZbZV/2SSnYyP/tvY/w3s0d6LZ/zXnXG+O3+z/cm36v7Mdxvj7q/9qdXo3mez96E7EmZb9bzPeYBJre/xa3S50GP/hX/70/XZl1dfqr9MqflNtLV9ZWMyXV1YvXm/WYvLS1NTk6MT4VD4Zo843R6p3+uWpt++3i19rf0Ob9r+/o/1DjTr9pMP2f/GDB38+t0v8H59v/ft3Mnnc9v5Xqxt1+GmH8T8Z/+Cv7cpq8WfbvP/ZVvGjWRox0WH88v9/59phAHiOlFdW56eLxcKSFStWnu+Vvuhi0Gf1HGvd6aCAffM06XtdEwAAAAAAAAAAAKBT7Wb/3tvD6cS9biMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEHwVQAAAP//QUvQlg==")
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x2}, 0x18)
r3 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r3, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10}, 0x24)
sendmmsg(r3, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x1, '\n'}], 0x18, 0xe000}, 0x5}], 0x1, 0x0)

362.525174ms ago: executing program 0 (id=5099):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$SOCK_DIAG_BY_FAMILY(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x14, 0x14, 0x1, 0x0, 0x0, {0x2c}}, 0x14}}, 0x0)
r2 = socket(0x200000000000011, 0x2, 0x2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYRES64=r2, @ANYRES32=r3, @ANYBLOB="0000000003120100500012800b000100627269646765000040000280080005000100000006002700000000000800010015000800"], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40)

304.245935ms ago: executing program 0 (id=5100):
unshare(0x2040600)
r0 = getpgid(0x0)
r1 = syz_pidfd_open(r0, 0x0)
pidfd_send_signal(r1, 0x0, 0x0, 0x4)
newfstatat(0xffffffffffffff9c, 0xffffffffffffffff, 0x0, 0x1000)
r2 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r2}, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000000c0)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000140)=""/42, 0x2a}, {&(0x7f00000001c0)=""/79, 0x4f}, {&(0x7f0000000240)=""/76, 0x4c}], 0x3, 0x0, 0x0, 0x8000}, 0x4008000)
preadv2(r3, &(0x7f0000000180)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1, 0x0, 0x4, 0x1)

248.003426ms ago: executing program 6 (id=5102):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kmem_cache_free\x00', r1}, 0x18)
getxattr(0x0, &(0x7f0000000200)=@random={'osx.', 'kmem_cache_free\x00'}, 0x0, 0x0)

235.004956ms ago: executing program 6 (id=5103):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b7040000000000008500000057"], 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="17000000000000000400000003"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r1], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r2}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r4}, 0x10)
close(r0)

178.310347ms ago: executing program 6 (id=5104):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$nl_route(0x10, 0x3, 0x0)
r1 = dup(r0)
ioctl$GIO_CMAP(r1, 0x4b70, &(0x7f0000000200))

134.421248ms ago: executing program 6 (id=5105):
perf_event_open(&(0x7f00000004c0)={0x1, 0x80, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8, 0x4, @perf_bp={0x0, 0x8}, 0x118, 0xb2, 0x0, 0x6, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0xb)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff, {0xa2, 0x7}}, './file0\x00'})
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000640)={r0, 0x58, &(0x7f00000005c0)}, 0x10)
syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000500000001801000020786c3100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000005000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r3}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000003, 0x4c831, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)
socket$packet(0x11, 0x2, 0x300)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000002080)=@security={'security\x00', 0xe, 0x4, 0x628, 0xffffffff, 0x2f8, 0x218, 0x218, 0xffffffff, 0xffffffff, 0x558, 0x558, 0x558, 0xffffffff, 0x4, &(0x7f0000000200), {[{{@uncond, 0x0, 0xf0, 0x218, 0x0, {}, [@common=@hbh={{0x48}, {0x0, 0x1, 0x1, [0x6, 0x0, 0x4, 0xff7f, 0x8, 0x7, 0x1ff, 0xbd, 0x9, 0x4, 0x0, 0x7, 0x8000, 0x0, 0x3, 0x2], 0x3}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x5, 'system_u:object_r:dhcpd_state_t:s0\x00'}}}, {{@ipv6={@loopback, @ipv4={'\x00', '\xff\xff', @multicast1}, [0xffffffff, 0x0, 0x0, 0xff000000], [0xff000000, 0xffffffff, 0xff, 0xffffffff], 'team_slave_1\x00', 'vcan0\x00', {0xff}, {}, 0x0, 0x4, 0x1, 0x44}, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x4, 0x5, 0x6}, {0xffffffffffffffff, 0x3}, {0xffffffffffffffff, 0x0, 0x9}, 0x1000, 0x2}}}, {{@uncond, 0x0, 0x138, 0x260, 0x0, {}, [@common=@srh1={{0x90}, {0x2, 0x6, 0x4, 0xe0, 0xc, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, @ipv4={'\x00', '\xff\xff', @multicast1}, [0xffffff00, 0xffffffff, 0xffffff00, 0xff000000], [0x0, 0xff000000, 0xff000000, 0xff], [0x0, 0xffffff00, 0x0, 0xffffffff], 0x2, 0xa08}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0xfffffffe, 'system_u:object_r:newrole_exec_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x688)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
preadv(r4, &(0x7f0000000000)=[{&(0x7f0000000340)=""/187, 0xbb}], 0x1, 0x33, 0xf00)
syz_clone(0x8280, 0x0, 0x0, 0x0, 0x0, 0x0)

134.037698ms ago: executing program 4 (id=5106):
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0x4000000c})
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18080000000000000000000000000002850000000f000000850000002a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
close_range(r0, r1, 0x0)

133.439858ms ago: executing program 4 (id=5107):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x10}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xf00, &(0x7f0000000040)=[{&(0x7f00000000c0)="5c00000014006b02c84e21100af32c6e0a0675f8d34460400000000100005c1e6182949a36c23d3b48dfd8cdbf9367b498fa51f60a64c9f4d493803792684b71bdd70000b6c0504bb9183132be471b93c91b5d7870743719b4b53cf2", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

130.934618ms ago: executing program 6 (id=5108):
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
unshare(0x2040600)
r1 = getpgid(0x0)
syz_pidfd_open(r1, 0x0)
newfstatat(0xffffffffffffff9c, 0xffffffffffffffff, 0x0, 0x1000)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
r2 = gettid()
timer_create(0x0, &(0x7f00000002c0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)=<r3=>0x0)
timer_settime(r3, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100), 0x40200, 0x0)
sendmsg$rds(r0, &(0x7f0000000400)={&(0x7f00000000c0)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f00000003c0)=[{&(0x7f0000000140)=""/42, 0x2a}, {&(0x7f00000001c0)=""/79, 0x4f}, {&(0x7f0000000240)=""/76, 0x4c}], 0x3, 0x0, 0x0, 0x8000}, 0x4008000)
preadv2(r4, 0x0, 0x0, 0x0, 0x4, 0x1)

111.049458ms ago: executing program 5 (id=5109):
r0 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
sendmsg$NFT_MSG_GETCHAIN(r0, &(0x7f00000004c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000400)={&(0x7f0000000300)={0xc4, 0x4, 0xa, 0xe01, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_COUNTERS={0x7c, 0x8, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x7}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x101}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x2}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x1000}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x6}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x6}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x4}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x5}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x1}, @NFTA_COUNTER_BYTES={0xc}]}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x2}, @NFTA_CHAIN_COUNTERS={0x10, 0x8, 0x0, 0x1, [@NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x3}]}, @NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x4}]}, 0xc4}, 0x1, 0x0, 0x0, 0x80}, 0x8000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000100)=ANY=[@ANYBLOB="91103d000000000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000073"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="980000001000010400000000fedbdf2500000000", @ANYRES32=0x0, @ANYBLOB="5d580000004000001c001a8018000a801400070000000000000000000000000000000001140003006970766c616e310000000000000000001c0012800b0001006970766c616e00000c000280060001000000000024000e"], 0x98}, 0x1, 0x0, 0x0, 0x840}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1c, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xd18c9b35, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030036000b05d25a806c8c6f94f90424fc60100005000a000200053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000740)='scsi_dispatch_cmd_start\x00', r3}, 0x10)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe4059d1ed18e2292, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r4}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r5}, 0x18)
r6 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000300240248ff050005001200", 0x2e}], 0x1}, 0x4)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

66.442619ms ago: executing program 4 (id=5110):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffa000/0x3000)=nil)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f00000009c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000feffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000100ff03850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000180)={&(0x7f0000000000)=""/60, 0x0, 0x1000, 0x5, 0x1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={0x0, 0xffffffffffffffff, 0x0, 0x178}, 0x18)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000580), 0x5, 0x4f3, &(0x7f00000005c0)="$eJzs3d1rW+cZAPBHku3YibN8bIwkgyWQQfZBLH8wYm+DsattF4GxwG42yDxb8TLLkbHkLDa5cLa7XOxibLRQetH7/gW9aa4aAqXXLb3tVUloUxfakoKKjiTHH5KjtraU+Px+cKJzzqvoeV/Zz+uj97xHJ4DUOlf7JxMxHBHvRMSx+ubWJ5yrP6w/vj1TWzJRrV75KJM8r7bdfGrz/x2JiLWIGIyIP/424m+ZnXHLK6vz08ViYamxna8sLObLK6sXry9MzxXmCjfGJi9NTU2OToxP7Vlb7/7nH3cvv/H7gdc/+/fD+/99681atYYbZZvbsZfqTe+PE5v29UXEr/YjWA/kGu0Z6nVF+EZqP7/vRsT5JP+PRS75aXbmyb7WDNhv1Wq1+mX1ULvitSpwYGWTY+BMdiQi6uvZ7MhI/Rj+e3E4WyyVKz+7Vlq+MVs/Vj4e/dlr14uF0cZnhePRn6ltjyXrT7fHt21PRCTHwP/LDSXbIzOl4mx3uzpgmyPb8v/TXD3/gZTo/CM/cNDIf0gv+Q/pJf8hveQ/pJf8h/SS/5Be8h/SS/5DerXK/6M9qAfQfbv9/R/oYj2ArvrD5cu1pdq8/n325sryfOnmxdlCeX5kYXlmZKa0tDgyVyrNJdfsLDzr9Yql0uLYz2P5Vr5SKFfy5ZXVqwul5RuVq8l1/VcL/V1pFdCJE2fvvZeJiLVfDCVLbPqTL1fhYKtWM9Hra5CB3sj1ugMCesapP0ivr/EZv+2XhAEvthZf0bth8Ejbol/H4r5UB+iC7G6FTx50ryJA11047fwfpJXxf0gv4/+QXo7xgd3G/6NxL7+WjP/DC2vX8X/gQBtuc/+vo5vu3TUaEd+JiHdz/Yea9/oCDoLsh5nG8f+FYz8a3l46kPk8OUUwEBH/fOXKS7emK5Wlsdr+jzf2V15u7B/vRf2B9raO8DXztJnHAEB6rT++PdNcuhn30W/qkxB2xu9rjE0OJkcwh9czW+YqZPZo7sLanYg41Sp+pnG/8/qZj8PruR3xTzYeM/WXSOrbl9w3vTvxT2+K/8NN8c9863cF0uFerf8ZbZV/2SSnYyP/tvY/w3s0d6LZ/zXnXG+O3+z/cm36v7Mdxvj7q/9qdXo3mez96E7EmZb9bzPeYBJre/xa3S50GP/hX/70/XZl1dfqr9MqflNtLV9ZWMyXV1YvXm/WYvLS1NTk6MT4VD4Zo843R6p3+uWpt++3i19rf0Ob9r+/o/1DjTr9pMP2f/GDB38+t0v8H59v/ft3Mnnc9v5Xqxt1+GmH8T8Z/+Cv7cpq8WfbvP/ZVvGjWRox0WH88v9/59phAHiOlFdW56eLxcKSFStWnu+Vvuhi0Gf1HGvd6aCAffM06XtdEwAAAAAAAAAAAKBT7Wb/3tvD6cS9biMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEHwVQAAAP//QUvQlg==")
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000740), 0x1, r1}, 0x38)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r2, 0x0, 0x2}, 0x18)
r3 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r3, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10}, 0x24)
sendmmsg(r3, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=[{0x18, 0x110, 0x1, '\n'}], 0x18, 0xe000}, 0x5}], 0x1, 0x0)

65.991509ms ago: executing program 6 (id=5111):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
r0 = syz_open_procfs$pagemap(0x0, &(0x7f0000000940))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000008da4b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000240000000000"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_open_dev$evdev(&(0x7f0000000880), 0x3, 0x10d100)
writev(r1, &(0x7f0000000040)=[{&(0x7f0000000000)="d287d95f02b28f453b33320e8ec0328acf4a2405fd0852307400", 0x1a}], 0x1)
bpf$MAP_CREATE(0x0, &(0x7f0000001440)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r2, 0x5)
r3 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
flock(r3, 0x2)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000200), 0xffffffffffffffff)
r6 = gettid()
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(r4, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x500, 0x0, 0x2000040}, 0xc, &(0x7f0000000240)={&(0x7f0000000800)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010028bd7000ffdbdf2514000000080001000100000008000300", @ANYRES32=0x0, @ANYBLOB="08001c00", @ANYRES32=r6], 0x2c}, 0x1, 0x0, 0x0, 0x20000040}, 0x4000000)
sendmsg$NL802154_CMD_SET_CHANNEL(0xffffffffffffffff, &(0x7f0000000500)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x200010}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB="d6030000", @ANYRES16=r5, @ANYBLOB="00022dbd7000fcdbdf25090000000500080009000000"], 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x1)
dup3(r3, r2, 0x0)
setrlimit(0xf, &(0x7f0000000000)={0x0, 0xfffffffbffffffff})
syz_mount_image$ext4(&(0x7f0000000840)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x2000c16, &(0x7f0000000a80)={[{@usrquota}, {@init_itable}]}, 0xff, 0x25f, &(0x7f0000000b40)="$eJzs3U1oHGUYB/BnZnfN1xLix0EQP0BENBDiTfASLwoBCUFEUCEi4kVJhJjgLfHkxYMeRSUnL6H01rTHkkvopaXQU9rmkF4KbeihoYe2sGV3EkiTDUl2tzsl8/vBsjsz77zPO8z83wmBYQIorKGIGIuIUkQMR0QlIpK9Dd7KPkM7i0t9a1MRtdrn95JGu2w5s7vfQEQsRsSHEbGaJvFjOWJ+5evNB+ufvvvHXOWd/1e+6uvqQe7Y2tz4bPu/id/PjX8wf+XanYkkxqL61HG1rP+VQzYkTdaVk4iX2ij2vEvKeY+A45j89ez1eu5fjoi3G/mvRBrZyftz9oXVSrz/72H7/nX36mvdHCvQebVapX4PXKwBhZNGRDWSdCQist9pOjKS/Q1/o9Sf/jQz+8vwDzNz09/nPVMBnVKN2PjkQs/5gX35v13K8g+cUtk/pTa+mFy+Wf+xXcp7QEBXvJ591e//w98uvBfyD6dab5N18g/FJf9QXPIPxSX/UFzyD8Ul/1Bc8g/FJf9QXC3n/+/Hz25QQFfszT8AUCy1npaeGu78g8hA1+U9/wAAAAAAAAAAAAAAAAAAAAct9a1N7X4602P5yBaX/onY+jhrerB+qfE+4t23l/XfT47R48l882aHOzyhMzk/fT14K9/6l9/It/7CdMTibxExWi4fvP6SneuvdS8esb3yXZsFTijZt/zRl92tv9+j5Xzrj69HXKzPP6PN5p80Xm1898Zgk/mnWj9/bdb/+WGbHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANA1TwIAAP//5c1uBw==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nfc(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$NFC_CMD_GET_SE(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x14, r8, 0x4, 0x70bd2a, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x2004}, 0x8110)
r9 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r9, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
timer_create(0x3, 0x0, &(0x7f0000044000))
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PAGEMAP_SCAN(r0, 0xc0606610, &(0x7f0000000240)={0x60, 0x0, &(0x7f00008b0000/0x3000)=nil, &(0x7f00008c4000/0x3000)=nil, 0x5, 0x0, 0x0, 0x20000000001, 0x40, 0x5f, 0x0, 0x50})

1.76574ms ago: executing program 7 (id=5112):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000182300", @ANYRES32=r0, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000380)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r1, 0x0, 0x5}, 0x18)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="02130000050000000000000000000000030008"], 0x28}}, 0x0)

0s ago: executing program 4 (id=5113):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000020000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000340)='kmem_cache_free\x00', r1}, 0x18)
getxattr(0x0, &(0x7f0000000200)=@random={'osx.', 'kmem_cache_free\x00'}, 0x0, 0x0)

kernel console output (not intermixed with test programs):

nk_rcv_skb+0x192/0x220
[  564.433859][T18961]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  564.433886][T18961]  rtnetlink_rcv+0x1c/0x30
[  564.433907][T18961]  netlink_unicast+0x59e/0x670
[  564.433962][T18961]  netlink_sendmsg+0x58b/0x6b0
[  564.433983][T18961]  ? __pfx_netlink_sendmsg+0x10/0x10
[  564.434070][T18961]  __sock_sendmsg+0x145/0x180
[  564.434095][T18961]  ____sys_sendmsg+0x31e/0x4e0
[  564.434128][T18961]  ___sys_sendmsg+0x17b/0x1d0
[  564.434191][T18961]  __x64_sys_sendmsg+0xd4/0x160
[  564.434243][T18961]  x64_sys_call+0x2999/0x2fb0
[  564.434265][T18961]  do_syscall_64+0xd2/0x200
[  564.434284][T18961]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  564.434309][T18961]  ? clear_bhb_loop+0x40/0x90
[  564.434409][T18961]  ? clear_bhb_loop+0x40/0x90
[  564.434449][T18961]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  564.434467][T18961] RIP: 0033:0x7f6b5167e929
[  564.434482][T18961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  564.434632][T18961] RSP: 002b:00007f6b4fce7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  564.434650][T18961] RAX: ffffffffffffffda RBX: 00007f6b518a5fa0 RCX: 00007f6b5167e929
[  564.434662][T18961] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000003
[  564.434674][T18961] RBP: 00007f6b4fce7090 R08: 0000000000000000 R09: 0000000000000000
[  564.434759][T18961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  564.434769][T18961] R13: 0000000000000000 R14: 00007f6b518a5fa0 R15: 00007ffea888f318
[  564.434788][T18961]  </TASK>
[  564.700082][T18967] loop6: detected capacity change from 0 to 512
[  564.725860][T18967] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  564.745694][T18967] ext4 filesystem being mounted at /515/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  564.774080][T18967] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #2: comm syz.6.4674: corrupted inode contents
[  564.799178][T18967] EXT4-fs error (device loop6): ext4_dirty_inode:6459: inode #2: comm syz.6.4674: mark_inode_dirty error
[  564.823503][T18983] loop5: detected capacity change from 0 to 1024
[  564.831707][T18983] EXT4-fs: Ignoring removed orlov option
[  564.883358][T18967] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #2: comm syz.6.4674: corrupted inode contents
[  564.902496][T18983] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  564.917886][T18989] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #2: comm syz.6.4674: corrupted inode contents
[  564.938729][T18983] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  564.958421][T18989] EXT4-fs error (device loop6): ext4_dirty_inode:6459: inode #2: comm syz.6.4674: mark_inode_dirty error
[  564.988689][T18989] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #2: comm syz.6.4674: corrupted inode contents
[  565.000784][T18989] EXT4-fs error (device loop6): __ext4_ext_dirty:206: inode #2: comm syz.6.4674: mark_inode_dirty error
[  565.023330][T18989] EXT4-fs error (device loop6): ext4_do_update_inode:5568: inode #2: comm syz.6.4674: corrupted inode contents
[  565.036503][T18997] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4682'.
[  565.046422][T18989] EXT4-fs error (device loop6): ext4_dirty_inode:6459: inode #2: comm syz.6.4674: mark_inode_dirty error
[  565.072314][T18996] FAULT_INJECTION: forcing a failure.
[  565.072314][T18996] name failslab, interval 1, probability 0, space 0, times 0
[  565.085661][T18996] CPU: 0 UID: 0 PID: 18996 Comm: syz.0.4683 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  565.085707][T18996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  565.085718][T18996] Call Trace:
[  565.085725][T18996]  <TASK>
[  565.085732][T18996]  __dump_stack+0x1d/0x30
[  565.085784][T18996]  dump_stack_lvl+0xe8/0x140
[  565.085801][T18996]  dump_stack+0x15/0x1b
[  565.085816][T18996]  should_fail_ex+0x265/0x280
[  565.085847][T18996]  should_failslab+0x8c/0xb0
[  565.085872][T18996]  kmem_cache_alloc_node_noprof+0x57/0x320
[  565.085977][T18996]  ? __alloc_skb+0x101/0x320
[  565.086034][T18996]  __alloc_skb+0x101/0x320
[  565.086064][T18996]  pfkey_sendmsg+0xd7/0x900
[  565.086095][T18996]  ? avc_has_perm+0xd3/0x150
[  565.086133][T18996]  ? selinux_socket_sendmsg+0x175/0x1b0
[  565.086163][T18996]  ? __pfx_pfkey_sendmsg+0x10/0x10
[  565.086262][T18996]  __sock_sendmsg+0x145/0x180
[  565.086289][T18996]  ____sys_sendmsg+0x31e/0x4e0
[  565.086390][T18996]  ___sys_sendmsg+0x17b/0x1d0
[  565.086431][T18996]  __x64_sys_sendmsg+0xd4/0x160
[  565.086568][T18996]  x64_sys_call+0x2999/0x2fb0
[  565.086591][T18996]  do_syscall_64+0xd2/0x200
[  565.086608][T18996]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  565.086637][T18996]  ? clear_bhb_loop+0x40/0x90
[  565.086690][T18996]  ? clear_bhb_loop+0x40/0x90
[  565.086711][T18996]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  565.086729][T18996] RIP: 0033:0x7f6b5167e929
[  565.086822][T18996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  565.086839][T18996] RSP: 002b:00007f6b4fce7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  565.086855][T18996] RAX: ffffffffffffffda RBX: 00007f6b518a5fa0 RCX: 00007f6b5167e929
[  565.086867][T18996] RDX: 0000000000044804 RSI: 0000200000000240 RDI: 0000000000000005
[  565.086956][T18996] RBP: 00007f6b4fce7090 R08: 0000000000000000 R09: 0000000000000000
[  565.086970][T18996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  565.086993][T18996] R13: 0000000000000000 R14: 00007f6b518a5fa0 R15: 00007ffea888f318
[  565.087009][T18996]  </TASK>
[  565.312578][ T9637] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  565.342607][T19001] loop6: detected capacity change from 0 to 128
[  565.359966][T19001] ext2: Unknown parameter 'noacl'
[  565.380754][T19001] loop6: detected capacity change from 0 to 764
[  565.391088][T14838] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  565.409502][T18997] netlink: 24 bytes leftover after parsing attributes in process `syz.7.4682'.
[  565.420073][T19001] rock: directory entry would overflow storage
[  565.426865][T19001] rock: sig=0x4654, size=5, remaining=4
[  565.432485][   T29] kauditd_printk_skb: 1427 callbacks suppressed
[  565.432498][   T29] audit: type=1400 audit(1751285048.099:29232): avc:  denied  { create } for  pid=19002 comm="syz.0.4686" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  565.458533][   T29] audit: type=1400 audit(1751285048.099:29233): avc:  denied  { connect } for  pid=19002 comm="syz.0.4686" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  565.479280][   T29] audit: type=1400 audit(1751285048.099:29234): avc:  denied  { write } for  pid=19002 comm="syz.0.4686" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  565.502203][   T29] audit: type=1400 audit(1751285048.121:29235): avc:  denied  { mount } for  pid=19000 comm="syz.6.4684" name="/" dev="loop6" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  565.554453][   T29] audit: type=1400 audit(1751285048.227:29236): avc:  denied  { create } for  pid=19007 comm="syz.5.4687" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=qipcrtr_socket permissive=1
[  565.575478][T19001] rock: directory entry would overflow storage
[  565.581655][T19001] rock: sig=0x4f50, size=4, remaining=3
[  565.587300][T19001] iso9660: Corrupted directory entry in block 4 of inode 1792
[  565.648168][   T29] audit: type=1400 audit(1751285048.334:29237): avc:  denied  { unmount } for  pid=9637 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  565.709708][   T29] audit: type=1400 audit(1751285048.366:29238): avc:  denied  { ioctl } for  pid=19019 comm="syz.6.4691" path="socket:[52999]" dev="sockfs" ino=52999 ioctlcmd=0x8901 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  565.735290][   T29] audit: type=1400 audit(1751285048.366:29239): avc:  denied  { accept } for  pid=19019 comm="syz.6.4691" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  565.755794][   T29] audit: type=1400 audit(1751285048.366:29240): avc:  denied  { create } for  pid=19019 comm="syz.6.4691" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  565.776219][   T29] audit: type=1400 audit(1751285048.366:29241): avc:  denied  { ioctl } for  pid=19019 comm="syz.6.4691" path="socket:[53004]" dev="sockfs" ino=53004 ioctlcmd=0x8983 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  565.899860][T19034] xt_bpf: check failed: parse error
[  565.907657][T19029] loop7: detected capacity change from 0 to 512
[  565.922418][T19029] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -2
[  565.937068][T19029] EXT4-fs error (device loop7): ext4_free_branches:1023: inode #13: comm syz.7.4694: invalid indirect mapped block 2683928664 (level 1)
[  565.958062][T19029] EXT4-fs (loop7): Remounting filesystem read-only
[  565.965341][T19029] EXT4-fs (loop7): 1 truncate cleaned up
[  565.982798][T19029] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  565.995414][T19039] loop5: detected capacity change from 0 to 1024
[  566.001762][T19039] loop5: detected capacity change from 0 to 1024
[  566.013740][T19039] loop5: detected capacity change from 0 to 1024
[  566.025915][T19039] loop5: detected capacity change from 0 to 1024
[  566.042724][T13293] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  566.046853][T19039] loop5: detected capacity change from 0 to 1024
[  566.063234][T19039] loop5: detected capacity change from 0 to 1024
[  566.076323][T19039] loop5: detected capacity change from 0 to 1024
[  566.083482][T19041] FAULT_INJECTION: forcing a failure.
[  566.083482][T19041] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  566.089014][T19039] loop5: detected capacity change from 0 to 1024
[  566.097510][T19041] CPU: 0 UID: 0 PID: 19041 Comm: syz.7.4698 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  566.097536][T19041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  566.097587][T19041] Call Trace:
[  566.097595][T19041]  <TASK>
[  566.097646][T19041]  __dump_stack+0x1d/0x30
[  566.097668][T19041]  dump_stack_lvl+0xe8/0x140
[  566.097727][T19041]  dump_stack+0x15/0x1b
[  566.097814][T19041]  should_fail_ex+0x265/0x280
[  566.097843][T19041]  should_fail+0xb/0x20
[  566.097873][T19041]  should_fail_usercopy+0x1a/0x20
[  566.097901][T19041]  _copy_to_user+0x20/0xa0
[  566.097924][T19041]  simple_read_from_buffer+0xb5/0x130
[  566.097953][T19041]  proc_fail_nth_read+0x100/0x140
[  566.097984][T19041]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  566.098094][T19041]  vfs_read+0x1a0/0x6f0
[  566.098122][T19041]  ? __rcu_read_unlock+0x4f/0x70
[  566.098173][T19041]  ? __fget_files+0x184/0x1c0
[  566.098207][T19041]  ksys_read+0xda/0x1a0
[  566.098236][T19041]  __x64_sys_read+0x40/0x50
[  566.098324][T19041]  x64_sys_call+0x2d77/0x2fb0
[  566.098416][T19041]  do_syscall_64+0xd2/0x200
[  566.098434][T19041]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  566.098530][T19041]  ? clear_bhb_loop+0x40/0x90
[  566.098550][T19041]  ? clear_bhb_loop+0x40/0x90
[  566.098607][T19041]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  566.098627][T19041] RIP: 0033:0x7f91db60d33c
[  566.098643][T19041] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  566.098660][T19041] RSP: 002b:00007f91d9c77030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  566.098679][T19041] RAX: ffffffffffffffda RBX: 00007f91db835fa0 RCX: 00007f91db60d33c
[  566.098742][T19041] RDX: 000000000000000f RSI: 00007f91d9c770a0 RDI: 0000000000000006
[  566.098754][T19041] RBP: 00007f91d9c77090 R08: 0000000000000000 R09: 0000000000000000
[  566.098766][T19041] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  566.098777][T19041] R13: 0000000000000000 R14: 00007f91db835fa0 R15: 00007fffa2229a08
[  566.098795][T19041]  </TASK>
[  566.315311][T19046] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  566.325619][T19039] loop5: detected capacity change from 0 to 1024
[  566.346114][T19039] loop5: detected capacity change from 0 to 1024
[  566.366413][T19039] loop5: detected capacity change from 0 to 1024
[  566.391878][T19039] loop5: detected capacity change from 0 to 1024
[  566.406689][T19039] loop5: detected capacity change from 0 to 1024
[  566.421641][T19039] loop5: detected capacity change from 0 to 1024
[  566.433989][T19039] loop5: detected capacity change from 0 to 1024
[  566.460185][T19039] loop5: detected capacity change from 0 to 1024
[  566.468956][T12941] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  566.472743][T19039] loop5: detected capacity change from 0 to 1024
[  566.488294][T19058] loop7: detected capacity change from 0 to 512
[  566.495141][T19058] EXT4-fs: Ignoring removed mblk_io_submit option
[  566.505599][T19039] loop5: detected capacity change from 0 to 1024
[  566.517561][T19058] EXT4-fs (loop7): bad geometry: block count 184549440 exceeds size of device (64 blocks)
[  566.533167][T19039] loop5: detected capacity change from 0 to 1024
[  566.559719][T19039] loop5: detected capacity change from 0 to 1024
[  566.574839][T19065] xt_bpf: check failed: parse error
[  566.580290][T19039] loop5: detected capacity change from 0 to 1024
[  566.592929][T19039] loop5: detected capacity change from 0 to 1024
[  566.611722][T19039] loop5: detected capacity change from 0 to 1024
[  566.624574][T19039] loop5: detected capacity change from 0 to 1024
[  566.637639][T19039] loop5: detected capacity change from 0 to 1024
[  566.661591][T19039] loop5: detected capacity change from 0 to 1024
[  566.676016][T19039] loop5: detected capacity change from 0 to 1024
[  566.688360][T19039] loop5: detected capacity change from 0 to 1024
[  566.700521][T19039] loop5: detected capacity change from 0 to 1024
[  566.713532][T19039] loop5: detected capacity change from 0 to 1024
[  566.727105][T19039] loop5: detected capacity change from 0 to 1024
[  566.728533][T19077] loop7: detected capacity change from 0 to 2048
[  566.741605][T19039] loop5: detected capacity change from 0 to 1024
[  566.762773][T19039] loop5: detected capacity change from 0 to 1024
[  566.776065][T19039] loop5: detected capacity change from 0 to 1024
[  566.897888][T19039] loop5: detected capacity change from 0 to 1024
[  566.912041][T19039] loop5: detected capacity change from 0 to 1024
[  566.926817][T19039] loop5: detected capacity change from 0 to 1024
[  566.939624][T19039] loop5: detected capacity change from 0 to 1024
[  566.953161][T19039] loop5: detected capacity change from 0 to 1024
[  566.972555][T19039] loop5: detected capacity change from 0 to 1024
[  566.985885][T19039] loop5: detected capacity change from 0 to 1024
[  566.995048][T19086] loop4: detected capacity change from 0 to 512
[  567.009790][T19039] loop5: detected capacity change from 0 to 1024
[  567.019910][T19090] loop6: detected capacity change from 0 to 256
[  567.027138][T19090] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  567.041333][T19077] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  567.055986][T19086] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  567.077562][T19086] ext4 filesystem being mounted at /403/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  567.089706][T19039] loop5: detected capacity change from 0 to 1024
[  567.102294][T19090] FAT-fs (loop6): Directory bread(block 64) failed
[  567.111163][T19086] FAULT_INJECTION: forcing a failure.
[  567.111163][T19086] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  567.124325][T19086] CPU: 1 UID: 0 PID: 19086 Comm: syz.4.4716 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  567.124352][T19086] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  567.124364][T19086] Call Trace:
[  567.124372][T19086]  <TASK>
[  567.124440][T19086]  __dump_stack+0x1d/0x30
[  567.124463][T19086]  dump_stack_lvl+0xe8/0x140
[  567.124483][T19086]  dump_stack+0x15/0x1b
[  567.124497][T19086]  should_fail_ex+0x265/0x280
[  567.124522][T19086]  should_fail+0xb/0x20
[  567.124573][T19086]  should_fail_usercopy+0x1a/0x20
[  567.124601][T19086]  _copy_from_user+0x1c/0xb0
[  567.124618][T19086]  quota_setquota+0x8a/0x350
[  567.124646][T19086]  do_quotactl+0x5bc/0x670
[  567.124685][T19086]  __se_sys_quotactl+0x3a5/0x670
[  567.124713][T19086]  __x64_sys_quotactl+0x55/0x70
[  567.124734][T19086]  x64_sys_call+0x2886/0x2fb0
[  567.124752][T19086]  do_syscall_64+0xd2/0x200
[  567.124768][T19086]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  567.124832][T19086]  ? clear_bhb_loop+0x40/0x90
[  567.124869][T19086]  ? clear_bhb_loop+0x40/0x90
[  567.124944][T19086]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.124963][T19086] RIP: 0033:0x7f2dc43ee929
[  567.124980][T19086] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  567.124999][T19086] RSP: 002b:00007f2dc2a57038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3
[  567.125019][T19086] RAX: ffffffffffffffda RBX: 00007f2dc4615fa0 RCX: 00007f2dc43ee929
[  567.125044][T19086] RDX: 0000000000000000 RSI: 0000200000000080 RDI: ffffffff80000801
[  567.125056][T19086] RBP: 00007f2dc2a57090 R08: 0000000000000000 R09: 0000000000000000
[  567.125067][T19086] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  567.125078][T19086] R13: 0000000000000000 R14: 00007f2dc4615fa0 R15: 00007ffe89b7b348
[  567.125093][T19086]  </TASK>
[  567.222001][T19090] FAT-fs (loop6): Directory bread(block 65) failed
[  567.245550][T19039] loop5: detected capacity change from 0 to 1024
[  567.260422][T19090] FAT-fs (loop6): Directory bread(block 66) failed
[  567.278274][T12941] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  567.287431][T19090] FAT-fs (loop6): Directory bread(block 67) failed
[  567.354981][T19039] loop5: detected capacity change from 0 to 1024
[  567.365473][T19090] FAT-fs (loop6): Directory bread(block 68) failed
[  567.372106][T19090] FAT-fs (loop6): Directory bread(block 69) failed
[  567.378773][T19090] FAT-fs (loop6): Directory bread(block 70) failed
[  567.386629][T19090] FAT-fs (loop6): Directory bread(block 71) failed
[  567.393260][T19090] FAT-fs (loop6): Directory bread(block 72) failed
[  567.400923][T19090] FAT-fs (loop6): Directory bread(block 73) failed
[  567.419264][T19039] loop5: detected capacity change from 0 to 1024
[  567.426816][T19096] netlink: 220 bytes leftover after parsing attributes in process `syz.4.4717'.
[  567.436261][T19096] unsupported nlmsg_type 40
[  567.460895][T19039] loop5: detected capacity change from 0 to 1024
[  567.473550][T19099] loop6: detected capacity change from 0 to 512
[  567.479435][T19039] loop5: detected capacity change from 0 to 1024
[  567.489395][T19101] netlink: 964 bytes leftover after parsing attributes in process `syz.4.4720'.
[  567.500266][T19099] EXT4-fs: Ignoring removed mblk_io_submit option
[  567.512262][T19099] EXT4-fs (loop6): bad geometry: block count 184549440 exceeds size of device (64 blocks)
[  567.512513][T19039] loop5: detected capacity change from 0 to 1024
[  567.536076][T19039] loop5: detected capacity change from 0 to 1024
[  567.536734][T19101] loop4: detected capacity change from 0 to 1024
[  567.566084][T19039] loop5: detected capacity change from 0 to 1024
[  567.566399][T19101] EXT4-fs: Ignoring removed orlov option
[  567.580182][T19103] xt_bpf: check failed: parse error
[  567.588159][T19101] EXT4-fs (loop4): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  567.620155][T19101] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  567.634110][T19105] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4722'.
[  567.648626][T19039] loop5: detected capacity change from 0 to 1024
[  567.660223][T19101] EXT4-fs error (device loop4): ext4_check_all_de:659: inode #12: block 7: comm syz.4.4720: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  567.663433][T19039] loop5: detected capacity change from 0 to 1024
[  567.691287][T19039] loop5: detected capacity change from 0 to 1024
[  567.702817][T19039] loop5: detected capacity change from 0 to 1024
[  567.715895][T19039] loop5: detected capacity change from 0 to 1024
[  567.727589][T19039] loop5: detected capacity change from 0 to 1024
[  567.739760][T19039] loop5: detected capacity change from 0 to 1024
[  567.751366][T19039] loop5: detected capacity change from 0 to 1024
[  567.763262][T19039] loop5: detected capacity change from 0 to 1024
[  567.775514][T19039] loop5: detected capacity change from 0 to 1024
[  567.777054][T12941] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  567.787976][T19039] loop5: detected capacity change from 0 to 1024
[  567.802574][T19039] loop5: detected capacity change from 0 to 1024
[  567.816652][T19039] loop5: detected capacity change from 0 to 1024
[  567.846047][T19039] loop5: detected capacity change from 0 to 1024
[  567.856233][T19037] loop5: detected capacity change from 0 to 512
[  567.888017][T19120] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  567.924352][T19120] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  567.935799][T19125] loop5: detected capacity change from 0 to 128
[  567.945450][T19120] loop4: detected capacity change from 0 to 512
[  567.956729][T19125] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  567.976867][T19120] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  567.990788][T19120] ext4 filesystem being mounted at /407/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  568.001252][T19125] ext4 filesystem being mounted at /276/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  568.014918][T19125] EXT4-fs error (device loop5): ext4_validate_block_bitmap:423: comm syz.5.4730: bg 0: bad block bitmap checksum
[  568.043421][T19134] loop6: detected capacity change from 0 to 1024
[  568.050177][T19134] EXT4-fs: Ignoring removed nobh option
[  568.055901][T19134] EXT4-fs: Ignoring removed bh option
[  568.065412][T19134] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  568.082334][T14838] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  568.097259][T19134] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  568.140858][T19143] netlink: 'syz.5.4734': attribute type 10 has an invalid length.
[  568.417001][T19150] loop0: detected capacity change from 0 to 512
[  568.438663][T19150] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  568.451288][T19150] ext4 filesystem being mounted at /427/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  568.463122][T19150] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.4737: corrupted inode contents
[  568.476958][T19150] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.4737: mark_inode_dirty error
[  568.489396][T19150] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.4737: corrupted inode contents
[  568.504705][T13293] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  568.512233][T19150] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.4737: corrupted inode contents
[  568.525989][T12941] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  568.531727][T19150] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.4737: mark_inode_dirty error
[  568.548547][T19154] FAULT_INJECTION: forcing a failure.
[  568.548547][T19154] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  568.561764][T19154] CPU: 1 UID: 0 PID: 19154 Comm: syz.7.4738 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  568.561791][T19154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  568.561802][T19154] Call Trace:
[  568.561853][T19154]  <TASK>
[  568.561861][T19154]  __dump_stack+0x1d/0x30
[  568.561905][T19150] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.4737: corrupted inode contents
[  568.561882][T19154]  dump_stack_lvl+0xe8/0x140
[  568.561978][T19154]  dump_stack+0x15/0x1b
[  568.561995][T19154]  should_fail_ex+0x265/0x280
[  568.562024][T19154]  should_fail+0xb/0x20
[  568.562159][T19154]  should_fail_usercopy+0x1a/0x20
[  568.562189][T19154]  _copy_from_user+0x1c/0xb0
[  568.562208][T19154]  copy_from_sockptr_offset+0x66/0xa0
[  568.562236][T19154]  do_ip6t_set_ctl+0x5d1/0x840
[  568.562283][T19154]  ? kstrtoull+0x111/0x140
[  568.562380][T19154]  ? __rcu_read_unlock+0x4f/0x70
[  568.562468][T19154]  nf_setsockopt+0x196/0x1b0
[  568.562501][T19154]  ipv6_setsockopt+0x11a/0x130
[  568.562525][T19154]  tcp_setsockopt+0x98/0xb0
[  568.562702][T19154]  sock_common_setsockopt+0x66/0x80
[  568.562727][T19154]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  568.562825][T19154]  __sys_setsockopt+0x181/0x200
[  568.562851][T19154]  __x64_sys_setsockopt+0x64/0x80
[  568.562897][T19154]  x64_sys_call+0x2bd5/0x2fb0
[  568.562918][T19154]  do_syscall_64+0xd2/0x200
[  568.562935][T19154]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  568.563038][T19154]  ? clear_bhb_loop+0x40/0x90
[  568.563058][T19154]  ? clear_bhb_loop+0x40/0x90
[  568.563107][T19154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  568.563128][T19154] RIP: 0033:0x7f91db60e929
[  568.563143][T19154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  568.563160][T19154] RSP: 002b:00007f91d9c77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  568.563238][T19154] RAX: ffffffffffffffda RBX: 00007f91db835fa0 RCX: 00007f91db60e929
[  568.563251][T19154] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000005
[  568.563264][T19154] RBP: 00007f91d9c77090 R08: 0000000000000368 R09: 0000000000000000
[  568.563276][T19154] R10: 00002000000003c0 R11: 0000000000000246 R12: 0000000000000001
[  568.563296][T19154] R13: 0000000000000000 R14: 00007f91db835fa0 R15: 00007fffa2229a08
[  568.563371][T19154]  </TASK>
[  568.589806][T19156] FAULT_INJECTION: forcing a failure.
[  568.589806][T19156] name failslab, interval 1, probability 0, space 0, times 0
[  568.609560][T19150] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.4737: mark_inode_dirty error
[  568.610464][T19156] CPU: 1 UID: 0 PID: 19156 Comm: syz.7.4740 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  568.610489][T19156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  568.610501][T19156] Call Trace:
[  568.610508][T19156]  <TASK>
[  568.610568][T19156]  __dump_stack+0x1d/0x30
[  568.610589][T19156]  dump_stack_lvl+0xe8/0x140
[  568.610626][T19156]  dump_stack+0x15/0x1b
[  568.610643][T19156]  should_fail_ex+0x265/0x280
[  568.610672][T19156]  should_failslab+0x8c/0xb0
[  568.610694][T19156]  kmem_cache_alloc_noprof+0x50/0x310
[  568.610783][T19156]  ? security_file_alloc+0x32/0x100
[  568.610804][T19156]  security_file_alloc+0x32/0x100
[  568.610853][T19156]  init_file+0x5c/0x1d0
[  568.610877][T19156]  alloc_empty_file+0x8b/0x200
[  568.610929][T19156]  path_openat+0x68/0x2170
[  568.610956][T19156]  ? __rcu_read_unlock+0x4f/0x70
[  568.610977][T19156]  ? __perf_event_task_sched_in+0xa5b/0xac0
[  568.611037][T19156]  ? _raw_spin_unlock+0x26/0x50
[  568.611061][T19156]  do_filp_open+0x1f1/0x230
[  568.611168][T19156]  do_sys_openat2+0xa6/0x110
[  568.611194][T19156]  __se_sys_openat2+0x194/0x1f0
[  568.611221][T19156]  __x64_sys_openat2+0x55/0x70
[  568.611290][T19156]  x64_sys_call+0x21e0/0x2fb0
[  568.611310][T19156]  do_syscall_64+0xd2/0x200
[  568.611379][T19156]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  568.611404][T19156]  ? clear_bhb_loop+0x40/0x90
[  568.611424][T19156]  ? clear_bhb_loop+0x40/0x90
[  568.611495][T19156]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  568.611516][T19156] RIP: 0033:0x7f91db60e929
[  568.611531][T19156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  568.611597][T19156] RSP: 002b:00007f91d9c77038 EFLAGS: 00000246 ORIG_RAX: 00000000000001b5
[  568.611615][T19156] RAX: ffffffffffffffda RBX: 00007f91db835fa0 RCX: 00007f91db60e929
[  568.611628][T19156] RDX: 0000200000000040 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  568.611640][T19156] RBP: 00007f91d9c77090 R08: 0000000000000000 R09: 0000000000000000
[  568.611652][T19156] R10: 0000000000000018 R11: 0000000000000246 R12: 0000000000000002
[  568.611665][T19156] R13: 0000000000000000 R14: 00007f91db835fa0 R15: 00007fffa2229a08
[  568.611757][T19156]  </TASK>
[  568.666398][T19160] xt_bpf: check failed: parse error
[  568.673706][T19150] EXT4-fs error (device loop0): ext4_do_update_inode:5568: inode #2: comm syz.0.4737: corrupted inode contents
[  568.896067][T19167] loop7: detected capacity change from 0 to 512
[  568.899701][T19150] EXT4-fs error (device loop0): ext4_dirty_inode:6459: inode #2: comm syz.0.4737: mark_inode_dirty error
[  568.904219][T19167] EXT4-fs: Ignoring removed mblk_io_submit option
[  569.086636][T19167] EXT4-fs (loop7): bad geometry: block count 184549440 exceeds size of device (64 blocks)
[  569.097115][T12154] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  569.128495][T19169] netlink: 'syz.4.4746': attribute type 10 has an invalid length.
[  569.143375][T19175] loop0: detected capacity change from 0 to 512
[  569.151894][T19175] EXT4-fs: Ignoring removed mblk_io_submit option
[  569.159615][T19175] EXT4-fs (loop0): bad geometry: block count 184549440 exceeds size of device (64 blocks)
[  569.178305][T19179] loop4: detected capacity change from 0 to 128
[  569.222756][T19184] xt_hashlimit: max too large, truncated to 1048576
[  569.266277][T19185] loop6: detected capacity change from 0 to 2048
[  569.281799][T19179] FAULT_INJECTION: forcing a failure.
[  569.281799][T19179] name failslab, interval 1, probability 0, space 0, times 0
[  569.294541][T19179] CPU: 1 UID: 0 PID: 19179 Comm: syz.4.4750 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  569.294641][T19179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  569.294652][T19179] Call Trace:
[  569.294657][T19179]  <TASK>
[  569.294663][T19179]  __dump_stack+0x1d/0x30
[  569.294681][T19179]  dump_stack_lvl+0xe8/0x140
[  569.294697][T19179]  dump_stack+0x15/0x1b
[  569.294711][T19179]  should_fail_ex+0x265/0x280
[  569.294811][T19179]  should_failslab+0x8c/0xb0
[  569.294850][T19179]  kmem_cache_alloc_noprof+0x50/0x310
[  569.294873][T19179]  ? getname_flags+0x80/0x3b0
[  569.294895][T19179]  getname_flags+0x80/0x3b0
[  569.294933][T19179]  __x64_sys_rename+0x33/0x70
[  569.294954][T19179]  x64_sys_call+0x2aee/0x2fb0
[  569.294974][T19179]  do_syscall_64+0xd2/0x200
[  569.294993][T19179]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  569.295015][T19179]  ? clear_bhb_loop+0x40/0x90
[  569.295064][T19179]  ? clear_bhb_loop+0x40/0x90
[  569.295117][T19179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  569.295144][T19179] RIP: 0033:0x7f2dc43ee929
[  569.295158][T19179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  569.295173][T19179] RSP: 002b:00007f2dc2a57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  569.295192][T19179] RAX: ffffffffffffffda RBX: 00007f2dc4615fa0 RCX: 00007f2dc43ee929
[  569.295263][T19179] RDX: 0000000000000000 RSI: 0000200000000f00 RDI: 00002000000000c0
[  569.295276][T19179] RBP: 00007f2dc2a57090 R08: 0000000000000000 R09: 0000000000000000
[  569.295289][T19179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  569.295302][T19179] R13: 0000000000000000 R14: 00007f2dc4615fa0 R15: 00007ffe89b7b348
[  569.295321][T19179]  </TASK>
[  569.500588][T19187] loop5: detected capacity change from 0 to 1024
[  569.507255][T19187] EXT4-fs: Ignoring removed oldalloc option
[  569.521012][T19187] EXT4-fs (loop5): stripe (4) is not aligned with cluster size (16), stripe is disabled
[  569.551779][T19185] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  569.900339][T19218] loop7: detected capacity change from 0 to 1024
[  569.909779][T19217] loop4: detected capacity change from 0 to 512
[  569.918603][T19218] EXT4-fs: Ignoring removed nobh option
[  569.924283][T19218] EXT4-fs: Ignoring removed bh option
[  569.948872][T19217] ext4 filesystem being mounted at /413/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  570.033348][T19236] FAULT_INJECTION: forcing a failure.
[  570.033348][T19236] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  570.046512][T19236] CPU: 1 UID: 0 PID: 19236 Comm: syz.5.4763 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  570.046640][T19236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  570.046650][T19236] Call Trace:
[  570.046655][T19236]  <TASK>
[  570.046662][T19236]  __dump_stack+0x1d/0x30
[  570.046680][T19236]  dump_stack_lvl+0xe8/0x140
[  570.046696][T19236]  dump_stack+0x15/0x1b
[  570.046710][T19236]  should_fail_ex+0x265/0x280
[  570.046758][T19236]  should_fail+0xb/0x20
[  570.046824][T19236]  should_fail_usercopy+0x1a/0x20
[  570.046881][T19236]  _copy_from_user+0x1c/0xb0
[  570.046898][T19236]  ___sys_sendmsg+0xc1/0x1d0
[  570.046993][T19236]  __x64_sys_sendmsg+0xd4/0x160
[  570.047026][T19236]  x64_sys_call+0x2999/0x2fb0
[  570.047119][T19236]  do_syscall_64+0xd2/0x200
[  570.047137][T19236]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  570.047163][T19236]  ? clear_bhb_loop+0x40/0x90
[  570.047249][T19236]  ? clear_bhb_loop+0x40/0x90
[  570.047270][T19236]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  570.047292][T19236] RIP: 0033:0x7fdd81a2e929
[  570.047308][T19236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  570.047324][T19236] RSP: 002b:00007fdd80097038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  570.047366][T19236] RAX: ffffffffffffffda RBX: 00007fdd81c55fa0 RCX: 00007fdd81a2e929
[  570.047380][T19236] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  570.047394][T19236] RBP: 00007fdd80097090 R08: 0000000000000000 R09: 0000000000000000
[  570.047434][T19236] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  570.047444][T19236] R13: 0000000000000000 R14: 00007fdd81c55fa0 R15: 00007fff972b6698
[  570.047463][T19236]  </TASK>
[  570.260118][T19239] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4766'.
[  570.293920][T19244] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4767'.
[  570.361496][T19253] xt_bpf: check failed: parse error
[  570.406527][T19256] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4770'.
[  570.416152][T19257] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4770'.
[  570.437215][T19257] netlink: 60 bytes leftover after parsing attributes in process `syz.4.4770'.
[  570.554051][T19264] FAULT_INJECTION: forcing a failure.
[  570.554051][T19264] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  570.567240][T19264] CPU: 0 UID: 0 PID: 19264 Comm: syz.4.4771 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  570.567349][T19264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  570.567414][T19264] Call Trace:
[  570.567421][T19264]  <TASK>
[  570.567428][T19264]  __dump_stack+0x1d/0x30
[  570.567447][T19264]  dump_stack_lvl+0xe8/0x140
[  570.567539][T19264]  dump_stack+0x15/0x1b
[  570.567553][T19264]  should_fail_ex+0x265/0x280
[  570.567579][T19264]  should_fail+0xb/0x20
[  570.567623][T19264]  should_fail_usercopy+0x1a/0x20
[  570.567652][T19264]  _copy_from_user+0x1c/0xb0
[  570.567669][T19264]  ___sys_recvmsg+0xaa/0x370
[  570.567693][T19264]  do_recvmmsg+0x1ef/0x540
[  570.567719][T19264]  ? fput+0x8f/0xc0
[  570.567780][T19264]  __x64_sys_recvmmsg+0xe5/0x170
[  570.567797][T19264]  x64_sys_call+0x1c6a/0x2fb0
[  570.567815][T19264]  do_syscall_64+0xd2/0x200
[  570.567861][T19264]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  570.567920][T19264]  ? clear_bhb_loop+0x40/0x90
[  570.567937][T19264]  ? clear_bhb_loop+0x40/0x90
[  570.567958][T19264]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  570.567981][T19264] RIP: 0033:0x7f2dc43ee929
[  570.567997][T19264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  570.568070][T19264] RSP: 002b:00007f2dc2a36038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  570.568091][T19264] RAX: ffffffffffffffda RBX: 00007f2dc4616080 RCX: 00007f2dc43ee929
[  570.568105][T19264] RDX: 000000000291962b RSI: 0000200000000040 RDI: 0000000000000003
[  570.568151][T19264] RBP: 00007f2dc2a36090 R08: 0000000000000000 R09: 0000000000000000
[  570.568165][T19264] R10: 45833af92e4b39ff R11: 0000000000000246 R12: 0000000000000001
[  570.568248][T19264] R13: 0000000000000001 R14: 00007f2dc4616080 R15: 00007ffe89b7b348
[  570.568264][T19264]  </TASK>
[  570.815186][T19266] loop0: detected capacity change from 0 to 512
[  570.843538][   T29] kauditd_printk_skb: 269 callbacks suppressed
[  570.843553][   T29] audit: type=1400 audit(1751285053.894:29511): avc:  denied  { ioctl } for  pid=19267 comm="syz.4.4773" path="socket:[54376]" dev="sockfs" ino=54376 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  570.898104][T19273] FAULT_INJECTION: forcing a failure.
[  570.898104][T19273] name failslab, interval 1, probability 0, space 0, times 0
[  570.898327][T19266] ext4 filesystem being mounted at /431/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  570.910819][T19273] CPU: 1 UID: 0 PID: 19273 Comm: syz.7.4774 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  570.910925][T19273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  570.910936][T19273] Call Trace:
[  570.910943][T19273]  <TASK>
[  570.910951][T19273]  __dump_stack+0x1d/0x30
[  570.910973][T19273]  dump_stack_lvl+0xe8/0x140
[  570.910994][T19273]  dump_stack+0x15/0x1b
[  570.911066][T19273]  should_fail_ex+0x265/0x280
[  570.911097][T19273]  should_failslab+0x8c/0xb0
[  570.911120][T19273]  __kvmalloc_node_noprof+0x123/0x4e0
[  570.911148][T19273]  ? alloc_netdev_mqs+0xa1/0xab0
[  570.911184][T19273]  ? vsnprintf+0x829/0x890
[  570.911209][T19273]  alloc_netdev_mqs+0xa1/0xab0
[  570.911240][T19273]  ? __pfx_ipvlan_link_setup+0x10/0x10
[  570.911267][T19273]  rtnl_create_link+0x239/0x710
[  570.911302][T19273]  rtnl_newlink_create+0x14c/0x620
[  570.911328][T19273]  ? security_capable+0x83/0x90
[  570.911357][T19273]  ? netlink_ns_capable+0x86/0xa0
[  570.911387][T19273]  rtnl_newlink+0xf29/0x12d0
[  570.911413][T19273]  ? xas_load+0x413/0x430
[  570.911589][T19273]  ? __rcu_read_unlock+0x4f/0x70
[  570.911689][T19273]  ? xa_load+0xb1/0xe0
[  570.911719][T19273]  ? __rcu_read_unlock+0x4f/0x70
[  570.911765][T19273]  ? avc_has_perm_noaudit+0x1b1/0x200
[  570.911793][T19273]  ? selinux_capable+0x1f9/0x270
[  570.911823][T19273]  ? security_capable+0x83/0x90
[  570.911888][T19273]  ? ns_capable+0x7d/0xb0
[  570.911906][T19273]  ? __pfx_rtnl_newlink+0x10/0x10
[  570.911927][T19273]  rtnetlink_rcv_msg+0x5fe/0x6d0
[  570.912018][T19273]  ? avc_has_perm_noaudit+0x1b1/0x200
[  570.912045][T19273]  netlink_rcv_skb+0x120/0x220
[  570.912078][T19273]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  570.912104][T19273]  rtnetlink_rcv+0x1c/0x30
[  570.912156][T19273]  netlink_unicast+0x59e/0x670
[  570.912233][T19273]  netlink_sendmsg+0x58b/0x6b0
[  570.912253][T19273]  ? __pfx_netlink_sendmsg+0x10/0x10
[  570.912272][T19273]  __sock_sendmsg+0x145/0x180
[  570.912296][T19273]  ____sys_sendmsg+0x31e/0x4e0
[  570.912406][T19273]  ___sys_sendmsg+0x17b/0x1d0
[  570.912459][T19273]  __x64_sys_sendmsg+0xd4/0x160
[  570.912534][T19273]  x64_sys_call+0x2999/0x2fb0
[  570.912554][T19273]  do_syscall_64+0xd2/0x200
[  570.912644][T19273]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  570.912666][T19273]  ? clear_bhb_loop+0x40/0x90
[  570.912684][T19273]  ? clear_bhb_loop+0x40/0x90
[  570.912701][T19273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  570.912760][T19273] RIP: 0033:0x7f91db60e929
[  570.912776][T19273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  570.912792][T19273] RSP: 002b:00007f91d9c77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  570.912811][T19273] RAX: ffffffffffffffda RBX: 00007f91db835fa0 RCX: 00007f91db60e929
[  570.912824][T19273] RDX: 0000000000004054 RSI: 00002000000002c0 RDI: 0000000000000003
[  570.912836][T19273] RBP: 00007f91d9c77090 R08: 0000000000000000 R09: 0000000000000000
[  570.912848][T19273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  570.912881][T19273] R13: 0000000000000000 R14: 00007f91db835fa0 R15: 00007fffa2229a08
[  570.912898][T19273]  </TASK>
[  571.039469][T19284] loop4: detected capacity change from 0 to 1024
[  571.221157][   T29] audit: type=1400 audit(1751285054.268:29512): avc:  denied  { create } for  pid=19283 comm="syz.7.4778" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  571.259824][   T29] audit: type=1400 audit(1751285054.268:29513): avc:  denied  { connect } for  pid=19283 comm="syz.7.4778" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  571.279724][   T29] audit: type=1400 audit(1751285054.289:29514): avc:  denied  { setopt } for  pid=19283 comm="syz.7.4778" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  571.411138][T19306] netlink: 156 bytes leftover after parsing attributes in process `syz.0.4784'.
[  571.446132][T19306] loop0: detected capacity change from 0 to 512
[  571.465045][T19306] EXT4-fs: Ignoring removed orlov option
[  571.482758][T19306] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  571.497956][T19313] loop7: detected capacity change from 0 to 1024
[  571.505950][T19304] FAULT_INJECTION: forcing a failure.
[  571.505950][T19304] name failslab, interval 1, probability 0, space 0, times 0
[  571.518672][T19304] CPU: 1 UID: 0 PID: 19304 Comm: syz.4.4783 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  571.518768][T19304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  571.518781][T19304] Call Trace:
[  571.518789][T19304]  <TASK>
[  571.518831][T19304]  __dump_stack+0x1d/0x30
[  571.518854][T19304]  dump_stack_lvl+0xe8/0x140
[  571.518874][T19304]  dump_stack+0x15/0x1b
[  571.518944][T19304]  should_fail_ex+0x265/0x280
[  571.518974][T19304]  should_failslab+0x8c/0xb0
[  571.518998][T19304]  kmem_cache_alloc_noprof+0x50/0x310
[  571.519025][T19304]  ? flock_lock_inode+0x135/0xf60
[  571.519041][T19304]  ? finish_task_switch+0xad/0x2b0
[  571.519096][T19304]  flock_lock_inode+0x135/0xf60
[  571.519114][T19304]  ? schedule+0x5f/0xd0
[  571.519141][T19304]  locks_lock_inode_wait+0x6f/0x2a0
[  571.519230][T19304]  ? __pfx_autoremove_wake_function+0x10/0x10
[  571.519290][T19304]  __se_sys_flock+0x2f1/0x3b0
[  571.519399][T19304]  __x64_sys_flock+0x31/0x40
[  571.519428][T19304]  x64_sys_call+0x2eed/0x2fb0
[  571.519510][T19304]  do_syscall_64+0xd2/0x200
[  571.519529][T19304]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  571.519555][T19304]  ? clear_bhb_loop+0x40/0x90
[  571.519577][T19304]  ? clear_bhb_loop+0x40/0x90
[  571.519650][T19304]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  571.519669][T19304] RIP: 0033:0x7f2dc43ee929
[  571.519682][T19304] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  571.519697][T19304] RSP: 002b:00007f2dc2a57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000049
[  571.519713][T19304] RAX: ffffffffffffffda RBX: 00007f2dc4615fa0 RCX: 00007f2dc43ee929
[  571.519725][T19304] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000005
[  571.519739][T19304] RBP: 00007f2dc2a57090 R08: 0000000000000000 R09: 0000000000000000
[  571.519754][T19304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  571.519766][T19304] R13: 0000000000000000 R14: 00007f2dc4615fa0 R15: 00007ffe89b7b348
[  571.519786][T19304]  </TASK>
[  571.520291][T19313] EXT4-fs: Ignoring removed nobh option
[  571.638022][T19306] EXT4-fs (loop0): can't mount with commit=, fs mounted w/o journal
[  571.639760][T19313] EXT4-fs: Ignoring removed bh option
[  571.744044][   T29] audit: type=1400 audit(1751285054.856:29515): avc:  denied  { read } for  pid=19305 comm="syz.0.4784" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  571.831433][T19321] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4788'.
[  571.840478][T19321] batman_adv: batadv0: Removing interface: batadv_slave_0
[  571.848128][T19321] batman_adv: batadv0: Removing interface: batadv_slave_1
[  571.995291][   T29] audit: type=1326 audit(1751285055.123:29516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19325 comm="syz.5.4789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd81a2e929 code=0x7ffc0000
[  572.019887][   T29] audit: type=1326 audit(1751285055.123:29517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19325 comm="syz.5.4789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd81a2e929 code=0x7ffc0000
[  572.043572][   T29] audit: type=1326 audit(1751285055.123:29518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19325 comm="syz.5.4789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd81a2e929 code=0x7ffc0000
[  572.067914][   T29] audit: type=1326 audit(1751285055.123:29519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19325 comm="syz.5.4789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdd81a2e929 code=0x7ffc0000
[  572.091566][   T29] audit: type=1326 audit(1751285055.123:29520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19325 comm="syz.5.4789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdd81a2e929 code=0x7ffc0000
[  572.229981][T19335] loop0: detected capacity change from 0 to 1024
[  572.236917][T19335] EXT4-fs: inline encryption not supported
[  572.247509][T19335] ext4 filesystem being mounted at /435/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  572.284485][T19335] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4792'.
[  572.296551][T19335] 9pnet_fd: Insufficient options for proto=fd
[  572.388927][T19349] loop0: detected capacity change from 0 to 512
[  572.405031][T19349] ext4 filesystem being mounted at /436/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  572.405324][T19351] xt_bpf: check failed: parse error
[  572.502596][T19361] netlink: 156 bytes leftover after parsing attributes in process `syz.0.4802'.
[  572.516858][T19361] loop0: detected capacity change from 0 to 512
[  572.523520][T19361] EXT4-fs: Ignoring removed orlov option
[  572.530402][T19361] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  572.540007][T19361] EXT4-fs (loop0): can't mount with commit=, fs mounted w/o journal
[  572.580775][T19363] FAULT_INJECTION: forcing a failure.
[  572.580775][T19363] name failslab, interval 1, probability 0, space 0, times 0
[  572.594061][T19363] CPU: 0 UID: 0 PID: 19363 Comm: syz.7.4803 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  572.594086][T19363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  572.594102][T19363] Call Trace:
[  572.594109][T19363]  <TASK>
[  572.594158][T19363]  __dump_stack+0x1d/0x30
[  572.594176][T19363]  dump_stack_lvl+0xe8/0x140
[  572.594194][T19363]  dump_stack+0x15/0x1b
[  572.594209][T19363]  should_fail_ex+0x265/0x280
[  572.594258][T19363]  should_failslab+0x8c/0xb0
[  572.594278][T19363]  __kmalloc_node_track_caller_noprof+0xa4/0x410
[  572.594303][T19363]  ? __request_module+0x1c4/0x3e0
[  572.594322][T19363]  ? __request_module+0x1df/0x3e0
[  572.594360][T19363]  ? should_failslab+0x8c/0xb0
[  572.594383][T19363]  kstrdup+0x3e/0xd0
[  572.594401][T19363]  __request_module+0x1df/0x3e0
[  572.594423][T19363]  blk_request_module+0x108/0x1e0
[  572.594440][T19363]  blkdev_get_no_open+0x4b/0x100
[  572.594459][T19363]  bdev_file_open_by_dev+0xa5/0x250
[  572.594566][T19363]  swsusp_check+0x3f/0x290
[  572.594592][T19363]  software_resume+0x41/0x2f0
[  572.594778][T19363]  resume_store+0x2d9/0x3d0
[  572.594797][T19363]  ? __pfx_resume_store+0x10/0x10
[  572.594815][T19363]  kobj_attr_store+0x4a/0x70
[  572.594863][T19363]  ? __pfx_kobj_attr_store+0x10/0x10
[  572.594887][T19363]  sysfs_kf_write+0xfe/0x120
[  572.594915][T19363]  ? __pfx_sysfs_kf_write+0x10/0x10
[  572.594945][T19363]  kernfs_fop_write_iter+0x1c1/0x2d0
[  572.595018][T19363]  iter_file_splice_write+0x5ef/0x970
[  572.595117][T19363]  ? __pfx_iter_file_splice_write+0x10/0x10
[  572.595144][T19363]  direct_splice_actor+0x153/0x2a0
[  572.595170][T19363]  ? splice_shrink_spd+0x41/0x70
[  572.595195][T19363]  splice_direct_to_actor+0x30f/0x680
[  572.595254][T19363]  ? __pfx_direct_splice_actor+0x10/0x10
[  572.595302][T19363]  do_splice_direct+0xda/0x150
[  572.595329][T19363]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  572.595436][T19363]  do_sendfile+0x380/0x650
[  572.595461][T19363]  __x64_sys_sendfile64+0x105/0x150
[  572.595540][T19363]  x64_sys_call+0xb39/0x2fb0
[  572.595562][T19363]  do_syscall_64+0xd2/0x200
[  572.595652][T19363]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  572.595678][T19363]  ? clear_bhb_loop+0x40/0x90
[  572.595700][T19363]  ? clear_bhb_loop+0x40/0x90
[  572.595793][T19363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  572.595815][T19363] RIP: 0033:0x7f91db60e929
[  572.595831][T19363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  572.595883][T19363] RSP: 002b:00007f91d9c77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  572.595902][T19363] RAX: ffffffffffffffda RBX: 00007f91db835fa0 RCX: 00007f91db60e929
[  572.595914][T19363] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000005
[  572.595927][T19363] RBP: 00007f91d9c77090 R08: 0000000000000000 R09: 0000000000000000
[  572.595987][T19363] R10: 000000000000000b R11: 0000000000000246 R12: 0000000000000002
[  572.596000][T19363] R13: 0000000000000000 R14: 00007f91db835fa0 R15: 00007fffa2229a08
[  572.596020][T19363]  </TASK>
[  572.959434][T19376] $Hÿ: renamed from bond0 (while UP)
[  572.965461][T19374] loop6: detected capacity change from 0 to 2048
[  572.966610][T19376] $Hÿ: entered promiscuous mode
[  572.972427][T19374] EXT4-fs: Ignoring removed mblk_io_submit option
[  572.977552][T19376] bond_slave_0: entered promiscuous mode
[  572.989159][T19376] bond_slave_1: entered promiscuous mode
[  572.997412][T19377] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  573.013910][T19377] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  573.026533][T19376] Invalid ELF header magic: != ELF
[  573.036575][T19377] loop5: detected capacity change from 0 to 512
[  573.040204][T19374] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.4808: bg 0: block 234: padding at end of block bitmap is not set
[  573.058947][T19374] EXT4-fs (loop6): Remounting filesystem read-only
[  573.068418][T19377] ext4 filesystem being mounted at /295/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  573.081290][T19377] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #2: comm syz.5.4805: corrupted inode contents
[  573.093314][T19377] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #2: comm syz.5.4805: mark_inode_dirty error
[  573.106543][T19377] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #2: comm syz.5.4805: corrupted inode contents
[  573.118419][T19377] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.4805: mark_inode_dirty error
[  573.165380][T19395] xt_bpf: check failed: parse error
[  573.185835][T19398] loop5: detected capacity change from 0 to 128
[  573.197119][T19398] ext4 filesystem being mounted at /297/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  573.213832][T19398] EXT4-fs error (device loop5): ext4_validate_block_bitmap:423: comm syz.5.4814: bg 0: bad block bitmap checksum
[  573.251853][T19403] tipc: Started in network mode
[  573.256860][T19403] tipc: Node identity 2d0b50e1d8a655f0002e, cluster identity 4711
[  573.316312][T19405] loop4: detected capacity change from 0 to 512
[  573.327289][T19408] loop5: detected capacity change from 0 to 1024
[  573.334271][T19408] EXT4-fs: Ignoring removed nobh option
[  573.339919][T19408] EXT4-fs: Ignoring removed bh option
[  573.345833][T19408] EXT4-fs (loop5): stripe (32769) is not aligned with cluster size (16), stripe is disabled
[  573.362330][T19410] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4817'.
[  573.368587][T19408] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4816'.
[  573.920175][T19426] netlink: 'syz.4.4821': attribute type 10 has an invalid length.
[  573.950424][T19430] FAULT_INJECTION: forcing a failure.
[  573.950424][T19430] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  573.950450][T19430] CPU: 1 UID: 0 PID: 19430 Comm: syz.4.4823 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  573.950472][T19430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  573.950482][T19430] Call Trace:
[  573.950487][T19430]  <TASK>
[  573.950493][T19430]  __dump_stack+0x1d/0x30
[  573.950510][T19430]  dump_stack_lvl+0xe8/0x140
[  573.950579][T19430]  dump_stack+0x15/0x1b
[  573.950603][T19430]  should_fail_ex+0x265/0x280
[  573.950633][T19430]  should_fail+0xb/0x20
[  573.950738][T19430]  should_fail_usercopy+0x1a/0x20
[  573.950768][T19430]  _copy_from_user+0x1c/0xb0
[  573.950789][T19430]  ___bpf_copy_key+0xa5/0x110
[  573.950811][T19430]  map_update_elem+0x165/0x520
[  573.950855][T19430]  __sys_bpf+0x5d7/0x790
[  573.950889][T19430]  __x64_sys_bpf+0x41/0x50
[  573.950913][T19430]  x64_sys_call+0x2478/0x2fb0
[  573.950957][T19430]  do_syscall_64+0xd2/0x200
[  573.950976][T19430]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  573.951072][T19430]  ? clear_bhb_loop+0x40/0x90
[  573.951089][T19430]  ? clear_bhb_loop+0x40/0x90
[  573.951146][T19430]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  573.951163][T19430] RIP: 0033:0x7f2dc43ee929
[  573.951245][T19430] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  573.951263][T19430] RSP: 002b:00007f2dc2a57038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  573.951281][T19430] RAX: ffffffffffffffda RBX: 00007f2dc4615fa0 RCX: 00007f2dc43ee929
[  573.951313][T19430] RDX: 0000000000000020 RSI: 00002000000004c0 RDI: 0000000000000002
[  573.951325][T19430] RBP: 00007f2dc2a57090 R08: 0000000000000000 R09: 0000000000000000
[  573.951338][T19430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  573.951350][T19430] R13: 0000000000000000 R14: 00007f2dc4615fa0 R15: 00007ffe89b7b348
[  573.951400][T19430]  </TASK>
[  574.277841][T19442] syzkaller0: entered promiscuous mode
[  574.277862][T19442] syzkaller0: entered allmulticast mode
[  574.339623][T19447] loop5: detected capacity change from 0 to 512
[  574.350916][T19447] EXT4-fs (loop5): too many log groups per flexible block group
[  574.358682][T19447] EXT4-fs (loop5): failed to initialize mballoc (-12)
[  574.422892][T19451] futex_wake_op: syz.6.4824 tries to shift op by -1; fix this program
[  574.469789][T19456] netlink: 'syz.4.4833': attribute type 10 has an invalid length.
[  574.492730][T19447] EXT4-fs (loop5): mount failed
[  574.568546][T19464] netlink: 208 bytes leftover after parsing attributes in process `syz.5.4831'.
[  574.639512][T19466] loop4: detected capacity change from 0 to 512
[  574.660444][T19466] ext4 filesystem being mounted at /438/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  575.004756][T19478] loop5: detected capacity change from 0 to 512
[  575.014154][T19477] $Hÿ: renamed from bond0
[  575.022614][T19477] $Hÿ: entered promiscuous mode
[  575.027712][T19477] bond_slave_0: entered promiscuous mode
[  575.033439][T19477] bond_slave_1: entered promiscuous mode
[  575.057549][T19477] Invalid ELF header magic: != ELF
[  575.080246][T19478] ext4 filesystem being mounted at /301/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  575.117192][T19478] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #2: comm syz.5.4840: corrupted inode contents
[  575.130066][T19478] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #2: comm syz.5.4840: mark_inode_dirty error
[  575.142018][T19478] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #2: comm syz.5.4840: corrupted inode contents
[  575.165806][T19478] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #2: comm syz.5.4840: corrupted inode contents
[  575.178837][T19478] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #2: comm syz.5.4840: mark_inode_dirty error
[  575.194096][T19478] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #2: comm syz.5.4840: corrupted inode contents
[  575.208718][T19478] EXT4-fs error (device loop5): __ext4_ext_dirty:206: inode #2: comm syz.5.4840: mark_inode_dirty error
[  575.228380][T19478] EXT4-fs error (device loop5): ext4_do_update_inode:5568: inode #2: comm syz.5.4840: corrupted inode contents
[  575.247173][T19478] EXT4-fs error (device loop5): ext4_dirty_inode:6459: inode #2: comm syz.5.4840: mark_inode_dirty error
[  575.343137][T19493] loop5: detected capacity change from 0 to 512
[  575.454954][T19495] loop7: detected capacity change from 0 to 128
[  575.461807][T19495] EXT4-fs (loop7): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  575.523087][T19502] FAULT_INJECTION: forcing a failure.
[  575.523087][T19502] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  575.536300][T19502] CPU: 0 UID: 0 PID: 19502 Comm: syz.0.4850 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  575.536377][T19502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  575.536388][T19502] Call Trace:
[  575.536395][T19502]  <TASK>
[  575.536403][T19502]  __dump_stack+0x1d/0x30
[  575.536444][T19502]  dump_stack_lvl+0xe8/0x140
[  575.536461][T19502]  dump_stack+0x15/0x1b
[  575.536518][T19502]  should_fail_ex+0x265/0x280
[  575.536547][T19502]  should_fail+0xb/0x20
[  575.536637][T19502]  should_fail_usercopy+0x1a/0x20
[  575.536663][T19502]  _copy_from_user+0x1c/0xb0
[  575.536683][T19502]  ___sys_sendmsg+0xc1/0x1d0
[  575.536731][T19502]  __x64_sys_sendmsg+0xd4/0x160
[  575.536806][T19502]  x64_sys_call+0x2999/0x2fb0
[  575.536827][T19502]  do_syscall_64+0xd2/0x200
[  575.536964][T19502]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  575.537015][T19502]  ? clear_bhb_loop+0x40/0x90
[  575.537034][T19502]  ? clear_bhb_loop+0x40/0x90
[  575.537054][T19502]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  575.537071][T19502] RIP: 0033:0x7f6b5167e929
[  575.537084][T19502] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  575.537104][T19502] RSP: 002b:00007f6b4fce7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  575.537123][T19502] RAX: ffffffffffffffda RBX: 00007f6b518a5fa0 RCX: 00007f6b5167e929
[  575.537135][T19502] RDX: 0000000000004000 RSI: 0000200000000100 RDI: 0000000000000003
[  575.537146][T19502] RBP: 00007f6b4fce7090 R08: 0000000000000000 R09: 0000000000000000
[  575.537158][T19502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  575.537171][T19502] R13: 0000000000000000 R14: 00007f6b518a5fa0 R15: 00007ffea888f318
[  575.537187][T19502]  </TASK>
[  575.743442][T19493] ext4 filesystem being mounted at /302/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  575.758478][   T29] kauditd_printk_skb: 345 callbacks suppressed
[  575.758492][   T29] audit: type=1400 audit(1751285059.144:29864): avc:  denied  { module_request } for  pid=19491 comm="syz.5.4847" kmod="netdev-team0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=system permissive=1
[  575.763775][T19507] loop6: detected capacity change from 0 to 512
[  575.783949][   T29] audit: type=1400 audit(1751285059.155:29865): avc:  denied  { create } for  pid=19491 comm="syz.5.4847" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  575.815394][   T29] audit: type=1400 audit(1751285059.176:29866): avc:  denied  { connect } for  pid=19491 comm="syz.5.4847" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  575.835996][   T29] audit: type=1400 audit(1751285059.176:29867): avc:  denied  { write } for  pid=19491 comm="syz.5.4847" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  575.856181][T19507] EXT4-fs: Ignoring removed mblk_io_submit option
[  575.863651][T19507] EXT4-fs (loop6): bad geometry: block count 184549440 exceeds size of device (64 blocks)
[  575.904919][   T29] audit: type=1326 audit(1751285059.283:29868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19506 comm="syz.6.4852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c7391e929 code=0x7ffc0000
[  575.928555][   T29] audit: type=1326 audit(1751285059.283:29869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19506 comm="syz.6.4852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c7391e929 code=0x7ffc0000
[  575.952209][   T29] audit: type=1326 audit(1751285059.283:29870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19506 comm="syz.6.4852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c7391e929 code=0x7ffc0000
[  575.975789][   T29] audit: type=1326 audit(1751285059.283:29871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19506 comm="syz.6.4852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9c7391e929 code=0x7ffc0000
[  575.999400][   T29] audit: type=1326 audit(1751285059.283:29872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19506 comm="syz.6.4852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c7391e929 code=0x7ffc0000
[  576.023074][   T29] audit: type=1326 audit(1751285059.283:29873): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19506 comm="syz.6.4852" exe="/root/syz-executor" sig=0 arch=c000003e syscall=191 compat=0 ip=0x7f9c7391e929 code=0x7ffc0000
[  576.096616][T19512] netlink: 156 bytes leftover after parsing attributes in process `syz.6.4853'.
[  576.110810][T19512] loop6: detected capacity change from 0 to 512
[  576.121628][T19512] EXT4-fs: Ignoring removed orlov option
[  576.132337][T19512] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  576.157021][T19512] EXT4-fs (loop6): can't mount with commit=, fs mounted w/o journal
[  576.203491][T19525] smc: net device bond0 applied user defined pnetid SYZ0
[  576.211195][T19524] loop7: detected capacity change from 0 to 512
[  576.218245][T19525] smc: net device bond0 erased user defined pnetid SYZ0
[  576.225658][T19525] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=51 sclass=netlink_route_socket pid=19525 comm=syz.5.4858
[  576.250126][T19524] ext4 filesystem being mounted at /316/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  576.267203][T19525] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=19525 comm=syz.5.4858
[  576.326135][T19535] tipc: New replicast peer: 255.255.255.255
[  576.332993][T19535] tipc: Enabled bearer <udp:syz2>, priority 10
[  576.359123][T19535] loop7: detected capacity change from 0 to 512
[  576.369471][T19535] EXT4-fs error (device loop7): ext4_acquire_dquot:6933: comm +}[@: Failed to acquire dquot type 1
[  576.380826][T19535] EXT4-fs (loop7): 1 truncate cleaned up
[  576.387277][T19535] ext4 filesystem being mounted at /317/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  576.411866][T19535] EXT4-fs error (device loop7): ext4_lookup:1791: inode #2: comm +}[@: deleted inode referenced: 12
[  576.522704][T19545] FAULT_INJECTION: forcing a failure.
[  576.522704][T19545] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  576.535919][T19545] CPU: 1 UID: 0 PID: 19545 Comm: syz.5.4862 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  576.535945][T19545] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  576.535986][T19545] Call Trace:
[  576.535994][T19545]  <TASK>
[  576.536002][T19545]  __dump_stack+0x1d/0x30
[  576.536025][T19545]  dump_stack_lvl+0xe8/0x140
[  576.536042][T19545]  dump_stack+0x15/0x1b
[  576.536059][T19545]  should_fail_ex+0x265/0x280
[  576.536108][T19545]  should_fail+0xb/0x20
[  576.536130][T19545]  should_fail_usercopy+0x1a/0x20
[  576.536212][T19545]  _copy_from_user+0x1c/0xb0
[  576.536229][T19545]  __copy_msghdr+0x244/0x300
[  576.536274][T19545]  ___sys_sendmsg+0x109/0x1d0
[  576.536359][T19545]  __x64_sys_sendmsg+0xd4/0x160
[  576.536396][T19545]  x64_sys_call+0x2999/0x2fb0
[  576.536476][T19545]  do_syscall_64+0xd2/0x200
[  576.536492][T19545]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  576.536515][T19545]  ? clear_bhb_loop+0x40/0x90
[  576.536533][T19545]  ? clear_bhb_loop+0x40/0x90
[  576.536644][T19545]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  576.536725][T19545] RIP: 0033:0x7fdd81a2e929
[  576.536792][T19545] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  576.536810][T19545] RSP: 002b:00007fdd80097038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  576.536829][T19545] RAX: ffffffffffffffda RBX: 00007fdd81c55fa0 RCX: 00007fdd81a2e929
[  576.536868][T19545] RDX: 0000000000000000 RSI: 0000200000000780 RDI: 0000000000000006
[  576.536882][T19545] RBP: 00007fdd80097090 R08: 0000000000000000 R09: 0000000000000000
[  576.536895][T19545] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  576.536908][T19545] R13: 0000000000000000 R14: 00007fdd81c55fa0 R15: 00007fff972b6698
[  576.536976][T19545]  </TASK>
[  576.755496][T19548] netlink: 'syz.5.4863': attribute type 10 has an invalid length.
[  576.911254][T19554] Invalid ELF header magic: != ELF
[  576.983355][T19558] loop5: detected capacity change from 0 to 512
[  577.046562][T19558] ext4 filesystem being mounted at /310/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  577.151094][T19570] loop4: detected capacity change from 0 to 512
[  577.193239][T19570] ext4 filesystem being mounted at /440/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  577.221350][T19570] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.4871: corrupted inode contents
[  577.237427][T19570] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm syz.4.4871: mark_inode_dirty error
[  577.283963][T19570] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.4871: corrupted inode contents
[  577.299422][T19570] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.4871: corrupted inode contents
[  577.313112][T19570] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm syz.4.4871: mark_inode_dirty error
[  577.328499][T19570] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.4871: corrupted inode contents
[  577.342358][T19570] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.4871: mark_inode_dirty error
[  577.354020][T19570] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.4871: corrupted inode contents
[  577.369135][T19570] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm syz.4.4871: mark_inode_dirty error
[  577.425471][T19578] netlink: 'syz.6.4874': attribute type 10 has an invalid length.
[  577.448750][T19580] loop4: detected capacity change from 0 to 512
[  577.475782][T19580] ext4 filesystem being mounted at /441/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  577.488583][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.496138][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.503677][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.511198][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.518657][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.526112][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.533538][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.540963][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.548528][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.556039][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.563427][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.570881][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.578304][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.585718][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.593131][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.600529][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.607931][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.615344][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.622746][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.630206][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.637591][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.645127][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.652529][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.660063][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.667488][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.674926][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.682336][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.689787][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.697338][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.704749][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.712156][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.719549][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.727004][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.734453][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.741891][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.749298][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.756702][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.764199][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.771665][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.779132][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.786572][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.794005][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.801470][T14731] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  577.810786][T14731] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  577.855442][T19591] Invalid ELF header magic: != ELF
[  577.887390][T19595] loop6: detected capacity change from 0 to 512
[  577.921344][T19595] ext4 filesystem being mounted at /547/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  578.005609][T19612] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4884'.
[  578.058166][T19625] xt_bpf: check failed: parse error
[  578.073824][T19627] loop4: detected capacity change from 0 to 512
[  578.087084][T19628] loop6: detected capacity change from 0 to 1024
[  578.095291][T19628] EXT4-fs: Ignoring removed nobh option
[  578.100937][T19628] EXT4-fs: Ignoring removed bh option
[  578.128315][T19630] loop0: detected capacity change from 0 to 1024
[  578.139103][T19627] ext4 filesystem being mounted at /446/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  578.725374][T19647] Invalid ELF header magic: != ELF
[  578.825136][T19661] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4900'.
[  578.842675][T19659] loop5: detected capacity change from 0 to 128
[  578.849793][T19659] EXT4-fs (loop5): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  578.903364][T19669] loop6: detected capacity change from 0 to 1024
[  578.945661][T19674] netlink: 'syz.6.4903': attribute type 10 has an invalid length.
[  579.096047][T19689] Invalid ELF header magic: != ELF
[  579.118955][T19692] random: crng reseeded on system resumption
[  579.161292][T19695] loop4: detected capacity change from 0 to 2048
[  579.215121][T19700] loop0: detected capacity change from 0 to 512
[  579.231948][T19696] loop6: detected capacity change from 0 to 2048
[  579.259905][T19700] ext4 filesystem being mounted at /458/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  579.355150][T19707] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4912'.
[  579.394761][T19707] loop4: detected capacity change from 0 to 128
[  579.642893][T19710] loop4: detected capacity change from 0 to 1024
[  579.659797][T19713] pim6reg: left allmulticast mode
[  579.676588][T19716] loop7: detected capacity change from 0 to 512
[  579.688815][T19716] EXT4-fs: Ignoring removed mblk_io_submit option
[  579.729945][T19716] EXT4-fs (loop7): bad geometry: block count 184549440 exceeds size of device (64 blocks)
[  579.777034][T19720] SET target dimension over the limit!
[  580.116216][T19738] loop4: detected capacity change from 0 to 2048
[  580.440422][T19743] xt_bpf: check failed: parse error
[  580.567754][T19745] loop7: detected capacity change from 0 to 128
[  580.594107][T19745] EXT4-fs (loop7): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  580.756568][T19737] can0: slcan on ttyS3.
[  580.774819][   T29] kauditd_printk_skb: 326 callbacks suppressed
[  580.774832][   T29] audit: type=1400 audit(1751285064.514:30198): avc:  denied  { ioctl } for  pid=19733 comm="syz.4.4922" path="socket:[55622]" dev="sockfs" ino=55622 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  580.853295][T19737] sg_write: data in/out 209152/1 bytes for SCSI command 0xf2-- guessing data in;
[  580.853295][T19737]    program syz.5.4923 not setting count and/or reply_len properly
[  580.907651][   T29] audit: type=1400 audit(1751285064.578:30199): avc:  denied  { write } for  pid=19736 comm="syz.5.4923" name="sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  580.932025][   T29] audit: type=1400 audit(1751285064.578:30200): avc:  denied  { open } for  pid=19736 comm="syz.5.4923" path="/dev/sg0" dev="devtmpfs" ino=135 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  580.956171][   T29] audit: type=1400 audit(1751285064.578:30201): avc:  denied  { ioctl } for  pid=19736 comm="syz.5.4923" path="/dev/sg0" dev="devtmpfs" ino=135 ioctlcmd=0x5385 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  581.285502][T19750] loop5: detected capacity change from 0 to 1024
[  581.332665][T19752] loop7: detected capacity change from 0 to 1024
[  581.351648][T19750] EXT4-fs mount: 60 callbacks suppressed
[  581.351662][T19750] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  581.391929][T19752] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  581.419513][T13293] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  581.434252][   T29] audit: type=1400 audit(1751285065.177:30202): avc:  denied  { read write } for  pid=19748 comm="syz.5.4926" name="file1" dev="loop5" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  581.467100][T19750] netlink: 'syz.5.4926': attribute type 1 has an invalid length.
[  581.474916][T19750] netlink: 224 bytes leftover after parsing attributes in process `syz.5.4926'.
[  581.553588][T19749] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4113: comm syz.5.4926: Allocating blocks 449-513 which overlap fs metadata
[  581.612128][T19748] EXT4-fs (loop5): pa ffff888106df23f0: logic 48, phys. 177, len 21
[  581.620189][T19748] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5364: group 0, free 0, pa_free 4
[  581.690042][T19762] loop7: detected capacity change from 0 to 2048
[  581.715725][T14838] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  581.728551][T19762] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  581.757857][T19767] netlink: 'syz.5.4929': attribute type 10 has an invalid length.
[  581.921869][T19771] loop5: detected capacity change from 0 to 512
[  581.928515][T19771] EXT4-fs: Ignoring removed mblk_io_submit option
[  581.957364][T19771] EXT4-fs (loop5): bad geometry: block count 184549440 exceeds size of device (64 blocks)
[  582.152753][   T29] audit: type=1400 audit(1751285065.980:30203): avc:  denied  { create } for  pid=19772 comm="syz.5.4932" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  582.201612][T19773] loop5: detected capacity change from 0 to 512
[  582.221588][   T29] audit: type=1400 audit(1751285066.023:30204): avc:  denied  { setopt } for  pid=19772 comm="syz.5.4932" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  582.253761][T19773] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  582.348831][T19773] ext4 filesystem being mounted at /324/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  582.426843][   T29] audit: type=1400 audit(1751285066.279:30205): avc:  denied  { connect } for  pid=19772 comm="syz.5.4932" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  582.446883][   T29] audit: type=1400 audit(1751285066.279:30206): avc:  denied  { write } for  pid=19772 comm="syz.5.4932" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  582.480425][T12941] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  582.510336][T14838] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  582.563353][T19780] loop5: detected capacity change from 0 to 512
[  582.572438][   T29] audit: type=1400 audit(1751285066.419:30207): avc:  denied  { create } for  pid=19779 comm="syz.5.4934" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[  582.753533][T19780] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  582.780441][T19780] ext4 filesystem being mounted at /325/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  583.092755][T19780] EXT4-fs error (device loop5): ext4_lookup:1787: inode #12: comm syz.5.4934: iget: bad i_size value: 2533274857506816
[  583.224711][T19788] EXT4-fs error (device loop5): ext4_lookup:1787: inode #12: comm syz.5.4934: iget: bad i_size value: 2533274857506816
[  583.277372][T14838] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  583.371113][ T9637] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  583.382787][T19790] loop5: detected capacity change from 0 to 8192
[  583.556667][T19795] xt_bpf: check failed: parse error
[  583.569480][T19798] xt_hashlimit: max too large, truncated to 1048576
[  583.603313][T12154] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  583.622022][T19800] loop4: detected capacity change from 0 to 128
[  583.635427][T19800] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  583.673521][T19808] loop6: detected capacity change from 0 to 512
[  583.685745][T19800] ext4 filesystem being mounted at /460/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  583.715002][T19812] xt_bpf: check failed: parse error
[  583.728889][T19800] EXT4-fs error (device loop4): ext4_validate_block_bitmap:423: comm syz.4.4940: bg 0: bad block bitmap checksum
[  583.753371][T19814] loop0: detected capacity change from 0 to 164
[  583.773314][T19808] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  583.787749][T19814] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  583.803821][T12941] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  583.815148][T19808] ext4 filesystem being mounted at /556/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  583.888207][T19824] loop5: detected capacity change from 0 to 512
[  583.912727][ T9637] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  583.981044][T19827] netlink: 156 bytes leftover after parsing attributes in process `syz.4.4952'.
[  583.998229][T19824] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  584.009269][T19827] loop4: detected capacity change from 0 to 512
[  584.017521][T19827] EXT4-fs: Ignoring removed orlov option
[  584.113302][T19827] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  584.126740][T19827] EXT4-fs (loop4): can't mount with commit=, fs mounted w/o journal
[  584.146519][T19824] ext4 filesystem being mounted at /332/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  584.215639][T19836] netlink: 'syz.5.4950': attribute type 13 has an invalid length.
[  584.223644][T19836] netlink: 'syz.5.4950': attribute type 17 has an invalid length.
[  584.284851][T19836] 8021q: adding VLAN 0 to HW filter on device bond0
[  584.295525][T19836] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  584.443051][T13293] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  584.487261][T19842] xt_bpf: check failed: parse error
[  584.521184][T19843] loop0: detected capacity change from 0 to 512
[  584.574783][T19851] FAULT_INJECTION: forcing a failure.
[  584.574783][T19851] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  584.587903][T19851] CPU: 0 UID: 0 PID: 19851 Comm: syz.7.4958 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  584.587941][T19851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  584.587953][T19851] Call Trace:
[  584.587959][T19851]  <TASK>
[  584.587965][T19851]  __dump_stack+0x1d/0x30
[  584.587986][T19851]  dump_stack_lvl+0xe8/0x140
[  584.588006][T19851]  dump_stack+0x15/0x1b
[  584.588051][T19851]  should_fail_ex+0x265/0x280
[  584.588078][T19851]  should_fail+0xb/0x20
[  584.588099][T19851]  should_fail_usercopy+0x1a/0x20
[  584.588202][T19851]  _copy_from_user+0x1c/0xb0
[  584.588224][T19851]  ___sys_sendmsg+0xc1/0x1d0
[  584.588332][T19851]  __x64_sys_sendmsg+0xd4/0x160
[  584.588401][T19851]  x64_sys_call+0x2999/0x2fb0
[  584.588419][T19851]  do_syscall_64+0xd2/0x200
[  584.588437][T19851]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  584.588463][T19851]  ? clear_bhb_loop+0x40/0x90
[  584.588519][T19851]  ? clear_bhb_loop+0x40/0x90
[  584.588541][T19851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  584.588672][T19851] RIP: 0033:0x7f91db60e929
[  584.588688][T19851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  584.588702][T19851] RSP: 002b:00007f91d9c77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  584.588734][T19851] RAX: ffffffffffffffda RBX: 00007f91db835fa0 RCX: 00007f91db60e929
[  584.588805][T19851] RDX: 0000000000000000 RSI: 0000200000000580 RDI: 0000000000000004
[  584.588816][T19851] RBP: 00007f91d9c77090 R08: 0000000000000000 R09: 0000000000000000
[  584.588828][T19851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  584.588841][T19851] R13: 0000000000000000 R14: 00007f91db835fa0 R15: 00007fffa2229a08
[  584.588869][T19851]  </TASK>
[  584.589390][T19850] loop6: detected capacity change from 0 to 512
[  584.692986][T19843] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  584.716983][T19850] ext2: Unknown parameter 'obj_user'
[  584.740577][T19843] ext4 filesystem being mounted at /461/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  584.805737][T14838] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  584.828002][T19857] FAULT_INJECTION: forcing a failure.
[  584.828002][T19857] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  584.841722][T19857] CPU: 0 UID: 0 PID: 19857 Comm: syz.4.4961 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  584.841826][T19857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  584.841836][T19857] Call Trace:
[  584.841842][T19857]  <TASK>
[  584.841868][T19857]  __dump_stack+0x1d/0x30
[  584.841937][T19857]  dump_stack_lvl+0xe8/0x140
[  584.841953][T19857]  dump_stack+0x15/0x1b
[  584.841970][T19857]  should_fail_ex+0x265/0x280
[  584.842000][T19857]  should_fail+0xb/0x20
[  584.842075][T19857]  should_fail_usercopy+0x1a/0x20
[  584.842100][T19857]  _copy_from_user+0x1c/0xb0
[  584.842117][T19857]  __sys_sendto+0x19e/0x330
[  584.842219][T19857]  __x64_sys_sendto+0x76/0x90
[  584.842320][T19857]  x64_sys_call+0x2eb6/0x2fb0
[  584.842337][T19857]  do_syscall_64+0xd2/0x200
[  584.842353][T19857]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  584.842379][T19857]  ? clear_bhb_loop+0x40/0x90
[  584.842433][T19857]  ? clear_bhb_loop+0x40/0x90
[  584.842455][T19857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  584.842547][T19857] RIP: 0033:0x7f2dc43ee929
[  584.842560][T19857] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  584.842574][T19857] RSP: 002b:00007f2dc2a57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  584.842591][T19857] RAX: ffffffffffffffda RBX: 00007f2dc4615fa0 RCX: 00007f2dc43ee929
[  584.842647][T19857] RDX: 000000000000002a RSI: 0000200000000100 RDI: 0000000000000006
[  584.842661][T19857] RBP: 00007f2dc2a57090 R08: 0000200000000200 R09: 0000000000000014
[  584.842677][T19857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  584.842691][T19857] R13: 0000000000000000 R14: 00007f2dc4615fa0 R15: 00007ffe89b7b348
[  584.842710][T19857]  </TASK>
[  584.924146][T19850] vhci_hcd: default hub control req: 1f0b v0002 i0005 l85
[  585.065382][T19850] loop6: detected capacity change from 0 to 164
[  585.087964][T19850] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  585.117701][T19863] loop5: detected capacity change from 0 to 512
[  585.124306][T19863] EXT4-fs: Ignoring removed mblk_io_submit option
[  585.136370][T19863] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  585.160403][T19863] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=e016c018, mo2=0002]
[  585.165345][T19868] netlink: 156 bytes leftover after parsing attributes in process `syz.6.4964'.
[  585.178202][T19863] System zones: 1-12
[  585.185080][T19868] loop6: detected capacity change from 0 to 512
[  585.192157][T19868] EXT4-fs: Ignoring removed orlov option
[  585.197983][T19863] EXT4-fs (loop5): 1 truncate cleaned up
[  585.204097][T19863] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  585.217932][T19868] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  585.240709][T19868] EXT4-fs (loop6): can't mount with commit=, fs mounted w/o journal
[  585.379419][T19876] xt_bpf: check failed: parse error
[  585.400985][T19878] FAULT_INJECTION: forcing a failure.
[  585.400985][T19878] name failslab, interval 1, probability 0, space 0, times 0
[  585.413741][T19878] CPU: 1 UID: 0 PID: 19878 Comm: syz.7.4967 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  585.413827][T19878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  585.413838][T19878] Call Trace:
[  585.413884][T19878]  <TASK>
[  585.413893][T19878]  __dump_stack+0x1d/0x30
[  585.413914][T19878]  dump_stack_lvl+0xe8/0x140
[  585.413933][T19878]  dump_stack+0x15/0x1b
[  585.413986][T19878]  should_fail_ex+0x265/0x280
[  585.414061][T19878]  ? __pfx_proc_self_get_link+0x10/0x10
[  585.414095][T19878]  ? proc_self_get_link+0x97/0x110
[  585.414138][T19878]  should_failslab+0x8c/0xb0
[  585.414161][T19878]  __kmalloc_cache_noprof+0x4c/0x320
[  585.414189][T19878]  ? __pfx_proc_self_get_link+0x10/0x10
[  585.414261][T19878]  proc_self_get_link+0x97/0x110
[  585.414317][T19878]  pick_link+0x47a/0x830
[  585.414341][T19878]  step_into+0x7b6/0x820
[  585.414365][T19878]  path_openat+0x13e8/0x2170
[  585.414403][T19878]  do_filp_open+0x109/0x230
[  585.414461][T19878]  do_sys_openat2+0xa6/0x110
[  585.414488][T19878]  __x64_sys_openat+0xf2/0x120
[  585.414523][T19878]  x64_sys_call+0x1af/0x2fb0
[  585.414565][T19878]  do_syscall_64+0xd2/0x200
[  585.414703][T19878]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  585.414802][T19878]  ? clear_bhb_loop+0x40/0x90
[  585.414831][T19878]  ? clear_bhb_loop+0x40/0x90
[  585.414934][T19878]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  585.414953][T19878] RIP: 0033:0x7f91db60d290
[  585.414967][T19878] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  585.414983][T19878] RSP: 002b:00007f91d9c76f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  585.415016][T19878] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f91db60d290
[  585.415031][T19878] RDX: 0000000000000000 RSI: 00007f91d9c76fa0 RDI: 00000000ffffff9c
[  585.415045][T19878] RBP: 00007f91d9c76fa0 R08: 0000000000000000 R09: 0000000000000000
[  585.415058][T19878] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000002
[  585.415068][T19878] R13: 0000000000000000 R14: 00007f91db835fa0 R15: 00007fffa2229a08
[  585.415129][T19878]  </TASK>
[  585.641477][T19880] x_tables: ip6_tables: tcpmss match: only valid for protocol 6
[  585.650971][   T29] kauditd_printk_skb: 56 callbacks suppressed
[  585.650984][   T29] audit: type=1400 audit(1751285069.735:30262): avc:  denied  { create } for  pid=19879 comm="syz.7.4968" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  585.687928][   T29] audit: type=1400 audit(1751285069.735:30263): avc:  denied  { write } for  pid=19879 comm="syz.7.4968" path="socket:[55854]" dev="sockfs" ino=55854 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  585.712308][   T29] audit: type=1400 audit(1751285069.768:30264): avc:  denied  { ioctl } for  pid=19879 comm="syz.7.4968" path="socket:[55855]" dev="sockfs" ino=55855 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  585.801267][T19882] netlink: 156 bytes leftover after parsing attributes in process `syz.7.4969'.
[  585.815114][T19882] loop7: detected capacity change from 0 to 512
[  585.829895][T19882] EXT4-fs: Ignoring removed orlov option
[  585.838021][T14838] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  585.847200][T19882] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  585.855846][T19882] EXT4-fs (loop7): can't mount with commit=, fs mounted w/o journal
[  585.893254][T19886] netlink: 36 bytes leftover after parsing attributes in process `syz.4.4971'.
[  585.907750][T19886] bridge0: port 2(bridge_slave_1) entered disabled state
[  585.914960][T19886] bridge0: port 1(bridge_slave_0) entered disabled state
[  585.944086][   T29] audit: type=1400 audit(1751285070.046:30265): avc:  denied  { read write } for  pid=19887 comm="syz.5.4972" name="rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  585.967860][   T29] audit: type=1400 audit(1751285070.046:30266): avc:  denied  { open } for  pid=19887 comm="syz.5.4972" path="/dev/rtc0" dev="devtmpfs" ino=244 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  586.019157][   T29] audit: type=1326 audit(1751285070.121:30267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19893 comm="syz.6.4975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c7391e929 code=0x7ffc0000
[  586.019486][T19894] FAULT_INJECTION: forcing a failure.
[  586.019486][T19894] name failslab, interval 1, probability 0, space 0, times 0
[  586.051245][   T29] audit: type=1326 audit(1751285070.121:30268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19893 comm="syz.6.4975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9c7391e929 code=0x7ffc0000
[  586.056186][T19894] CPU: 0 UID: 0 PID: 19894 Comm: syz.6.4975 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  586.056214][T19894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  586.056226][T19894] Call Trace:
[  586.056233][T19894]  <TASK>
[  586.056282][T19894]  __dump_stack+0x1d/0x30
[  586.056304][T19894]  dump_stack_lvl+0xe8/0x140
[  586.056323][T19894]  dump_stack+0x15/0x1b
[  586.056339][T19894]  should_fail_ex+0x265/0x280
[  586.056454][T19894]  should_failslab+0x8c/0xb0
[  586.056475][T19894]  kmem_cache_alloc_node_noprof+0x57/0x320
[  586.056502][T19894]  ? __alloc_skb+0x101/0x320
[  586.056590][T19894]  __alloc_skb+0x101/0x320
[  586.056615][T19894]  ? audit_log_start+0x365/0x6c0
[  586.056646][T19894]  audit_log_start+0x380/0x6c0
[  586.056695][T19894]  audit_seccomp+0x48/0x100
[  586.056720][T19894]  ? __seccomp_filter+0x68c/0x10d0
[  586.056742][T19894]  __seccomp_filter+0x69d/0x10d0
[  586.056765][T19894]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  586.056829][T19894]  ? vfs_write+0x75e/0x8e0
[  586.056858][T19894]  ? __rcu_read_unlock+0x4f/0x70
[  586.056941][T19894]  ? __fget_files+0x184/0x1c0
[  586.056983][T19894]  __secure_computing+0x82/0x150
[  586.057030][T19894]  syscall_trace_enter+0xcf/0x1e0
[  586.057053][T19894]  do_syscall_64+0xac/0x200
[  586.057072][T19894]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  586.057101][T19894]  ? clear_bhb_loop+0x40/0x90
[  586.057169][T19894]  ? clear_bhb_loop+0x40/0x90
[  586.057211][T19894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  586.057232][T19894] RIP: 0033:0x7f9c7391d33c
[  586.057248][T19894] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  586.057265][T19894] RSP: 002b:00007f9c71f87030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  586.057296][T19894] RAX: ffffffffffffffda RBX: 00007f9c73b45fa0 RCX: 00007f9c7391d33c
[  586.057308][T19894] RDX: 000000000000000f RSI: 00007f9c71f870a0 RDI: 0000000000000004
[  586.057387][T19894] RBP: 00007f9c71f87090 R08: 0000000000000000 R09: 0000000000000000
[  586.057399][T19894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  586.057412][T19894] R13: 0000000000000000 R14: 00007f9c73b45fa0 R15: 00007fff58456108
[  586.057431][T19894]  </TASK>
[  586.057439][T19894] audit: audit_lost=14 audit_rate_limit=0 audit_backlog_limit=64
[  586.078966][   T29] audit: type=1326 audit(1751285070.121:30269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=19893 comm="syz.6.4975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9c7391d290 code=0x7ffc0000
[  586.090402][T19894] audit: out of memory in audit_log_start
[  586.360980][T19897] loop6: detected capacity change from 0 to 512
[  586.370753][T19897] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  586.384324][T19897] ext4 filesystem being mounted at /562/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  586.409196][ T9637] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  586.420628][T12154] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  586.649409][T19918] loop0: detected capacity change from 0 to 128
[  586.657843][T19918] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  586.670114][T19918] ext4 filesystem being mounted at /465/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  586.719081][T19922] netlink: 156 bytes leftover after parsing attributes in process `syz.5.4984'.
[  586.731766][T19922] loop5: detected capacity change from 0 to 512
[  586.738347][T19922] EXT4-fs: Ignoring removed orlov option
[  586.744412][T19922] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  586.754019][T19922] EXT4-fs (loop5): can't mount with commit=, fs mounted w/o journal
[  586.765572][T19924] netlink: 9 bytes leftover after parsing attributes in process `syz.0.4983'.
[  586.775031][T19924] 0·: renamed from hsr_slave_1 (while UP)
[  586.783212][T19924] 0·: entered allmulticast mode
[  586.792824][T19924] A link change request failed with some changes committed already. Interface 
c0· may have been left with an inconsistent configuration, please check.
[  586.815589][T19926] FAULT_INJECTION: forcing a failure.
[  586.815589][T19926] name failslab, interval 1, probability 0, space 0, times 0
[  586.828370][T19926] CPU: 1 UID: 0 PID: 19926 Comm: syz.4.4985 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  586.828397][T19926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  586.828410][T19926] Call Trace:
[  586.828417][T19926]  <TASK>
[  586.828426][T19926]  __dump_stack+0x1d/0x30
[  586.828450][T19926]  dump_stack_lvl+0xe8/0x140
[  586.828466][T19926]  dump_stack+0x15/0x1b
[  586.828482][T19926]  should_fail_ex+0x265/0x280
[  586.828513][T19926]  should_failslab+0x8c/0xb0
[  586.828574][T19926]  kmem_cache_alloc_node_noprof+0x57/0x320
[  586.828599][T19926]  ? __alloc_skb+0x101/0x320
[  586.828656][T19926]  __alloc_skb+0x101/0x320
[  586.828741][T19926]  netlink_alloc_large_skb+0xba/0xf0
[  586.828772][T19926]  netlink_sendmsg+0x3cf/0x6b0
[  586.828794][T19926]  ? __pfx_netlink_sendmsg+0x10/0x10
[  586.828923][T19926]  __sock_sendmsg+0x145/0x180
[  586.829007][T19926]  ____sys_sendmsg+0x31e/0x4e0
[  586.829037][T19926]  ___sys_sendmsg+0x17b/0x1d0
[  586.829112][T19926]  __x64_sys_sendmsg+0xd4/0x160
[  586.829142][T19926]  x64_sys_call+0x2999/0x2fb0
[  586.829160][T19926]  do_syscall_64+0xd2/0x200
[  586.829186][T19926]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  586.829208][T19926]  ? clear_bhb_loop+0x40/0x90
[  586.829225][T19926]  ? clear_bhb_loop+0x40/0x90
[  586.829320][T19926]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  586.829407][T19926] RIP: 0033:0x7f2dc43ee929
[  586.829478][T19926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  586.829496][T19926] RSP: 002b:00007f2dc2a57038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  586.829513][T19926] RAX: ffffffffffffffda RBX: 00007f2dc4615fa0 RCX: 00007f2dc43ee929
[  586.829523][T19926] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  586.829534][T19926] RBP: 00007f2dc2a57090 R08: 0000000000000000 R09: 0000000000000000
[  586.829544][T19926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  586.829555][T19926] R13: 0000000000000000 R14: 00007f2dc4615fa0 R15: 00007ffe89b7b348
[  586.829638][T19926]  </TASK>
[  587.051524][T19928] loop4: detected capacity change from 0 to 512
[  587.061859][T19928] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  587.074339][T19928] ext4 filesystem being mounted at /468/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  587.096696][T12941] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  587.114641][T19933] Invalid ELF header magic: != ELF
[  587.134107][T19935] loop4: detected capacity change from 0 to 512
[  587.146961][T19935] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  587.159841][T19935] ext4 filesystem being mounted at /470/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  587.180327][T12941] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  587.277074][T19944] loop6: detected capacity change from 0 to 128
[  587.284015][T19944] EXT4-fs (loop6): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  587.294563][T19949] loop4: detected capacity change from 0 to 128
[  587.301277][T19949] EXT4-fs (loop4): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  587.447522][T12154] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  587.466563][T19951] FAULT_INJECTION: forcing a failure.
[  587.466563][T19951] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  587.479827][T19951] CPU: 0 UID: 0 PID: 19951 Comm: syz.7.4993 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  587.479853][T19951] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  587.479864][T19951] Call Trace:
[  587.479870][T19951]  <TASK>
[  587.479879][T19951]  __dump_stack+0x1d/0x30
[  587.479918][T19951]  dump_stack_lvl+0xe8/0x140
[  587.479993][T19951]  dump_stack+0x15/0x1b
[  587.480010][T19951]  should_fail_ex+0x265/0x280
[  587.480040][T19951]  should_fail+0xb/0x20
[  587.480111][T19951]  should_fail_usercopy+0x1a/0x20
[  587.480141][T19951]  _copy_to_user+0x20/0xa0
[  587.480213][T19951]  simple_read_from_buffer+0xb5/0x130
[  587.480245][T19951]  proc_fail_nth_read+0x100/0x140
[  587.480276][T19951]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  587.480355][T19951]  vfs_read+0x1a0/0x6f0
[  587.480384][T19951]  ? __rcu_read_unlock+0x4f/0x70
[  587.480406][T19951]  ? __fget_files+0x184/0x1c0
[  587.480428][T19951]  ksys_read+0xda/0x1a0
[  587.480506][T19951]  __x64_sys_read+0x40/0x50
[  587.480536][T19951]  x64_sys_call+0x2d77/0x2fb0
[  587.480556][T19951]  do_syscall_64+0xd2/0x200
[  587.480573][T19951]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  587.480650][T19951]  ? clear_bhb_loop+0x40/0x90
[  587.480671][T19951]  ? clear_bhb_loop+0x40/0x90
[  587.480692][T19951]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  587.480720][T19951] RIP: 0033:0x7f91db60d33c
[  587.480748][T19951] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  587.480765][T19951] RSP: 002b:00007f91d9c77030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  587.480782][T19951] RAX: ffffffffffffffda RBX: 00007f91db835fa0 RCX: 00007f91db60d33c
[  587.480845][T19951] RDX: 000000000000000f RSI: 00007f91d9c770a0 RDI: 0000000000000007
[  587.480857][T19951] RBP: 00007f91d9c77090 R08: 0000000000000000 R09: 0000000000000000
[  587.480873][T19951] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  587.480886][T19951] R13: 0000000000000000 R14: 00007f91db835fa0 R15: 00007fffa2229a08
[  587.480905][T19951]  </TASK>
[  587.711374][T19956] loop7: detected capacity change from 0 to 512
[  587.718361][T19958] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4996'.
[  587.735219][T19956] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  587.748927][T19956] ext4 filesystem being mounted at /347/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  587.786473][T19965] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4998'.
[  587.802600][T13293] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  588.055147][T19975] loop6: detected capacity change from 0 to 128
[  588.062407][T19977] xt_bpf: check failed: parse error
[  588.068898][T19975] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  588.101490][T19975] ext4 filesystem being mounted at /565/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  588.113379][T19967] loop7: detected capacity change from 0 to 128
[  588.149664][T19967] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  588.162121][T19975] EXT4-fs error (device loop6): ext4_validate_block_bitmap:423: comm syz.6.5002: bg 0: bad block bitmap checksum
[  588.175437][T19967] ext4 filesystem being mounted at /348/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  588.198488][ T9637] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  588.218262][T19986] loop6: detected capacity change from 0 to 128
[  588.227578][T19989] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5006'.
[  588.235177][T19986] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  588.250066][T19986] ext4 filesystem being mounted at /566/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  588.286579][T19986] EXT4-fs error (device loop6): ext4_validate_block_bitmap:423: comm syz.6.5007: bg 0: bad block bitmap checksum
[  588.348786][ T9637] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  588.366194][T20005] xt_bpf: check failed: parse error
[  588.378195][T20000] loop0: detected capacity change from 0 to 128
[  588.387315][T20000] EXT4-fs (loop0): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  588.430408][T20013] loop0: detected capacity change from 0 to 128
[  588.438066][T20013] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  588.450407][T20013] ext4 filesystem being mounted at /469/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  588.463711][T20013] EXT4-fs error (device loop0): ext4_validate_block_bitmap:423: comm syz.0.5018: bg 0: bad block bitmap checksum
[  588.486255][T12154] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  588.598207][T20025] loop4: detected capacity change from 0 to 2048
[  588.624611][T20025] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  588.683441][T13293] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  588.830014][T20041] tmpfs: Bad value for 'mpol'
[  589.126096][T20047] loop5: detected capacity change from 0 to 512
[  589.137163][T20047] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  589.151772][T20047] ext4 filesystem being mounted at /348/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  589.189481][T14838] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  589.366853][T20064] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  589.411114][T20066] FAULT_INJECTION: forcing a failure.
[  589.411114][T20066] name failslab, interval 1, probability 0, space 0, times 0
[  589.423789][T20066] CPU: 1 UID: 0 PID: 20066 Comm: syz.0.5038 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  589.423812][T20066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  589.423822][T20066] Call Trace:
[  589.423827][T20066]  <TASK>
[  589.423834][T20066]  __dump_stack+0x1d/0x30
[  589.423852][T20066]  dump_stack_lvl+0xe8/0x140
[  589.423869][T20066]  dump_stack+0x15/0x1b
[  589.423884][T20066]  should_fail_ex+0x265/0x280
[  589.423910][T20066]  should_failslab+0x8c/0xb0
[  589.423928][T20066]  kmem_cache_alloc_noprof+0x50/0x310
[  589.423949][T20066]  ? mas_alloc_nodes+0x265/0x520
[  589.423965][T20066]  mas_alloc_nodes+0x265/0x520
[  589.423981][T20066]  mas_preallocate+0x33e/0x520
[  589.424010][T20066]  mmap_region+0xb7e/0x1580
[  589.424050][T20066]  do_mmap+0x9b3/0xbe0
[  589.424081][T20066]  vm_mmap_pgoff+0x17a/0x2e0
[  589.424108][T20066]  ksys_mmap_pgoff+0xc2/0x310
[  589.424138][T20066]  ? __x64_sys_mmap+0x49/0x70
[  589.424159][T20066]  x64_sys_call+0x1602/0x2fb0
[  589.424179][T20066]  do_syscall_64+0xd2/0x200
[  589.424197][T20066]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  589.424232][T20066]  ? clear_bhb_loop+0x40/0x90
[  589.424252][T20066]  ? clear_bhb_loop+0x40/0x90
[  589.424272][T20066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  589.424293][T20066] RIP: 0033:0x7f6b5167e963
[  589.424308][T20066] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  589.424324][T20066] RSP: 002b:00007f6b4fce6e18 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  589.424343][T20066] RAX: ffffffffffffffda RBX: 0000000000000447 RCX: 00007f6b5167e963
[  589.424355][T20066] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  589.424366][T20066] RBP: 0000200000000502 R08: 00000000ffffffff R09: 0000000000000000
[  589.424377][T20066] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000007
[  589.424388][T20066] R13: 00007f6b4fce6ef0 R14: 00007f6b4fce6eb0 R15: 0000200000000480
[  589.424406][T20066]  </TASK>
[  589.645295][T20068] loop5: detected capacity change from 0 to 1024
[  589.655623][T20068] EXT4-fs: Ignoring removed nobh option
[  589.692411][T20068] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  589.756167][T20077] loop0: detected capacity change from 0 to 512
[  589.764808][T20078] netlink: 'syz.5.5037': attribute type 21 has an invalid length.
[  589.773261][T20078] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5037'.
[  589.782977][T20078] netlink: 'syz.5.5037': attribute type 16 has an invalid length.
[  589.790859][T20078] netlink: 64138 bytes leftover after parsing attributes in process `syz.5.5037'.
[  589.802609][T20077] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  589.815406][T20077] ext4 filesystem being mounted at /477/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  589.839226][T12154] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  590.451531][T20096] loop7: detected capacity change from 0 to 512
[  590.452374][T20095] netlink: 2048 bytes leftover after parsing attributes in process `syz.6.5045'.
[  590.459163][T20096] EXT4-fs: Ignoring removed nomblk_io_submit option
[  590.466956][T20095] netlink: 24 bytes leftover after parsing attributes in process `syz.6.5045'.
[  590.474502][T20096] EXT4-fs: Ignoring removed mblk_io_submit option
[  590.497488][   T29] kauditd_printk_skb: 389 callbacks suppressed
[  590.497502][   T29] audit: type=1400 audit(1751285074.915:30659): avc:  denied  { create } for  pid=20092 comm="syz.6.5045" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  590.525163][   T29] audit: type=1400 audit(1751285074.915:30660): avc:  denied  { write } for  pid=20092 comm="syz.6.5045" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  590.525555][T20096] EXT4-fs (loop7): Cannot turn on journaled quota: type 0: error -2
[  590.554515][T20096] EXT4-fs (loop7): Cannot turn on journaled quota: type 1: error -2
[  590.563282][T20096] EXT4-fs (loop7): 1 truncate cleaned up
[  590.570473][T20096] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  590.590563][   T29] audit: type=1326 audit(1751285075.011:30661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20094 comm="syz.7.5046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91db60e929 code=0x7ffc0000
[  590.648323][   T29] audit: type=1326 audit(1751285075.011:30662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20094 comm="syz.7.5046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f91db60e929 code=0x7ffc0000
[  590.672090][   T29] audit: type=1400 audit(1751285075.011:30663): avc:  denied  { read write } for  pid=20094 comm="syz.7.5046" name="ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  590.695557][   T29] audit: type=1400 audit(1751285075.011:30664): avc:  denied  { open } for  pid=20094 comm="syz.7.5046" path="/dev/ppp" dev="devtmpfs" ino=140 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  590.719022][   T29] audit: type=1326 audit(1751285075.011:30665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20094 comm="syz.7.5046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91db60e929 code=0x7ffc0000
[  590.742588][   T29] audit: type=1326 audit(1751285075.011:30666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20094 comm="syz.7.5046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f91db60e929 code=0x7ffc0000
[  590.766210][   T29] audit: type=1400 audit(1751285075.011:30667): avc:  denied  { ioctl } for  pid=20094 comm="syz.7.5046" path="/dev/ppp" dev="devtmpfs" ino=140 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  590.791064][   T29] audit: type=1326 audit(1751285075.022:30668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20094 comm="syz.7.5046" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f91db60e929 code=0x7ffc0000
[  590.816063][T12941] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  590.840471][T20104] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  590.848430][T20096] EXT4-fs error (device loop7): ext4_map_blocks:780: inode #2: block 4: comm syz.7.5046: lblock 0 mapped to illegal pblock 4 (length 1)
[  590.865722][T20096] EXT4-fs (loop7): Remounting filesystem read-only
[  590.873618][T20096] netlink: 32 bytes leftover after parsing attributes in process `syz.7.5046'.
[  590.880231][T20107] loop4: detected capacity change from 0 to 128
[  590.883601][T20096] netlink: 52 bytes leftover after parsing attributes in process `syz.7.5046'.
[  590.892335][T20107] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  590.910459][T20107] ext4 filesystem being mounted at /481/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  590.927711][T20107] EXT4-fs error (device loop4): ext4_validate_block_bitmap:423: comm syz.4.5049: bg 0: bad block bitmap checksum
[  590.948958][T12941] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  590.969120][T13293] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  590.985767][T20112] netlink: 36 bytes leftover after parsing attributes in process `syz.0.5047'.
[  591.009871][T20118] loop4: detected capacity change from 0 to 512
[  591.033543][T20118] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  591.047042][T20118] ext4 filesystem being mounted at /483/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  591.072733][T12941] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  591.103432][T20137] loop4: detected capacity change from 0 to 512
[  591.117165][T20137] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  591.129778][T20137] ext4 filesystem being mounted at /485/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  591.140330][T20133] loop7: detected capacity change from 0 to 128
[  591.147121][T20133] EXT4-fs (loop7): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  591.404115][T20145] netlink: 156 bytes leftover after parsing attributes in process `syz.6.5059'.
[  591.420984][T20145] loop6: detected capacity change from 0 to 512
[  591.427755][T20145] EXT4-fs: Ignoring removed orlov option
[  591.433961][T20145] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  591.444060][T20145] EXT4-fs (loop6): can't mount with commit=, fs mounted w/o journal
[  591.646250][T20149] Invalid ELF header magic: != ELF
[  591.673166][T20151] program syz.0.5062 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  591.682920][T20151] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  591.696403][T20151] loop0: detected capacity change from 0 to 512
[  591.703434][T20151] EXT4-fs: Ignoring removed mblk_io_submit option
[  591.711132][T20151] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  591.892923][T12941] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  591.906921][T20159] loop7: detected capacity change from 0 to 512
[  591.931283][T20159] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  591.947290][T20159] ext4 filesystem being mounted at /363/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  591.969883][T13293] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  592.018574][T20170] lo speed is unknown, defaulting to 1000
[  592.024800][T20170] lo speed is unknown, defaulting to 1000
[  592.030821][T20170] lo speed is unknown, defaulting to 1000
[  592.038864][T20170] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  592.050276][T20170] lo speed is unknown, defaulting to 1000
[  592.056637][T20170] lo speed is unknown, defaulting to 1000
[  592.063438][T20170] lo speed is unknown, defaulting to 1000
[  592.069881][T20170] lo speed is unknown, defaulting to 1000
[  592.079260][T20170] lo speed is unknown, defaulting to 1000
[  592.105137][T20180] Invalid ELF header magic: != ELF
[  592.124146][T20182] FAULT_INJECTION: forcing a failure.
[  592.124146][T20182] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  592.137390][T20182] CPU: 0 UID: 0 PID: 20182 Comm: syz.4.5074 Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  592.137460][T20182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  592.137472][T20182] Call Trace:
[  592.137478][T20182]  <TASK>
[  592.137486][T20182]  __dump_stack+0x1d/0x30
[  592.137504][T20182]  dump_stack_lvl+0xe8/0x140
[  592.137521][T20182]  dump_stack+0x15/0x1b
[  592.137534][T20182]  should_fail_ex+0x265/0x280
[  592.137613][T20182]  should_fail+0xb/0x20
[  592.137684][T20182]  should_fail_usercopy+0x1a/0x20
[  592.137707][T20182]  _copy_from_user+0x1c/0xb0
[  592.137719][T20182]  kstrtouint_from_user+0x69/0xf0
[  592.137735][T20182]  ? 0xffffffff81000000
[  592.137747][T20182]  ? selinux_file_permission+0x1e4/0x320
[  592.137761][T20182]  proc_fail_nth_write+0x50/0x160
[  592.137878][T20182]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  592.137985][T20182]  vfs_write+0x266/0x8e0
[  592.138001][T20182]  ? vfs_read+0x47f/0x6f0
[  592.138017][T20182]  ? __rcu_read_unlock+0x4f/0x70
[  592.138056][T20182]  ? __fget_files+0x184/0x1c0
[  592.138126][T20182]  ksys_write+0xda/0x1a0
[  592.138202][T20182]  __x64_sys_write+0x40/0x50
[  592.138219][T20182]  x64_sys_call+0x2cdd/0x2fb0
[  592.138233][T20182]  do_syscall_64+0xd2/0x200
[  592.138244][T20182]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  592.138291][T20182]  ? clear_bhb_loop+0x40/0x90
[  592.138302][T20182]  ? clear_bhb_loop+0x40/0x90
[  592.138315][T20182]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  592.138381][T20182] RIP: 0033:0x7f2dc43ed3df
[  592.138390][T20182] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  592.138401][T20182] RSP: 002b:00007f2dc2a57030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  592.138456][T20182] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f2dc43ed3df
[  592.138464][T20182] RDX: 0000000000000001 RSI: 00007f2dc2a570a0 RDI: 0000000000000006
[  592.138471][T20182] RBP: 00007f2dc2a57090 R08: 0000000000000000 R09: 0000000000000000
[  592.138478][T20182] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  592.138485][T20182] R13: 0000000000000000 R14: 00007f2dc4615fa0 R15: 00007ffe89b7b348
[  592.138514][T20182]  </TASK>
[  592.385344][T14838] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  592.425042][T20194] vlan2: entered allmulticast mode
[  592.447011][T20184] loop6: detected capacity change from 0 to 128
[  592.454916][T20184] EXT4-fs (loop6): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  592.469346][T20200] sd 0:0:1:0: device reset
[  592.572712][T20215] loop5: detected capacity change from 0 to 1024
[  592.593349][T20215] EXT4-fs: Ignoring removed nobh option
[  592.599010][T20215] EXT4-fs: Ignoring removed bh option
[  592.613193][T20218] vhci_hcd: default hub control req: 800f v0000 i0000 l31125
[  592.614953][T20219] loop7: detected capacity change from 0 to 1024
[  592.630419][T20215] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  592.658373][T20219] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  592.672470][T20215] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  592.682031][T20219] ext4 filesystem being mounted at /369/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  592.697704][T20219] EXT4-fs error (device loop7): ext4_map_blocks:816: inode #15: block 1: comm syz.7.5088: lblock 1 mapped to illegal pblock 1 (length 8)
[  592.722328][T20219] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 8 with error 117
[  592.734698][T20219] EXT4-fs (loop7): This should not happen!! Data will be lost
[  592.734698][T20219] 
[  592.857415][T20239] loop0: detected capacity change from 0 to 512
[  592.865935][T20239] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002]
[  592.874080][T20239] System zones: 1-12
[  592.878182][T20239] EXT4-fs error (device loop0): dx_probe:791: inode #2: comm syz.0.5096: Directory hole found for htree index block 0
[  592.891473][T20239] EXT4-fs (loop0): Remounting filesystem read-only
[  592.898102][T20239] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -117
[  592.906588][T20239] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[  592.915111][T20239] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  592.932664][T20239] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000.
[  592.953285][T12154] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  593.024269][T20244] loop0: detected capacity change from 0 to 512
[  593.043846][T20244] ext4 filesystem being mounted at /493/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  593.333126][T20272] loop4: detected capacity change from 0 to 512
[  593.333730][T20271] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5109'.
[  593.349068][T20271] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[  593.350204][T20272] ext4 filesystem being mounted at /499/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  593.371366][T20271] netlink: 'syz.5.5109': attribute type 2 has an invalid length.
[  593.382937][T20271] netlink: 'syz.5.5109': attribute type 9 has an invalid length.
[  593.390730][T20271] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.5109'.
[  593.403755][T20271] $Hÿ: renamed from bond0 (while UP)
[  593.411940][T20271] $Hÿ: entered promiscuous mode
[  593.417090][T20271] bond_slave_0: entered promiscuous mode
[  593.422825][T20271] bond_slave_1: entered promiscuous mode
[  593.440469][T20274] loop6: detected capacity change from 0 to 128
[  593.456709][T20274] EXT4-fs (loop6): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  593.467377][T12941] ==================================================================
[  593.475552][T12941] BUG: KCSAN: data-race in pollwake / pollwake
[  593.481685][T12941] 
[  593.483992][T12941] write to 0xffffc9000139b9e0 of 4 bytes by task 14838 on cpu 1:
[  593.491684][T12941]  pollwake+0xb6/0x100
[  593.495731][T12941]  __wake_up_sync_key+0x52/0x80
[  593.500560][T12941]  anon_pipe_write+0x8ba/0xaa0
[  593.505307][T12941]  vfs_write+0x4a0/0x8e0
[  593.509536][T12941]  ksys_write+0xda/0x1a0
[  593.513763][T12941]  __x64_sys_write+0x40/0x50
[  593.518338][T12941]  x64_sys_call+0x2cdd/0x2fb0
[  593.523034][T12941]  do_syscall_64+0xd2/0x200
[  593.527517][T12941]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  593.533389][T12941] 
[  593.535696][T12941] write to 0xffffc9000139b9e0 of 4 bytes by task 12941 on cpu 0:
[  593.543389][T12941]  pollwake+0xb6/0x100
[  593.547435][T12941]  __wake_up_sync_key+0x52/0x80
[  593.552266][T12941]  anon_pipe_write+0x8ba/0xaa0
[  593.557012][T12941]  vfs_write+0x4a0/0x8e0
[  593.561239][T12941]  ksys_write+0xda/0x1a0
[  593.565468][T12941]  __x64_sys_write+0x40/0x50
[  593.570050][T12941]  x64_sys_call+0x2cdd/0x2fb0
[  593.574709][T12941]  do_syscall_64+0xd2/0x200
[  593.579195][T12941]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  593.585068][T12941] 
[  593.587370][T12941] value changed: 0x00000000 -> 0x00000001
[  593.593063][T12941] 
[  593.595366][T12941] Reported by Kernel Concurrency Sanitizer on:
[  593.601505][T12941] CPU: 0 UID: 0 PID: 12941 Comm: syz-executor Not tainted 6.16.0-rc4-syzkaller #0 PREEMPT(voluntary) 
[  593.612428][T12941] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  593.622481][T12941] ==================================================================