last executing test programs:

1m13.884674668s ago: executing program 32 (id=45):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xb, 0xb76e}, 0x100002, 0x0, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)
truncate(&(0x7f0000000040)='./file0\x00', 0x0)

1m0.20764711s ago: executing program 33 (id=236):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ff"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000380), 0x1, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='kfree\x00', r1, 0x0, 0x2}, 0x18)
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00')
r2 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
write$binfmt_misc(r2, &(0x7f0000000180)="e502", 0x2)
execveat(r2, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

59.834052515s ago: executing program 34 (id=244):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x37, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0xd}, 0x4c58, 0x10000, 0x0, 0x1, 0x8, 0x20002, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x101000)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000001a80)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x7, 0x0, 0x0, 0x0, 0x12, 0x14, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac120a1a93c5240f45f819e01177d3d458dd4992861ac00", "91be8b1c551265406c7f306003d8a0f4bd004ab3fde500", [0x9, 0x800000000000007b]}}) (fail_nth: 3)

52.939674242s ago: executing program 35 (id=311):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f00000009c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000093850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r1 = fsopen(&(0x7f00000001c0)='devpts\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)

51.198862459s ago: executing program 36 (id=337):
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0a040000000000000049619e6ea66f7b471d000004000000dd0000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x2, &(0x7f0000000500)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}, {0x5, 0x1, 0x72, 0x8}]})
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1b73404, 0x0)
munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)

50.223983674s ago: executing program 0 (id=350):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0xe, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8a, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x6c, &(0x7f0000000040)={@link_local, @local, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x5e, 0x0, 0x0, 0x0, 0x2f, 0x0, @private, @empty}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x6558, 0x0, 0x0, [0x0]}, {0x0, 0x0, 0x0, 0x0, 0x11}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [0x0, 0xffff]}, {0x8, 0x88be, 0x0, {{}, 0x1, {0x3600}}}, {0x8, 0x22eb, 0x0, {{}, 0x2, {0x0, 0xffff}}}}}}}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='qdisc_create\x00', r7}, 0x10)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0xf, "0000000000000000000100000e00"}}}]}, 0x48}}, 0x0)
r9 = syz_io_uring_setup(0x521d, &(0x7f00000001c0)={0x0, 0x1ca3, 0x0, 0x0, 0x296}, &(0x7f00000002c0), &(0x7f0000000340))
io_uring_register$IORING_REGISTER_FILES(r9, 0x2, &(0x7f0000000380)=[r1, r5, r4, r2, r3, r7, r6], 0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x1, &(0x7f0000000100)=@raw=[@jmp={0x5, 0x0, 0x9, 0x0, 0x6, 0xfffffffffffffe88}], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1, @void, @value}, 0x94)
io_setup(0x3ff, &(0x7f0000000500)=<r10=>0x0)
io_destroy(r10)
io_getevents(r10, 0x9, 0x0, 0x0, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x481, 0x0)
r11 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r11, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
close(0x3)
ftruncate(0xffffffffffffffff, 0xc17a)
r12 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000340)={'syz_tun\x00'})
socket$xdp(0x2c, 0x3, 0x0)

50.070784727s ago: executing program 37 (id=351):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10) (async, rerun: 64)
sendmsg$AUDIT_USER_AVC(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000600)=ANY=[@ANYBLOB="1400000053040c"], 0x14}, 0x1, 0x0, 0x0, 0x20000001}, 0x4000050) (rerun: 64)
socket$netlink(0x10, 0x3, 0xf)

50.051257087s ago: executing program 0 (id=353):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[], 0x48)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8, 0x0, 0x20, 0xffd0}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x0}, @generic={0x66, 0x8}, @initr0, @exit, @alu={0x6, 0x0, 0x3, 0xa, 0x0, 0x2}, @printk={@x, {}, {}, {}, {}, {0x5, 0x0, 0xb, 0xa}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)

49.978327658s ago: executing program 0 (id=354):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94) (async)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0) (async)
r2 = semget$private(0x0, 0x3, 0x401)
semop(r2, &(0x7f00000011c0)=[{0x0, 0x7fff, 0x1800}, {0x1, 0x8001, 0x1000}], 0x1f4)
semctl$SETALL(r2, 0x0, 0x11, &(0x7f0000001580)=[0x5])
semop(r2, &(0x7f00000000c0)=[{0x4, 0xc2b8, 0x800}, {0x3, 0xc, 0x1000}, {0x0, 0x1, 0x1000}, {0x2, 0x5, 0x1800}, {0x2, 0x59, 0x3800}, {0x3, 0x7, 0x1000}, {0x4, 0x9, 0x1000}], 0x7)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a00000095"], &(0x7f0000000440)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10) (async)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r4)
sendmsg$TIPC_CMD_SHOW_PORTS(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001640)={0x1c, r5, 0x1}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x0) (async)
r6 = socket$unix(0x1, 0x1, 0x0)
getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r7=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r7, 0x0) (async)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000100)={0x0, <r8=>0x0}, &(0x7f0000000200)=0xc)
setresuid(0xee01, r7, r8) (async)
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="540000001000010471bc30b00000000100000000", @ANYRES32=0x0, @ANYBLOB="fff00000000000002c0012800e00010069703667726574617000000018000280140007002001001000000000000000000000000208000a00f0"], 0x54}}, 0x0)

49.784173941s ago: executing program 0 (id=356):
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0a040000000000000049619e6ea66f7b471d000004000000dd0000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x2, &(0x7f0000000500)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}, {0x5, 0x1, 0x72, 0x8}]})
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1b73404, 0x0)
munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)

49.742502852s ago: executing program 0 (id=357):
shmdt(0x0)
syz_clone3(&(0x7f0000001340)={0x200000, 0x0, 0x0, 0x0, {0x7}, 0x0, 0x0, 0x0, 0x0}, 0x58)

49.498070625s ago: executing program 0 (id=362):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r2, 0x0, 0x178}, 0x18)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/86, 0x328000, 0x1000, 0x22e}, 0x1c)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x41, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0xea, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000006c0)='kmem_cache_free\x00', r4, 0x0, 0x2000}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
recvmsg(r5, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)

49.458013536s ago: executing program 38 (id=362):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r2, 0x0, 0x178}, 0x18)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/86, 0x328000, 0x1000, 0x22e}, 0x1c)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x41, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0xea, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000006c0)='kmem_cache_free\x00', r4, 0x0, 0x2000}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r5=>0xffffffffffffffff})
recvmsg(r5, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)

48.601348199s ago: executing program 8 (id=372):
move_mount(0xffffffffffffffff, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x2000000000000)

48.51700011s ago: executing program 8 (id=373):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
creat(0x0, 0xd931d3864d39ddd8)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
dup3(r0, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
move_mount(r0, &(0x7f0000000100)='./bus\x00', r1, &(0x7f00000000c0)='./bus\x00', 0x14)
sendfile(r1, r0, 0x0, 0x7ffff000)

48.214798475s ago: executing program 8 (id=375):
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00"/13], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='xprtrdma_post_send\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffc}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
munlockall()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r0}, 0x10)
openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
writev(r1, &(0x7f0000000480)=[{&(0x7f0000000040)="93d90400000300", 0x7}, {&(0x7f0000000140)="139776ff030370", 0x7}, {&(0x7f0000000700)="f34563fad3788f962da090c5ab351de95e6c84c7a02808f6c3794bee057fe9a5c1250a3ffa5c1de06e69f586a1c05938bbe5e16c2bc77e229688c0c6b69d73250823f8a2c9cc3ac7fa9fe023f1be69049a42fcace81df9b9e155407f681b0c49a20941b6d2103b72d4c0d3a7b70e7ac63fa6e25dd0eed08b036069e52abba411cb7992c8955a786ae05912e949fe20be8d454841a652aadc02529f6ccd7982e43d4a45897e36593424a335ff8954de87658b6ffeb2cb40f577277152fd69891184982345dcc03da7c966c70cd5660d8421f11ad86e6b3148054a334b0803e88582", 0xe1}, {&(0x7f0000000240)="a2671b1599b12aa8fac6aef03a233ff1623b7b325b2fbd03755ff609e6a22dd8008a498836e5d797019e65f6597db44ba4", 0x31}, {&(0x7f0000000880)="84bbfcfd856a69ddc567aed96a08a3fd984c86ba2b0801f90549f282c537f9ecc68a2d6f3c242965c92b9958b037eca4d3e06e0646ecf5292c87fc7315a8c4dcedb62e08bec2933e83a225b737e2cb8acce87bc9fe0a89c7688d96bb7becc97c886988ff41e802e5e861a930398807602c0ba4d9d68ec9061c1782aaaec9744264add43aeb2105ae5846b492af2ee499af19c078e176d4bf690c410204dcc1f3ad19054fbccdf49a382f33efb4fedc2d3b85f69391cc8a9be0125ee48e0797cfab0860ed15a56e5f444f550475110874ba9708ad732e542632720c6ffffef486f64b", 0xe2}], 0x5)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, 0x0)
syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a82)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
quotactl$Q_QUOTAON(0xffffffff80000200, 0x0, 0x0, 0x0)
capget(&(0x7f00000014c0)={0x20080522}, &(0x7f0000001500)={0x9, 0x4, 0x2, 0x2, 0x4, 0xe})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r2)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)={0x44, 0x0, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xe}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x804}, 0x880)
sendmsg$NLBL_MGMT_C_ADDDEF(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc00000000001080002000500000014000600ff01000a00f2f3f31f000a0000000001060001"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)

48.120157457s ago: executing program 8 (id=377):
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0a040000000000000049619e6ea66f7b471d000004000000dd0000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x2, &(0x7f0000000500)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}, {0x5, 0x1, 0x72, 0x8}]})
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1b73404, 0x0)
munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
r1 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS2(r1, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)

48.069528907s ago: executing program 8 (id=378):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a00)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xc94284a3061bb7fe, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x450, 0x65, 0x2, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_bpf={{0x8}, {0x414, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_CLASSID={0x8, 0x3, {0x0, 0xfff1}}, @TCA_BPF_ACT={0xd4, 0x1, [@m_simple={0x30, 0x1e, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_ctinfo={0xa0, 0x1b, 0x0, 0x0, {{0xb}, {0x74, 0x2, 0x0, 0x1, [@TCA_CTINFO_ZONE={0x6, 0x4, 0x401}, @TCA_CTINFO_ACT={0x18, 0x3, {0xd, 0x6, 0x3, 0x101, 0x1}}, @TCA_CTINFO_ACT={0x18, 0x3, {0x8, 0x8, 0x5, 0x0, 0x9}}, @TCA_CTINFO_PARMS_DSCP_MASK={0x8, 0x5, 0x8}, @TCA_CTINFO_ZONE={0x6, 0x4, 0x400}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0xffffffb4}, @TCA_CTINFO_ZONE={0x6, 0x4, 0x3}, @TCA_CTINFO_ACT={0x18, 0x3, {0x0, 0x0, 0xe, 0x8, 0x512ce089}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc}}}]}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_FD={0x8}, @TCA_BPF_ACT={0x318, 0x1, [@m_tunnel_key={0x120, 0x18, 0x0, 0x0, {{0xf}, {0x58, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x3, 0x697, 0x1, 0x4, 0x100}, 0x2}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @broadcast}, @TCA_TUNNEL_KEY_NO_CSUM={0x5, 0xa, 0x1}, @TCA_TUNNEL_KEY_NO_CSUM={0x5}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x20}}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0x4}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0x3, @local}, @TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @loopback}]}, {0x99, 0x6, "39a11532c68866bc11f78348e628abc1ad84d1601df6ec416cf625f90a17a99b39a666020afde2a4e1ff54842056996ead43539758b141e01d4feddfa4f2d6608c468e5ca2264f490beef1d6e6cd9490307b7f21c63dbf597bf51d59a885bce4d88f91e5cc855b5137d18436c7291010c45e671d1962c7f9d9878bd386815376eaafbcd8c812489e208ac096ea8f25cdf925c16ed1"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_connmark={0x160, 0x7, 0x0, 0x0, {{0xd}, {0x90, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x8, 0xf, 0xb411d50005397f39, 0xa, 0x10001}, 0x9e61}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x7ce, 0xa, 0x0, 0x5, 0x1}, 0x7fff}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xfe1, 0xc0000, 0x1, 0x3, 0x5}, 0x5}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x28d4483e, 0xa41, 0x20000000, 0x8, 0x14eb}, 0x2}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x4a3, 0x6, 0x7, 0x1c05, 0x4}, 0x1000}}]}, {0xa2, 0x6, "79bfcd7af533d072a8c29f36e68ab9904831686d6cd3390377cca5e53a8926070630448b3fc4cd7c92ec53371be4232497d515edab99ceda9fe783a4517aa76f458d17bb770e71e0ba14efb8375ac49ead1660b083f443d1ffcecd5197019986b82c2d3c1f0d2b0de14eead0041991bd7874be9402d799e64d44c3fe6d48dd4a8f6782a95c290cea018ba0470c73b3032f66a39bf3cba21d7301df8362d3"}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}, @m_vlan={0x94, 0xf, 0x0, 0x0, {{0x9}, {0x4}, {0x66, 0x6, "01f4310969d021b8053bb1aca7e8d7615c1d03580900c583f834dae8ea05e484960378a34a6b952d073cc12d15ce11e941d47c907715c5f99ee7525bcab58cfe612fa780af8ced2963cf55b3491748a46eec685aebc1e625b20a01ecf302ae7d7ed9"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x450}, 0x1, 0x0, 0x0, 0x81}, 0x20000080)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
mkdir(&(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x45)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f00000002c0)=@md0, 0x0, &(0x7f0000000780)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000300), 0x4001, 0x0)

46.497262852s ago: executing program 8 (id=386):
r0 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000b40)={&(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000800)="e9", 0x9500}, {&(0x7f00000017c0)="ea0189bdebb0c16d420ee9b95082abd6431cc7afc22c4a6b8adecef68f76bd81a86e89f9c80e5c868a12b09e80ba8c01eb3f4b7be71f9fc2355c336cedc15eb778e3a3b35c3f72629ea4d9ae42cf4c17255815fb8a47aafd8b8ff0c202b4e09f7c42811261b5e113fcce27b4329ccb792df14b7d6dcfaf2cf8dbb51946e89c862e9252731f680ec50326fc16386aeefe654bac24", 0x94}], 0x2, &(0x7f0000000100)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xd}, @loopback}}}], 0x20}, 0xe900) (fail_nth: 8)

46.496973052s ago: executing program 39 (id=386):
r0 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000b40)={&(0x7f0000000080)={0x2, 0x4e20, @multicast1}, 0x10, &(0x7f0000000000)=[{&(0x7f0000000800)="e9", 0x9500}, {&(0x7f00000017c0)="ea0189bdebb0c16d420ee9b95082abd6431cc7afc22c4a6b8adecef68f76bd81a86e89f9c80e5c868a12b09e80ba8c01eb3f4b7be71f9fc2355c336cedc15eb778e3a3b35c3f72629ea4d9ae42cf4c17255815fb8a47aafd8b8ff0c202b4e09f7c42811261b5e113fcce27b4329ccb792df14b7d6dcfaf2cf8dbb51946e89c862e9252731f680ec50326fc16386aeefe654bac24", 0x94}], 0x2, &(0x7f0000000100)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xd}, @loopback}}}], 0x20}, 0xe900) (fail_nth: 8)

44.273175416s ago: executing program 9 (id=406):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000180)='kfree\x00', r1}, 0x18)
r2 = syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
mremap(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46dad33", "2607080d7f4fcf00fd4ef2dece6c7c58"}, 0x28)
sendmsg$inet(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f00000001c0)='n7', 0x2}, {&(0x7f0000001700)="e3", 0x1}], 0x2}, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='freezer.self_freezing\x00', 0x275a, 0x0)
r5 = creat(&(0x7f0000000140)='./file0\x00', 0x0)
r6 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r6, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
close(0x3)
ftruncate(0xffffffffffffffff, 0xc17a)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000340)={'syz_tun\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r8, {}, {}, {0xfff3}}}, 0x24}, 0x1, 0x1000000000000}, 0x0)
fallocate(r5, 0x0, 0x0, 0x9)
setuid(0xee01)
fallocate(r4, 0x0, 0x0, 0x10fff9)
ioctl$EXT4_IOC_MOVE_EXT(r4, 0xc028660f, &(0x7f0000000040)={0xc, r5, 0x8, 0x0, 0x2})
fallocate(r2, 0x4, 0x695d, 0x7)

43.533337257s ago: executing program 9 (id=413):
perf_event_open(&(0x7f0000000000)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0xfffffffd, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x3, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x302, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x7, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x40)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mount_setattr(0xffffffffffffffff, 0x0, 0x8900, &(0x7f00000005c0)={0x0, 0x1, 0x80000}, 0x20)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'veth1_vlan\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000780)=@getchain={0x24, 0x11, 0x1, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0xffee, 0xfff1}, {0xfff1, 0xffff}, {0x0, 0xe}}}, 0x24}}, 0x40000)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=@ipv6_getaddr={0x18, 0x16, 0x3c2be10bca706f15, 0x0, 0x0, {0x2}}, 0x18}}, 0x8054)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x20)

42.624899992s ago: executing program 9 (id=421):
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000200), 0x8)
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000240)={<r1=>0x0, 0xfffffffe}, &(0x7f0000000280)=0x8)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32, @ANYBLOB="0000000008000000000000000000000001000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000005c0)={r2}, 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000016c0)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7, 0x0, 0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x10}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x9}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_KEY={0x4}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xc4}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x6, 0x11, &(0x7f0000000100)=ANY=[@ANYBLOB="180200000001000000000000000000008500000041000000b708000000000000c38af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f00000002c0)={r1, 0x9e}, 0x8)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
recvfrom$packet(r0, &(0x7f00000003c0)=""/103, 0x67, 0x100, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$inet6_int(r5, 0x29, 0x16, &(0x7f0000fcb000), 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r6}, 0x10)
setsockopt$inet6_int(r5, 0x29, 0x16, &(0x7f0000fcb000)=0x80, 0x4)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x5, 0x8, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
read$rfkill(r9, &(0x7f0000000040), 0x8)
pread64(r9, &(0x7f0000000140)=""/66, 0x42, 0x9)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x4, 0xd, &(0x7f0000000180)=ANY=[@ANYRESOCT=r7, @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback=0x17, r9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r10}, 0x10)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000000), r4)

42.623711761s ago: executing program 9 (id=423):
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0a040000000000000049619e6ea66f7b471d000004000000dd0000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x2, &(0x7f0000000500)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}, {0x5, 0x1, 0x72, 0x8}]})
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1b73404, 0x0)
munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)

42.590931902s ago: executing program 9 (id=425):
r0 = memfd_secret(0x80000)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000040)={0xe7, 0x6, 0x7fffffff})
setsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x5, &(0x7f0000000000)=0x1, 0x4)
bind$rxrpc(0xffffffffffffffff, &(0x7f00000000c0)=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e22, @loopback}}, 0x24)

42.516346493s ago: executing program 9 (id=426):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0)
shmdt(0x0)
syz_clone3(&(0x7f0000001340)={0x200000, 0x0, 0x0, 0x0, {0x7}, 0x0, 0x0, 0x0, 0x0}, 0x58)

42.516202523s ago: executing program 40 (id=426):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, 0x0)
shmdt(0x0)
syz_clone3(&(0x7f0000001340)={0x200000, 0x0, 0x0, 0x0, {0x7}, 0x0, 0x0, 0x0, 0x0}, 0x58)

24.565043531s ago: executing program 5 (id=729):
r0 = socket$key(0xf, 0x3, 0x2)
add_key$keyring(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xffffffffffffffff)
setregid(0xee00, 0xee00)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000800b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
write$binfmt_script(r3, &(0x7f0000002240)={'#! ', './file0/file0'}, 0x11)
close(r3)
execve(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(0xffffffffffffffff, 0x28, 0x1, &(0x7f0000000000)=0x4e9, 0x8)
sendmsg$key(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000340)={0x2, 0x9, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x17, 0x32, 0x20, 0x0, @in6={0xa, 0x4e22, 0x973, @mcast1, 0x4}}]}, 0x38}}, 0x0)

24.280577095s ago: executing program 5 (id=731):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0xea, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000006c0)='kmem_cache_free\x00', r1, 0x0, 0x2000}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0x1}], 0x1}, 0x0)
recvmsg(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)

24.112535948s ago: executing program 5 (id=733):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x3, &(0x7f00000000c0)=0x401, 0x4)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SURVEY(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="a90303000000000000003200001008004001"], 0x1c}}, 0x4004050)

24.008316229s ago: executing program 5 (id=736):
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0a040000000000000049619e6ea66f7b471d000004000000dd0000000a00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x2, &(0x7f0000000500)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}, {0x5, 0x1, 0x72, 0x8}]})
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f0000000680)='./file0/../file0/../file0/../file0\x00', 0x0, 0x1b73404, 0x0)
munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x6de4, &(0x7f0000000180)={0x0, 0x113a, 0x2, 0x2}, &(0x7f00000000c0), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS2(r2, 0xf, &(0x7f00000024c0)={0x2, 0x0, 0x0, &(0x7f0000000080)=[{0x0}, {&(0x7f0000000240)=""/191, 0xbf}], &(0x7f0000002480)=[0x0, 0x2]}, 0x20)

23.98714833s ago: executing program 5 (id=739):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0xf0b, 0x3, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {0xfff1, 0xfff2}, {0x2, 0xffff}, {0xfff3, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_WASH={0x8, 0xd, 0x1}, @TCA_CAKE_MPU={0x8, 0xe, 0xca}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x20044045}, 0xc090)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES16=r0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000000)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000600)='kfree\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="02002cbd7000fedbdf250b00000004000b00"], 0x18}, 0x1, 0x0, 0x0, 0x10}, 0x4040024)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000500), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_256={{0x304}, '\x00', "acba84f0a6731f234db1cc7f3f382ad796bd667cb12ea99509873931d2873103", "0f9dafb4", "ec3fff9afd96e6c0"}, 0x38)

23.507536757s ago: executing program 5 (id=748):
r0 = syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0x14806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x700, &(0x7f0000000a40)="$eJzs3V2P21gZB/D/STJJJoWqAlStqm7ndMpKUzGkTmabKipIGOckY0jiyPbAjIS0KnRmNWqmQFskmpt2bniRli/A3d5wwYdYiQuu9lvAFUgrEBJiBUJGPrbzMnEykzadbtn/b7Qbx358zuNjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU8qi0FdyMJm7Oq3MlrBcQ4T8oFvFWNPutr4xCLof/WsfV6NtVFMOPIgYXLl+6++VcJll/TsIvAosW+Pjp4MG9fn//0Rlis1i4+NcJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJTPvfL1qGDX5nUK0owGUPWvbbrftbkvHhIvDmDvygx9EAcrsSHlw2N/fGsvnWVobh0GVlOQz48FhUPW0za0a1WqlUq1Warfrt+8YRm5qhhESxhCmIpZ+0NIbZrkncKKXkLEa/zH+JIA2iuhiB7uQqT8WGnDhoDNjeSzp/9+5pebWO97/J738ymjxFej+/1r07dqs/n9GLhJSr5C2RMyYv9jPis5I4jGeYoAHuIc++tjHoyWULSHXXrqEvBG35FLymfnTgkIXNjw4sNGBiRa+CBnPkaijhhoMvIdtNOFBogkbbSh42IMHHyo8ovJhpgomfDhwIbEBCzchUUEddWxBQqGMPTjYQRctNGDiX0EQHOBQt/tWnM/zlK1GElSZsREF5JLjbh/VOVs7q///4bNo7bj/N9j/f15Fx0Eh+vh4XgzRZ0AQX/8vaO3VZENEREREREREr4LQv30X+q/ybwMI0LTbypiIKby27IiIiIiIiIhoGQSCAq5CRHfl422I6et/IiIiIiIiInqzCf2MnQBQ0jf1i9HjUmf5JUD2HFIkIiIiIiIiopekn/y/lgcCfZf/GsRC1/9ERERERERE9Ab41dgY+7lsPMZukPxZPwNg7c8F8dHfCnBXxHFv96viyAyXmEdxzNQdAH7zirgYD9SrP/IA9DdLXRVxbRL4Z/Lbh9AnB+lj/T8PIkII90QC+ex4ATMSEGHNtVz8DR/gerTK9Xic+fuDDPSSaEThUtNuq7LltO9WYJoXM77a9X/28PDngDvczoPD/n75Rz/u39e5HIezjo/CQp9NpJNJb4xRLk/0eAv6mYu00Y1X0Uyq/HW3UxK6XiPZ/izMo8x4RfN2QG0ViLbyF1iP9tl6EMWWBsMR9wWwpgd/qJT1LpvYendFjLKonNzytB0xY8uLOosbUcyNjRvRR9ImYTkZUfxaFqiWp/fBRBbV8SxObwvx9xPtPz8LiGLYFlthFn8ICzqRxfc/ilbe6u0mw2OcJYupo4CI6HU5GPVCehDzqTH2k+4hOamdvd9BDojPcjN691EtQdx/JL37k98GUQ+VBXLx3ybSa0n6FYRn9A2hy8lHA7rnrqSc0Y3yp0EQmBeLGD+j/zcIkg0yFujdjoMgOHlG//3oHUhx2lNZ/DsIgrsV3ZP85kSv+mG4wocz6/Xa1SyKKODJ0U/0APih9/ff339YrW7VjHcN43YVK/p/FeKPLNj3EBHRlNPfsaMjMnMixLu4HpVx/f5f34mmJnq8L8W3FGi3gD7uYzN5hcBaeqklHOCb/4huQ9iMrlqB9VL0WRrIy5fuhle1w9hDkdNveNmceVWn+9IoVt/eUB3GJu8dOnkFOIrdesV7gYiI6Hytz+iHgYn+H5P9f3Gi/9/ERhSxcSX1urs0dkvhZnJ1PLykH1w4To2tnJ78t5bcGERERJ8Tyv1ElPxfCte1e+9V6vWK6W8r6TrWd6VrN1pK2l1fuda22W0p2XMd37Gctuy5KNirypPeTq/nuL5sOq7sOZ69q9/8LuNXv3uqY3Z92/J6bWV6SlpO1zctXzZsz5K9nW+3bW9buXplr6csu2lbpm87Xek5O66lylJ6So0F2g3V9e2mHU52Zc+1O6a7J7/ntHc6SjaUZ7l2z3eiApO67G7TcTu62DKChV90SERE9P/o8dPBg3v9/v6jkxOr4aV5NOcYM2KmJ/IpBXKMICIios+YUXe9wErFV5gQERERERERERERERERERERERERERERERFNOf2RvgUnVtIeFgSGc356MZ6D5xg9YjhVjsDL5vOp+0c9sN+LrJ5ZtNLkkYjBg4/nBK8O5yTNPx5zvEiluAS8cPv85QvABT0H0ZzcEg+A6edHl36MpU184yBq0VkxemHqosJwX+SW/59DOPHwd9OLRNjyQRAE81cvTLZh/uzHcw7Ao/ycXbB6yvFz3mciIjpv/wsAAP//eO06pA==")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000500000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000c0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000b70400000000000085000000430000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f00000004c0)='dctcp\x00', 0x6)
bind$inet6(r3, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r3, &(0x7f0000000240)=':', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000040)='yeah\x00', 0x5)
shutdown(r3, 0x1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup(r5)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x7}, 0x1c)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x4, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', r7}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
futimesat(r0, &(0x7f0000000000)='./file1\x00', 0x0)

23.490814297s ago: executing program 41 (id=748):
r0 = syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0x14806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x700, &(0x7f0000000a40)="$eJzs3V2P21gZB/D/STJJJoWqAlStqm7ndMpKUzGkTmabKipIGOckY0jiyPbAjIS0KnRmNWqmQFskmpt2bniRli/A3d5wwYdYiQuu9lvAFUgrEBJiBUJGPrbzMnEykzadbtn/b7Qbx358zuNjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU8qi0FdyMJm7Oq3MlrBcQ4T8oFvFWNPutr4xCLof/WsfV6NtVFMOPIgYXLl+6++VcJll/TsIvAosW+Pjp4MG9fn//0Rlis1i4+NcJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJTPvfL1qGDX5nUK0owGUPWvbbrftbkvHhIvDmDvygx9EAcrsSHlw2N/fGsvnWVobh0GVlOQz48FhUPW0za0a1WqlUq1Warfrt+8YRm5qhhESxhCmIpZ+0NIbZrkncKKXkLEa/zH+JIA2iuhiB7uQqT8WGnDhoDNjeSzp/9+5pebWO97/J738ymjxFej+/1r07dqs/n9GLhJSr5C2RMyYv9jPis5I4jGeYoAHuIc++tjHoyWULSHXXrqEvBG35FLymfnTgkIXNjw4sNGBiRa+CBnPkaijhhoMvIdtNOFBogkbbSh42IMHHyo8ovJhpgomfDhwIbEBCzchUUEddWxBQqGMPTjYQRctNGDiX0EQHOBQt/tWnM/zlK1GElSZsREF5JLjbh/VOVs7q///4bNo7bj/N9j/f15Fx0Eh+vh4XgzRZ0AQX/8vaO3VZENEREREREREr4LQv30X+q/ybwMI0LTbypiIKby27IiIiIiIiIhoGQSCAq5CRHfl422I6et/IiIiIiIiInqzCf2MnQBQ0jf1i9HjUmf5JUD2HFIkIiIiIiIiopekn/y/lgcCfZf/GsRC1/9ERERERERE9Ab41dgY+7lsPMZukPxZPwNg7c8F8dHfCnBXxHFv96viyAyXmEdxzNQdAH7zirgYD9SrP/IA9DdLXRVxbRL4Z/Lbh9AnB+lj/T8PIkII90QC+ex4ATMSEGHNtVz8DR/gerTK9Xic+fuDDPSSaEThUtNuq7LltO9WYJoXM77a9X/28PDngDvczoPD/n75Rz/u39e5HIezjo/CQp9NpJNJb4xRLk/0eAv6mYu00Y1X0Uyq/HW3UxK6XiPZ/izMo8x4RfN2QG0ViLbyF1iP9tl6EMWWBsMR9wWwpgd/qJT1LpvYendFjLKonNzytB0xY8uLOosbUcyNjRvRR9ImYTkZUfxaFqiWp/fBRBbV8SxObwvx9xPtPz8LiGLYFlthFn8ICzqRxfc/ilbe6u0mw2OcJYupo4CI6HU5GPVCehDzqTH2k+4hOamdvd9BDojPcjN691EtQdx/JL37k98GUQ+VBXLx3ybSa0n6FYRn9A2hy8lHA7rnrqSc0Y3yp0EQmBeLGD+j/zcIkg0yFujdjoMgOHlG//3oHUhx2lNZ/DsIgrsV3ZP85kSv+mG4wocz6/Xa1SyKKODJ0U/0APih9/ff339YrW7VjHcN43YVK/p/FeKPLNj3EBHRlNPfsaMjMnMixLu4HpVx/f5f34mmJnq8L8W3FGi3gD7uYzN5hcBaeqklHOCb/4huQ9iMrlqB9VL0WRrIy5fuhle1w9hDkdNveNmceVWn+9IoVt/eUB3GJu8dOnkFOIrdesV7gYiI6Hytz+iHgYn+H5P9f3Gi/9/ERhSxcSX1urs0dkvhZnJ1PLykH1w4To2tnJ78t5bcGERERJ8Tyv1ElPxfCte1e+9V6vWK6W8r6TrWd6VrN1pK2l1fuda22W0p2XMd37Gctuy5KNirypPeTq/nuL5sOq7sOZ69q9/8LuNXv3uqY3Z92/J6bWV6SlpO1zctXzZsz5K9nW+3bW9buXplr6csu2lbpm87Xek5O66lylJ6So0F2g3V9e2mHU52Zc+1O6a7J7/ntHc6SjaUZ7l2z3eiApO67G7TcTu62DKChV90SERE9P/o8dPBg3v9/v6jkxOr4aV5NOcYM2KmJ/IpBXKMICIios+YUXe9wErFV5gQERERERERERERERERERERERERERERERFNOf2RvgUnVtIeFgSGc356MZ6D5xg9YjhVjsDL5vOp+0c9sN+LrJ5ZtNLkkYjBg4/nBK8O5yTNPx5zvEiluAS8cPv85QvABT0H0ZzcEg+A6edHl36MpU184yBq0VkxemHqosJwX+SW/59DOPHwd9OLRNjyQRAE81cvTLZh/uzHcw7Ao/ycXbB6yvFz3mciIjpv/wsAAP//eO06pA==")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000500000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000c0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000b70400000000000085000000430000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f00000004c0)='dctcp\x00', 0x6)
bind$inet6(r3, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r3, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r3, &(0x7f0000000240)=':', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000040)='yeah\x00', 0x5)
shutdown(r3, 0x1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup(r5)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x7}, 0x1c)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x4, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000001640)='kfree\x00', r7}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
futimesat(r0, &(0x7f0000000000)='./file1\x00', 0x0)

16.954982889s ago: executing program 2 (id=849):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000140), 0xfc, 0x560, &(0x7f00000008c0)="$eJzs3d9rW1UcAPDvTdut+6HtYAz1QQp7cDKXrq0/JvgwH0WHA33XkGRlNF1Gk461Dtwe3IsvMgQRB6Lvvvs4/Af8KwY6GDKKPuwlctObLluTNu3StVs+H7jtOffe9Jxv7v2enpubkAAG1kT6IxfxakR8l0SMtW0bjmzjxOp+Kw+uFdMliUbjs3+SSLJ1rf2T7PehrPJKRPzxTcTJ3Pp2a0vLc4VKpbyQ1Sfr85cna0vLpy7OF2bLs+VL0zMzZ96ZmX7/vXf7Fuub5//78dM7H5359vjKD7/dO3IribNxONvWHsdTuN5emYiJ7DkZibNP7DjVh8b2kmS3O8C2DGV5PhLpGDAWQ1nWd9QYe5ZdA3bY12laAwMqkf8woFrzgNa1fZ+ug58b9z9cvQBaH//w6msjMdq8Njq4kjx2ZZRe7473of20jd//vn0rXaJ/r0MAbOr6jYg4PTy8fvxLsvFv+073sM+TbRj/4Nm5k85/3uo0/8mtzX+iw/znUIfc3Y7N8z93rw/NdJXO/z7oOP9du2k1PpTVXmrO+UaSCxcr5XRsezkiTsTI/rS+wf2cL3MrdxvdNrbP/9Ilbb81F8z6cW94/+OPKRXqhacKus39GxGvdZz/JmvHP+lw/NPn43yPbRwr336927bN499ZjV8i3uh4/B/d0Uo2vj852TwfJltnxXr/3jz2Z7f2dzv+9Pgf3Dj+8aT9fm1t6238PPqw3G3bds//fcnnzfK+bN3VQr2+MBWxL/lk/frpR49t1Vv7p/GfOL7x+Nfp/D+QJnaP8d88erN919Gtxb+z0vhLWzr+Wy/c/firn7q139vxf7tZOpGt6WX867WDT/PcAQAAAAAAwF6Ti4jDkeTya+VcLp9ffX/H0TiYq1Rr9ZMXqouXStH8rOx4jORad7rH2t4PMZW9H7ZVn36iPhMRRyLi+6EDzXq+WK2Udjt4AAAAAAAAAAAAAAAAAAAA2CMORYx2+vx/6q+h3e4dsOM2+Mpv4AXXPf+zLf34pidgT/L/HwaX/IfBJf9hcMl/GFzyHwaX/IfBJf9hcG0l/389t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPn0qWx8uBaMa2XriwtzlWvnCqVa3P5+cVivlhduJyfrVZnK+V8sTq/2d+rVKuXp6Zj8epkvVyrT9aWlr+Yry5eethYVR55JlEBAAAAAAAAAAAAAAAAAADA86W2tDxXqFTKCwoK2yoM741uKPS5sNsjEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA88n8AAAD//75iP7A=")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
unshare(0x22020400)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000) (fail_nth: 3)

16.602557304s ago: executing program 2 (id=853):
r0 = syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0x14806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x700, &(0x7f0000000a40)="$eJzs3V2P21gZB/D/STJJJoWqAlStqm7ndMpKUzGkTmabKipIGOckY0jiyPbAjIS0KnRmNWqmQFskmpt2bniRli/A3d5wwYdYiQuu9lvAFUgrEBJiBUJGPrbzMnEykzadbtn/b7Qbx358zuNjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU8qi0FdyMJm7Oq3MlrBcQ4T8oFvFWNPutr4xCLof/WsfV6NtVFMOPIgYXLl+6++VcJll/TsIvAosW+Pjp4MG9fn//0Rlis1i4+NcJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJTPvfL1qGDX5nUK0owGUPWvbbrftbkvHhIvDmDvygx9EAcrsSHlw2N/fGsvnWVobh0GVlOQz48FhUPW0za0a1WqlUq1Warfrt+8YRm5qhhESxhCmIpZ+0NIbZrkncKKXkLEa/zH+JIA2iuhiB7uQqT8WGnDhoDNjeSzp/9+5pebWO97/J738ymjxFej+/1r07dqs/n9GLhJSr5C2RMyYv9jPis5I4jGeYoAHuIc++tjHoyWULSHXXrqEvBG35FLymfnTgkIXNjw4sNGBiRa+CBnPkaijhhoMvIdtNOFBogkbbSh42IMHHyo8ovJhpgomfDhwIbEBCzchUUEddWxBQqGMPTjYQRctNGDiX0EQHOBQt/tWnM/zlK1GElSZsREF5JLjbh/VOVs7q///4bNo7bj/N9j/f15Fx0Eh+vh4XgzRZ0AQX/8vaO3VZENEREREREREr4LQv30X+q/ybwMI0LTbypiIKby27IiIiIiIiIhoGQSCAq5CRHfl422I6et/IiIiIiIiInqzCf2MnQBQ0jf1i9HjUmf5JUD2HFIkIiIiIiIiopekn/y/lgcCfZf/GsRC1/9ERERERERE9Ab41dgY+7lsPMZukPxZPwNg7c8F8dHfCnBXxHFv96viyAyXmEdxzNQdAH7zirgYD9SrP/IA9DdLXRVxbRL4Z/Lbh9AnB+lj/T8PIkII90QC+ex4ATMSEGHNtVz8DR/gerTK9Xic+fuDDPSSaEThUtNuq7LltO9WYJoXM77a9X/28PDngDvczoPD/n75Rz/u39e5HIezjo/CQp9NpJNJb4xRLk/0eAv6mYu00Y1X0Uyq/HW3UxK6XiPZ/izMo8x4RfN2QG0ViLbyF1iP9tl6EMWWBsMR9wWwpgd/qJT1LpvYendFjLKonNzytB0xY8uLOosbUcyNjRvRR9ImYTkZUfxaFqiWp/fBRBbV8SxObwvx9xPtPz8LiGLYFlthFn8ICzqRxfc/ilbe6u0mw2OcJYupo4CI6HU5GPVCehDzqTH2k+4hOamdvd9BDojPcjN691EtQdx/JL37k98GUQ+VBXLx3ybSa0n6FYRn9A2hy8lHA7rnrqSc0Y3yp0EQmBeLGD+j/zcIkg0yFujdjoMgOHlG//3oHUhx2lNZ/DsIgrsV3ZP85kSv+mG4wocz6/Xa1SyKKODJ0U/0APih9/ff339YrW7VjHcN43YVK/p/FeKPLNj3EBHRlNPfsaMjMnMixLu4HpVx/f5f34mmJnq8L8W3FGi3gD7uYzN5hcBaeqklHOCb/4huQ9iMrlqB9VL0WRrIy5fuhle1w9hDkdNveNmceVWn+9IoVt/eUB3GJu8dOnkFOIrdesV7gYiI6Hytz+iHgYn+H5P9f3Gi/9/ERhSxcSX1urs0dkvhZnJ1PLykH1w4To2tnJ78t5bcGERERJ8Tyv1ElPxfCte1e+9V6vWK6W8r6TrWd6VrN1pK2l1fuda22W0p2XMd37Gctuy5KNirypPeTq/nuL5sOq7sOZ69q9/8LuNXv3uqY3Z92/J6bWV6SlpO1zctXzZsz5K9nW+3bW9buXplr6csu2lbpm87Xek5O66lylJ6So0F2g3V9e2mHU52Zc+1O6a7J7/ntHc6SjaUZ7l2z3eiApO67G7TcTu62DKChV90SERE9P/o8dPBg3v9/v6jkxOr4aV5NOcYM2KmJ/IpBXKMICIios+YUXe9wErFV5gQERERERERERERERERERERERERERERERFNOf2RvgUnVtIeFgSGc356MZ6D5xg9YjhVjsDL5vOp+0c9sN+LrJ5ZtNLkkYjBg4/nBK8O5yTNPx5zvEiluAS8cPv85QvABT0H0ZzcEg+A6edHl36MpU184yBq0VkxemHqosJwX+SW/59DOPHwd9OLRNjyQRAE81cvTLZh/uzHcw7Ao/ycXbB6yvFz3mciIjpv/wsAAP//eO06pA==")
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x4, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000500000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000c0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000b70400000000000085000000430000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f00000004c0)='dctcp\x00', 0x6)
bind$inet6(r2, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r2, &(0x7f0000000240)=':', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000040)='yeah\x00', 0x5)
shutdown(r2, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00'}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
futimesat(r0, &(0x7f0000000000)='./file1\x00', 0x0)

16.488088136s ago: executing program 2 (id=857):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x94, &(0x7f0000000140)={<r2=>0xffffffffffffffff}, 0x106, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f00000000c0)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0x3dd3, @loopback, 0x34}, {0xa, 0x4e21, 0x6, @rand_addr=' \x01\x00', 0x6}, r2, 0xffffffff}}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x6}]}, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="07000000040000000800000001000000e1998f1359a588a284f4e4c15a795400000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x8, &(0x7f0000000240)=ANY=[], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x33, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r5}, 0x18)
bind$bt_hci(r3, &(0x7f0000000140)={0x1f, 0xffff, 0x2}, 0x6)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000400)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r8}, 0x10)
sendmsg$NFT_BATCH(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a30000000006c000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000400003800800014000000000080002400000fbff2b0003801400010067656e6576653000000000000000000014000100776732000000000000000000c6e49c0f5c000000180a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c0003801400010067656e65766530000000000000000000140001007665"], 0x110}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0xfe, 0x0, 0x7ffc0002}]})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
mknod$loop(&(0x7f0000000080)='./file1\x00', 0x100000000000600d, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="04000000", @ANYRES32=r4, @ANYRESDEC=r8], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000500)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffff11, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88)={{0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x19}, 0x0, 0x0, 0x5, 0xfffffffffffffffd, 0x0, 0x400000000000})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={0x0, 0xffffffffffffffff, 0x0, 0x68e}, 0x18)
r10 = syz_open_dev$sg(0x0, 0x0, 0x0)
openat$cgroup_ro(r9, &(0x7f0000000200)='hugetlb.1GB.usage_in_bytes\x00', 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, r10)

16.416777797s ago: executing program 2 (id=858):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000140), 0xfc, 0x560, &(0x7f00000008c0)="$eJzs3d9rW1UcAPDvTdut+6HtYAz1QQp7cDKXrq0/JvgwH0WHA33XkGRlNF1Gk461Dtwe3IsvMgQRB6Lvvvs4/Af8KwY6GDKKPuwlctObLluTNu3StVs+H7jtOffe9Jxv7v2enpubkAAG1kT6IxfxakR8l0SMtW0bjmzjxOp+Kw+uFdMliUbjs3+SSLJ1rf2T7PehrPJKRPzxTcTJ3Pp2a0vLc4VKpbyQ1Sfr85cna0vLpy7OF2bLs+VL0zMzZ96ZmX7/vXf7Fuub5//78dM7H5359vjKD7/dO3IribNxONvWHsdTuN5emYiJ7DkZibNP7DjVh8b2kmS3O8C2DGV5PhLpGDAWQ1nWd9QYe5ZdA3bY12laAwMqkf8woFrzgNa1fZ+ug58b9z9cvQBaH//w6msjMdq8Njq4kjx2ZZRe7473of20jd//vn0rXaJ/r0MAbOr6jYg4PTy8fvxLsvFv+073sM+TbRj/4Nm5k85/3uo0/8mtzX+iw/znUIfc3Y7N8z93rw/NdJXO/z7oOP9du2k1PpTVXmrO+UaSCxcr5XRsezkiTsTI/rS+wf2cL3MrdxvdNrbP/9Ilbb81F8z6cW94/+OPKRXqhacKus39GxGvdZz/JmvHP+lw/NPn43yPbRwr336927bN499ZjV8i3uh4/B/d0Uo2vj852TwfJltnxXr/3jz2Z7f2dzv+9Pgf3Dj+8aT9fm1t6238PPqw3G3bds//fcnnzfK+bN3VQr2+MBWxL/lk/frpR49t1Vv7p/GfOL7x+Nfp/D+QJnaP8d88erN919Gtxb+z0vhLWzr+Wy/c/firn7q139vxf7tZOpGt6WX867WDT/PcAQAAAAAAwF6Ti4jDkeTya+VcLp9ffX/H0TiYq1Rr9ZMXqouXStH8rOx4jORad7rH2t4PMZW9H7ZVn36iPhMRRyLi+6EDzXq+WK2Udjt4AAAAAAAAAAAAAAAAAAAA2CMORYx2+vx/6q+h3e4dsOM2+Mpv4AXXPf+zLf34pidgT/L/HwaX/IfBJf9hcMl/GFzyHwaX/IfBJf9hcG0l/389t4MdAQAAAAAAAAAAAAAAAAAAAAAAAAAAgBfD+XPn0qWx8uBaMa2XriwtzlWvnCqVa3P5+cVivlhduJyfrVZnK+V8sTq/2d+rVKuXp6Zj8epkvVyrT9aWlr+Yry5eethYVR55JlEBAAAAAAAAAAAAAAAAAADA86W2tDxXqFTKCwoK2yoM741uKPS5sNsjEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA88n8AAAD//75iP7A=")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
unshare(0x22020400)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$getregs(0xc, r0, 0xffffffffffffdcaf, &(0x7f0000000040)=""/45)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = signalfd(0xffffffffffffffff, &(0x7f0000000500)={[0x5]}, 0x8)
name_to_handle_at(r3, &(0x7f0000004740)='\x00', &(0x7f0000004780)=ANY=[@ANYBLOB='\f'], &(0x7f00000047c0), 0x1200)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000001700)="e3fbc9f7e155a6e294f68078cb808c435b48612e93b0d69d1f21fd5564a9f18f996475fb64e12884979b5882a07d51ec37cab390561644521d18773068ad0fc0f6f8df2bb545c05fbfda35eefcf88a020063a2bf6468b302b9831678e59677adb2ec28d0caf29931cf5993e1ce3ba4cf655cf53218d9887589289e133b54050621892724d74ce07d912407878f2a4ec7a10be378467499f110fe42cfa93c4883db8d2c5155a0d94b828405a9de0e8ffae65c255df6ee1e807dd8fa8d384184f735fbc4e62d27f288c6c9c94477590c7ff4eb93131ebb0d6d5dfa82dbafd6a6bd0cc56bc8d7af7e4246389c34a239b98ec85073c76da59b1fe73f14c72c5fa25e77ce2d5849ad97c74e15826752d1d571e6d9377fe1dd1c794795216f2614d25d9a2a019c3f88b59dc971df962e0250e89263a6c3cbaa9f2b0c5d83cffd423c89b83783109d05b53831ba44e31971b5a5444e816b19e16ad69106d8d7339ed0b5707218728ea071db4f59aea059410e48dc0c210eb84552eaa5ff6aa127c9dc3312a6e0bd4eb3eac8bf7b9c4e158fcc69d371246d807fbeabcfb33e9268025d3dd4cdfbdb0e178cdb63493251915b8fcf933b9ac872818fc255fcc6e4d9fcd7cc6e5071928e7f1a5738321897b0d277f0bb661ea6d25d7f6f2b38273561593d62fc363cc77de0352ea0bee8b98ca55474fa1c69d476adb25ae2ab5357008d03c236294544f79039057a5b30d130c2149e755f2b61907e1cd54a56dc53e3c8471e81f83f5e8d97a5474015d24ec97a074394afa27408a73b8e765b79faf100ea3dd0c98fbfa3d113ffe56c0ffd1a30415e82b34cce8289eb6d01ed59fe6a6b0c99a00e4563c0c0c4fecd127fa357c0e12bfed2a1ac23643d91fd4daf12494bd0a8ac520886efe0caea86fe820b1e79b614fec63737d4930508e037ac05fb254fc362b39cd9b341df7d8504a13b8af2055ea1778c6043c119465f79c118e8080941bcbc0c65ba0cb25e1be8de94207dcb3d2863828a6b17f5a37fd64553ecb6d99879e38af6f3b2da109433c0b75faf20de6ee0ae823b17d1462de38d91f6d5292f02276dbf744ff835dee75532659087e91e5c873b321511b7dd74e86813b4ba4a99394559898206e29f149a53acf0483c0a150c5d1a9a050341c3f1822470381408ff787a2486ea81c6128f1b33ab8fb38e4491fd643ef1fb3efa333b5dbc8fb92daf0b957c19513a838355abcf40ddf272d88e2740dc390b94ee82a5b72a1e7c55ff6ee034d8010702dce3de159a34620b5216d3308e0cd64709cd7f4d5b026f4b81d7d43d8acb36c2251ac576b0ca9411e41eb6ba1d1871845ddcd4d95aa876d0baea1a00b59d68a00e191b59f751e54edecbc4aa0df7585e868a055efdb1dee40921d13d55dfb51f1b245ae2b91fad099e510b75b25daac3d2c529b9bdecf5ab6abcbc99c8f2358f60341eec86a4bd6a9cf0df4004124e31a4cc2e2e3c5cf53a90ee16bb4c6c49e9f50c993a8aa575b0b8e018b608f2321bc64afbace952457246dc8a3e4fc9a6c12a7d7d2779e4333072d4ef27d6e0cc2d1a6990a8376dc5dcd488888d9e436b566ecc63fe715b051859119b1399ef9c905fd63874175e5eeab2361bbfe6247921663c4c20bf6db22bf87477886f6778627bd6d5deffd7042c9b12b9a5448ef2425607e7b08fb984239750595e29f8cc241b238531824a6ba35747df767f1ce58403013394ba85a74871660d7e3e479ab54f2163662a9ffd385764bba475f87d56e191a87e1512afa51b41f664425dc0eccb202080327c8160a677054d5430e2af640d4f1bbf1c8e6d38ca007db30e52ae51781d27f5c760797601abecf3622e370f39edacfa7a8559bd1a5a2db1f0eb202f49f84f14231f593baed4ca821886654fbc735350a8e75b9e31493f200bbfb3824cce202f218c216310bb9d9e5621e03fd6df18b8bbf43f5eb29a1e1a7b8eb12bb28228bc536973f70f50b6c4e9663c12e861bc58d376b2a47298fd72f12e8af2970a806db26649be9876f7963fcdec769265a44048e6332e2dcd73b0637b5079c7f3c50e74bc43317f87bcb08bb0d307a9b85eb236dba7b7529be680454a76992d36fd9a8dab504f2a954ab14b40872460df0480845e307df07e80307920e5079196d14bc68e657f5d322265c6b4408b39e6a9c435ed485752cbb51a1bae60c86dd11579db163f453bacb9e34bc1b4c11498ea5dd95e8e7b8e57af0c66100745892cb16ec12dbdaa462487273bdb582a05376797c2732be2dc63e094442556be6ea8faf70e12834b7e724d516e3d6480b07b0b7c255b1c1079cb0809e84017ecd8116abe2d6cad207669a2104c9754fb265f6c7b01c5af50814d9f7f6bab90ba9010daa18c04e886939a6fde3e1e49f3823f41ee338f3ad24625143b01963bb9da90d60045604045ca4066634cf4da26b13b0a246d5f6e7a4d3e6de02aac171053c978cb6562d31b2eda0a4df9a8c54d6f0c35d59fba466208d0d9d8a38e968f0c116ebe05a7f681d74fa778fc9d3b098cc3181bb66ae6ac5ed3b13f4a4ab741bfcea12f6b7e5faf64d109fdb5d1fe812cd3fbb477146da300e021b161a1a2456993adfc0c7e7acf71f39a0dcc53dc27660a5e2ef022d334af9478b70aeb40667a20f6842630acf5e25a16efe6f377cedc969ec158878985f76a65af80a54c9d6d5d7585017f18376aa67cf8f5086f60e527268ddd87a75bf440fabb97b273d2a5d12c343c27e67968225d3575f4fa4c2de3618388e7a21acfd2ba7a9df2a195c2a36f627a55f34a8de492f584bef2dfe95ae2f1fd1f8ca9daf85d8de0567eca0303574667bfff7210224b42180646b32b4cfc7c839b5d58f07ae83ce978ded9006619a5900428f4b051b6a539d6234e4aff0bf34c1602fc52d18dd8fa9b65341a843cef1e5160fa1d80d80a1236b14a4b524f472c6b2bb8296e8960c76398394a916df1e9c503256e14325b3dfc6a4ef123132db25a6dbe375525bc56a13067d2f93f6b4b767a4c24e52c716f87fec09875329d47bce4a0f10f7ad897cdc432b04eb1713466613657ba4fe490faa78f1ab3e309fc4ef98c9696e7bb9b32ee7f7c683697efdd78090d68efa86709c3dd49b7a25bccb368f527db6f950c33208c1c2428b702725211cd2094be97656d1695edacab73cfae2403b176fea2a4345b82f9a77946f945eb1555fa233d30d8cc6a836e02d721500f4cb1ae4f2a9e9ae0220a8b1ac5771e9c99dead7877bbbe04ee3b68b0e149deb9cbb09717e57ea163b5ad4cffcd73c83e06773fed4775e8a3a2fbaee8062ea42a72e9e63bde2d648c55984bf80d79da38eeff0e43a62a6c68122235fb8879d114932c19d951bfd3b9f56a20b069bbe630d7530c8fa203000418114489238d3648ee5350abd01eecd0ca952a049bc9e8b89ca6868f453bcda45462af52137ad0f4e354c6ce5e606b9a2a288036e524b403ebc5860a8ed0e282f8337321d855579900918f1f545cec1df3389e96d39a8ffe94e934f71f922a8af2cca5ce04a0e0af87532114d7cfd014938ee3b51ad3b4d64a918ffda6fe9975563e9159ed189e161849922109b799fa29a0f963fd244f", 0xa01}], 0x1}, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$bt_hci(r4, 0x84, 0x80, &(0x7f0000002100)=""/4127, &(0x7f0000000000)=0x101f)
openat$cgroup_ro(r3, &(0x7f0000000180)='blkio.throttle.io_serviced\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f00000003c0)='sched_switch\x00'}, 0x18)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000200009500000000000000"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r7 = socket$packet(0x11, 0x2, 0x300)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @mcast2}, 0x1c)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'veth1_to_hsr\x00', <r8=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r6, r8, 0x25, 0x0, @val=@netfilter}, 0x40)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r8}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x0, 0x0)
r9 = getpid()
r10 = syz_pidfd_open(r9, 0x0)
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f0000000000), 0x1, 0xbd9, &(0x7f0000001800)="$eJzs3M1rHOcZAPBnRquVbKtduZRSt4eqlGJD6VpykalLoXZx6aWHQnstWJVXRmj9gaTiStZh1f4DbZJzIJdAEpOQQ3z2JSG55pLY14QcAiYoVkJCSBRmP6SNtCvLkVajyL8fzM77zju7z/NokOZ9xe4G8MQayR7SiBMRcSmJKDWPpxFRrLcGI2qN81ZXliY/XVmaTGJt7W8fJZFExMOVpcnWayXN/bHs4af1Z8bbf0ziB//dGnduYXFmolqtzDb7p+ev3jg9t7D46+mrE1cqVyrXxs7+dvzM+NnRc+N7Vuvn752/88nP//xB7YsXv7z98dPPJ3E+hppj7XXUfbZWt5t4IzGy/jNpV4iIid288AHS16ynvc6k8IgnpT1OCgCArtK2OdyPohR9sTF5K8Xr7+SaHAAAALAn1voi1gAAAIBDLrH+BwAAgEOu9T6AhytLk60t33ck7K8HFyJiuFH/anNrjBSiVt8PRn9EHH2YRPvHWpPG03ZtJCLev3/ulWyLTp9D7rHackT8uNP1T+r1D9c/xb21/jQiRvcg/sim/nep/vN7ED/v+gF4Mt290LiRbb3/pevzn+hw/yt0uHd9G3nf/1rzv9Ut87+N+vu6zP/+usMYt1549ma3saz+39/508utLYuf7XdV1GN4sBzxk0Kn+pP1+pMu9V/aYYzSVzcr3cbyrn/tuYiT0bn+lmT77yc6PTVdrYw2HjvGWH5r/KVu8fOuP7v+R7vU3/r+p27X/8YOY/zj4sVXtxy8v9Hcvv70w2Ly93qr2Dzy74n5+dmxiGLyl63Hz2yfS+uc1mtk9Z/6xfa//53qz/4m1Jo/h2wtsNzcZ/3/bIr5h9u3XuuWT2v9l+f1v9zl+rfX/2Zh6/X/3w5j/PKNp051G2tf/2ZbFr+1FgYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAljQihiJJy+vtNC2XI45FxA/jaFq9Pjf/q6nr/7p2ORuLGI7+dGq6WhmNiFKjn2T9sXp7o39mU/83EXE8Ip4pHan3y5PXq5fzLh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB1xyJiKJK0HBFpRKyW0rRczjsrAAAAYM8N550AAAAA0HPW/wAAAHD4Wf8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQY8d/dvdesulYsbnvzyEfYP+keScA5KYv7wSA3BTyTgDIzWOu8U0X4BDa/D/AzQa7jgzseS4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHFwnT9y9l0RE7XdH6lum2BzrzzUzoNfStnaSYx7A/uvbbrCwf3kA+8+vODy5rPGBR639BzfOqX1zZKBnOQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw8AzVtyQtR0SxeaxcjvheRAxHfzI1Xa2MRsT3I+LdUv9A1h/LOWcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD23tzC4sxEtVqZzRppNBvrR3rQ6GtG7mGI3jSSRt61g5LP4W4M/H8hjW3P+WfsMkQxDkSlB7SR518lAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyMrewODNRrVZm5/LOBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMjb3MLizES1WpntYSPvGgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyM/XAQAA//9Dmwrq")
setns(r10, 0x24020000)

16.22516126s ago: executing program 2 (id=860):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000002c0)={'ip6tnl0\x00', &(0x7f0000000340)=@ethtool_eeprom={0xb, 0x4, 0x1}})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r2}, &(0x7f0000000800), &(0x7f0000000840)=r3}, 0x20)
r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_IP_XFRM_POLICY(r4, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0xfffffffffffffffd}, {0x0, 0x0, 0x1}}, {{@in=@rand_addr=0xfffffffd, 0x0, 0x6c}, 0x0, @in6=@dev, 0x3}}, 0xe8)
syz_emit_ethernet(0x3e, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa0800450000300000000000019078ac1e0001e0070000000000000000000045000000000000000000000064010102ac1e0001dda767662b08ef3538c801e46d4a7b77c57aa33ec9b522cc0eb8d797631d08cb"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r5}, 0x10)
r6 = gettid()
process_vm_writev(r6, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/246, 0xf6}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xfffffec0}], 0x1, 0x0)
socket(0x11, 0x80000, 0x8)

14.999319469s ago: executing program 2 (id=878):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0xea, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000006c0)='kmem_cache_free\x00', r1, 0x0, 0x2000}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0x1}], 0x1}, 0x0)
recvmsg(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)

14.87399546s ago: executing program 42 (id=878):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)='%ps    \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0xea, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000006c0)='kmem_cache_free\x00', r1, 0x0, 0x2000}, 0x18)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)="86", 0x1}], 0x1}, 0x0)
recvmsg(r2, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)

2.272954565s ago: executing program 3 (id=1125):
sendto$inet6(0xffffffffffffffff, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa2", 0x89, 0x0, 0x0, 0x0)
r0 = socket$igmp6(0xa, 0x3, 0x2)
getpeername$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000040)=0x1c)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000001400002c00128009000100626f6e64000000001c00028008000b00042000000500060000"], 0x4c}}, 0x0)

2.015411359s ago: executing program 3 (id=1139):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
dup3(r0, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
move_mount(r0, &(0x7f0000000100)='./bus\x00', r1, &(0x7f00000000c0)='./bus\x00', 0x14)
sendfile(r1, r0, 0x0, 0x7ffff000)

1.485639368s ago: executing program 3 (id=1144):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000080000000c"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
futimesat(0xffffffffffffffff, &(0x7f0000000000)='./file1\x00', 0x0)

1.408260039s ago: executing program 3 (id=1145):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'veth0_vlan\x00', @random="0106002010ff"})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
perf_event_open(&(0x7f00000002c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, @perf_bp={0x0, 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000380)=0x5, 0x12)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r2, 0x8, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
syz_clone(0x40801100, 0x0, 0x0, 0x0, 0x0, 0x0)

1.212835872s ago: executing program 4 (id=1151):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x2, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x2041, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000080)={0x49df, 0x0, 0x0, 0x35, 0x10, "ec28a144f13d7607"})
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
syz_open_pts(r0, 0x149340)
r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
perf_event_open$cgroup(&(0x7f0000000140)={0xa, 0x80, 0xfd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xa}, 0x0, 0x2000000000, 0x3400000, 0x4, 0x2, 0x0, 0x10, 0x0, 0xc12, 0x0, 0x3}, r1, 0x0, 0xffffffffffffffff, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000000)=0x44)
r2 = socket$kcm(0x21, 0x6, 0x2)
sched_setscheduler(0x0, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000023000000850000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000000380)='cma_alloc_start\x00', r3}, 0x18)
creat(0x0, 0x5c351178c085b978)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000160000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000980)='mm_page_free\x00', r5, 0x0, 0xffffffffffffffff}, 0x18)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)
mount$9p_tcp(0x0, &(0x7f0000000300)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x8, 0x0)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmmsg$inet_sctp(r6, &(0x7f0000000b80)=[{&(0x7f00000004c0)=@in={0x2, 0x4e21, @rand_addr=0x64010100}, 0x10, &(0x7f00000008c0)=[{&(0x7f0000000040)="af", 0x1}], 0x1, &(0x7f0000000240)=ANY=[@ANYBLOB="20000000000000008400000008000000ff020000000000000000000000000001180000000000000084000000050000003000000002000000300000000000000002050002000000060000000e090000df000000050000003ebe3a3c000000000000000000", @ANYRES32=0x0, @ANYBLOB="200000000000000084000000080000000000000000000000000000000000000018000000000000008400000005000000000000000500000018000000000000008400000007000000e00000020000000018000000000000008400000000000000"], 0xd0, 0x10a0}], 0x1, 0x24000001)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1a, 0x4, 0x4, 0x2, 0x534, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e22, @empty}}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffe5e}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0x8000)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000340)=[@timestamp], 0x1)
timer_create(0x7, &(0x7f0000000680)={0x0, 0x31}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0)

1.109495913s ago: executing program 6 (id=1155):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x88f, &(0x7f00000003c0)={0x0, 0xaee2, 0x0, 0x2, 0xbf9ffffc}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r2, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r2, 0x47f6, 0x0, 0x2, 0x0, 0x0)

969.060816ms ago: executing program 3 (id=1156):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r1}, 0x10)
r2 = syz_io_uring_setup(0x88f, &(0x7f00000003c0)={0x0, 0xaee2, 0x0, 0x2, 0xbf9ffffc}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r2, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r2, 0x47f6, 0x0, 0x2, 0x0, 0x0)

907.423637ms ago: executing program 6 (id=1157):
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00'}, 0x10)
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x2, 0x13, 0x0, 0x9, 0x2, 0x0, 0x70bd25}, 0x10}}, 0x4)

885.557327ms ago: executing program 6 (id=1158):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000340)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@max_batch_time={'max_batch_time', 0x3d, 0x9}}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x5, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000b00)=@newtfilter={0x190, 0x2c, 0xd27, 0x70bd25, 0x7ffd, {0x0, 0x0, 0x0, r6, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x160, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x1c, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}]}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x49}]}]}, @TCA_FLOWER_KEY_CT_ZONE={0x6, 0x5d, 0x5}, @TCA_FLOWER_KEY_ENC_OPTS_MASK={0x114, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x3c, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x3000000}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0xfffffffffffffc1e, 0x1, 0xc00}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0xff}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5ac}]}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x2c, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x86}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x40006}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x8}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x19d}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xe7}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x46}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x0, 0x3, 0xe}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x17}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x22}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x0, 0x2, 0x93}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x81}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xb5}]}]}, @TCA_FLOWER_KEY_ARP_THA={0xa, 0x41, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x37}}, @TCA_FLOWER_KEY_TCP_SRC={0x6}, @TCA_FLOWER_KEY_ICMPV6_CODE={0x2e}]}}]}, 0x190}, 0x1, 0x0, 0x0, 0x80}, 0x800)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[], 0x0, 0x56, 0x0, 0x3, 0x0, 0x0, @void, @value}, 0x28)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r7, 0x84, 0x1b, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e21, 0x20d, @dev={0xfe, 0x80, '\x00', 0x40}, 0x6}], 0x1)
r8 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000006040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x84}, 0x4800)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/557, 0x1)

804.820478ms ago: executing program 7 (id=1159):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000b00)=@newtfilter={0x190, 0x2c, 0xd27, 0x70bd25, 0x7ffd, {0x0, 0x0, 0x0, r5, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x160, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x1c, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}]}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x49}]}]}, @TCA_FLOWER_KEY_CT_ZONE={0x6, 0x5d, 0x5}, @TCA_FLOWER_KEY_ENC_OPTS_MASK={0x114, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x3c, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x3000000}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0xfffffffffffffc1e, 0x1, 0xc00}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0xff}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5ac}]}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x2c, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x86}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x40006}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x8}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x19d}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xe7}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x46}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x0, 0x3, 0xe}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x17}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x22}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x0, 0x2, 0x93}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x81}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xb5}]}]}, @TCA_FLOWER_KEY_ARP_THA={0xa, 0x41, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x37}}, @TCA_FLOWER_KEY_TCP_SRC={0x6}, @TCA_FLOWER_KEY_ICMPV6_CODE={0x2e}]}}]}, 0x190}, 0x1, 0x0, 0x0, 0x80}, 0x800)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[], 0x0, 0x56, 0x0, 0x3, 0x0, 0x0, @void, @value}, 0x28)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r6, 0x84, 0x1b, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e21, 0x20d, @dev={0xfe, 0x80, '\x00', 0x40}, 0x6}], 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x84}, 0x4800)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
r7 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r8 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/557, 0x1)
ioctl$LOOP_CHANGE_FD(r7, 0x4c00, r8)

791.254449ms ago: executing program 7 (id=1160):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
dup3(r0, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
move_mount(r0, &(0x7f0000000100)='./bus\x00', r1, &(0x7f00000000c0)='./bus\x00', 0x14)
sendfile(r1, r0, 0x0, 0x7ffff000)

757.914749ms ago: executing program 3 (id=1161):
socketpair$unix(0x1, 0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff})
open_by_handle_at(r0, &(0x7f0000000680)=ANY=[@ANYBLOB="9c000000f800000000000000fb9901022b52f13b0e3ccb6db1aa8fbf7a6075428933d9c2714ae158e5728d030aac87d5ba84cac3270c5ac55ea97aeda52837bb6055e1346c8854d2024e9ccfefe88dcad4b3c640818c2d105470b62d3318b92b518800fc22c37407b11a979bf003af0473073eeae407ccf0bf5f6ad81c72f9e765141f615bb2d7d18f2dc2a6ff7f6148b7cc0ccc1b5bd9a7efbf3557a77e5a297d4ada3154aed1e1d363e9380342b9ad9a1d09bab3c0a7203db709c7037d0722d4832d7fff9b94a98cee7ae063bb22792cc10261234a8ec83d933cadec651a6d173097a3160217d6096bbe173b3dce1549b7ef8b02063454405d5184716e6f4319ee1fd980d82e18be83cb541ba4a9a4f8fc70b571beb5ba9b7c33a9b3bafa59df"], 0x100)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000200)={'gretap0\x00', &(0x7f00000007c0)={'erspan0\x00', <r1=>0x0, 0x7830, 0x20, 0xfffffff8, 0xaa81, {{0xf, 0x4, 0x2, 0x13, 0x3c, 0x66, 0x0, 0xbc, 0x29, 0x0, @broadcast, @remote, {[@timestamp_addr={0x44, 0x1c, 0x80, 0x1, 0x4, [{@loopback, 0x8f1}, {@remote, 0x9}, {@initdev={0xac, 0x1e, 0x1, 0x0}}]}, @rr={0x7, 0xb, 0x3a, [@local, @remote]}]}}}}})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
splice(r2, 0x0, r4, 0x0, 0x1, 0x0)
vmsplice(r4, &(0x7f0000000380)=[{&(0x7f0000000180)="04", 0x1}], 0x1, 0x6)
ioctl$sock_inet_udp_SIOCINQ(r4, 0x541b, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eeb1948bf42bc7fc2cb274849c9524154fa24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a8684853abf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000400000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f500000010000000000944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a808000000000000000562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844892f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42453ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b57"], &(0x7f0000000100)='GPL\x00', 0x7f, 0x0, 0x0, 0x0, 0x0, '\x00', r1, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x2}, 0x10, 0x0, r3, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='mm_page_alloc\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r6 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0000}]})
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
set_robust_list(&(0x7f0000000280)={0x0, 0xc8ac}, 0x18)
r8 = openat$null(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
io_setup(0x7ed, &(0x7f0000000040)=<r9=>0x0)
io_submit(r9, 0x1, &(0x7f0000000640)=[&(0x7f0000000440)={0x18, 0x7000000, 0x4, 0x8, 0x0, r8, 0x0}])
r10 = syz_open_procfs(0x0, &(0x7f0000000100)='fd\x00')
fchdir(r10)
r11 = memfd_create(&(0x7f00000000c0)='v\xa6\xf5lj6,r\xaf\xe8\x10/\xecg\xed\xe3h\x80\xb8!y6w\xda\xdd\xb9\nR\xe8@\x99\xb9\x8a\x0fZ\t\x90\x8bp\x10\x84\x86t\x8a\xba\xc6\xfb\xd2\f\xef&\xad\xa8M\xe8\b\xb0#\xac)\x81\x1e\x8a\f\x11D\x90\xf5\xbb\x1c\xac\xc7\xad\xdc\\\x11\x95\xf8\xe6\xa7\xc3\xbc\x18+\x92\x92N\a\xa7\x7fN\x9bL\xf8\xebQs\x02\xf9\xadi\x8f\x0f\xff\x02n\x9d\x85\xea\x1a*\x1bC\xd8\x1c\xe8\x9bYS', 0x0)
write(r11, &(0x7f0000000300)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r11, 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000, 0x1)
ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f0000000040)=ANY=[@ANYRES64=r0])

697.16838ms ago: executing program 6 (id=1163):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000003400)={0x10, 0x2, &(0x7f0000000080)=ANY=[@ANYBLOB="850000008b00000095000000000000002051f1b62fd878c6675ea0ab705ff76df0b5bf97669e727022f1929194d357ab6b67f61c05bc17e6fb11c7d8b1f976043b8d5dfa893f53532a602b6ec605d75d24a1ef59437be88b0040e063be0df72c52caba90055cfaab9b908c1573e61a535fc65ca55751d11fdfa6571f7454e8634c861028550e120d5d89845df80c97067a142cfc7815676676a712fcf6f8b4bb36a6f51468e02df49900882d6bbdec3f45c04db6e595fbfd7f6bc68252e136637b976114139e87f2708f2a7eb2a479f98f3622ccc6f2ee0ebcbeae064ecc8a87683cdd875f"], &(0x7f0000003240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0xc01)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x0, 0x70, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], 0x0, 0xfff, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xef1c, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='kmem_cache_free\x00', r0, 0x0, 0x2}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x13, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000100850000008600000095"], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000280)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01030000000000000000010000000800010012000000080003"], 0x30}, 0x1, 0x0, 0x0, 0x4000064}, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000580)='virtio_transport_recv_pkt\x00', r2}, 0x18)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
getpeername(0xffffffffffffffff, &(0x7f0000000280)=@ethernet={0x0, @multicast}, &(0x7f00000001c0)=0x80)

646.915671ms ago: executing program 6 (id=1165):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x10000}, 0x0, 0x10000, 0x0, 0x1, 0xa, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@minixdf}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = dup(r0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="580000000206030000000000fffff000000000000900020073797a32000000000500040000000000050005000200000012000300686173683a6e65742c706f727400000005000100070000000c0007800800"], 0x58}}, 0x0)

491.305113ms ago: executing program 1 (id=1166):
r0 = syz_mount_image$iso9660(&(0x7f0000000180), &(0x7f0000000280)='./file0\x00', 0x14806, &(0x7f00000000c0)=ANY=[@ANYRES32=0x0], 0x0, 0x700, &(0x7f0000000a40)="$eJzs3V2P21gZB/D/STJJJoWqAlStqm7ndMpKUzGkTmabKipIGOckY0jiyPbAjIS0KnRmNWqmQFskmpt2bniRli/A3d5wwYdYiQuu9lvAFUgrEBJiBUJGPrbzMnEykzadbtn/b7Qbx358zuNjr896xj4GERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERERQVgNw6gItO3uzq6czWq4Tif5ksXU8qi0FdyMJm7Oq3MlrBcQ4T8oFvFWNPutr4xCLof/WsfV6NtVFMOPIgYXLl+6++VcJll/TsIvAosW+Pjp4MG9fn//0Rlis1i4+NcJmTMEtVTX9hy7Y7aUtD1H1ms149Z205NNu628Pc9XHWm5KuM7rtywbspKvb4lVXnP2em2GmZbJTPvfL1qGDX5nUK0owGUPWvbbrftbkvHhIvDmDvygx9EAcrsSHlw2N/fGsvnWVobh0GVlOQz48FhUPW0za0a1WqlUq1Warfrt+8YRm5qhhESxhCmIpZ+0NIbZrkncKKXkLEa/zH+JIA2iuhiB7uQqT8WGnDhoDNjeSzp/9+5pebWO97/J738ymjxFej+/1r07dqs/n9GLhJSr5C2RMyYv9jPis5I4jGeYoAHuIc++tjHoyWULSHXXrqEvBG35FLymfnTgkIXNjw4sNGBiRa+CBnPkaijhhoMvIdtNOFBogkbbSh42IMHHyo8ovJhpgomfDhwIbEBCzchUUEddWxBQqGMPTjYQRctNGDiX0EQHOBQt/tWnM/zlK1GElSZsREF5JLjbh/VOVs7q///4bNo7bj/N9j/f15Fx0Eh+vh4XgzRZ0AQX/8vaO3VZENEREREREREr4LQv30X+q/ybwMI0LTbypiIKby27IiIiIiIiIhoGQSCAq5CRHfl422I6et/IiIiIiIiInqzCf2MnQBQ0jf1i9HjUmf5JUD2HFIkIiIiIiIiopekn/y/lgcCfZf/GsRC1/9ERERERERE9Ab41dgY+7lsPMZukPxZPwNg7c8F8dHfCnBXxHFv96viyAyXmEdxzNQdAH7zirgYD9SrP/IA9DdLXRVxbRL4Z/Lbh9AnB+lj/T8PIkII90QC+ex4ATMSEGHNtVz8DR/gerTK9Xic+fuDDPSSaEThUtNuq7LltO9WYJoXM77a9X/28PDngDvczoPD/n75Rz/u39e5HIezjo/CQp9NpJNJb4xRLk/0eAv6mYu00Y1X0Uyq/HW3UxK6XiPZ/izMo8x4RfN2QG0ViLbyF1iP9tl6EMWWBsMR9wWwpgd/qJT1LpvYendFjLKonNzytB0xY8uLOosbUcyNjRvRR9ImYTkZUfxaFqiWp/fBRBbV8SxObwvx9xPtPz8LiGLYFlthFn8ICzqRxfc/ilbe6u0mw2OcJYupo4CI6HU5GPVCehDzqTH2k+4hOamdvd9BDojPcjN691EtQdx/JL37k98GUQ+VBXLx3ybSa0n6FYRn9A2hy8lHA7rnrqSc0Y3yp0EQmBeLGD+j/zcIkg0yFujdjoMgOHlG//3oHUhx2lNZ/DsIgrsV3ZP85kSv+mG4wocz6/Xa1SyKKODJ0U/0APih9/ff339YrW7VjHcN43YVK/p/FeKPLNj3EBHRlNPfsaMjMnMixLu4HpVx/f5f34mmJnq8L8W3FGi3gD7uYzN5hcBaeqklHOCb/4huQ9iMrlqB9VL0WRrIy5fuhle1w9hDkdNveNmceVWn+9IoVt/eUB3GJu8dOnkFOIrdesV7gYiI6Hytz+iHgYn+H5P9f3Gi/9/ERhSxcSX1urs0dkvhZnJ1PLykH1w4To2tnJ78t5bcGERERJ8Tyv1ElPxfCte1e+9V6vWK6W8r6TrWd6VrN1pK2l1fuda22W0p2XMd37Gctuy5KNirypPeTq/nuL5sOq7sOZ69q9/8LuNXv3uqY3Z92/J6bWV6SlpO1zctXzZsz5K9nW+3bW9buXplr6csu2lbpm87Xek5O66lylJ6So0F2g3V9e2mHU52Zc+1O6a7J7/ntHc6SjaUZ7l2z3eiApO67G7TcTu62DKChV90SERE9P/o8dPBg3v9/v6jkxOr4aV5NOcYM2KmJ/IpBXKMICIios+YUXe9wErFV5gQERERERERERERERERERERERERERERERFNOf2RvgUnVtIeFgSGc356MZ6D5xg9YjhVjsDL5vOp+0c9sN+LrJ5ZtNLkkYjBg4/nBK8O5yTNPx5zvEiluAS8cPv85QvABT0H0ZzcEg+A6edHl36MpU184yBq0VkxemHqosJwX+SW/59DOPHwd9OLRNjyQRAE81cvTLZh/uzHcw7Ao/ycXbB6yvFz3mciIjpv/wsAAP//eO06pA==")
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002300000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
futimesat(r0, &(0x7f0000000000)='./file1\x00', 0x0)

450.667354ms ago: executing program 7 (id=1167):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x2, 0x13, 0x0, 0x9, 0x2, 0x0, 0x70bd25}, 0x10}}, 0x4)

439.823354ms ago: executing program 1 (id=1168):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x15)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x3, 0x13, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000900000000000000000000001811", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000000000bf090000000000005509010000000000852000000300000095"], 0x0, 0x8, 0x0, 0x0, 0x41100, 0x62, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[], 0x15)
r2 = dup(r1)
write$P9_RLERRORu(r2, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_afonly={0x0}}, 0x20)
write$binfmt_elf64(r2, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
stat(&(0x7f00000001c0)='./file0\x00', &(0x7f00000004c0))

433.730024ms ago: executing program 6 (id=1169):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000005"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r1}, &(0x7f0000000400), &(0x7f00000004c0)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000380)='btrfs_add_block_group\x00', r2, 0x0, 0xe8b}, 0x18)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0400"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="300000000000000000d4c20200"/23], 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x12, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x41, 0x1, 0x0, 0x0, 0x0, 0x5, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x3, 0x800000000003}, 0x1100, 0x5dd8, 0x0, 0x3, 0x0, 0x8, 0xfffb, 0x0, 0x0, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_read_part_table(0x5c8, &(0x7f0000000600)="$eJzs2z1oE2gYB/Anaq6Hwrk4ORzWwclFcTSDlSQqCiHaRRwUFBEzRRAiBAQdbIaWZigdu5RCln5MTcPR4WhpoXMpHXoUOnQ62qXQpTl6fY+7sXdtD4TfD17er3/y5BkyvsF37Vz83u12MxHR7fn3n+5v5QsPr5XulZ9FZOJFRPT++tP04U0mJf761utpv5H242MXOwO7D7Kt9ad7N14uNM6l+89pXJpo95+4Oc7cZG7x8pev1eJgLfdurVjf+ra68mRqJ19uP240px9l779OuaU0X0jzh6jFp3gfr6ISlXgT1VOqP9ravHVwtdiafXt3v9AZmr+dcqUT9nnc+h97h5836303Z66M3KnNLZe3zx/lKv/h3wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP9vMrd4+cvXanGwlnu3VqxvfVtdeTK1ky+3Hzea04+y91/HLz2HuaWUv5DmD1GLT/E+XkUlKvEmqqdUf7S1eevgarE1+/bufqEzNH875Uonb/VY9T/2Dj9v1vtuzlwZuVObWy5vnz/KVXrO6AcAAAAAAAAAAAAAAAAAAABAROQLD6+V7pWfRWTiRUS0f+7786l/N713z6Tc9bTYSOfjYxc7A7sPsq31p3s3Xi40fkvnn9O4NNHu/2edH/5e/nj2XXFcfwQAAP//HQGWmQ==")
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000240000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="200000003e000701fcfffffffedbdf25017c00000c0003"], 0x20}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
pipe(&(0x7f0000000200)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000bc0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xffb}, [@call={0x85, 0x0, 0x0, 0x56}]}, &(0x7f0000000b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x65, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
splice(r5, 0x0, r10, 0x0, 0x400000008000f28, 0x0)
splice(r9, 0x0, r8, 0x0, 0x114, 0xe)
ioctl$sock_inet_sctp_SIOCINQ(r10, 0x541b, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="00010000031401"], 0x100}, 0x1, 0x0, 0x0, 0x4040024}, 0x0)
bind$bt_hci(r0, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
io_setup(0x2, &(0x7f0000002400))

397.938314ms ago: executing program 7 (id=1170):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='freezer.self_freezing\x00', 0x275a, 0x0)
r1 = creat(0x0, 0x0)
fallocate(r1, 0x0, 0x0, 0x9)
fallocate(r0, 0x0, 0x0, 0x10fff9)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000040)={0xc, r1, 0x8, 0x18, 0x2})

391.644475ms ago: executing program 4 (id=1171):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000b00)=@newtfilter={0x190, 0x2c, 0xd27, 0x70bd25, 0x7ffd, {0x0, 0x0, 0x0, r5, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x160, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x1c, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}]}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x49}]}]}, @TCA_FLOWER_KEY_CT_ZONE={0x6, 0x5d, 0x5}, @TCA_FLOWER_KEY_ENC_OPTS_MASK={0x114, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x3c, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x3000000}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0xfffffffffffffc1e, 0x1, 0xc00}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0xff}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5ac}]}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x2c, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x86}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x40006}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x8}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x19d}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xe7}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x46}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x0, 0x3, 0xe}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x17}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x22}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x0, 0x2, 0x93}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x81}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xb5}]}]}, @TCA_FLOWER_KEY_ARP_THA={0xa, 0x41, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x37}}, @TCA_FLOWER_KEY_TCP_SRC={0x6}, @TCA_FLOWER_KEY_ICMPV6_CODE={0x2e}]}}]}, 0x190}, 0x1, 0x0, 0x0, 0x80}, 0x800)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[], 0x0, 0x56, 0x0, 0x3, 0x0, 0x0, @void, @value}, 0x28)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r6, 0x84, 0x1b, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r6, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e21, 0x20d, @dev={0xfe, 0x80, '\x00', 0x40}, 0x6}], 0x1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000006040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x84}, 0x4800)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
r7 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r8 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/557, 0x1)
ioctl$LOOP_CHANGE_FD(r7, 0x4c00, r8)

349.939305ms ago: executing program 1 (id=1172):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18)
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./bus\x00', 0x0, &(0x7f0000002480)=ANY=[], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r2, &(0x7f0000000180)='./bus\x00', 0x0)
renameat2(r2, &(0x7f0000000380)='./file0\x00', r2, &(0x7f0000000200)='./bus/file0\x00', 0x0)

280.734736ms ago: executing program 7 (id=1173):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x6, 0xe7fd}, 0x100002, 0x3, 0xfffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000012c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000340)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@max_batch_time={'max_batch_time', 0x3d, 0x9}}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x5, 0x783, &(0x7f0000001000)="$eJzs3c9rHFUcAPDvbJKmSauJIGg9BQQNlG5Mja2Ch4oHESwU9Gy7bLahZpMt2U1pQg4tIngRVDwIeunZH/Xm1R9X/S88SEvVtFjxIJHZH+222U03bXY3kM8HXva9mdm89903P97sDDsB7FkT6Z9MxKGI+DiJGKtPTyJiqJobjDhRW+72+lo+TUlsbLz9Z1Jd5tb6Wj6a3pM6UC88HRE/fRBxOLO53vLK6nyuWCws1ctTlYXzU+WV1SPnFnJzhbnC4rHpmZmjx186fmznYv3719WD1z954/lvT/z7/lNXP/o5iRNxsD6vOY6dMhET9c9kKP0I7/H6TlfWZ0m/G8BDSTfNgdpWHodiLAaquTZGetkyAKBbNgCAPSgxBgCAPabxPcCt9bV8I/X3G4neuvFaROyvxd+4vlmbM1i/Zre/eh109FZyz5WRJCLGd6D+iYj48vt3v05T1PvBtTSgFy5djogz4xOb9//JpnsWtuuFrWZuDFdfJu6bvNeOP9BPP6Tjn5dbjf8yd8Y/0WL8M9xi230YD97+M9d2oJq20vHfq033tt1uir9ufKBeeqw65htKzp4rFtJ92+MRMRlDw2l5urpo65Hb5M3/brarv3n899en732V1p++3l0ic21w+N73zOYquUeNu+HG5YhnBlvFn9zp/6TN+PdUh3W8+cqHX7Sbl8afxttIm+Pvro0rEc+17P+7fZlseX/iVHV1mGqsFC1899vno+3qb+7/NKX1N84FeiHt/9Gt4x9Pmu/XLG+/jl+ujP3Ybt6D42+9/u9L3qnm99WnXcxVKkvTEfuStzZPP3r3vY1yY/k0/slnW2//tWpbr//pOeGZDuMfvP7HNw8ff3el8c9uq/+3n7l6e36gXf2d9f9MNTdZn9LJ/q/TBj7KZwcAAAAAAAAAAAAAAAAAAAAAAAAAncpExMFIMtk7+Uwmm609w/vJGM0US+XK4bOl5cXZqD4rezyGMo2fuhxr+j3U6frv4TfKR+8rvxgRT0TEZ8Mj1XI2XyrO9jt4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKg70Ob5/6nfh/vdOgCga/b3uwEAQM85/gPA3rO94/9I19oBAPSO838A2Hs6Pv6f6W47AIDecf4PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAl506eTJNG/+sr+XT8uyFleX50oUjs4XyfHZhOZ/Nl5bOZ+dKpbliIZsvLbT9R5dqL8VS6fxMLC5fnKoUypWp8srq6YXS8mLl9LmF3FzhdGGoZ5EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQOfKK6vzuWKxsCSzZWZkdzRj12QGY1c0Q6Zrmea9xEj/dlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9z/AQAA//+MoS4e")
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000b00)=@newtfilter={0x190, 0x2c, 0xd27, 0x70bd25, 0x7ffd, {0x0, 0x0, 0x0, r6, {0x0, 0x7}, {}, {0x7, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0x160, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x1c, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5}]}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0xc, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x49}]}]}, @TCA_FLOWER_KEY_CT_ZONE={0x6, 0x5d, 0x5}, @TCA_FLOWER_KEY_ENC_OPTS_MASK={0x114, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x3c, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x3000000}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0xfffffffffffffc1e, 0x1, 0xc00}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0xff}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x2}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x5ac}]}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x2c, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x86}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x40006}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x8}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x19d}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xe7}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x46}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x0, 0x3, 0xe}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x17}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x34, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0x6}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x22}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x0, 0x2, 0x93}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x81}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0xb5}]}]}, @TCA_FLOWER_KEY_ARP_THA={0xa, 0x41, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x37}}, @TCA_FLOWER_KEY_TCP_SRC={0x6}, @TCA_FLOWER_KEY_ICMPV6_CODE={0x2e}]}}]}, 0x190}, 0x1, 0x0, 0x0, 0x80}, 0x800)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[], 0x0, 0x56, 0x0, 0x3, 0x0, 0x0, @void, @value}, 0x28)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r7, 0x84, 0x1b, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r7, 0x84, 0x64, &(0x7f0000000100)=[@in6={0xa, 0x4e21, 0x20d, @dev={0xfe, 0x80, '\x00', 0x40}, 0x6}], 0x1)
r8 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000006040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x84}, 0x4800)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00'/557, 0x1)

280.434376ms ago: executing program 4 (id=1174):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000008c0)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d00000007000000000000"], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb8af, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000600)='kfree\x00', r1, 0x0, 0x4}, 0x18)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="02002cbd7000fedbdf250b00000004000b00"], 0x18}, 0x1, 0x0, 0x0, 0x10}, 0x4040024)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000500), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_256={{0x304}, '\x00', "acba84f0a6731f234db1cc7f3f382ad796bd667cb12ea99509873931d2873103", "0f9dafb4", "ec3fff9afd96e6c0"}, 0x38)

279.388956ms ago: executing program 1 (id=1175):
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x4, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10030, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x100002, 0x0, 0xedf}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x8205, &(0x7f0000001340)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x15}}, {@stripe}, {@grpid}, {@errors_remount}, {@data_err_ignore}, {@noblock_validity}, {@minixdf}, {@min_batch_time={'min_batch_time', 0x3d, 0x13}}]}, 0x1, 0x60a, &(0x7f0000001c40)="$eJzs3c9rHNcdAPDvzEqqZKuVXYqpTUsFPdhQrB+uqduebF/qg6GG+lBCDhaW5AivbGHJEDuGyJBDAgmEkGsIvuQfyD2YXHMLgSS3nANOCA45JMEbZnbHXla78lrR/pDn84FZvXkzu+999+lp3uzo7QRQWtPZQxpxOCIuJRFTTdsmo75xurHfw+/uXM6WJGq1/32bRNLIK/Z/1Pi5P3tIIsYj4tOzEb+vbC13/dbtqwvVWt2rEbMbq2uz67duH19ZXbiydGXp2vyJf548Nfev+ZPzuxJnEde58//901uvvfSP5c+qx5M4HRdHX1mMljh2y3RMx6NGiM35IxFxKku0eV/2miKEZMD1YGcqjd/H0Yg4FFNRydfqpmLlzYFWDuipWiWiBpRUov9DSRXjgOLcvhfnwcPswZn6CdDW+Efqn43EeH5utO9h0nRmVD/fPbAL5Wdl/HznyHvZEh0+hxjZhXI62bwbEX9sF3+S1+1A/ilOFn8aadPzsvRcRIw13ot0h+VPt6z3+/fvWeJvbocs3tONn1n+2R2WP+j4ASin+2caB/LNbO3J8S8bGRbjn2gz/plsc+zaiUEf/zqP/4rj/Xj+GXnaMg7LxjwX2r/kaGvGV2+ce6dT+c3jv2zJyi/Ggv3w4G7EkZb4X88Hc8nj9k/atH+2y6Uuy/jP59+c67Rt0PHX7kUcbXv+8+SKVpaa3VhdK/Jark/OLq9Ul+bqj23L+OiTFz/oVP6g48/aPzrEv137Z3lrXZbx4YV7q522TT41/vTrseRinhpr5Ly8sLFxYz5iLDnf2KUp/8T2dSn2KV4ji//YX9v3/23izxt6s8v41/5/9WE9tfUqadftv+WvSu5Rrcs6dJLFv7jD9n+7yzJ+eOHmn1uyJorEdvFPbH2ppNv3HAAAAAAAAMooza/BJunM43SazszU5/D+Ifal1evrG39bvn7z2mLEsfz/IUfT4kr3VH09ydbnG/8PW6yfaFn/e0QcjIh3KxP5+szl69XFQQcPAAAAAAAAAAAAAAAAAAAAQ2J/Y/5/cZ/q7yv1+f9d2TjU49oBPdfLG8wBw03/h/LK+/9O7+AK7GmO/1Be+j+Ul/4P5aX/Q3np/1Be+j+Ul/4P5aX/AwAAAMBz6eBf7n+ZRMTmvyfyJTPW2DY60JoBvfbsfXy6J/UA+q/S16cBw+TxpX/T/6F0uhr//9j4csDeVwcYgKRdZj44qG3f+e+3fSYAAAAAAAAAAAAA0ANHD5v/D2WVxseDrgIwIL9iIr/vAIA9zlf/Q3k5xweeNot/vNMG8/8BAAAAAAAAAAAAoG8m8yVJZxq3AJ2MNJ2ZifhtRByI0WR5pbo0FxG/i4gvKqO/ydbnB11pAAAAAAAAAAAAAAAAAAAAeM6s37p9daFaXbrRnPhpS87znSjugjos9WlORNL/QiciYhhi701ipCknidjMWn4oKnZjPYaiGmlejQH/YQIAAAAAAAAAAAAAAAAAgBJqmnvc3pH3+1wjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOi/J/f/33kiecrrDDpGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBv+iUAAP//q+Q5KA==")
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r1}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kmem_cache_free\x00', r3}, 0x10)
r4 = syz_io_uring_setup(0x88f, &(0x7f00000003c0)={0x0, 0xaee2, 0x0, 0x2, 0xbf9ffffc}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r4, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x23456})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
io_uring_enter(r4, 0x47f6, 0x0, 0x2, 0x0, 0x0)

273.164077ms ago: executing program 4 (id=1176):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x1b, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18)
syz_mount_image$vfat(&(0x7f0000001200), &(0x7f0000001240)='./bus\x00', 0x0, &(0x7f0000002480)=ANY=[], 0x1, 0x11f4, &(0x7f0000001280)="$eJzs3M+LG2UYB/DHbWvr1v2h1moL0he96GXo7sGLgiyyBWlAaRuhFYSpO9GQMQmZsBARV09e/TvEozdBvOllL/4N3vbisQdxxMTapsRDqXTa8Plc8pD3/cLzkjDwDvPO0ZvffNrrVFknH8fKE2/FyjAi3UqRYiVu+zJee+PnX166ev3G5Z1Wa/dKSpd2rm29nlJav/DjB59/9/JP49Pvf7/+w8k43Pzw6Pft3w7PHp47+vPaJ90qdavUH4xTnm4OBuP8ZlmkvW7Vy1J6ryzyqkjdflWM5sY75WA4nKS8v7e2OhwVVZXy/iT1ikkaD9J4NEn5x3m3n7IsS2urwYNof3urruuIuj4RT0Zd1/VTsRqn4+lYi/XYiM14Jp6N5+JMPB9n44V4Mc5NZzXdNwAAAAAAAAAAAAAAAAAAACyXBzr/f6Hh5gEAAAAAAAAAAAAAAAAAAGBJXL1+4/JOq7V7JaVTEeXX++399uxzNr7TiW6UUcTF2Ig/Ynr6f2ZWX3qntXsxTW3GV+XBP/mD/fax+fzW9HUCC/Nbs3yaz5+M1bvz27ERZxbntxfmT8Wrr9yVz2Ijfv0oBlHGXvydvZP/Yiult99t3ZM/P50HAAAAyyBL/1q4f8+y/xqf5e/j/sA9++vjcf54s2snopp81svLshg1XtzuaPbNQUQ8Io0tcXHi0Wjj/y2Ozf2Rmu/nMS2auybx8Nz50ZvuBAAAAAAAAAAAgPvxMB4nbHqNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/MUOHAsAAAAACPO3TqNjAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//86R81g")
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdirat(r2, &(0x7f0000000180)='./bus\x00', 0x0)
renameat2(r2, &(0x7f0000000380)='./file0\x00', r2, &(0x7f0000000200)='./bus/file0\x00', 0x0)

209.491738ms ago: executing program 4 (id=1177):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100002020702500000000002020207b1af8ff00"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x400000, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000300)=ANY=[], &(0x7f0000000400)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x62, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x0)

181.703938ms ago: executing program 7 (id=1178):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
dup3(r0, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
move_mount(r0, &(0x7f0000000100)='./bus\x00', r1, &(0x7f00000000c0)='./bus\x00', 0x14)
sendfile(r1, r0, 0x0, 0x7ffff000)

132.198548ms ago: executing program 4 (id=1179):
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x36, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_config_ext={0x8, 0x10000}, 0x0, 0x10000, 0x0, 0x1, 0xa, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@jqfmt_vfsold}, {@minixdf}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = dup(r0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="580000000206030000000000fffff000000000000900020073797a32000000000500040000000000050005000200000012000300686173683a6e65742c706f727400000005000100070000000c0007800800"], 0x58}}, 0x0)

26.43715ms ago: executing program 1 (id=1180):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000c80)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)={0x2, 0x13, 0x0, 0x9, 0x2, 0x0, 0x70bd25}, 0x10}}, 0x4)

0s ago: executing program 1 (id=1181):
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x129c81, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f00000000c0)={0x0, 0x0, 0x6, 0x6, 0x1, "42341f9b1000007e4f00"})
r2 = syz_open_pts(r1, 0x40000)
dup3(r2, r1, 0x0)
splice(r1, 0x0, r0, 0x0, 0x7ffff000, 0x0)

kernel console output (not intermixed with test programs):

oup descriptors
[   91.400142][ T5985] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[   91.409999][ T5989] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   91.420990][ T5985] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   91.431766][ T5989] EXT4-fs (loop2): revision level too high, forcing read-only mode
[   91.441772][ T5985] JBD2: no valid journal superblock found
[   91.447585][ T5985] EXT4-fs (loop3): Could not load journal inode
[   91.467301][ T5989] EXT4-fs (loop2): orphan cleanup on readonly fs
[   91.482662][  T295] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.512041][ T5989] EXT4-fs error (device loop2): __ext4_get_inode_loc:4792: comm syz.2.740: Invalid inode table block 0 in block_group 0
[   91.542687][ T5989] EXT4-fs (loop2): Remounting filesystem read-only
[   91.549533][ T5989] EXT4-fs (loop2): 1 truncate cleaned up
[   91.559692][  T295] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.604293][ T6017] smc: net device bond0 applied user defined pnetid SYZ0
[   91.617759][ T6017] smc: net device bond0 erased user defined pnetid SYZ0
[   91.625425][  T295] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   91.696963][ T6029] smc: net device bond0 applied user defined pnetid SYZ0
[   91.715929][ T6029] smc: net device bond0 erased user defined pnetid SYZ0
[   91.724899][ T6030] futex_wake_op: syz.1.758 tries to shift op by -1; fix this program
[   91.774392][  T295] bridge_slave_1: left allmulticast mode
[   91.781710][  T295] bridge_slave_1: left promiscuous mode
[   91.787654][  T295] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.851075][  T295] bridge_slave_0: left allmulticast mode
[   91.856788][  T295] bridge_slave_0: left promiscuous mode
[   91.862570][  T295] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.880737][ T6041] loop4: detected capacity change from 0 to 128
[   91.889167][ T6041] ext4 filesystem being mounted at /71/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.927499][ T6045] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   91.973875][ T6045] loop2: detected capacity change from 0 to 1024
[   91.990196][ T6045] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   92.001213][ T6045] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[   92.078795][ T6045] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   92.120159][ T6045] JBD2: no valid journal superblock found
[   92.125928][ T6045] EXT4-fs (loop2): Could not load journal inode
[   92.222332][  T295] $Hÿ (unregistering): (slave bond_slave_0): Releasing backup interface
[   92.231942][  T295] bond_slave_0: left promiscuous mode
[   92.238971][  T295] $Hÿ (unregistering): (slave bond_slave_1): Releasing backup interface
[   92.250876][  T295] bond_slave_1: left promiscuous mode
[   92.257392][  T295] $Hÿ (unregistering): Released all slaves
[   92.348973][  T295] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   92.356427][  T295] batman_adv: batadv0: Removing interface: batadv_slave_0
[   92.364224][  T295] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   92.371697][  T295] batman_adv: batadv0: Removing interface: batadv_slave_1
[   92.381599][  T295] veth1_macvtap: left promiscuous mode
[   92.387169][  T295] veth0_macvtap: left promiscuous mode
[   92.392734][  T295] veth1_vlan: left promiscuous mode
[   92.397946][  T295] veth0_vlan: left promiscuous mode
[   92.453056][  T295] team_slave_1 (unregistering): left promiscuous mode
[   92.460921][  T295] team0 (unregistering): Port device team_slave_1 removed
[   92.471537][  T295] team_slave_0 (unregistering): left promiscuous mode
[   92.478694][  T295] team0 (unregistering): Port device team_slave_0 removed
[   92.525226][ T5999] chnl_net:caif_netlink_parms(): no params data found
[   92.565127][ T5999] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.572330][ T5999] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.581576][ T5999] bridge_slave_0: entered allmulticast mode
[   92.588122][ T5999] bridge_slave_0: entered promiscuous mode
[   92.594812][ T5999] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.601948][ T5999] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.612575][ T5999] bridge_slave_1: entered allmulticast mode
[   92.619256][ T5999] bridge_slave_1: entered promiscuous mode
[   92.625017][ T6060] loop1: detected capacity change from 0 to 1024
[   92.625417][ T6060] EXT4-fs: Ignoring removed orlov option
[   92.647086][ T5999] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   92.657666][ T5999] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   92.686908][ T5999] team0: Port device team_slave_0 added
[   92.693742][ T5999] team0: Port device team_slave_1 added
[   92.726022][ T5999] batman_adv: batadv0: Adding interface: batadv_slave_0
[   92.733051][ T5999] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.759157][ T5999] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   92.799291][ T6067] smc: net device bond0 applied user defined pnetid SYZ0
[   92.806576][ T6070] loop4: detected capacity change from 0 to 512
[   92.806920][ T5999] batman_adv: batadv0: Adding interface: batadv_slave_1
[   92.820012][ T5999] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   92.833136][ T6070] EXT4-fs: Ignoring removed nomblk_io_submit option
[   92.845948][ T5999] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   92.869236][ T6067] smc: net device bond0 erased user defined pnetid SYZ0
[   92.920863][ T5999] hsr_slave_0: entered promiscuous mode
[   92.927821][ T6070] ext4 filesystem being mounted at /72/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   92.930873][ T5999] hsr_slave_1: entered promiscuous mode
[   92.944551][ T5999] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   92.952353][ T5999] Cannot create hsr debugfs directory
[   92.960514][  T295] IPVS: stop unused estimator thread 0...
[   92.976156][ T6075] loop3: detected capacity change from 0 to 164
[   92.993456][ T6075] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   93.012192][ T6075] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   93.029362][ T6075] Symlink component flag not implemented
[   93.035136][ T6075] Symlink component flag not implemented
[   93.041063][ T6075] Symlink component flag not implemented (7)
[   93.047129][ T6075] Symlink component flag not implemented (116)
[   93.079586][ T6062] __nla_validate_parse: 2 callbacks suppressed
[   93.079603][ T6062] netlink: 8 bytes leftover after parsing attributes in process `syz.2.774'.
[   93.151476][ T6082] loop4: detected capacity change from 0 to 164
[   93.160161][ T6082] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   93.175123][ T6082] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   93.184566][ T6082] Symlink component flag not implemented
[   93.190264][ T6082] Symlink component flag not implemented
[   93.196074][ T6082] Symlink component flag not implemented (7)
[   93.202102][ T6082] Symlink component flag not implemented (116)
[   93.240891][ T6086] loop3: detected capacity change from 0 to 2048
[   93.305240][ T6097] netlink: 48 bytes leftover after parsing attributes in process `syz.1.778'.
[   93.339454][ T6100] netlink: 48 bytes leftover after parsing attributes in process `syz.1.780'.
[   93.340984][ T6101] smc: net device bond0 applied user defined pnetid SYZ0
[   93.356338][ T5999] netdevsim netdevsim6 netdevsim0: renamed from eth0
[   93.365340][ T5999] netdevsim netdevsim6 netdevsim1: renamed from eth1
[   93.374221][ T5999] netdevsim netdevsim6 netdevsim2: renamed from eth2
[   93.375517][ T6101] smc: net device bond0 erased user defined pnetid SYZ0
[   93.390435][ T5999] netdevsim netdevsim6 netdevsim3: renamed from eth3
[   93.421033][ T6114] loop3: detected capacity change from 0 to 1024
[   93.428387][ T6114] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[   93.442472][ T6114] netlink: 'syz.3.782': attribute type 4 has an invalid length.
[   93.446396][ T5999] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.464907][ T5999] 8021q: adding VLAN 0 to HW filter on device team0
[   93.483360][ T5999] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   93.493869][ T5999] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   93.504420][ T6114] netlink: 'syz.3.782': attribute type 4 has an invalid length.
[   93.515094][ T1802] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.522206][ T1802] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.536192][ T1802] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.543348][ T1802] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.579485][ T6114] FAULT_INJECTION: forcing a failure.
[   93.579485][ T6114] name failslab, interval 1, probability 0, space 0, times 0
[   93.592308][ T6114] CPU: 0 UID: 0 PID: 6114 Comm: syz.3.782 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[   93.592335][ T6114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   93.592349][ T6114] Call Trace:
[   93.592357][ T6114]  <TASK>
[   93.592411][ T6114]  __dump_stack+0x1d/0x30
[   93.592433][ T6114]  dump_stack_lvl+0xe8/0x140
[   93.592452][ T6114]  dump_stack+0x15/0x1b
[   93.592474][ T6114]  should_fail_ex+0x265/0x280
[   93.592510][ T6114]  should_failslab+0x8c/0xb0
[   93.592537][ T6114]  kmem_cache_alloc_node_noprof+0x57/0x320
[   93.592597][ T6114]  ? __alloc_skb+0x101/0x320
[   93.592626][ T6114]  ? mod_timer+0x1f/0x30
[   93.592741][ T6114]  __alloc_skb+0x101/0x320
[   93.592777][ T6114]  inet_ifmcaddr_notify+0x64/0x120
[   93.592807][ T6114]  __ip_mc_dec_group+0x1ac/0x3d0
[   93.592874][ T6114]  ip_mc_leave_group+0x2f8/0x370
[   93.592907][ T6114]  do_ip_setsockopt+0x1e98/0x2240
[   93.592947][ T6114]  ip_setsockopt+0x58/0x110
[   93.593026][ T6114]  udp_setsockopt+0x99/0xb0
[   93.593075][ T6114]  sock_common_setsockopt+0x66/0x80
[   93.593100][ T6114]  ? __pfx_sock_common_setsockopt+0x10/0x10
[   93.593130][ T6114]  __sys_setsockopt+0x181/0x200
[   93.593168][ T6114]  __x64_sys_setsockopt+0x64/0x80
[   93.593232][ T6114]  x64_sys_call+0x2bd5/0x2fb0
[   93.593282][ T6114]  do_syscall_64+0xd2/0x200
[   93.593301][ T6114]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   93.593394][ T6114]  ? clear_bhb_loop+0x40/0x90
[   93.593419][ T6114]  ? clear_bhb_loop+0x40/0x90
[   93.593461][ T6114]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   93.593485][ T6114] RIP: 0033:0x7f9a9862e929
[   93.593503][ T6114] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.593523][ T6114] RSP: 002b:00007f9a96c97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[   93.593545][ T6114] RAX: ffffffffffffffda RBX: 00007f9a98855fa0 RCX: 00007f9a9862e929
[   93.593559][ T6114] RDX: 0000000000000024 RSI: 0000000000000000 RDI: 0000000000000003
[   93.593615][ T6114] RBP: 00007f9a96c97090 R08: 000000000000000c R09: 0000000000000000
[   93.593630][ T6114] R10: 0000200000000440 R11: 0000000000000246 R12: 0000000000000001
[   93.593645][ T6114] R13: 0000000000000000 R14: 00007f9a98855fa0 R15: 00007ffd8b8d4c38
[   93.593668][ T6114]  </TASK>
[   93.629288][ T5999] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.810916][ T6129] loop2: detected capacity change from 0 to 512
[   93.842634][ T6129] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[   93.914284][ T6144] netlink: 48 bytes leftover after parsing attributes in process `syz.1.790'.
[   93.931755][ T6140] loop2: detected capacity change from 0 to 2048
[   93.963989][ T6155] smc: net device bond0 applied user defined pnetid SYZ0
[   93.971287][ T6155] smc: net device bond0 erased user defined pnetid SYZ0
[   93.993532][ T6158] FAULT_INJECTION: forcing a failure.
[   93.993532][ T6158] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   94.006737][ T6158] CPU: 0 UID: 0 PID: 6158 Comm: syz.1.793 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[   94.006761][ T6158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   94.006773][ T6158] Call Trace:
[   94.006780][ T6158]  <TASK>
[   94.006788][ T6158]  __dump_stack+0x1d/0x30
[   94.006810][ T6158]  dump_stack_lvl+0xe8/0x140
[   94.006900][ T6158]  dump_stack+0x15/0x1b
[   94.006920][ T6158]  should_fail_ex+0x265/0x280
[   94.006955][ T6158]  should_fail+0xb/0x20
[   94.007047][ T6158]  should_fail_usercopy+0x1a/0x20
[   94.007083][ T6158]  _copy_from_iter+0xcf/0xe40
[   94.007151][ T6158]  ? __build_skb_around+0x1a0/0x200
[   94.007186][ T6158]  ? __alloc_skb+0x223/0x320
[   94.007222][ T6158]  netlink_sendmsg+0x471/0x6b0
[   94.007307][ T6158]  ? __pfx_netlink_sendmsg+0x10/0x10
[   94.007330][ T6158]  __sock_sendmsg+0x142/0x180
[   94.007386][ T6158]  ____sys_sendmsg+0x31e/0x4e0
[   94.007427][ T6158]  ___sys_sendmsg+0x17b/0x1d0
[   94.007522][ T6158]  __x64_sys_sendmsg+0xd4/0x160
[   94.007548][ T6158]  x64_sys_call+0x2999/0x2fb0
[   94.007567][ T6158]  do_syscall_64+0xd2/0x200
[   94.007586][ T6158]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   94.007639][ T6158]  ? clear_bhb_loop+0x40/0x90
[   94.007715][ T6158]  ? clear_bhb_loop+0x40/0x90
[   94.007739][ T6158]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   94.007813][ T6158] RIP: 0033:0x7f7c775ce929
[   94.007830][ T6158] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   94.007850][ T6158] RSP: 002b:00007f7c75c37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   94.007949][ T6158] RAX: ffffffffffffffda RBX: 00007f7c777f5fa0 RCX: 00007f7c775ce929
[   94.007960][ T6158] RDX: 0000000004020010 RSI: 0000200000000300 RDI: 0000000000000004
[   94.007985][ T6158] RBP: 00007f7c75c37090 R08: 0000000000000000 R09: 0000000000000000
[   94.008017][ T6158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   94.008033][ T6158] R13: 0000000000000000 R14: 00007f7c777f5fa0 R15: 00007ffe49f295f8
[   94.008058][ T6158]  </TASK>
[   94.230931][ T5999] veth0_vlan: entered promiscuous mode
[   94.238736][ T5999] veth1_vlan: entered promiscuous mode
[   94.285884][ T5999] veth0_macvtap: entered promiscuous mode
[   94.301283][ T6171] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   94.306463][ T5999] veth1_macvtap: entered promiscuous mode
[   94.333957][ T6171] loop2: detected capacity change from 0 to 1024
[   94.342017][ T6171] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   94.353012][ T6171] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[   94.363662][ T6171] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   94.374943][ T6171] JBD2: no valid journal superblock found
[   94.380901][ T6171] EXT4-fs (loop2): Could not load journal inode
[   94.420838][ T5999] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.434227][ T5999] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.446582][ T5999] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.455419][ T5999] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.464225][ T5999] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.473087][ T5999] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.475278][ T6176] SELinux:  policydb magic number 0x6572666b does not match expected magic number 0xf97cff8c
[   94.506430][ T6177] loop3: detected capacity change from 0 to 512
[   94.520970][ T6177] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   94.526405][ T6176] SELinux: failed to load policy
[   94.534218][ T6177] EXT4-fs (loop3): 1 truncate cleaned up
[   94.545841][ T6179] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   94.555724][ T6182] smc: net device bond0 applied user defined pnetid SYZ0
[   94.562972][ T6179] loop2: detected capacity change from 0 to 1024
[   94.570230][ T6182] smc: net device bond0 erased user defined pnetid SYZ0
[   94.588251][ T6179] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   94.599419][ T6179] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[   94.609239][ T6179] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   94.626433][ T6179] JBD2: no valid journal superblock found
[   94.632370][ T6179] EXT4-fs (loop2): Could not load journal inode
[   94.726742][ T6194] loop2: detected capacity change from 0 to 2048
[   94.838967][ T6210] loop4: detected capacity change from 0 to 1024
[   94.864499][ T6212] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   94.874969][ T6210] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   94.878203][ T6212] loop2: detected capacity change from 0 to 1024
[   94.892511][ T6208] loop3: detected capacity change from 0 to 256
[   94.899848][ T6210] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   94.908140][ T6212] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   94.919141][ T6212] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[   94.934833][ T6208] netlink: 100 bytes leftover after parsing attributes in process `syz.3.810'.
[   94.945197][ T6210] EXT4-fs (loop4): orphan cleanup on readonly fs
[   94.953232][ T6212] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   94.978705][ T6210] EXT4-fs error (device loop4): __ext4_get_inode_loc:4792: comm syz.4.811: Invalid inode table block 0 in block_group 0
[   95.003880][ T6212] JBD2: no valid journal superblock found
[   95.009836][ T6212] EXT4-fs (loop2): Could not load journal inode
[   95.019138][ T6210] EXT4-fs (loop4): Remounting filesystem read-only
[   95.028105][ T6210] EXT4-fs (loop4): 1 truncate cleaned up
[   95.073008][ T6217] loop2: detected capacity change from 0 to 512
[   95.093902][ T6215] loop3: detected capacity change from 0 to 8192
[   95.102387][ T6217] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   95.140914][ T6217] EXT4-fs (loop2): 1 truncate cleaned up
[   95.183250][ T6220] netlink: 'syz.4.817': attribute type 13 has an invalid length.
[   95.199750][ T6224] loop3: detected capacity change from 0 to 1024
[   95.206700][ T6224] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[   95.232961][ T6223] loop2: detected capacity change from 0 to 512
[   95.255478][ T6223] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.816: Failed to acquire dquot type 1
[   95.257017][ T6224] netlink: 'syz.3.815': attribute type 4 has an invalid length.
[   95.298932][ T6223] EXT4-fs (loop2): 1 truncate cleaned up
[   95.305317][ T6223] ext4 filesystem being mounted at /72/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   95.316015][ T6227] netlink: 'syz.3.815': attribute type 4 has an invalid length.
crond[3098]: time disparity of 4166782 minutes detected

[   95.536358][ T6236] loop6: detected capacity change from 0 to 1024
[   95.543528][ T6236] EXT4-fs: Ignoring removed i_version option
[   95.553108][ T6236] EXT4-fs: Ignoring removed bh option
[   95.592423][ T6220] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.601485][ T6220] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.613034][ T6234] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.819: Allocating blocks 497-513 which overlap fs metadata
[   95.735805][ T6233] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.819: Allocating blocks 497-513 which overlap fs metadata
[   95.760192][ T6233] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.819: Allocating blocks 497-513 which overlap fs metadata
[   95.782978][ T6233] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.819: Allocating blocks 497-513 which overlap fs metadata
[   95.797419][ T6233] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.819: Allocating blocks 497-513 which overlap fs metadata
[   95.813285][ T6233] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.819: Allocating blocks 497-513 which overlap fs metadata
[   95.828801][ T6233] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.819: Allocating blocks 497-513 which overlap fs metadata
[   95.850454][ T6233] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.819: Allocating blocks 497-513 which overlap fs metadata
[   96.062911][ T6220] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   96.073019][ T6220] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   96.082538][ T6220] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   96.091720][ T6220] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   96.120619][ T6236] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.819: Allocating blocks 497-513 which overlap fs metadata
[   96.140254][ T6236] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.819: Allocating blocks 497-513 which overlap fs metadata
[   96.155802][ T3374] : Port: 1 Link DOWN
[   96.198760][ T6247] loop4: detected capacity change from 0 to 2048
[   96.306901][ T6257] loop3: detected capacity change from 0 to 8192
[   96.324031][ T6263] loop2: detected capacity change from 0 to 512
[   96.352351][ T6263] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   96.454938][ T6263] EXT4-fs (loop2): 1 truncate cleaned up
[   96.457800][ T6274] loop1: detected capacity change from 0 to 164
[   96.468013][ T6274] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   96.481962][ T6274] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   96.491388][ T6274] Symlink component flag not implemented
[   96.497115][ T6274] Symlink component flag not implemented
[   96.549322][ T6274] Symlink component flag not implemented (7)
[   96.555480][ T6274] Symlink component flag not implemented (116)
[   96.703169][ T6277] loop6: detected capacity change from 0 to 512
[   96.709942][ T6277] EXT4-fs: Ignoring removed mblk_io_submit option
[   96.716404][ T6277] EXT4-fs: Ignoring removed bh option
[   96.735063][ T6277] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[   96.803309][ T6277] EXT4-fs (loop6): 1 truncate cleaned up
[   96.940746][   T29] kauditd_printk_skb: 784 callbacks suppressed
[   96.940793][   T29] audit: type=1326 audit(2000000050.900:5972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6281 comm="syz.2.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc95f61e929 code=0x7ffc0000
[   96.971281][ T6282] FAULT_INJECTION: forcing a failure.
[   96.971281][ T6282] name failslab, interval 1, probability 0, space 0, times 0
[   96.984051][ T6282] CPU: 1 UID: 0 PID: 6282 Comm: syz.2.831 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[   96.984082][ T6282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   96.984097][ T6282] Call Trace:
[   96.984104][ T6282]  <TASK>
[   96.984111][ T6282]  __dump_stack+0x1d/0x30
[   96.984148][ T6282]  dump_stack_lvl+0xe8/0x140
[   96.984173][ T6282]  dump_stack+0x15/0x1b
[   96.984193][ T6282]  should_fail_ex+0x265/0x280
[   96.984263][ T6282]  should_failslab+0x8c/0xb0
[   96.984293][ T6282]  kmem_cache_alloc_node_noprof+0x57/0x320
[   96.984412][ T6282]  ? __alloc_skb+0x101/0x320
[   96.984450][ T6282]  __alloc_skb+0x101/0x320
[   96.984478][ T6282]  ? audit_log_start+0x365/0x6c0
[   96.984509][ T6282]  audit_log_start+0x380/0x6c0
[   96.984568][ T6282]  audit_seccomp+0x48/0x100
[   96.984601][ T6282]  ? __seccomp_filter+0x68c/0x10d0
[   96.984646][ T6282]  __seccomp_filter+0x69d/0x10d0
[   96.984669][ T6282]  ? __pfx_proc_fail_nth_write+0x10/0x10
[   96.984690][ T6282]  ? vfs_write+0x75e/0x8e0
[   96.984717][ T6282]  ? __rcu_read_unlock+0x4f/0x70
[   96.984773][ T6282]  ? __fget_files+0x184/0x1c0
[   96.984801][ T6282]  __secure_computing+0x82/0x150
[   96.984827][ T6282]  syscall_trace_enter+0xcf/0x1e0
[   96.984853][ T6282]  do_syscall_64+0xac/0x200
[   96.984887][ T6282]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   96.984909][ T6282]  ? clear_bhb_loop+0x40/0x90
[   96.984933][ T6282]  ? clear_bhb_loop+0x40/0x90
[   96.984955][ T6282]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.985022][ T6282] RIP: 0033:0x7fc95f61e929
[   96.985039][ T6282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   96.985060][ T6282] RSP: 002b:00007fc95dc87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[   96.985081][ T6282] RAX: ffffffffffffffda RBX: 00007fc95f845fa0 RCX: 00007fc95f61e929
[   96.985127][ T6282] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[   96.985141][ T6282] RBP: 00007fc95dc87090 R08: 0000000000000000 R09: 0000000000000000
[   96.985154][ T6282] R10: 0400000000000000 R11: 0000000000000246 R12: 0000000000000001
[   96.985168][ T6282] R13: 0000000000000000 R14: 00007fc95f845fa0 R15: 00007fff3cb2ec98
[   96.985186][ T6282]  </TASK>
[   96.985194][ T6282] audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=64
[   97.195466][ T6283] netlink: 8 bytes leftover after parsing attributes in process `syz.3.828'.
[   97.197652][ T6282] audit: out of memory in audit_log_start
[   97.199345][   T29] audit: type=1326 audit(2000000050.930:5973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6281 comm="syz.2.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc95f61e929 code=0x7ffc0000
[   97.254241][   T29] audit: type=1326 audit(2000000050.930:5974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6281 comm="syz.2.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc95f61e929 code=0x7ffc0000
[   97.277641][   T29] audit: type=1326 audit(2000000050.930:5975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6281 comm="syz.2.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fc95f61e929 code=0x7ffc0000
[   97.300971][   T29] audit: type=1326 audit(2000000050.930:5976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6281 comm="syz.2.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc95f61e929 code=0x7ffc0000
[   97.324345][   T29] audit: type=1326 audit(2000000050.930:5977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6281 comm="syz.2.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc95f61d290 code=0x7ffc0000
[   97.347744][   T29] audit: type=1326 audit(2000000050.930:5978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6281 comm="syz.2.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc95f61d3df code=0x7ffc0000
[   97.417994][   T29] audit: type=1326 audit(2000000051.310:5979): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6281 comm="syz.2.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fc95f61d33c code=0x7ffc0000
[   97.486335][ T6299] loop2: detected capacity change from 0 to 164
[   97.506035][ T6302] loop4: detected capacity change from 0 to 164
[   97.513934][ T6299] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   97.523167][ T6302] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   97.535006][ T6296] loop3: detected capacity change from 0 to 8192
[   97.543906][ T6302] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   97.547425][ T6299] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   97.552869][ T6302] Symlink component flag not implemented
[   97.561490][ T6299] Symlink component flag not implemented
[   97.566153][ T6302] Symlink component flag not implemented
[   97.567078][ T6302] Symlink component flag not implemented (7)
[   97.571959][ T6299] Symlink component flag not implemented
[   97.572920][ T6299] Symlink component flag not implemented (7)
[   97.577770][ T6302] Symlink component flag not implemented (116)
[   97.583637][ T6299] Symlink component flag not implemented (116)
[   97.679734][ T6316] FAULT_INJECTION: forcing a failure.
[   97.679734][ T6316] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.684998][ T6314] loop3: detected capacity change from 0 to 2048
[   97.692910][ T6316] CPU: 0 UID: 0 PID: 6316 Comm: syz.6.846 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[   97.692977][ T6316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   97.692996][ T6316] Call Trace:
[   97.693004][ T6316]  <TASK>
[   97.693015][ T6316]  __dump_stack+0x1d/0x30
[   97.693093][ T6316]  dump_stack_lvl+0xe8/0x140
[   97.693121][ T6316]  dump_stack+0x15/0x1b
[   97.693142][ T6316]  should_fail_ex+0x265/0x280
[   97.693250][ T6316]  should_fail+0xb/0x20
[   97.693317][ T6316]  should_fail_usercopy+0x1a/0x20
[   97.693360][ T6316]  _copy_from_user+0x1c/0xb0
[   97.693388][ T6316]  input_event_from_user+0x5f/0x160
[   97.693426][ T6316]  ? input_inject_event+0xd9/0xf0
[   97.693481][ T6316]  evdev_write+0x1b1/0x290
[   97.693508][ T6316]  ? __pfx_evdev_write+0x10/0x10
[   97.693533][ T6316]  vfs_write+0x269/0x8e0
[   97.693603][ T6316]  ? __rcu_read_unlock+0x4f/0x70
[   97.693688][ T6316]  ? __fget_files+0x184/0x1c0
[   97.693719][ T6316]  ksys_write+0xda/0x1a0
[   97.693745][ T6316]  __x64_sys_write+0x40/0x50
[   97.693767][ T6316]  x64_sys_call+0x2cdd/0x2fb0
[   97.693796][ T6316]  do_syscall_64+0xd2/0x200
[   97.693895][ T6316]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.693979][ T6316]  ? clear_bhb_loop+0x40/0x90
[   97.694007][ T6316]  ? clear_bhb_loop+0x40/0x90
[   97.694036][ T6316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.694064][ T6316] RIP: 0033:0x7f13dea4e929
[   97.694085][ T6316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.694125][ T6316] RSP: 002b:00007f13dd0b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   97.694151][ T6316] RAX: ffffffffffffffda RBX: 00007f13dec75fa0 RCX: 00007f13dea4e929
[   97.694168][ T6316] RDX: 00000000000012d8 RSI: 0000200000000040 RDI: 0000000000000003
[   97.694184][ T6316] RBP: 00007f13dd0b7090 R08: 0000000000000000 R09: 0000000000000000
[   97.694199][ T6316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.694222][ T6316] R13: 0000000000000000 R14: 00007f13dec75fa0 R15: 00007fff7e9ce2b8
[   97.694247][ T6316]  </TASK>
[   97.947894][ T6326] loop2: detected capacity change from 0 to 1024
[   97.965824][ T6326] FAULT_INJECTION: forcing a failure.
[   97.965824][ T6326] name failslab, interval 1, probability 0, space 0, times 0
[   97.978572][ T6326] CPU: 1 UID: 0 PID: 6326 Comm: syz.2.849 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[   97.978607][ T6326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   97.978623][ T6326] Call Trace:
[   97.978629][ T6326]  <TASK>
[   97.978639][ T6326]  __dump_stack+0x1d/0x30
[   97.978696][ T6326]  dump_stack_lvl+0xe8/0x140
[   97.978715][ T6326]  dump_stack+0x15/0x1b
[   97.978735][ T6326]  should_fail_ex+0x265/0x280
[   97.978770][ T6326]  should_failslab+0x8c/0xb0
[   97.978799][ T6326]  kmem_cache_alloc_noprof+0x50/0x310
[   97.978831][ T6326]  ? getname_kernel+0x3c/0x1f0
[   97.978856][ T6326]  getname_kernel+0x3c/0x1f0
[   97.978878][ T6326]  vfs_path_lookup+0x4e/0x170
[   97.978966][ T6326]  mntns_install+0x17c/0x260
[   97.978989][ T6326]  __se_sys_setns+0xa44/0xf20
[   97.979029][ T6326]  __x64_sys_setns+0x31/0x40
[   97.979085][ T6326]  x64_sys_call+0x2e95/0x2fb0
[   97.979112][ T6326]  do_syscall_64+0xd2/0x200
[   97.979141][ T6326]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   97.979199][ T6326]  ? clear_bhb_loop+0x40/0x90
[   97.979232][ T6326]  ? clear_bhb_loop+0x40/0x90
[   97.979254][ T6326]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.979280][ T6326] RIP: 0033:0x7fc95f61e929
[   97.979335][ T6326] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   97.979355][ T6326] RSP: 002b:00007fc95dc87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000134
[   97.979376][ T6326] RAX: ffffffffffffffda RBX: 00007fc95f845fa0 RCX: 00007fc95f61e929
[   97.979390][ T6326] RDX: 0000000000000000 RSI: 0000000024020000 RDI: 0000000000000004
[   97.979445][ T6326] RBP: 00007fc95dc87090 R08: 0000000000000000 R09: 0000000000000000
[   97.979506][ T6326] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   97.979516][ T6326] R13: 0000000000000000 R14: 00007fc95f845fa0 R15: 00007fff3cb2ec98
[   97.979532][ T6326]  </TASK>
[   98.194202][ T6331] loop6: detected capacity change from 0 to 512
[   98.213366][ T6331] ext4: Unknown parameter 'dioread_nolock"errors'
[   98.239819][ T6335] loop1: detected capacity change from 0 to 512
[   98.260718][ T6335] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[   98.262760][ T6341] loop2: detected capacity change from 0 to 164
[   98.272133][ T6335] System zones: 0-2, 18-18, 34-34
[   98.285187][ T6341] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   98.325594][ T6341] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   98.336094][ T6335] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.852: bg 0: block 248: padding at end of block bitmap is not set
[   98.351283][ T6341] Symlink component flag not implemented
[   98.356970][ T6341] Symlink component flag not implemented
[   98.363160][ T6341] Symlink component flag not implemented (7)
[   98.369227][ T6341] Symlink component flag not implemented (116)
[   98.427701][ T6351] loop2: detected capacity change from 0 to 1024
[   98.436883][ T6335] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.852: Failed to acquire dquot type 1
[   98.481493][ T6335] EXT4-fs (loop1): 1 truncate cleaned up
[   98.490537][ T6347] loop3: detected capacity change from 0 to 8192
[   98.497543][ T6335] EXT4-fs mount: 111 callbacks suppressed
[   98.497560][ T6335] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.525390][ T6335] ext4 filesystem being mounted at /91/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   98.537818][ T6351] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.602601][ T6351] netlink: 4 bytes leftover after parsing attributes in process `syz.2.858'.
[   98.655557][ T4751] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /81/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   98.699695][ T6355] loop3: detected capacity change from 0 to 8192
[   98.706510][ T6355] vfat: Unknown parameter ''
[   98.715838][ T4751] EXT4-fs error (device loop2): ext4_empty_dir:3084: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   98.747106][ T4751] EXT4-fs warning (device loop2): ext4_empty_dir:3086: inode #11: comm syz-executor: directory missing '.'
[   98.770182][ T4870] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.790198][ T4751] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /81/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   98.820203][ T4751] EXT4-fs error (device loop2): ext4_empty_dir:3084: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   98.858770][ T4751] EXT4-fs warning (device loop2): ext4_empty_dir:3086: inode #11: comm syz-executor: directory missing '.'
[   98.871876][ T4751] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /81/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   98.893508][ T4751] EXT4-fs error (device loop2): ext4_empty_dir:3084: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   98.914611][ T4751] EXT4-fs warning (device loop2): ext4_empty_dir:3086: inode #11: comm syz-executor: directory missing '.'
[   98.926360][ T4751] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /81/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   98.948996][ T4751] EXT4-fs error (device loop2): ext4_empty_dir:3084: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   98.968373][ T6368] loop6: detected capacity change from 0 to 2048
[   98.969451][ T4751] EXT4-fs warning (device loop2): ext4_empty_dir:3086: inode #11: comm syz-executor: directory missing '.'
[   98.988737][ T4751] EXT4-fs error (device loop2): ext4_readdir:264: inode #11: block 32: comm syz-executor: path /81/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   99.014183][ T4751] EXT4-fs error (device loop2): ext4_empty_dir:3084: inode #11: block 32: comm syz-executor: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[   99.033991][ T6373] loop4: detected capacity change from 0 to 512
[   99.042757][ T4751] EXT4-fs warning (device loop2): ext4_empty_dir:3086: inode #11: comm syz-executor: directory missing '.'
[   99.042829][ T6373] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[   99.070248][ T6368] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.084061][ T6373] EXT4-fs (loop4): 1 truncate cleaned up
[   99.091819][ T4751] EXT4-fs warning (device loop2): ext4_empty_dir:3086: inode #11: comm syz-executor: directory missing '.'
[   99.103774][ T6373] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.117036][ T4751] EXT4-fs warning (device loop2): ext4_empty_dir:3086: inode #11: comm syz-executor: directory missing '.'
[   99.137413][ T4751] EXT4-fs warning (device loop2): ext4_empty_dir:3086: inode #11: comm syz-executor: directory missing '.'
[   99.159680][ T4751] EXT4-fs warning (device loop2): ext4_empty_dir:3086: inode #11: comm syz-executor: directory missing '.'
[   99.172664][ T5041] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.189415][ T4751] EXT4-fs warning (device loop2): ext4_empty_dir:3086: inode #11: comm syz-executor: directory missing '.'
[   99.204146][ T6378] loop1: detected capacity change from 0 to 8192
[   99.234894][ T6375] loop3: detected capacity change from 0 to 128
[   99.275062][ T6385] FAULT_INJECTION: forcing a failure.
[   99.275062][ T6385] name failslab, interval 1, probability 0, space 0, times 0
[   99.287748][ T6385] CPU: 0 UID: 0 PID: 6385 Comm: syz.4.871 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[   99.287781][ T6385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[   99.287803][ T6385] Call Trace:
[   99.287810][ T6385]  <TASK>
[   99.287819][ T6385]  __dump_stack+0x1d/0x30
[   99.287902][ T6385]  dump_stack_lvl+0xe8/0x140
[   99.287925][ T6385]  dump_stack+0x15/0x1b
[   99.287944][ T6385]  should_fail_ex+0x265/0x280
[   99.287991][ T6385]  should_failslab+0x8c/0xb0
[   99.288019][ T6385]  kmem_cache_alloc_noprof+0x50/0x310
[   99.288108][ T6385]  ? dst_alloc+0xbd/0x100
[   99.288143][ T6385]  dst_alloc+0xbd/0x100
[   99.288249][ T6385]  ip_route_input_rcu+0xd88/0x1d00
[   99.288289][ T6385]  ? ipt_do_table+0x176/0xab0
[   99.288330][ T6385]  ip_route_input_noref+0x5f/0x90
[   99.288365][ T6385]  ip_rcv_finish_core+0x315/0xb40
[   99.288427][ T6385]  ip_sublist_rcv+0x1f8/0x650
[   99.288453][ T6385]  ? __pfx_ip_rcv_finish+0x10/0x10
[   99.288493][ T6385]  ip_list_rcv+0x261/0x290
[   99.288516][ T6385]  ? __pfx_ip_list_rcv+0x10/0x10
[   99.288552][ T6385]  __netif_receive_skb_list_core+0x4dc/0x500
[   99.288615][ T6385]  netif_receive_skb_list_internal+0x487/0x600
[   99.288676][ T6385]  napi_complete_done+0x1a3/0x410
[   99.288726][ T6385]  ? tun_get_user+0x1cdf/0x2500
[   99.288786][ T6385]  tun_get_user+0x1cfc/0x2500
[   99.288826][ T6385]  ? ref_tracker_alloc+0x1f2/0x2f0
[   99.289060][ T6385]  ? selinux_file_permission+0x1e4/0x320
[   99.289092][ T6385]  tun_chr_write_iter+0x15e/0x210
[   99.289138][ T6385]  ? __pfx_tun_chr_write_iter+0x10/0x10
[   99.289233][ T6385]  vfs_write+0x4a0/0x8e0
[   99.289347][ T6385]  ksys_write+0xda/0x1a0
[   99.289364][ T6385]  __x64_sys_write+0x40/0x50
[   99.289384][ T6385]  x64_sys_call+0x2cdd/0x2fb0
[   99.289405][ T6385]  do_syscall_64+0xd2/0x200
[   99.289420][ T6385]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[   99.289503][ T6385]  ? clear_bhb_loop+0x40/0x90
[   99.289567][ T6385]  ? clear_bhb_loop+0x40/0x90
[   99.289586][ T6385]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.289604][ T6385] RIP: 0033:0x7f859387e929
[   99.289625][ T6385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   99.289644][ T6385] RSP: 002b:00007f8591ee7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   99.289665][ T6385] RAX: ffffffffffffffda RBX: 00007f8593aa5fa0 RCX: 00007f859387e929
[   99.289679][ T6385] RDX: 000000000000003e RSI: 0000200000000440 RDI: 0000000000000003
[   99.289692][ T6385] RBP: 00007f8591ee7090 R08: 0000000000000000 R09: 0000000000000000
[   99.289705][ T6385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   99.289718][ T6385] R13: 0000000000000000 R14: 00007f8593aa5fa0 R15: 00007fff2321f768
[   99.289756][ T6385]  </TASK>
[   99.575436][  T295] kworker/u8:5: attempt to access beyond end of device
[   99.575436][  T295] loop3: rw=1, sector=145, nr_sectors = 32 limit=128
[   99.589552][ T5999] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.598978][  T295] kworker/u8:5: attempt to access beyond end of device
[   99.598978][  T295] loop3: rw=1, sector=185, nr_sectors = 8 limit=128
[   99.612639][  T295] kworker/u8:5: attempt to access beyond end of device
[   99.612639][  T295] loop3: rw=1, sector=201, nr_sectors = 8 limit=128
[   99.627108][  T295] kworker/u8:5: attempt to access beyond end of device
[   99.627108][  T295] loop3: rw=1, sector=217, nr_sectors = 8 limit=128
[   99.633116][ T6387] loop1: detected capacity change from 0 to 512
[   99.642421][  T295] kworker/u8:5: attempt to access beyond end of device
[   99.642421][  T295] loop3: rw=1, sector=233, nr_sectors = 8 limit=128
[   99.661576][ T6387] SELinux: security_context_str_to_sid (sysadm_u) failed with errno=-22
[   99.662018][  T295] kworker/u8:5: attempt to access beyond end of device
[   99.662018][  T295] loop3: rw=1, sector=249, nr_sectors = 8 limit=128
[   99.684840][  T295] kworker/u8:5: attempt to access beyond end of device
[   99.684840][  T295] loop3: rw=1, sector=265, nr_sectors = 8 limit=128
[   99.698898][  T295] kworker/u8:5: attempt to access beyond end of device
[   99.698898][  T295] loop3: rw=1, sector=281, nr_sectors = 8 limit=128
[   99.719437][  T295] kworker/u8:5: attempt to access beyond end of device
[   99.719437][  T295] loop3: rw=1, sector=297, nr_sectors = 8 limit=128
[   99.733856][  T295] kworker/u8:5: attempt to access beyond end of device
[   99.733856][  T295] loop3: rw=1, sector=313, nr_sectors = 8 limit=128
[   99.800918][ T6356] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.813417][  T295] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.827587][ T6395] loop4: detected capacity change from 0 to 1024
[   99.837287][ T6395] EXT4-fs: Ignoring removed orlov option
[   99.837547][ T6398] loop3: detected capacity change from 0 to 128
[   99.846495][ T6395] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.897352][  T295] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   99.915638][ T5041] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.955411][ T6403] loop1: detected capacity change from 0 to 512
[   99.963272][ T6398] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   99.980275][ T6403] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   99.991260][ T6398] ext4 filesystem being mounted at /118/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  100.010581][ T6403] EXT4-fs (loop1): 1 truncate cleaned up
[  100.022467][  T295] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.027337][ T6403] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.084848][ T6410] loop4: detected capacity change from 0 to 512
[  100.092340][ T6410] EXT4-fs: Ignoring removed nomblk_io_submit option
[  100.100436][ T4718] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  100.130312][ T6410] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.152314][  T295] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  100.160805][ T6415] loop3: detected capacity change from 0 to 2048
[  100.166222][ T6410] ext4 filesystem being mounted at /93/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  100.200467][ T6410] FAULT_INJECTION: forcing a failure.
[  100.200467][ T6410] name failslab, interval 1, probability 0, space 0, times 0
[  100.213201][ T6410] CPU: 0 UID: 0 PID: 6410 Comm: syz.4.879 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  100.213235][ T6410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  100.213250][ T6410] Call Trace:
[  100.213257][ T6410]  <TASK>
[  100.213266][ T6410]  __dump_stack+0x1d/0x30
[  100.213290][ T6410]  dump_stack_lvl+0xe8/0x140
[  100.213335][ T6410]  dump_stack+0x15/0x1b
[  100.213354][ T6410]  should_fail_ex+0x265/0x280
[  100.213403][ T6410]  should_failslab+0x8c/0xb0
[  100.213429][ T6410]  kmem_cache_alloc_noprof+0x50/0x310
[  100.213460][ T6410]  ? __es_insert_extent+0x508/0xee0
[  100.213489][ T6410]  __es_insert_extent+0x508/0xee0
[  100.213513][ T6410]  ? ___slab_alloc+0x275/0x900
[  100.213574][ T6410]  ext4_es_cache_extent+0x276/0x370
[  100.213682][ T6410]  ext4_find_extent+0x336/0x7a0
[  100.213721][ T6410]  ext4_ext_map_blocks+0x11f/0x38a0
[  100.213751][ T6410]  ? find_get_block_common+0x736/0x960
[  100.213846][ T6410]  ? perf_event_read_local+0x4af/0x4f0
[  100.213904][ T6410]  ? __rcu_read_unlock+0x4f/0x70
[  100.213979][ T6410]  ext4_map_query_blocks+0xa8/0x480
[  100.214005][ T6410]  ext4_map_blocks+0x3a1/0xd70
[  100.214038][ T6410]  ? __ext4_journal_start_sb+0x131/0x300
[  100.214070][ T6410]  ext4_iomap_begin+0x93a/0xe00
[  100.214100][ T6410]  ? __pfx_ext4_iomap_begin+0x10/0x10
[  100.214201][ T6410]  iomap_iter+0x338/0x730
[  100.214222][ T6410]  ? should_failslab+0x8c/0xb0
[  100.214247][ T6410]  __iomap_dio_rw+0x708/0x1250
[  100.214343][ T6410]  ? ext4_journal_check_start+0x11a/0x1b0
[  100.214376][ T6410]  iomap_dio_rw+0x40/0x90
[  100.214406][ T6410]  ext4_file_write_iter+0xad9/0xf00
[  100.214491][ T6410]  do_iter_readv_writev+0x421/0x4c0
[  100.214580][ T6410]  vfs_writev+0x2df/0x8b0
[  100.214615][ T6410]  __se_sys_pwritev2+0xfc/0x1c0
[  100.214636][ T6410]  __x64_sys_pwritev2+0x67/0x80
[  100.214677][ T6410]  x64_sys_call+0x1cea/0x2fb0
[  100.214696][ T6410]  do_syscall_64+0xd2/0x200
[  100.214713][ T6410]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.214765][ T6410]  ? clear_bhb_loop+0x40/0x90
[  100.214785][ T6410]  ? clear_bhb_loop+0x40/0x90
[  100.214806][ T6410]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.214880][ T6410] RIP: 0033:0x7f859387e929
[  100.214893][ T6410] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.214909][ T6410] RSP: 002b:00007f8591ee7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  100.214926][ T6410] RAX: ffffffffffffffda RBX: 00007f8593aa5fa0 RCX: 00007f859387e929
[  100.214966][ T6410] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000008
[  100.214977][ T6410] RBP: 00007f8591ee7090 R08: 0000000000000000 R09: 0000000000000003
[  100.214988][ T6410] R10: 000000000007abff R11: 0000000000000246 R12: 0000000000000001
[  100.214998][ T6410] R13: 0000000000000000 R14: 00007f8593aa5fa0 R15: 00007fff2321f768
[  100.215032][ T6410]  </TASK>
[  100.216875][ T4870] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.390204][ T6415] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.547001][ T5041] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.591056][ T6408] chnl_net:caif_netlink_parms(): no params data found
[  100.604521][  T295] bridge_slave_1: left allmulticast mode
[  100.610331][  T295] bridge_slave_1: left promiscuous mode
[  100.616203][  T295] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.640930][  T295] bridge_slave_0: left allmulticast mode
[  100.646692][  T295] bridge_slave_0: left promiscuous mode
[  100.652535][  T295] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.660522][ T4718] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.661307][ T6436] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=65 sclass=netlink_route_socket pid=6436 comm=syz.1.887
[  100.697828][ T6430] loop4: detected capacity change from 0 to 8192
[  100.708544][ T6438] loop3: detected capacity change from 0 to 512
[  100.716068][ T6438] EXT4-fs: Ignoring removed nomblk_io_submit option
[  100.742927][ T6438] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.756492][ T6438] ext4 filesystem being mounted at /120/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  100.773167][ T6444] loop4: detected capacity change from 0 to 1024
[  100.773983][ T6443] loop1: detected capacity change from 0 to 1024
[  100.780000][ T6444] EXT4-fs: Ignoring removed orlov option
[  100.788211][ T6443] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  100.806500][ T6443] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  100.809849][ T6444] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.814618][ T6443] EXT4-fs (loop1): orphan cleanup on readonly fs
[  100.827285][  T295] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  100.843005][ T6443] EXT4-fs error (device loop1): __ext4_get_inode_loc:4792: comm syz.1.890: Invalid inode table block 0 in block_group 0
[  100.857537][  T295] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  100.860126][ T6443] EXT4-fs (loop1): Remounting filesystem read-only
[  100.872730][ T6443] EXT4-fs (loop1): 1 truncate cleaned up
[  100.879377][ T6443] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  100.892864][ T5041] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.893101][  T295] bond0 (unregistering): Released all slaves
[  100.918901][ T6449] FAULT_INJECTION: forcing a failure.
[  100.918901][ T6449] name failslab, interval 1, probability 0, space 0, times 0
[  100.932062][ T6449] CPU: 0 UID: 0 PID: 6449 Comm: syz.4.891 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  100.932194][ T6449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  100.932209][ T6449] Call Trace:
[  100.932215][ T6449]  <TASK>
[  100.932224][ T6449]  __dump_stack+0x1d/0x30
[  100.932259][ T6449]  dump_stack_lvl+0xe8/0x140
[  100.932281][ T6449]  dump_stack+0x15/0x1b
[  100.932298][ T6449]  should_fail_ex+0x265/0x280
[  100.932388][ T6449]  should_failslab+0x8c/0xb0
[  100.932415][ T6449]  __kmalloc_noprof+0xa5/0x3e0
[  100.932443][ T6449]  ? sk_prot_alloc+0xa8/0x190
[  100.932518][ T6449]  sk_prot_alloc+0xa8/0x190
[  100.932546][ T6449]  sk_alloc+0x34/0x360
[  100.932579][ T6449]  bpf_prog_test_run_skb+0x234/0xbd0
[  100.932681][ T6449]  ? __rcu_read_unlock+0x4f/0x70
[  100.932706][ T6449]  ? __fget_files+0x184/0x1c0
[  100.932726][ T6449]  ? __rcu_read_unlock+0x4f/0x70
[  100.932752][ T6449]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  100.932806][ T6449]  bpf_prog_test_run+0x22a/0x390
[  100.932829][ T6449]  __sys_bpf+0x3dc/0x790
[  100.932971][ T6449]  __x64_sys_bpf+0x41/0x50
[  100.933072][ T6449]  x64_sys_call+0x2478/0x2fb0
[  100.933091][ T6449]  do_syscall_64+0xd2/0x200
[  100.933108][ T6449]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  100.933132][ T6449]  ? clear_bhb_loop+0x40/0x90
[  100.933151][ T6449]  ? clear_bhb_loop+0x40/0x90
[  100.933279][ T6449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.933299][ T6449] RIP: 0033:0x7f859387e929
[  100.933394][ T6449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  100.933410][ T6449] RSP: 002b:00007f8591ee7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  100.933427][ T6449] RAX: ffffffffffffffda RBX: 00007f8593aa5fa0 RCX: 00007f859387e929
[  100.933468][ T6449] RDX: 000000000000004c RSI: 0000200000000240 RDI: 000000000000000a
[  100.933479][ T6449] RBP: 00007f8591ee7090 R08: 0000000000000000 R09: 0000000000000000
[  100.933490][ T6449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.933501][ T6449] R13: 0000000000000000 R14: 00007f8593aa5fa0 R15: 00007fff2321f768
[  100.933519][ T6449]  </TASK>
[  100.935710][ T4718] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.165472][ T4870] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.169954][ T6451] syz.4.893 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  101.203028][ T6408] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.210134][ T6408] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.217426][ T6408] bridge_slave_0: entered allmulticast mode
[  101.223480][ T6457] loop1: detected capacity change from 0 to 512
[  101.223870][ T6457] EXT4-fs: Ignoring removed nomblk_io_submit option
[  101.238193][ T6408] bridge_slave_0: entered promiscuous mode
[  101.246028][ T6408] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.253153][ T6408] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.261798][ T6408] bridge_slave_1: entered allmulticast mode
[  101.268434][ T6408] bridge_slave_1: entered promiscuous mode
[  101.281978][  T295] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  101.289552][  T295] batman_adv: batadv0: Removing interface: batadv_slave_0
[  101.295696][ T6466] loop6: detected capacity change from 0 to 1024
[  101.303542][  T295] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  101.311039][  T295] batman_adv: batadv0: Removing interface: batadv_slave_1
[  101.312041][ T6461] loop3: detected capacity change from 0 to 512
[  101.321601][ T6457] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.325374][ T6461] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  101.340739][ T6457] ext4 filesystem being mounted at /102/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  101.350586][ T6466] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.357296][  T295] veth1_macvtap: left promiscuous mode
[  101.374673][  T295] veth0_macvtap: left promiscuous mode
[  101.375828][ T6461] EXT4-fs (loop3): 1 truncate cleaned up
[  101.380358][  T295] veth1_vlan: left promiscuous mode
[  101.387190][ T6461] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.393958][  T295] veth0_vlan: left promiscuous mode
[  101.444672][ T4718] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.487068][  T295] team0 (unregistering): Port device team_slave_1 removed
[  101.512149][ T6475] loop3: detected capacity change from 0 to 2048
[  101.525355][ T4870] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.537587][ T6475] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.565727][ T6408] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  101.584798][ T6408] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  101.605463][ T6408] team0: Port device team_slave_0 added
[  101.612240][ T6408] team0: Port device team_slave_1 added
[  101.629766][ T6408] batman_adv: batadv0: Adding interface: batadv_slave_0
[  101.636770][ T6408] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.646734][ T6486] loop1: detected capacity change from 0 to 8192
[  101.662911][ T6408] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  101.680969][ T6408] batman_adv: batadv0: Adding interface: batadv_slave_1
[  101.688072][ T6408] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  101.714146][ T6408] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  101.725851][ T5999] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.747165][ T4718] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.767146][ T6408] hsr_slave_0: entered promiscuous mode
[  101.774582][ T6488] loop6: detected capacity change from 0 to 1024
[  101.781668][ T6408] hsr_slave_1: entered promiscuous mode
[  101.787553][ T6488] EXT4-fs: Ignoring removed orlov option
[  101.795182][ T6490] loop1: detected capacity change from 0 to 256
[  101.795920][ T6408] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  101.810662][ T6408] Cannot create hsr debugfs directory
[  101.817411][ T6490] netlink: 100 bytes leftover after parsing attributes in process `syz.1.901'.
[  101.829075][ T6492] loop3: detected capacity change from 0 to 256
[  101.834366][ T6488] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.986875][ T5999] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.170487][ T6514] loop6: detected capacity change from 0 to 164
[  102.200034][ T6514] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  102.252367][ T6518] loop3: detected capacity change from 0 to 512
[  102.283133][ T6518] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  102.304554][ T6518] EXT4-fs (loop3): 1 truncate cleaned up
[  102.318490][ T6518] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.336254][ T6514] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  102.346396][ T6514] Symlink component flag not implemented
[  102.352145][ T6514] Symlink component flag not implemented
[  102.357933][ T6514] Symlink component flag not implemented (7)
[  102.362957][ T6521] loop1: detected capacity change from 0 to 1024
[  102.364047][ T6514] Symlink component flag not implemented (116)
[  102.383375][ T6408] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  102.393729][ T4718] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.402002][ T6408] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  102.412418][ T6408] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  102.424851][ T6521] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  102.442827][ T6527] loop3: detected capacity change from 0 to 164
[  102.447358][ T6408] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  102.483577][ T6524] loop6: detected capacity change from 0 to 8192
[  102.499712][ T6521] 9pnet_fd: Insufficient options for proto=fd
[  102.549598][   T29] kauditd_printk_skb: 218 callbacks suppressed
[  102.549617][   T29] audit: type=1400 audit(2000000056.460:6192): avc:  denied  { mounton } for  pid=6520 comm="syz.1.908" path="/107/file1/file2" dev="loop1" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  102.566453][ T6530] SELinux: syz.1.908 (6530) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  102.579108][   T29] audit: type=1400 audit(2000000056.470:6193): avc:  denied  { setattr } for  pid=6520 comm="syz.1.908" name="/" dev="loop1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  102.706293][ T4870] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.729576][   T29] audit: type=1326 audit(2000000056.690:6194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6540 comm="syz.3.913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a9862e929 code=0x7ffc0000
[  102.753170][   T29] audit: type=1326 audit(2000000056.690:6195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6540 comm="syz.3.913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a9862e929 code=0x7ffc0000
[  102.780422][ T6541] loop3: detected capacity change from 0 to 256
[  102.787422][   T29] audit: type=1326 audit(2000000056.730:6196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6540 comm="syz.3.913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9a9862e929 code=0x7ffc0000
[  102.810849][   T29] audit: type=1326 audit(2000000056.730:6197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6540 comm="syz.3.913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a9862e929 code=0x7ffc0000
[  102.820635][ T6408] 8021q: adding VLAN 0 to HW filter on device bond0
[  102.834203][   T29] audit: type=1326 audit(2000000056.730:6198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6540 comm="syz.3.913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a9862e929 code=0x7ffc0000
[  102.864636][   T29] audit: type=1326 audit(2000000056.730:6199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6540 comm="syz.3.913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f9a9862e929 code=0x7ffc0000
[  102.887987][   T29] audit: type=1326 audit(2000000056.730:6200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6540 comm="syz.3.913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a9862e929 code=0x7ffc0000
[  102.911365][   T29] audit: type=1326 audit(2000000056.730:6201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6540 comm="syz.3.913" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f9a9862e929 code=0x7ffc0000
[  102.938075][ T6408] 8021q: adding VLAN 0 to HW filter on device team0
[  102.951773][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.958955][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  102.959136][ T6546] loop4: detected capacity change from 0 to 1024
[  102.973034][ T6546] EXT4-fs: Ignoring removed orlov option
[  102.973654][ T6541] netlink: 100 bytes leftover after parsing attributes in process `syz.3.913'.
[  102.991832][ T1802] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.998988][ T1802] bridge0: port 2(bridge_slave_1) entered forwarding state
[  103.008659][ T6546] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.057413][ T6554] netlink: 4 bytes leftover after parsing attributes in process `syz.3.917'.
[  103.081361][ T5041] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.092124][ T6554] bridge_slave_1: left allmulticast mode
[  103.097807][ T6554] bridge_slave_1: left promiscuous mode
[  103.103574][ T6554] bridge0: port 2(bridge_slave_1) entered disabled state
[  103.117857][ T6559] loop4: detected capacity change from 0 to 512
[  103.125792][ T6559] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  103.137081][ T6554] bridge_slave_0: left allmulticast mode
[  103.142797][ T6554] bridge_slave_0: left promiscuous mode
[  103.148497][ T6554] bridge0: port 1(bridge_slave_0) entered disabled state
[  103.161126][ T6559] EXT4-fs (loop4): 1 truncate cleaned up
[  103.167441][ T6559] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.187806][ T6551] loop1: detected capacity change from 0 to 512
[  103.204946][ T6408] 8021q: adding VLAN 0 to HW filter on device batadv0
[  103.213221][ T5041] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.223942][ T6551] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.238542][ T6551] ext4 filesystem being mounted at /110/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  103.254476][ T6551] netlink: 3 bytes leftover after parsing attributes in process `syz.1.916'.
[  103.278903][ T6551] 0ªX¹¦À: renamed from caif0
[  103.286791][ T6551] 0ªX¹¦À: entered allmulticast mode
[  103.292092][ T6551] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  103.345342][ T6408] veth0_vlan: entered promiscuous mode
[  103.359794][ T6408] veth1_vlan: entered promiscuous mode
[  103.361258][ T6576] loop4: detected capacity change from 0 to 8192
[  103.393230][ T6408] veth0_macvtap: entered promiscuous mode
[  103.402805][ T6408] veth1_macvtap: entered promiscuous mode
[  103.416744][ T6408] batman_adv: batadv0: Interface activated: batadv_slave_0
[  103.440508][ T6408] batman_adv: batadv0: Interface activated: batadv_slave_1
[  103.450386][ T6408] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  103.459177][ T6408] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  103.467997][ T6408] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  103.476742][ T6408] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  103.518471][ T6591] loop3: detected capacity change from 0 to 2048
[  103.531078][ T4870] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.573940][ T6591] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.598059][ T6601] loop7: detected capacity change from 0 to 164
[  103.608892][ T6601] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  103.613717][ T6601] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  103.613906][ T6601] Symlink component flag not implemented
[  103.613915][ T6601] Symlink component flag not implemented
[  103.613943][ T6601] Symlink component flag not implemented (7)
[  103.613953][ T6601] Symlink component flag not implemented (116)
[  103.651558][ T6607] loop4: detected capacity change from 0 to 1024
[  103.670941][ T6604] loop1: detected capacity change from 0 to 256
[  103.681334][ T6607] EXT4-fs: Ignoring removed orlov option
[  103.688459][ T4718] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.711320][ T6607] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.711706][ T6610] loop7: detected capacity change from 0 to 512
[  103.740027][ T6610] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  103.750271][ T6612] FAULT_INJECTION: forcing a failure.
[  103.750271][ T6612] name failslab, interval 1, probability 0, space 0, times 0
[  103.762953][ T6612] CPU: 0 UID: 0 PID: 6612 Comm: syz.1.931 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  103.763058][ T6612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  103.763073][ T6612] Call Trace:
[  103.763079][ T6612]  <TASK>
[  103.763087][ T6612]  __dump_stack+0x1d/0x30
[  103.763111][ T6612]  dump_stack_lvl+0xe8/0x140
[  103.763130][ T6612]  dump_stack+0x15/0x1b
[  103.763144][ T6612]  should_fail_ex+0x265/0x280
[  103.763211][ T6612]  should_failslab+0x8c/0xb0
[  103.763238][ T6612]  kmem_cache_alloc_noprof+0x50/0x310
[  103.763333][ T6612]  ? __anon_vma_prepare+0x70/0x2f0
[  103.763424][ T6612]  ? __alloc_frozen_pages_noprof+0x188/0x360
[  103.763454][ T6612]  __anon_vma_prepare+0x70/0x2f0
[  103.763533][ T6612]  do_wp_page+0x1838/0x2400
[  103.763559][ T6612]  ? __rcu_read_lock+0x37/0x50
[  103.763626][ T6612]  handle_mm_fault+0x77d/0x2be0
[  103.763647][ T6612]  ? mas_walk+0xf2/0x120
[  103.763687][ T6612]  do_user_addr_fault+0x636/0x1090
[  103.763740][ T6612]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  103.763777][ T6612]  exc_page_fault+0x62/0xa0
[  103.763860][ T6612]  asm_exc_page_fault+0x26/0x30
[  103.763876][ T6612] RIP: 0033:0x7f7c77490ca3
[  103.763891][ T6612] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  103.763907][ T6612] RSP: 002b:00007f7c75c364a0 EFLAGS: 00010202
[  103.763923][ T6612] RAX: 0000000000000400 RBX: 00007f7c75c36540 RCX: 00007f7c6d817000
[  103.763937][ T6612] RDX: 00007f7c75c366e0 RSI: 0000000000000001 RDI: 00007f7c75c365e0
[  103.763952][ T6612] RBP: 00000000000000f9 R08: 0000000000000008 R09: 00000000000000ac
[  103.763982][ T6612] R10: 00000000000000be R11: 00007f7c75c36540 R12: 0000000000000001
[  103.763996][ T6612] R13: 00007f7c7766c020 R14: 0000000000000020 R15: 00007f7c75c365e0
[  103.764016][ T6612]  </TASK>
[  103.764026][ T6612] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  103.903720][ T6610] EXT4-fs (loop7): 1 truncate cleaned up
[  103.965030][ T6610] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.982183][ T6612] loop1: detected capacity change from 0 to 512
[  103.989150][ T6612] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities
[  104.020573][ T5041] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.030916][ T6408] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.142854][ T6624] netlink: 132 bytes leftover after parsing attributes in process `syz.4.933'.
[  104.214975][ T6640] loop3: detected capacity change from 0 to 2048
[  104.256704][ T6644] loop4: detected capacity change from 0 to 1024
[  104.263679][ T6644] EXT4-fs: Ignoring removed orlov option
[  104.265269][ T6640] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.287038][ T6644] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.358042][ T4718] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.377028][ T6652] loop6: detected capacity change from 0 to 128
[  104.395196][ T6652] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  104.417161][ T6652] ext4 filesystem being mounted at /18/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  104.479459][ T5999] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  104.496046][ T6659] loop3: detected capacity change from 0 to 512
[  104.507564][ T6657] loop1: detected capacity change from 0 to 2048
[  104.514684][ T6659] EXT4-fs: Ignoring removed nomblk_io_submit option
[  104.533524][ T6657] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.553405][ T6659] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.564408][ T6657] netlink: 8 bytes leftover after parsing attributes in process `syz.1.947'.
[  104.567941][ T6659] ext4 filesystem being mounted at /134/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  104.574888][ T6657] netlink: 40 bytes leftover after parsing attributes in process `syz.1.947'.
[  104.603619][ T6667] loop6: detected capacity change from 0 to 2048
[  104.652293][ T6667] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.683164][ T5041] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.690517][ T4870] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.710733][ T4718] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.723657][ T6674] loop4: detected capacity change from 0 to 164
[  104.733687][ T6674] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  104.746529][ T6676] loop1: detected capacity change from 0 to 1024
[  104.753371][ T6676] EXT4-fs: Ignoring removed orlov option
[  104.764610][ T5999] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.767253][ T6678] loop3: detected capacity change from 0 to 512
[  104.774926][ T6676] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.782548][ T6678] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  104.804974][ T6674] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  104.813765][ T6674] Symlink component flag not implemented
[  104.819475][ T6674] Symlink component flag not implemented
[  104.838020][ T6678] EXT4-fs (loop3): 1 truncate cleaned up
[  104.839604][ T6674] Symlink component flag not implemented (7)
[  104.849798][ T6674] Symlink component flag not implemented (116)
[  104.855156][ T6678] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.871269][ T6678] netlink: 40 bytes leftover after parsing attributes in process `syz.3.952'.
[  104.899873][ T6690] FAULT_INJECTION: forcing a failure.
[  104.899873][ T6690] name failslab, interval 1, probability 0, space 0, times 0
[  104.912596][ T6690] CPU: 1 UID: 0 PID: 6690 Comm: syz.4.957 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  104.912647][ T6690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  104.912699][ T6690] Call Trace:
[  104.912706][ T6690]  <TASK>
[  104.912715][ T6690]  __dump_stack+0x1d/0x30
[  104.912741][ T6690]  dump_stack_lvl+0xe8/0x140
[  104.912766][ T6690]  dump_stack+0x15/0x1b
[  104.912787][ T6690]  should_fail_ex+0x265/0x280
[  104.912825][ T6690]  should_failslab+0x8c/0xb0
[  104.912848][ T6690]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  104.912879][ T6690]  ? sock_alloc_inode+0x34/0xa0
[  104.912976][ T6690]  ? __pfx_sock_alloc_inode+0x10/0x10
[  104.913006][ T6690]  sock_alloc_inode+0x34/0xa0
[  104.913035][ T6690]  alloc_inode+0x3d/0x170
[  104.913106][ T6690]  __sock_create+0x122/0x5b0
[  104.913141][ T6690]  sock_create_kern+0x38/0x50
[  104.913201][ T6690]  mptcp_subflow_create_socket+0x84/0x630
[  104.913276][ T6690]  __mptcp_nmpc_sk+0xb3/0x3b0
[  104.913316][ T6690]  mptcp_bind+0x71/0x2f0
[  104.913351][ T6690]  __sys_bind+0x1d1/0x2a0
[  104.913403][ T6690]  __x64_sys_bind+0x3f/0x50
[  104.913432][ T6690]  x64_sys_call+0x2086/0x2fb0
[  104.913465][ T6690]  do_syscall_64+0xd2/0x200
[  104.913484][ T6690]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  104.913563][ T6690]  ? clear_bhb_loop+0x40/0x90
[  104.913583][ T6690]  ? clear_bhb_loop+0x40/0x90
[  104.913607][ T6690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.913634][ T6690] RIP: 0033:0x7f859387e929
[  104.913652][ T6690] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  104.913675][ T6690] RSP: 002b:00007f8591ee7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  104.913698][ T6690] RAX: ffffffffffffffda RBX: 00007f8593aa5fa0 RCX: 00007f859387e929
[  104.913727][ T6690] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000003
[  104.913796][ T6690] RBP: 00007f8591ee7090 R08: 0000000000000000 R09: 0000000000000000
[  104.913811][ T6690] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.913826][ T6690] R13: 0000000000000000 R14: 00007f8593aa5fa0 R15: 00007fff2321f768
[  104.913860][ T6690]  </TASK>
[  104.913868][ T6690] socket: no more sockets
[  104.932847][ T6688] loop1: detected capacity change from 0 to 2048
[  104.972021][ T6687] loop6: detected capacity change from 0 to 256
[  105.090459][ T6697] loop4: detected capacity change from 0 to 2048
[  105.162528][ T6702] FAULT_INJECTION: forcing a failure.
[  105.162528][ T6702] name failslab, interval 1, probability 0, space 0, times 0
[  105.175366][ T6702] CPU: 1 UID: 0 PID: 6702 Comm: syz.3.958 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  105.175396][ T6702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  105.175450][ T6702] Call Trace:
[  105.175455][ T6702]  <TASK>
[  105.175461][ T6702]  __dump_stack+0x1d/0x30
[  105.175480][ T6702]  dump_stack_lvl+0xe8/0x140
[  105.175504][ T6702]  dump_stack+0x15/0x1b
[  105.175522][ T6702]  should_fail_ex+0x265/0x280
[  105.175555][ T6702]  should_failslab+0x8c/0xb0
[  105.175575][ T6702]  kmem_cache_alloc_node_noprof+0x57/0x320
[  105.175660][ T6702]  ? __alloc_skb+0x101/0x320
[  105.175731][ T6702]  __alloc_skb+0x101/0x320
[  105.175815][ T6702]  inet_netconf_notify_devconf+0x173/0x230
[  105.175906][ T6702]  inetdev_event+0x743/0xc10
[  105.175938][ T6702]  ? __pfx_ib_netdevice_event+0x10/0x10
[  105.175977][ T6702]  ? ib_netdevice_event+0x186/0x5f0
[  105.176002][ T6702]  ? __pfx_arp_netdev_event+0x10/0x10
[  105.176026][ T6702]  ? __pfx_inetdev_event+0x10/0x10
[  105.176053][ T6702]  raw_notifier_call_chain+0x6f/0x1b0
[  105.176113][ T6702]  ? call_netdevice_notifiers_info+0x9c/0x100
[  105.176143][ T6702]  call_netdevice_notifiers_info+0xae/0x100
[  105.176172][ T6702]  unregister_netdevice_many_notify+0xd9d/0x1690
[  105.176210][ T6702]  unregister_netdevice_queue+0x1f5/0x220
[  105.176249][ T6702]  vti6_siocdevprivate+0x273/0x8e0
[  105.176326][ T6702]  dev_ifsioc+0x8f5/0xaa0
[  105.176365][ T6702]  dev_ioctl+0x78d/0x960
[  105.176389][ T6702]  sock_ioctl+0x593/0x610
[  105.176410][ T6702]  ? __pfx_sock_ioctl+0x10/0x10
[  105.176451][ T6702]  __se_sys_ioctl+0xcb/0x140
[  105.176529][ T6702]  __x64_sys_ioctl+0x43/0x50
[  105.176561][ T6702]  x64_sys_call+0x19a8/0x2fb0
[  105.176586][ T6702]  do_syscall_64+0xd2/0x200
[  105.176618][ T6702]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  105.176642][ T6702]  ? clear_bhb_loop+0x40/0x90
[  105.176668][ T6702]  ? clear_bhb_loop+0x40/0x90
[  105.176705][ T6702]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.176754][ T6702] RIP: 0033:0x7f9a9862e929
[  105.176769][ T6702] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  105.176790][ T6702] RSP: 002b:00007f9a96c97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  105.176820][ T6702] RAX: ffffffffffffffda RBX: 00007f9a98855fa0 RCX: 00007f9a9862e929
[  105.176835][ T6702] RDX: 0000200000000680 RSI: 00000000000089f2 RDI: 0000000000000004
[  105.176849][ T6702] RBP: 00007f9a96c97090 R08: 0000000000000000 R09: 0000000000000000
[  105.176863][ T6702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  105.176877][ T6702] R13: 0000000000000000 R14: 00007f9a98855fa0 R15: 00007ffd8b8d4c38
[  105.176896][ T6702]  </TASK>
[  105.193823][ T6697] netlink: 8 bytes leftover after parsing attributes in process `syz.4.961'.
[  105.454950][ T6697] netlink: 40 bytes leftover after parsing attributes in process `syz.4.961'.
[  105.501858][ T6719] loop3: detected capacity change from 0 to 1024
[  105.508904][ T6719] EXT4-fs: Ignoring removed orlov option
[  105.555730][ T6724] loop7: detected capacity change from 0 to 1024
[  105.568756][ T6728] loop1: detected capacity change from 0 to 512
[  105.571185][ T6724] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  105.576171][ T6728] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  105.614293][ T6724] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  105.622394][ T6734] loop6: detected capacity change from 0 to 1024
[  105.622680][ T6724] EXT4-fs (loop7): orphan cleanup on readonly fs
[  105.630577][ T6734] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  105.636325][ T6724] EXT4-fs error (device loop7): __ext4_get_inode_loc:4792: comm syz.7.967: Invalid inode table block 0 in block_group 0
[  105.661301][ T6724] EXT4-fs (loop7): Remounting filesystem read-only
[  105.667927][ T6724] EXT4-fs (loop7): 1 truncate cleaned up
[  105.674593][ T6734] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  105.683901][ T6728] EXT4-fs (loop1): 1 truncate cleaned up
[  105.692303][ T6728] netlink: 40 bytes leftover after parsing attributes in process `syz.1.969'.
[  105.694252][ T6734] EXT4-fs (loop6): orphan cleanup on readonly fs
[  105.716402][ T6739] loop4: detected capacity change from 0 to 256
[  105.721594][ T6734] EXT4-fs error (device loop6): __ext4_get_inode_loc:4792: comm syz.6.972: Invalid inode table block 0 in block_group 0
[  105.755822][ T6734] EXT4-fs (loop6): Remounting filesystem read-only
[  105.774385][ T6745] FAULT_INJECTION: forcing a failure.
[  105.774385][ T6745] name failslab, interval 1, probability 0, space 0, times 0
[  105.787143][ T6745] CPU: 1 UID: 0 PID: 6745 Comm: syz.1.976 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  105.787165][ T6734] EXT4-fs (loop6): 1 truncate cleaned up
[  105.787195][ T6745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  105.787207][ T6745] Call Trace:
[  105.787213][ T6745]  <TASK>
[  105.787219][ T6745]  __dump_stack+0x1d/0x30
[  105.787241][ T6745]  dump_stack_lvl+0xe8/0x140
[  105.787263][ T6745]  dump_stack+0x15/0x1b
[  105.787285][ T6745]  should_fail_ex+0x265/0x280
[  105.787398][ T6745]  ? usbdev_open+0x4c/0x450
[  105.787438][ T6745]  should_failslab+0x8c/0xb0
[  105.787471][ T6745]  __kmalloc_cache_noprof+0x4c/0x320
[  105.787502][ T6745]  ? avc_has_perm+0xd3/0x150
[  105.787527][ T6745]  usbdev_open+0x4c/0x450
[  105.787621][ T6745]  chrdev_open+0x2e8/0x3a0
[  105.787666][ T6745]  do_dentry_open+0x646/0xa20
[  105.787697][ T6745]  ? __pfx_chrdev_open+0x10/0x10
[  105.787724][ T6745]  vfs_open+0x37/0x1e0
[  105.787755][ T6745]  path_openat+0x1c5e/0x2170
[  105.787805][ T6745]  ? filemap_map_pages+0x9be/0xab0
[  105.787831][ T6745]  ? css_rstat_updated+0xcd/0x5b0
[  105.787876][ T6745]  do_filp_open+0x109/0x230
[  105.787934][ T6745]  do_sys_openat2+0xa6/0x110
[  105.787968][ T6745]  __x64_sys_openat+0xf2/0x120
[  105.788050][ T6745]  x64_sys_call+0x1af/0x2fb0
[  105.788079][ T6745]  do_syscall_64+0xd2/0x200
[  105.788104][ T6745]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  105.788139][ T6745]  ? clear_bhb_loop+0x40/0x90
[  105.788229][ T6745]  ? clear_bhb_loop+0x40/0x90
[  105.788260][ T6745]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.788289][ T6745] RIP: 0033:0x7f7c775cd290
[  105.788310][ T6745] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  105.788341][ T6745] RSP: 002b:00007f7c75c36b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  105.788386][ T6745] RAX: ffffffffffffffda RBX: 0000000000002581 RCX: 00007f7c775cd290
[  105.788403][ T6745] RDX: 0000000000002581 RSI: 00007f7c75c36c10 RDI: 00000000ffffff9c
[  105.788419][ T6745] RBP: 00007f7c75c36c10 R08: 0000000000000000 R09: 0000000000000000
[  105.788440][ T6745] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd
[  105.788457][ T6745] R13: 0000000000000001 R14: 00007f7c777f5fa0 R15: 00007ffe49f295f8
[  105.788481][ T6745]  </TASK>
[  105.867703][ T6742] loop3: detected capacity change from 0 to 2048
[  105.934834][ T6747] loop4: detected capacity change from 0 to 8192
[  106.033463][ T6749] netlink: 'syz.1.977': attribute type 1 has an invalid length.
[  106.087075][ T6756] loop4: detected capacity change from 0 to 2048
[  106.087672][ T6758] loop1: detected capacity change from 0 to 1024
[  106.100397][ T6758] EXT4-fs: Ignoring removed orlov option
[  106.188004][ T6756] netlink: 8 bytes leftover after parsing attributes in process `syz.4.979'.
[  106.197228][ T6756] netlink: 40 bytes leftover after parsing attributes in process `syz.4.979'.
[  106.338911][ T6779] loop1: detected capacity change from 0 to 1024
[  106.347557][ T6779] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  106.378504][ T6779] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  106.387015][ T6779] EXT4-fs (loop1): orphan cleanup on readonly fs
[  106.394412][ T6777] loop4: detected capacity change from 0 to 256
[  106.429534][ T6783] netlink: 14528 bytes leftover after parsing attributes in process `syz.6.987'.
[  106.440735][ T6779] EXT4-fs error (device loop1): __ext4_get_inode_loc:4792: comm syz.1.988: Invalid inode table block 0 in block_group 0
[  106.453481][ T6779] EXT4-fs (loop1): Remounting filesystem read-only
[  106.460117][ T6779] EXT4-fs (loop1): 1 truncate cleaned up
[  106.690180][ T6753] Set syz1 is full, maxelem 65536 reached
[  106.720705][ T6789] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  106.728057][ T6789] IPv6: NLM_F_CREATE should be set when creating new route
[  106.739296][ T6787] loop4: detected capacity change from 0 to 8192
[  106.802533][ T6793] loop3: detected capacity change from 0 to 2048
[  106.824349][ T6795] loop1: detected capacity change from 0 to 1024
[  106.844969][ T6795] EXT4-fs: Ignoring removed orlov option
[  106.849536][ T6799] loop4: detected capacity change from 0 to 512
[  106.870670][ T6799] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  106.948683][ T6799] EXT4-fs (loop4): 1 truncate cleaned up
[  106.950594][ T6810] loop3: detected capacity change from 0 to 2048
[  106.985451][ T6817] netlink: 'syz.6.999': attribute type 46 has an invalid length.
[  107.016856][ T6816] loop1: detected capacity change from 0 to 256
[  107.024617][ T6822] loop7: detected capacity change from 0 to 164
[  107.051212][ T6822] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  107.101621][ T6822] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  107.125097][ T6828] loop1: detected capacity change from 0 to 1024
[  107.137782][ T6828] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  107.154892][ T6828] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  107.168861][ T6822] Symlink component flag not implemented
[  107.174582][ T6822] Symlink component flag not implemented
[  107.182984][ T6828] EXT4-fs (loop1): orphan cleanup on readonly fs
[  107.195494][ T6828] EXT4-fs error (device loop1): __ext4_get_inode_loc:4792: comm syz.1.1004: Invalid inode table block 0 in block_group 0
[  107.208799][ T6822] Symlink component flag not implemented (7)
[  107.214859][ T6822] Symlink component flag not implemented (116)
[  107.221300][ T6828] EXT4-fs (loop1): Remounting filesystem read-only
[  107.227979][ T6828] EXT4-fs (loop1): 1 truncate cleaned up
[  107.343907][ T6849] FAULT_INJECTION: forcing a failure.
[  107.343907][ T6849] name failslab, interval 1, probability 0, space 0, times 0
[  107.356731][ T6849] CPU: 0 UID: 0 PID: 6849 Comm: syz.3.1013 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  107.356762][ T6849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  107.356818][ T6849] Call Trace:
[  107.356823][ T6849]  <TASK>
[  107.356830][ T6849]  __dump_stack+0x1d/0x30
[  107.356850][ T6849]  dump_stack_lvl+0xe8/0x140
[  107.356867][ T6849]  dump_stack+0x15/0x1b
[  107.356882][ T6849]  should_fail_ex+0x265/0x280
[  107.357016][ T6849]  should_failslab+0x8c/0xb0
[  107.357043][ T6849]  kmem_cache_alloc_node_noprof+0x57/0x320
[  107.357069][ T6849]  ? __alloc_skb+0x101/0x320
[  107.357126][ T6849]  __alloc_skb+0x101/0x320
[  107.357159][ T6849]  ? audit_log_start+0x365/0x6c0
[  107.357202][ T6849]  audit_log_start+0x380/0x6c0
[  107.357250][ T6849]  audit_seccomp+0x48/0x100
[  107.357280][ T6849]  ? __seccomp_filter+0x68c/0x10d0
[  107.357307][ T6849]  __seccomp_filter+0x69d/0x10d0
[  107.357399][ T6849]  ? __kmalloc_cache_noprof+0x189/0x320
[  107.357433][ T6849]  ? dec_rlimit_ucounts+0xb0/0xe0
[  107.357595][ T6849]  ? commit_creds+0x70f/0x780
[  107.357620][ T6849]  __secure_computing+0x82/0x150
[  107.357639][ T6849]  syscall_trace_enter+0xcf/0x1e0
[  107.357688][ T6849]  do_syscall_64+0xac/0x200
[  107.357704][ T6849]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  107.357731][ T6849]  ? clear_bhb_loop+0x40/0x90
[  107.357775][ T6849]  ? clear_bhb_loop+0x40/0x90
[  107.357797][ T6849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  107.357878][ T6849] RIP: 0033:0x7f9a9862d33c
[  107.357895][ T6849] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  107.357912][ T6849] RSP: 002b:00007f9a96c97030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  107.357929][ T6849] RAX: ffffffffffffffda RBX: 00007f9a98855fa0 RCX: 00007f9a9862d33c
[  107.357982][ T6849] RDX: 000000000000000f RSI: 00007f9a96c970a0 RDI: 0000000000000005
[  107.358015][ T6849] RBP: 00007f9a96c97090 R08: 0000000000000000 R09: 0000000000000000
[  107.358030][ T6849] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  107.358044][ T6849] R13: 0000000000000000 R14: 00007f9a98855fa0 R15: 00007ffd8b8d4c38
[  107.358062][ T6849]  </TASK>
[  107.591300][   T29] kauditd_printk_skb: 642 callbacks suppressed
[  107.591318][   T29] audit: type=1326 audit(2000000061.540:6834): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6848 comm="syz.3.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9a9862d3df code=0x7ffc0000
[  107.621160][   T29] audit: type=1326 audit(2000000061.540:6835): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6848 comm="syz.3.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f9a9862d58a code=0x7ffc0000
[  107.645033][   T29] audit: type=1326 audit(2000000061.540:6836): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6848 comm="syz.3.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a9862e929 code=0x7ffc0000
[  107.668981][   T29] audit: type=1326 audit(2000000061.540:6837): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6848 comm="syz.3.1013" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a9862e929 code=0x7ffc0000
[  107.694365][ T6859] audit: audit_lost=5 audit_rate_limit=0 audit_backlog_limit=64
[  107.702079][ T6859] audit: out of memory in audit_log_start
[  107.715497][ T6859] 9pnet: Could not find request transport: ´Z
[  107.728789][ T6853] loop6: detected capacity change from 0 to 2048
[  107.735760][   T29] audit: type=1326 audit(2000000061.680:6838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6856 comm="syz.3.1015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a9862e929 code=0x7ffc0000
[  107.759243][   T29] audit: type=1326 audit(2000000061.680:6839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6856 comm="syz.3.1015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a9862e929 code=0x7ffc0000
[  107.782775][   T29] audit: type=1326 audit(2000000061.680:6840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6856 comm="syz.3.1015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9a9862e929 code=0x7ffc0000
[  107.806340][   T29] audit: type=1326 audit(2000000061.680:6841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6856 comm="syz.3.1015" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9a9862e929 code=0x7ffc0000
[  107.869931][ T6869] FAULT_INJECTION: forcing a failure.
[  107.869931][ T6869] name failslab, interval 1, probability 0, space 0, times 0
[  107.870405][ T6867] ip6gre1: entered promiscuous mode
[  107.882685][ T6869] CPU: 1 UID: 0 PID: 6869 Comm: syz.3.1020 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  107.882745][ T6869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  107.882805][ T6869] Call Trace:
[  107.882814][ T6869]  <TASK>
[  107.882824][ T6869]  __dump_stack+0x1d/0x30
[  107.882850][ T6869]  dump_stack_lvl+0xe8/0x140
[  107.882894][ T6869]  dump_stack+0x15/0x1b
[  107.882913][ T6869]  should_fail_ex+0x265/0x280
[  107.882954][ T6869]  should_failslab+0x8c/0xb0
[  107.883009][ T6869]  kmem_cache_alloc_noprof+0x50/0x310
[  107.883042][ T6869]  ? __anon_vma_prepare+0x70/0x2f0
[  107.883144][ T6869]  ? __alloc_frozen_pages_noprof+0x188/0x360
[  107.883187][ T6869]  __anon_vma_prepare+0x70/0x2f0
[  107.883229][ T6869]  do_wp_page+0x1838/0x2400
[  107.883256][ T6869]  ? __rcu_read_lock+0x37/0x50
[  107.883356][ T6869]  handle_mm_fault+0x77d/0x2be0
[  107.883385][ T6869]  ? mas_walk+0xf2/0x120
[  107.883435][ T6869]  do_user_addr_fault+0x636/0x1090
[  107.883481][ T6869]  ? fpregs_assert_state_consistent+0xb4/0xe0
[  107.883522][ T6869]  exc_page_fault+0x62/0xa0
[  107.883575][ T6869]  asm_exc_page_fault+0x26/0x30
[  107.883601][ T6869] RIP: 0033:0x7f9a984f0ca3
[  107.883688][ T6869] Code: 1f 84 00 00 00 00 00 3d 00 01 00 00 75 29 45 31 f6 48 83 c4 18 44 89 f0 5b 5d 41 5c 41 5d 41 5e 41 5f c3 0f 1f 40 00 49 8b 0f <44> 88 34 01 49 83 47 10 01 eb 92 66 90 8d 90 ff fe ff ff 83 fa 1c
[  107.883712][ T6869] RSP: 002b:00007f9a96c963f0 EFLAGS: 00010202
[  107.883804][ T6869] RAX: 00000000000001c0 RBX: 00007f9a96c96490 RCX: 00007f9a8e877000
[  107.883821][ T6869] RDX: 00007f9a96c96630 RSI: 0000000000000001 RDI: 00007f9a96c96530
[  107.883838][ T6869] RBP: 00000000000000bd R08: 0000000000000007 R09: 000000000000002f
[  107.883854][ T6869] R10: 000000000000004a R11: 00007f9a96c96490 R12: 0000000000000001
[  107.883899][ T6869] R13: 00007f9a986cc020 R14: 0000000000000002 R15: 00007f9a96c96530
[  107.883925][ T6869]  </TASK>
[  107.883938][ T6869] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  108.025013][ T6872] loop7: detected capacity change from 0 to 1024
[  108.094019][ T6872] /dev/loop7: Can't open blockdev
[  108.116583][ T6869] loop3: detected capacity change from 0 to 2048
[  108.140371][ T6869] Alternate GPT is invalid, using primary GPT.
[  108.146765][ T6869]  loop3: p1 p2 p3
[  108.160862][ T6878] loop1: detected capacity change from 0 to 164
[  108.213793][ T6882] netlink: '+}[@': attribute type 1 has an invalid length.
[  108.234654][ T6878] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  108.263047][ T6888] loop4: detected capacity change from 0 to 1024
[  108.274822][ T6878] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  108.288758][ T6878] Symlink component flag not implemented
[  108.294490][ T6878] Symlink component flag not implemented
[  108.316193][ T6888] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  108.320293][ T6894] loop7: detected capacity change from 0 to 8192
[  108.333322][ T6878] Symlink component flag not implemented (7)
[  108.339385][ T6878] Symlink component flag not implemented (116)
[  108.362756][ T6888] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  108.388979][ T6888] EXT4-fs (loop4): orphan cleanup on readonly fs
[  108.415708][ T6896] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  108.437600][ T6888] EXT4-fs error (device loop4): __ext4_get_inode_loc:4792: comm syz.4.1026: Invalid inode table block 0 in block_group 0
[  108.452061][ T6888] EXT4-fs (loop4): Remounting filesystem read-only
[  108.462151][ T6888] EXT4-fs (loop4): 1 truncate cleaned up
[  108.551854][ T6913] loop7: detected capacity change from 0 to 2048
[  108.653106][ T6919] loop6: detected capacity change from 0 to 2048
[  108.659986][ T6919] EXT4-fs: Ignoring removed mblk_io_submit option
[  108.692649][ T6919] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1036: bg 0: block 234: padding at end of block bitmap is not set
[  108.766171][ T6934] loop7: detected capacity change from 0 to 164
[  108.775580][ T6934] bio_check_eod: 99 callbacks suppressed
[  108.775618][ T6934] syz.7.1041: attempt to access beyond end of device
[  108.775618][ T6934] loop7: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  108.781882][ T6926] loop4: detected capacity change from 0 to 2048
[  108.802459][ T6934] syz.7.1041: attempt to access beyond end of device
[  108.802459][ T6934] loop7: rw=0, sector=263328, nr_sectors = 4 limit=164
[  108.818829][ T6937] loop6: detected capacity change from 0 to 164
[  108.828395][ T6937] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  108.837539][ T6926] EXT4-fs (loop4): failed to initialize system zone (-117)
[  108.845749][ T6926] EXT4-fs (loop4): mount failed
[  108.855552][ T6937] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  108.864633][ T6937] Symlink component flag not implemented
[  108.870294][ T6937] Symlink component flag not implemented
[  108.876161][ T6937] Symlink component flag not implemented (7)
[  108.882267][ T6937] Symlink component flag not implemented (116)
[  108.947654][ T6941] loop6: detected capacity change from 0 to 8192
[  108.997785][ T6947] loop7: detected capacity change from 0 to 512
[  109.007272][ T6947] EXT4-fs (loop7): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  109.018954][ T6949] smc: net device bond0 applied user defined pnetid SYZ0
[  109.026637][ T6949] smc: net device bond0 erased user defined pnetid SYZ0
[  109.035695][ T6947] EXT4-fs (loop7): orphan cleanup on readonly fs
[  109.049385][ T6947] EXT4-fs error (device loop7): ext4_read_block_bitmap_nowait:517: comm syz.7.1046: Block bitmap for bg 0 marked uninitialized
[  109.071935][ T6947] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  109.101147][ T6947] EXT4-fs (loop7): 1 orphan inode deleted
[  109.135143][ T6956] loop3: detected capacity change from 0 to 1024
[  109.144332][ T6954] loop6: detected capacity change from 0 to 2048
[  109.153958][ T6956] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  109.171407][ T6956] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  109.203410][ T6956] EXT4-fs (loop3): orphan cleanup on readonly fs
[  109.212003][ T6956] EXT4-fs error (device loop3): __ext4_get_inode_loc:4792: comm syz.3.1049: Invalid inode table block 0 in block_group 0
[  109.217929][ T6954] __nla_validate_parse: 12 callbacks suppressed
[  109.217946][ T6954] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1048'.
[  109.240996][ T6956] EXT4-fs (loop3): Remounting filesystem read-only
[  109.247564][ T6956] EXT4-fs (loop3): 1 truncate cleaned up
[  109.263033][ T6954] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1048'.
[  109.310497][ T6964] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1050'.
[  109.319704][ T6964] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1050'.
[  109.328786][ T6964] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1050'.
[  109.392462][ T6969] loop6: detected capacity change from 0 to 2048
[  109.418819][ T6969] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1051'.
[  109.431002][ T6969] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1051'.
[  109.448205][ T6977] loop3: detected capacity change from 0 to 164
[  109.455625][ T6977] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  109.466506][ T6977] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  109.475624][ T6977] Symlink component flag not implemented
[  109.481326][ T6977] Symlink component flag not implemented
[  109.487133][ T6977] Symlink component flag not implemented (7)
[  109.493171][ T6977] Symlink component flag not implemented (116)
[  109.546852][ T6987] loop4: detected capacity change from 0 to 128
[  109.554532][ T6987] EXT4-fs warning (device loop4): ext4_init_metadata_csum:4622: metadata_csum and uninit_bg are redundant flags; please run fsck.
[  109.568034][ T6987] EXT4-fs (loop4): Couldn't mount because of unsupported optional features (fffc1829)
[  109.585720][ T6979] loop1: detected capacity change from 0 to 8192
[  109.630114][ T6992] loop1: detected capacity change from 0 to 128
[  109.651109][ T6992] ext4 filesystem being mounted at /144/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  109.759144][ T6997] loop4: detected capacity change from 0 to 2048
[  109.775499][ T6997] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1061'.
[  109.784713][ T6997] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1061'.
[  109.793031][ T7003] FAULT_INJECTION: forcing a failure.
[  109.793031][ T7003] name failslab, interval 1, probability 0, space 0, times 0
[  109.806510][ T7003] CPU: 1 UID: 0 PID: 7003 Comm: syz.1.1063 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  109.806597][ T7003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  109.806612][ T7003] Call Trace:
[  109.806619][ T7003]  <TASK>
[  109.806627][ T7003]  __dump_stack+0x1d/0x30
[  109.806651][ T7003]  dump_stack_lvl+0xe8/0x140
[  109.806673][ T7003]  dump_stack+0x15/0x1b
[  109.806692][ T7003]  should_fail_ex+0x265/0x280
[  109.806767][ T7003]  should_failslab+0x8c/0xb0
[  109.806790][ T7003]  kmem_cache_alloc_noprof+0x50/0x310
[  109.806839][ T7003]  ? skb_clone+0x151/0x1f0
[  109.806861][ T7003]  skb_clone+0x151/0x1f0
[  109.806876][ T7003]  __netlink_deliver_tap+0x2c9/0x500
[  109.806941][ T7003]  netlink_unicast+0x64c/0x670
[  109.806979][ T7003]  netlink_sendmsg+0x58b/0x6b0
[  109.807067][ T7003]  ? __pfx_netlink_sendmsg+0x10/0x10
[  109.807089][ T7003]  __sock_sendmsg+0x142/0x180
[  109.807190][ T7003]  ____sys_sendmsg+0x31e/0x4e0
[  109.807220][ T7003]  ___sys_sendmsg+0x17b/0x1d0
[  109.807274][ T7003]  __x64_sys_sendmsg+0xd4/0x160
[  109.807293][ T7003]  x64_sys_call+0x2999/0x2fb0
[  109.807310][ T7003]  do_syscall_64+0xd2/0x200
[  109.807324][ T7003]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  109.807379][ T7003]  ? clear_bhb_loop+0x40/0x90
[  109.807395][ T7003]  ? clear_bhb_loop+0x40/0x90
[  109.807413][ T7003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.807430][ T7003] RIP: 0033:0x7f7c775ce929
[  109.807513][ T7003] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  109.807527][ T7003] RSP: 002b:00007f7c75c37038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  109.807541][ T7003] RAX: ffffffffffffffda RBX: 00007f7c777f5fa0 RCX: 00007f7c775ce929
[  109.807551][ T7003] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[  109.807561][ T7003] RBP: 00007f7c75c37090 R08: 0000000000000000 R09: 0000000000000000
[  109.807669][ T7003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.807718][ T7003] R13: 0000000000000000 R14: 00007f7c777f5fa0 R15: 00007ffe49f295f8
[  109.807744][ T7003]  </TASK>
[  110.029248][ T7005] loop1: detected capacity change from 0 to 1024
[  110.036914][ T7005] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  110.048952][ T7005] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  110.057064][ T7005] EXT4-fs (loop1): orphan cleanup on readonly fs
[  110.069732][ T7008] loop7: detected capacity change from 0 to 2048
[  110.075986][ T7005] EXT4-fs error (device loop1): __ext4_get_inode_loc:4792: comm syz.1.1064: Invalid inode table block 0 in block_group 0
[  110.089496][ T7005] EXT4-fs (loop1): Remounting filesystem read-only
[  110.096218][ T7005] EXT4-fs (loop1): 1 truncate cleaned up
[  110.118898][ T7012] loop4: detected capacity change from 0 to 164
[  110.128047][ T7012] syz.4.1066: attempt to access beyond end of device
[  110.128047][ T7012] loop4: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  110.143662][ T7012] syz.4.1066: attempt to access beyond end of device
[  110.143662][ T7012] loop4: rw=0, sector=263328, nr_sectors = 4 limit=164
[  110.181611][ T7015] loop7: detected capacity change from 0 to 164
[  110.188827][ T7015] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  110.200228][ T7015] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  110.208666][ T7015] Symlink component flag not implemented
[  110.214449][ T7015] Symlink component flag not implemented
[  110.229272][ T7015] Symlink component flag not implemented (7)
[  110.235319][ T7015] Symlink component flag not implemented (116)
[  110.282514][ T7018] loop7: detected capacity change from 0 to 128
[  110.317822][ T7022] loop1: detected capacity change from 0 to 512
[  110.332421][ T7018] FAT-fs (loop7): error, invalid FAT chain (i_pos 548, last_block 8)
[  110.341318][ T7018] FAT-fs (loop7): Filesystem has been set read-only
[  110.348540][ T7022] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  110.358949][ T7018] FAT-fs (loop7): error, corrupted file size (i_pos 548, 522)
[  110.384025][ T7022] EXT4-fs (loop1): 1 truncate cleaned up
[  110.396564][ T7018] SELinux: syz.7.1069 (7018) wrote to /sys/fs/selinux/user! This will not be supported in the future; please update your userspace.
[  110.473413][ T7022] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1070'.
[  110.491021][ T7032] loop3: detected capacity change from 0 to 128
[  110.507046][ T7018] wireguard0: entered promiscuous mode
[  110.513266][ T7018] wireguard0: entered allmulticast mode
[  110.522358][ T7032] ext4 filesystem being mounted at /159/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  110.613208][ T7039] loop1: detected capacity change from 0 to 2048
[  110.634738][ T7043] loop3: detected capacity change from 0 to 2048
[  110.745053][ T7053] loop6: detected capacity change from 0 to 1024
[  110.753649][ T7053] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  110.765227][ T7055] loop1: detected capacity change from 0 to 164
[  110.772649][ T7055] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  110.781526][ T7053] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  110.789709][ T7053] EXT4-fs (loop6): orphan cleanup on readonly fs
[  110.796471][ T7055] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  110.807537][ T7053] EXT4-fs error (device loop6): __ext4_get_inode_loc:4792: comm syz.6.1079: Invalid inode table block 0 in block_group 0
[  110.831435][ T7055] Symlink component flag not implemented
[  110.837206][ T7055] Symlink component flag not implemented
[  110.845009][ T7055] Symlink component flag not implemented (7)
[  110.851051][ T7055] Symlink component flag not implemented (116)
[  110.861252][ T7053] EXT4-fs (loop6): Remounting filesystem read-only
[  110.876839][ T7053] EXT4-fs (loop6): 1 truncate cleaned up
[  110.898437][ T7065] loop7: detected capacity change from 0 to 1024
[  110.937232][ T7065] EXT4-fs: Ignoring removed orlov option
[  110.961999][ T7062] loop3: detected capacity change from 0 to 8192
[  111.015006][ T7070] loop1: detected capacity change from 0 to 512
[  111.024107][ T7070] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  111.046959][ T7070] EXT4-fs (loop1): 1 truncate cleaned up
[  111.055704][ T7075] loop3: detected capacity change from 0 to 128
[  111.068182][ T7076] loop6: detected capacity change from 0 to 1024
[  111.074972][ T7076] EXT4-fs: Ignoring removed orlov option
[  111.144224][ T7079] loop1: detected capacity change from 0 to 128
[  111.193858][ T7079] ext4 filesystem being mounted at /154/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  111.280189][ T7086] vhci_hcd: invalid port number 96
[  111.280199][ T7086] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  111.294891][ T7084] loop1: detected capacity change from 0 to 2048
[  111.414926][ T7090] loop7: detected capacity change from 0 to 8192
[  111.433811][ T7092] loop1: detected capacity change from 0 to 2048
[  111.481417][ T7096] loop7: detected capacity change from 0 to 1024
[  111.588924][ T7107] loop6: detected capacity change from 0 to 1024
[  111.590952][ T7107] EXT4-fs: Ignoring removed bh option
[  111.606483][ T7109] loop1: detected capacity change from 0 to 164
[  111.614937][ T7109] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  111.619264][ T7107] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4113: comm syz.6.1096: Allocating blocks 385-513 which overlap fs metadata
[  111.643554][ T7107] EXT4-fs (loop6): Remounting filesystem read-only
[  111.659837][ T7106] EXT4-fs (loop6): pa ffff888106dc43f0: logic 16, phys. 129, len 24
[  111.681458][ T7115] loop4: detected capacity change from 0 to 1024
[  111.681707][ T7115] EXT4-fs: Ignoring removed orlov option
[  111.698276][ T7118] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  111.698439][ T7118] Symlink component flag not implemented
[  111.718078][ T7118] Symlink component flag not implemented
[  111.729172][ T7118] Symlink component flag not implemented (7)
[  111.729198][ T7118] Symlink component flag not implemented (116)
[  111.885381][ T7126] loop6: detected capacity change from 0 to 2048
[  111.943403][ T7133] loop4: detected capacity change from 0 to 164
[  111.950404][ T7133] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  111.992940][ T7133] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  112.005220][ T7136] netlink: 'syz.7.1106': attribute type 10 has an invalid length.
[  112.013406][ T7133] Symlink component flag not implemented
[  112.018091][ T7136] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.019138][ T7133] Symlink component flag not implemented
[  112.028192][ T7136] bridge_slave_1: left allmulticast mode
[  112.037507][ T7136] bridge_slave_1: left promiscuous mode
[  112.039109][ T7133] Symlink component flag not implemented (7)
[  112.043381][ T7136] bridge0: port 2(bridge_slave_1) entered disabled state
[  112.049100][ T7133] Symlink component flag not implemented (116)
[  112.073225][ T7136] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  112.087488][ T7138] loop6: detected capacity change from 0 to 512
[  112.094661][ T7138] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  112.104967][ T7136] loop7: detected capacity change from 0 to 128
[  112.105575][ T7138] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (16416!=33349)
[  112.120857][ T7138] EXT4-fs (loop6): group descriptors corrupted!
[  112.172591][ T7146] loop7: detected capacity change from 0 to 1024
[  112.209768][ T7156] loop3: detected capacity change from 0 to 1024
[  112.235128][ T7156] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  112.257056][ T7156] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  112.294514][ T7161] loop7: detected capacity change from 0 to 8192
[  112.301443][ T7156] EXT4-fs (loop3): orphan cleanup on readonly fs
[  112.320013][ T7156] EXT4-fs error (device loop3): __ext4_get_inode_loc:4792: comm syz.3.1113: Invalid inode table block 0 in block_group 0
[  112.333111][ T7156] EXT4-fs (loop3): Remounting filesystem read-only
[  112.339803][ T7156] EXT4-fs (loop3): 1 truncate cleaned up
[  112.364514][ T7166] loop7: detected capacity change from 0 to 512
[  112.372081][ T7166] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  112.430644][ T7166] EXT4-fs (loop7): 1 truncate cleaned up
[  112.502851][ T7175] loop6: detected capacity change from 0 to 2048
[  112.519541][ T7179] FAULT_INJECTION: forcing a failure.
[  112.519541][ T7179] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  112.532811][ T7179] CPU: 1 UID: 0 PID: 7179 Comm: syz.4.1121 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  112.532845][ T7179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  112.532858][ T7179] Call Trace:
[  112.532864][ T7179]  <TASK>
[  112.532871][ T7179]  __dump_stack+0x1d/0x30
[  112.532960][ T7179]  dump_stack_lvl+0xe8/0x140
[  112.532979][ T7179]  dump_stack+0x15/0x1b
[  112.532995][ T7179]  should_fail_ex+0x265/0x280
[  112.533088][ T7179]  should_fail+0xb/0x20
[  112.533115][ T7179]  should_fail_usercopy+0x1a/0x20
[  112.533148][ T7179]  _copy_to_user+0x20/0xa0
[  112.533191][ T7179]  simple_read_from_buffer+0xb5/0x130
[  112.533269][ T7179]  proc_fail_nth_read+0x100/0x140
[  112.533356][ T7179]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  112.533374][ T7179]  vfs_read+0x1a0/0x6f0
[  112.533403][ T7179]  ? __rcu_read_unlock+0x4f/0x70
[  112.533465][ T7179]  ? __rcu_read_unlock+0x4f/0x70
[  112.533486][ T7179]  ? __fget_files+0x184/0x1c0
[  112.533507][ T7179]  ksys_read+0xda/0x1a0
[  112.533540][ T7179]  __x64_sys_read+0x40/0x50
[  112.533571][ T7179]  x64_sys_call+0x2d77/0x2fb0
[  112.533623][ T7179]  do_syscall_64+0xd2/0x200
[  112.533640][ T7179]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  112.533735][ T7179]  ? clear_bhb_loop+0x40/0x90
[  112.533756][ T7179]  ? clear_bhb_loop+0x40/0x90
[  112.533777][ T7179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  112.533809][ T7179] RIP: 0033:0x7f859387d33c
[  112.533889][ T7179] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  112.533930][ T7179] RSP: 002b:00007f8591ee7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  112.533977][ T7179] RAX: ffffffffffffffda RBX: 00007f8593aa5fa0 RCX: 00007f859387d33c
[  112.533989][ T7179] RDX: 000000000000000f RSI: 00007f8591ee70a0 RDI: 0000000000000006
[  112.534001][ T7179] RBP: 00007f8591ee7090 R08: 0000000000000000 R09: 0000000000000000
[  112.534012][ T7179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  112.534024][ T7179] R13: 0000000000000000 R14: 00007f8593aa5fa0 R15: 00007fff2321f768
[  112.534109][ T7179]  </TASK>
[  112.534583][ T7175] EXT4-fs: Ignoring removed mblk_io_submit option
[  112.763927][ T7185] loop7: detected capacity change from 0 to 512
[  112.771938][ T7185] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  112.776385][ T7189] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=9548 sclass=netlink_route_socket pid=7189 comm=syz.4.1127
[  112.783595][ T7188] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode balance-rr(0)
[  112.798939][ T7185] EXT4-fs (loop7): 1 truncate cleaned up
[  112.836025][ T7175] EXT4-fs error (device loop6): ext4_validate_block_bitmap:441: comm syz.6.1119: bg 0: block 234: padding at end of block bitmap is not set
[  112.852818][ T7175] EXT4-fs (loop6): Remounting filesystem read-only
[  112.885723][ T7201] loop3: detected capacity change from 0 to 1024
[  112.894907][ T7201] EXT4-fs: Ignoring removed orlov option
[  112.902477][ T7203] smc: net device bond0 applied user defined pnetid SYZ0
[  112.910398][ T7203] smc: net device bond0 erased user defined pnetid SYZ0
[  112.936382][ T7206] loop7: detected capacity change from 0 to 2048
[  112.992680][ T7220] loop6: detected capacity change from 0 to 512
[  113.014769][ T7220] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  113.044036][   T29] kauditd_printk_skb: 194 callbacks suppressed
[  113.044053][   T29] audit: type=1400 audit(2000000067.000:7026): avc:  denied  { getopt } for  pid=7223 comm="syz.1.1136" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  113.060949][ T7220] EXT4-fs (loop6): 1 truncate cleaned up
[  113.095284][ T7233] loop7: detected capacity change from 0 to 1024
[  113.103008][ T7233] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  113.124029][ T7233] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  113.133244][ T7233] EXT4-fs (loop7): orphan cleanup on readonly fs
[  113.139289][ T7237] loop1: detected capacity change from 0 to 1024
[  113.140267][ T7233] EXT4-fs error (device loop7): __ext4_get_inode_loc:4792: comm syz.7.1137: Invalid inode table block 0 in block_group 0
[  113.146621][ T7237] EXT4-fs: Ignoring removed orlov option
[  113.169058][ T7233] EXT4-fs (loop7): Remounting filesystem read-only
[  113.175674][ T7233] Quota error (device loop7): write_blk: dquota write failed
[  113.183099][ T7233] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[  113.193132][ T7233] EXT4-fs (loop7): 1 truncate cleaned up
[  113.325314][ T7245] loop6: detected capacity change from 0 to 2048
[  113.332294][ T7245] EXT4-fs: Ignoring removed mblk_io_submit option
[  113.338874][ T7245] ext4: Unknown parameter 'uid>00000000000000000000'
[  113.398035][ T7247] loop7: detected capacity change from 0 to 2048
[  113.573791][ T7262] loop6: detected capacity change from 0 to 2048
[  113.595373][ T7266] loop7: detected capacity change from 0 to 512
[  113.618279][ T7266] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  113.635695][ T7264] loop1: detected capacity change from 0 to 8192
[  113.654429][ T7266] EXT4-fs (loop7): 1 truncate cleaned up
[  113.755152][ T7277] loop1: detected capacity change from 0 to 1024
[  113.768601][ T7277] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  113.792906][ T7277] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  113.802741][ T7277] EXT4-fs (loop1): orphan cleanup on readonly fs
[  113.817554][ T7277] EXT4-fs error (device loop1): __ext4_get_inode_loc:4792: comm syz.1.1154: Invalid inode table block 0 in block_group 0
[  113.831157][ T7277] EXT4-fs (loop1): Remounting filesystem read-only
[  113.837698][ T7277] Quota error (device loop1): write_blk: dquota write failed
[  113.845222][ T7277] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  113.857374][ T7282] loop7: detected capacity change from 0 to 128
[  113.865150][ T7277] EXT4-fs (loop1): 1 truncate cleaned up
[  113.872599][ T7282] ext4 filesystem being mounted at /44/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  114.050317][ T7290] loop6: detected capacity change from 0 to 2048
[  114.103540][ T7299] loop7: detected capacity change from 0 to 1024
[  114.111366][ T7299] EXT4-fs: Ignoring removed orlov option
[  114.204836][   T29] audit: type=1326 audit(2000000068.160:7027): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7308 comm="syz.6.1163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13dea4e929 code=0x7ffc0000
[  114.228413][   T29] audit: type=1326 audit(2000000068.160:7028): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7308 comm="syz.6.1163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13dea4e929 code=0x7ffc0000
[  114.251978][   T29] audit: type=1326 audit(2000000068.160:7029): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7308 comm="syz.6.1163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=52 compat=0 ip=0x7f13dea4e929 code=0x7ffc0000
[  114.275431][   T29] audit: type=1326 audit(2000000068.160:7030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7308 comm="syz.6.1163" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f13dea4e929 code=0x7ffc0000
[  114.307664][   T29] audit: type=1400 audit(2000000068.260:7031): avc:  denied  { read } for  pid=7300 comm="syz.3.1161" name="sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  114.318672][ T7314] loop6: detected capacity change from 0 to 512
[  114.339058][ T7314] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  114.352543][ T7317] loop1: detected capacity change from 0 to 164
[  114.365876][ T7318] program syz.3.1161 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  114.377096][ T7317] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  114.377158][ T7314] EXT4-fs (loop6): 1 truncate cleaned up
[  114.393227][ T7317] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  114.402048][ T7317] Symlink component flag not implemented
[  114.407769][ T7317] Symlink component flag not implemented
[  114.413545][ T7317] Symlink component flag not implemented (7)
[  114.419563][ T7317] Symlink component flag not implemented (116)
[  114.477773][ T7325] loop6: detected capacity change from 0 to 2048
[  114.485903][ T7328] loop7: detected capacity change from 0 to 128
[  114.494590][ T7328] ext4 filesystem being mounted at /48/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  114.554253][ T7333] loop1: detected capacity change from 0 to 8192
[  114.562053][ T7325] Alternate GPT is invalid, using primary GPT.
[  114.568544][ T7325]  loop6: p1 p2 p3
[  114.590220][ T7337] loop7: detected capacity change from 0 to 2048
[  114.640013][ T7345] loop1: detected capacity change from 0 to 1024
[  114.643322][ T7341] loop4: detected capacity change from 0 to 8192
[  114.647293][ T7345] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  114.664725][ T7345] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  114.673183][ T7345] EXT4-fs (loop1): orphan cleanup on readonly fs
[  114.691450][ T7345] EXT4-fs error (device loop1): __ext4_get_inode_loc:4792: comm syz.1.1175: Invalid inode table block 0 in block_group 0
[  114.705354][ T7345] EXT4-fs (loop1): Remounting filesystem read-only
[  114.712961][ T7345] EXT4-fs (loop1): 1 truncate cleaned up
[  114.723011][ T7352] loop4: detected capacity change from 0 to 512
[  114.732844][ T7352] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  114.747301][ T7354] loop7: detected capacity change from 0 to 1024
[  114.753988][ T7355] __nla_validate_parse: 4 callbacks suppressed
[  114.754000][ T7355] netlink: 240 bytes leftover after parsing attributes in process `syz.6.1169'.
[  114.770280][ T7354] EXT4-fs: Ignoring removed orlov option
[  114.777058][ T7352] EXT4-fs (loop4): 1 truncate cleaned up
[  114.891232][ T7354] ==================================================================
[  114.899369][ T7354] BUG: KCSAN: data-race in filemap_read / filemap_read
[  114.906267][ T7354] 
[  114.908606][ T7354] write to 0xffff88811227bfa8 of 8 bytes by task 7360 on cpu 1:
[  114.916250][ T7354]  filemap_read+0x974/0xa00
[  114.920793][ T7354]  generic_file_read_iter+0x79/0x330
[  114.926111][ T7354]  ext4_file_read_iter+0x1cc/0x290
[  114.931255][ T7354]  copy_splice_read+0x3c4/0x5f0
[  114.936147][ T7354]  splice_direct_to_actor+0x290/0x680
[  114.941551][ T7354]  do_splice_direct+0xda/0x150
[  114.946351][ T7354]  do_sendfile+0x380/0x650
[  114.950791][ T7354]  __x64_sys_sendfile64+0x105/0x150
[  114.956004][ T7354]  x64_sys_call+0xb39/0x2fb0
[  114.960601][ T7354]  do_syscall_64+0xd2/0x200
[  114.965099][ T7354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  114.970991][ T7354] 
[  114.973313][ T7354] read to 0xffff88811227bfa8 of 8 bytes by task 7354 on cpu 0:
[  114.980852][ T7354]  filemap_read+0x6f/0xa00
[  114.985280][ T7354]  generic_file_read_iter+0x79/0x330
[  114.990577][ T7354]  ext4_file_read_iter+0x1cc/0x290
[  114.995713][ T7354]  copy_splice_read+0x3c4/0x5f0
[  115.000583][ T7354]  splice_direct_to_actor+0x290/0x680
[  115.005980][ T7354]  do_splice_direct+0xda/0x150
[  115.010757][ T7354]  do_sendfile+0x380/0x650
[  115.015204][ T7354]  __x64_sys_sendfile64+0x105/0x150
[  115.020411][ T7354]  x64_sys_call+0xb39/0x2fb0
[  115.025006][ T7354]  do_syscall_64+0xd2/0x200
[  115.029534][ T7354]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  115.035441][ T7354] 
[  115.037764][ T7354] value changed: 0x000000000000022d -> 0x000000000000022e
[  115.045000][ T7354] 
[  115.047320][ T7354] Reported by Kernel Concurrency Sanitizer on:
[  115.053495][ T7354] CPU: 0 UID: 0 PID: 7354 Comm: syz.7.1178 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(voluntary) 
[  115.065906][ T7354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  115.075958][ T7354] ==================================================================